Why is my CPU usage always 100%?
https://www.downtowndougbrown.com/2024/04/why-is-my-cpu-usage-always-100-upgrading-my-chumby-8-kernel-part-9/ [www.downtowndougbrown.com]
2025-01-13 22:14
tags:
bugfix
c
investigation
linux
programming
systems
That’s really weird! Why would top be using all of my CPU? It says 100% usr in the second line. Sometimes the usage showed up as 50% usr and 50% sys. Other times it would show up as 100% sys. And very rarely, it would show 100% idle. In that rare case, top would actually show up with 0% usage as I would expect. The 2.6.28 kernel did not have this problem, so it was something different about my newer kernel.
source: HN
Don't clobber the frame pointer
https://nsrip.com/posts/clobberfp.html [nsrip.com]
2025-01-05 09:34
tags:
bugfix
compiler
cpu
go
programming
Recently I diagnosed and fixed two frame pointer unwinding crashes in Go. The root causes were two flavors of the same problem: buggy assembly code clobbered a frame pointer. By “clobbered” I mean wrote over the value without saving & restoring it. One bug clobbered the frame pointer register. The other bug clobbered a frame pointer saved on the stack. This post explains the bugs, talks a bit about ABIs and calling conventions, and makes some recommendations for how to avoid the bugs.
source: L
How I helped fix sleep-wake hangs on Linux with AMD GPUs
https://nyanpasu64.gitlab.io/blog/amdgpu-sleep-wake-hang/ [nyanpasu64.gitlab.io]
2025-01-03 09:52
tags:
bugfix
investigation
linux
malloc
programming
systems
Through some digging, I found that when a desktop enters S3 sleep, the system cuts power to PCIe GPUs, causing their VRAM chips to lose data. To preserve this data, GPU drivers copy VRAM in use to system RAM before the system sleeps, then restore it after the system wakes. However the Linux amdgpu driver has a bug where, if there is not enough free RAM to store all VRAM in use, the system will run out of memory and crash, instead of moving RAM to disk-based swap.
source: L
The case of the application that used thread local storage it never allocated
https://devblogs.microsoft.com/oldnewthing/20221128-00/?p=107456 [devblogs.microsoft.com]
2024-03-15 22:42
tags:
bugfix
concurrency
development
malloc
programming
windows
Upon closer inspection, the real problem was not that the application’s TLS was being corrupted. The problem was that the application was using TLS slots it never allocated, so it was inadvertently using somebody else’s TLS slots as its own. And of course, when the true owner updated the TLS value, the application interpreted that as corruption.
List of 2024 Leap Day Bugs
https://codeofmatt.com/list-of-2024-leap-day-bugs/ [codeofmatt.com]
2024-03-11 07:32
tags:
bugfix
development
links
Well, it’s 2024 and leap day has come once again. As I’ve done in prior leap years, I’ve captured as many bug reports and outages as I can, along with links to the source where possible.
source: trivium
Bugs I’ve filed on browsers
https://nolanlawson.com/2024/03/03/bugs-ive-filed-on-browsers/ [nolanlawson.com]
2024-03-04 05:28
tags:
browser
bugfix
development
web
As such, I’ve filed a lot of bugs on browsers over the years. For whatever reason – stubbornness, frustration, some highfalutin sense of serving the web at large – I’ve made a habit of nagging browser vendors about whatever roadblock I’m hitting that day. And they often fix it! So I thought it might be interesting to do an analysis of the bugs I’ve filed on the major browser engines – Chromium, Firefox, and WebKit – over my roughly 10-year web development career.
source: HN
Investigating why Steam started picking a random font
https://blog.pkh.me/p/35-investigating-why-steam-started-picking-a-random-font.html [blog.pkh.me]
2023-10-22 20:09
tags:
bugfix
investigation
turtles
And you know what’s special about 2040? It’s after 2038.
