Sometimes CPU cores are odd
51 points by cadey
51 points by cadey
This has been a thing for longer than you might think - for example: https://www.techpowerup.com/cpu-specs/phenom-x3-8750.c513 - that’s from 2008!
If nothing else, I’m sure at various times CPU manufacturers have sold chips which were manufactured with an even number of cores, but with one or more of the cores that had failed factory testing disabled (and the price adjusted accordingly, of course.)
But as cadey says, it is important to confess to our really stupid bugs as well the deeply subtle ones, if only for our collective morale and amusement, and sometimes even education :)
That’s exactly what those CPUs are - quad core CPUs with one defective core.
Some motherboard manufacturers used to offer the ability to turn the disabled core back on, with predictable stability results :/
yeah and in particular, the 3-core-set arrangement has been common for a while now, e.g. most of the uses of the Cortex-X line in phones have been as a “prime” core in addition to the big+little core arrangements (the entire Snapdragon 8 line used this setup until Elite).
There was a leap here that I didn’t quite follow:
However 4.5 is bigger than 1, so Math.max returns that:
threads = 4.5,This means that each time the proof of work equation is calculated, there is a 50% chance that a valid solution would include a nonce with a decimal portion in it.
If anyone else was wondering, it’s because each worker uses threads as an increment to calculate its unique sequence of nonces itself. (via)
Is it just me or is the “Resulting Hash” box nearly impossible to read because of the colors? When the hash doesn’t pass the check it shows #9ca3af over #bf8e8e for a contrast ratio of 1.11. When the hash does pass the check it shows #9ca3af over #89a996 for a contrast ratio of 1.01.
Yes, CSS bug on my end. I only tested in dark mode and I’ve been in and out of airports all day. I’ll fix it ASAP but I can only do so much right now :)
I feel dirty for saying this, but…
… could a language compiled to WASM that has strict type safety have prevented this? If you’re looking for an int but a value is a float, what even happens in that scenario.
Using Rust as example (because, I know Rust but not how it works in WASM): would Rust even be able to prevent this kind of bug at runtime? I guess so because afaik WASM does a lot of internal type coercion (something like ~~(navigator.hardwareConcurrency / 2); to coerce to int)
Would that explode at runtime then?
I don’t think you know how much I wish I could use Webassembly for this. The problem is that people disable browser features and Webassembly is usually on that chopping block because people can’t read the source code of the Webassembly code in question. I have looked into flows that involve horrible hacks like compiling Webassembly to JavaScript at build time, but it would be really great if browsers would make it impossible to disable.
Webassembly is usually on that chopping block because people can’t read the source code of the Webassembly code in question
As if they read the source of all the JavaScript they’re running. Security theater.
It’s even trickier when the vendor disables it and not the user. “Lockdown Mode” on iOS blocks both WebAssembly and JIT. Despite being close to a worst-case for web proof-of-work, the benefit lockdown mode provides certainly outweighs that cost for certain users.
I browse with wasm disabled on mobile, not because I can’t audit the blobs (I can!) but because the wasm runtime has non-trivial attack surface. I didn’t disable it specifically, it’s just part of iOS lockdown mode.
Then fair, that’s a reasonable argument not to run WASM. I just don’t like arguments about not being able to see the code – you’re not going to ever be able to read anywhere close to all the code you run. It’s a bad approach to security. You should instead ensure that code well isolated from the rest of the system.
And, well, JS does run in a sandbox. There have been many vulnerabilities there, sure, but if you’re able to view a website, that implies you’re running a stack of millions of lines of native code, running with much higher privilege than the JS sandbox. People have managed to sneak a backdoor into (Debian’s) sshd, for fucks sake.
If you want to read all the JS you run for security reasons, your priorities are way off.
I think the point about the WASM sandbox is just an extension of lack of trust in the V8 sandbox and not about “random JS” you pick up everywhere. If you look at root causes for all the major V8 bugs there’s a pretty big theme about which parts are actually being used by attackers. I disable both WASM and JIT for that reason, not because of the concerns from random sites.
I mean… I actually do do this regularly when doing security assessments. De-obfuscating minified JS is annoying sure, but slap a minifier and start renaming variables or step through the dev tools debugging and it’s not that bad. I can’t say the same for the times I have done the same with WASM.
Do you actually do that for the websites you visit? Surely not, the amount of effort would be insane (and it would probably be better spent auditing all the native code you’re running outside any sandboxes).
I think you’d be surprised. I’m certainly not doing it for every site I visit obviously, but if there’s something I want to dig into for writing a scraper (which I do for firmware and automated patch diffing), to get around certain email walls, custom CAPTCHA bypasses, getting raw video or data files vs chunked. You don’t have to pull every single function apart, nor even understand every obfuscated portion deeply, to get to the parts you want. There are also lots of situations people don’t realize about getting around minification, such as published JS sourcemap files that give you access to unobfuscated resources.
but it would be really great if browsers would make it impossible to disable.
Should browsers also make it impossible to disable Javascript? Perhaps also prohibit ad blockers while at it?
but it would be really great if browsers would make it impossible to disable.
Bro, even less freedoms, no good!
Yes, any language in which dividing an integer by an integer produces an integer (ie almost every language other than JavaScript and Python) would have prevented this bug.
Your comment about type coercion suggests you’re thinking of the now deprecated asm.js. which compiled code to weird but valid JavaScript and did things like that to represent types; WASM is not JS and it just has integers.
thanks for the clarification, I don’t do any frontend/JS so it was a question dripping in ignorance. I appreciate it being taken in the inquisitive nature that it was intended. :)
Small clarification : wasm does have floating point numbers (both 32 and 64 bits), but its integer divisons do indeed return an integer
If you do integer arithmetic it should be fine, but you’d have to know to do that. From what I understood, the cause of the bug was assuming that one input was always going to be an even integer. Off the top of my head I don’t know how you would catch this with types at the source, but the input to the function that expects integer inputs should complain about getting a float!
Ages ago I upset many naysayers by suggesting that OSes should track CPU features per CPU, in case the CPUs were different. People raged, saying they should never be different, that there was no case where they could be different, and that of course it Wouldn’t Work™.
I then explained that I had a dual Nintendo cartridge motherboard with a Pentium III and a Celery on a cartridge adapter, and that it ran just fine. It was sacriledge! The people who claimed it would never work, could never work were incensed, said it was a fluke, threatened me, and so on.
Years later, just so I could say I did it, I tested machines with 3 cores (one dual core and one single core) and 6 cores (one dual core and one quad core).
The point is we shouldn’t assume.
The title made me think of Google’s cores that don’t count paper from HotOS’21. It’s worth a read too, even though it is unrelated to the original topic.
Showing an encrypted error message on the “invalid response” page so that the user and administrator can work together to fix or report the issue. I remember Google doing this at least once, but I can’t recall where I’ve seen it in the past.
i have encountered that on youtube’s internal api (“innertube”) when it returns an internal server error. i thought i had an example saved somewhere, but no dice. IIRC, it’s a very simple html page, with an ancient google logo in the top left corner (possibly embedded as a data uri), followed by a big chunk of base64 in a <pre>.