Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
hachyderm.io is one of the many independent Mastodon servers you can use to participate in the fediverse.
Hachyderm is a safe space, LGBTQIA+ and BLM, primarily comprised of tech industry professionals world wide. Note that many non-user account types have restrictions - please see our About page.

Administered by:

Server stats:

8.9K
active users

hachyderm.io: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

Public
Chandler Carruth

Had a bunch of thoughts about the recent safety stuff, way more than fit in social media post... Blog post story time! (It's a bit of a ramble, sorry about that...)

chandlerc.blog/posts/2024/11/s

chandlerc.blog · Story-time: C++, bounds checking, performance, and compilersRecently, several of my colleagues at Google shared the story of how we are retrofitting spatial safety onto our monolithic C++ codebase: https://security.googleblog.com/2024/11/retrofitting-spatial-safety-to-hundreds.html I wanted to have a bit of story-time about some of the strange ways that all this came to be, at least as I remember things. There are some really interesting developments that led us here, and some important lessons to learn from that history. Do note that this is just my retrospective memory. It’s entirely possible I’m misremembering some of it (let me know if so!). It’s also limited to my perspective, and others may have seen very different aspects of things (please share!).
#LLVM#Clang#MemorySafety
Public *
dist1ll

@chandlerc I'm not a fan of using %-diffs to make an argument around effectiveness of performance improvements. More often than not, these numbers just lead people astray.

For all we know, the 0.3% penalty might just be so small because it's being overshadowed by some other severe inefficiency in the codebase.

There's an interesting effect where inefficient code will suffer *less* from adding *more* inefficient code, because it's already bottlenecked.

Chandler Carruth

@dist1ll So, if you look at the referenced blog post[1], we actually clarified what this represented. This is 0.3% across Google's entire main production fleet. Our fleet performance is dominated by the hottest services, a relatively small %-age, your classical long-tailed distribution. Those services are **incredibly** optimized systems. We have large teams doing nothing but removing every tiny inefficiency we can find.

[1]: security.googleblog.com/2024/1

Google Online Security BlogRetrofitting spatial safety to hundreds of millions of lines of C++Posted by Alex Rebert and Max Shavrick, Security Foundations, and Kinuko Yasuda, Core Developer Attackers regularly exploit spatial mem...
Nov 17, 2024, 04:27 AM·Public·Phanpy
0boosts·2favorites
Public *
dist1ll

@chandlerc (Thanks for the articles and response)

I'm curious, how much of that optimization is done on the infra side, compared to the application side? I was under the impression that orgs prioritizing infra optimizations, like PGO, data structures, stdlib stuff like memcpy, improving compilers etc.

Perhaps I'm way off base. I guess what I'm curious about is how much effort is spent on application-specific optimizations, things that perhaps *don't* carry over to other parts of the codebase.

Public
Chandler Carruth

@dist1ll The larger applications have their own teams driving application-side optimizations. That covers a *lot* of the larger applications.

And we then also have a large team that drives infrastructure level optimizations just like what you mention.

It's a joint effort, and both teams talk extensively. So for these systems, they are *very* well optimized. There are huge incentives to find and fix any significant inefficiencies.

Public *
dist1ll

@chandlerc Makes sense. In that case, congrats for getting such low overheads! Happy to see much of the long-standing FUD around efficient spatial safety challenged.

ExploreLive feeds
About