source: trivium
When LIMIT 9 works but LIMIT 10 hangs
https://neon.tech/blog/when-limit-9-works-but-limit-10-hangs [neon.tech]
2023-05-31 18:06
tags:
bugfix
javascript
malloc
programming
So then bytes 3 and 4 should be that 16-bit payload length — and this is where things fall apart. The ws message says we have 126 bytes (00000000 01111110) of payload. That sounds plausible. The undici message says we have 25,888 bytes (01100101 00100000) of payload … in a 222 byte packet? Yeah: this one is fishy.
source: HN
A Cryptographic Near Miss
https://words.filippo.io/dispatches/near-miss/ [words.filippo.io]
2023-04-11 20:00
tags:
bugfix
crypto
go
math
security
Go 1.20.2 fixed a small vulnerability in the crypto/elliptic package. The impact was minor, to the point that I don’t think any application was impacted, but the issue was interesting to look at as a near-miss, and to learn from.
source: L
Dumb bugs: the PCI device that wasn't
https://sthbrx.github.io/blog/2023/04/04/dumb-bugs-the-pci-device-that-wasnt/ [sthbrx.github.io]
2023-04-05 18:21
tags:
bugfix
c
linux
programming
So pci_notify() gets called with our VIO device (somehow), and we’re converting that struct device into a struct pci_dev with no error checking. We could solve this particular bug by just checking that our device is actually a PCI device before we proceed - but we’re in a function called pci_notify, we’re expecting a PCI device to come in, so this would just be a bandaid.
source: L
Discovering one bug after another in the UTF-8 decoding logic in OpenBSD, then going on to fix other aspects of related code.
https://research.exoticsilicon.com/articles/unbreaking_utf8_on_the_console [research.exoticsilicon.com]
2023-03-10 20:32
tags:
bugfix
investigation
openbsd
programming
text
tty
Still, the debugging process we went through here to discover the cause of the problems in the first place is worth sharing from the beginning, as the code in question was particularly bad with plenty of textbook mistakes. Who knows what you might find in your own investigations elsewhere.
Email: https://marc.info/?l=openbsd-tech&m=167734639712745&w=2
source: L
An instruction oddity in the ppc64 (PowerPC 64-bit) architecture
https://utcc.utoronto.ca/~cks/space/blog/tech/PowerPCInstructionOddity [utcc.utoronto.ca]
2023-01-21 19:45
tags:
bugfix
compiler
cpu
programming
turtles
As Raymond Chen notes, ‘or rd, ra, ra’ has the effect of ‘move ra to rd’. Moving a register to itself is a NOP, but several Power versions (the Go code’s comment says Power8, 9, and 10) overload this particular version of a NOP (and some others) to signal that the priority of your hardware thread should be changed by the CPU; in the specific case of ‘or r1, r1, r1’ it drops you to low priority. That leaves us with the mystery of why such an instruction would be used by a compiler, instead of the official NOP (per Raymond Chen, this is ‘or r0, r0, 0’).
As covered in the specific ppc64 diff in the change that introduced this issue, Go wanted to artificially mark a particular runtime function this way (see CL 425396 and Go issue #54332 for more). To do this it needed to touch the stack pointer in a harmless way, which would trigger the toolchain’s weirdness detector. On ppc64, the stack pointer is in r1. So the obvious and natural thing to do is to move r1 to itself, which encodes as ‘or r1, r1, r1’, and which then triggers this special architectural behavior of lowering the priority of that hardware thread. Oops.
https://devblogs.microsoft.com/oldnewthing/20180809-00/?p=99455
https://github.com/golang/go/issues/54332
The Safari bug that never was
https://obyford.com/posts/the-safari-bug-that-never-was/ [obyford.com]
2023-01-07 21:56
tags:
browser
bugfix
html
text
web
We’d managed to get from ‘some quite strange things are happening to the header, beta banner and buttons’ to ‘text wraps unnecessarily within intrinsically-sized elements when using certain fonts and the inner HTML of the element contains a new line that is not preceded by a space’.
source: HN
How to Make Rust Leak Memory (Also: How to Make It Stop)
https://fly.io/blog/rust-memory-leak/ [fly.io]
2022-06-16 18:40
tags:
bugfix
investigation
malloc
programming
rust
Of course you can leak memory, even in Rust. For even medium-sized long-running applications, lots of graphs from a good memory profiler can make life better. And they’ll probably help you find the memory leak too.
Porting Zelda Classic to the Web
https://hoten.cc/blog/porting-zelda-classic-to-the-web/ [hoten.cc]
2022-05-16 00:17
tags:
bugfix
development
gaming
retro
turtles
web
I spent the last two months (roughly ~150 hours) porting Zelda Classic to run in a web browser.
I hope my efforts result in Zelda Classic reaching a larger audience. It’s been challenging work, far outside my comfort zone of web development, and I’ve learned a lot about WebAssembly, CMake and multithreading. Along the way, I discovered bugs across multiple projects and did due diligence in fixing (or just reporting) them when I could, and even proposed a change to the HTML spec.
Weird how there’s bugs everywhere one looks.
The case of the failed exchange of the vtable slot
https://devblogs.microsoft.com/oldnewthing/20220429-00/?p=106543 [devblogs.microsoft.com]
2022-05-04 20:24
tags:
bugfix
cxx
malloc
programming
windows
This shell extension is trying to detour the operating system, and it failed. (Note that Windows does not support apps detouring the operating system. This shell extension has exited into unsupported territory.)
Changing std::sort at Google’s Scale and Beyond
https://danlark.org/2022/04/20/changing-stdsort-at-googles-scale-and-beyond/ [danlark.org]
2022-04-20 18:32
tags:
bugfix
cxx
library
perf
programming
random
sorting
We are changing std::sort in LLVM’s libcxx. That’s a long story of what it took us to get there and all possible consequences, bugs you might encounter with examples from open source. We provide some benchmarks, perspective, why we did this in the first place and what it cost us with exciting ideas from Hyrum’s Law to reinforcement learning. All changes went into open source and thus I can freely talk about all of them.
This article is split into 3 parts, the first is history with all details of recent (and not so) past of sorting in C++ standard libraries. Second part is about what it takes to switch from one sorting algorithm to another with various bugs. The final one is about the implementation we have chosen with all optimizations we have done.
source: HN
CVE-2022-21449: Psychic Signatures in Java
https://neilmadden.blog/2022/04/19/psychic-signatures-in-java/ [neilmadden.blog]
2022-04-20 03:12
tags:
bugfix
crypto
java
security
One side of the equation is r and the other side is multiplied by r and a value derived from s. So it would obviously be a really bad thing if r and s were both 0, because then you’d be checking that 0 = 0 ⨉ [a bunch of stuff], which will be true regardless of the value of [a bunch of stuff]! And that bunch of stuff is the important bits like the message and the public key. This is why the very first check in the ECDSA verification algorithm is to ensure that r and s are both >= 1.
Guess which check Java forgot?
source: HN
An unexpected Redis sandbox escape affecting only Debian, Ubuntu, and other derivatives
https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce [www.ubercomp.com]
2022-03-09 21:26
tags:
bugfix
exploit
linux
lua
security
turtles
This post describes how I broke the Redis sandbox, but only for Debian and Debian-derived Linux distributions. Upstream Redis is not affected. That makes it a Debian vulnerability, not a Redis one. The culprit, if you will, is dynamic linking, but there will be more on that later.
source: HN
Why Keyboard Shortcuts don't work on non-US Layouts and how Devs could fix it
https://tkainrad.dev/posts/why-keyboard-shortcuts-dont-work-on-non-us-keyboard-layouts-and-how-to-fix-it/ [tkainrad.dev]
2021-04-09 02:48
tags:
browser
bugfix
development
ux
web
This is most annoying when the most important keyboard shortcuts are inaccessible. A very common shortcut is / for accessing search functionality. Unfortunately, there is no /-key on most international layouts. Adding modifiers to produce this key with your layout rarely helps. For example, on my German layout, / is produced via Shift+7. Most web applications will ignore this. Similarly painful is when Electron apps use [ and ] for navigating backwards and forwards.
If you use a US layout, you might be surprised to hear about these problems. But rest assured, they are not new and I am not the only one who is affected. We are at a point where it is easy to find users complaining about this for almost any popular web application.
source: HN