CppCon 2018: Kostya Serebryany “Memory Tagging and how it improves C/C++ memory safety”

Поделиться
HTML-код
  • Опубликовано: 1 дек 2024

Комментарии • 13

  • @JulianPszczoowski
    @JulianPszczoowski 4 года назад +2

    Great presentation!

  • @adg1355
    @adg1355 6 лет назад

    7:25. I've got some news on this: en.m.wikipedia.org/wiki/Intel_5-level_paging. Such stuff emerging here and there means that the "pointer tagging" thingie is broken by design.

  • @eugnsp
    @eugnsp 3 года назад +2

    One group of Google programmers writes crappy buggy software, and another one develops methods to catch those bugs...

  • @max0x7ba
    @max0x7ba 6 лет назад

    I wonder if everyone's favourite vendors Intel and AMD are going to provide hardware memory tagging.

    • @noxabellus
      @noxabellus 6 лет назад +1

      Given the massive overhead and minimal benefit, I doubt it

  • @malharjajoo7393
    @malharjajoo7393 6 лет назад +1

    12:35 - I don't think this is an intuitive way to explain the probability of bugs (I'm not sure if it's correct either).
    Can someone clarify this bit ? Why would the possibility of catching a bug be 15/16 (for 4 bit tag case) or 255/256 (for 8 bit tag case) ?
    For example:
    Let the pointer have green tag. Let the corresponding memory have green tag. Now,
    if there can be a lot of memory chunks, you could easily and incorrectly access the same (green here) coloured chunk
    somewhere else in the memory.
    I don't see how you can quantify the possibility of catching a bug if the memory has a lot of coloured chunks.

    • @kodirovsshik
      @kodirovsshik 5 лет назад

      "you could easily and incorrectly access the same (green here) colored chunk"
      The probability of this chunk being colored with green is 1/(2^Tag_bits) and the probability of this chunk being colored with another color is (2^tag_bits - 1)/(2^tag_bits)
      (As far as i get how it works)

    • @bboysil
      @bboysil 3 года назад

      I just saw this talk... probably you found the answer but in case someone else is asking the same thing:
      It's because on a 4 bit tag you can store 2^4 = 16 values (0000, 0001, 0010, 0011, 0100, 0101, ... , 1111) the chances that the tag of a dangling pointer matches the tag of the memory it's pointing is 1/16. In other words in 15/16 cases you will catch the bug. the same for 8 bits => 2^8 = 256 values so in 255/256 of cases you will catch the bug.
      if it's still not clear you can simplify the problem for 1 bit, then go to 2 bits, etc. in general for a tag of n bits it's (2^n -1) / (2^n) chance of catching the buggy memory access.

  • @tikabass
    @tikabass 6 лет назад +10

    I haven't had any of these bugs in the last 15 years, because they are very easy to avoid. Do they teach anything in college?

    • @andreicheremukhin3082
      @andreicheremukhin3082 6 лет назад +3

      Do you write software alone on your own?

    • @tikabass
      @tikabass 6 лет назад

      @@andreicheremukhin3082 I mostly do maintenance contracts for small customers now, so mainly yes, ATM. But these bugs have always been easily avoidable, even in C. Most of the bugs in older code are due to uninitialized variables.

    • @andreicheremukhin3082
      @andreicheremukhin3082 6 лет назад +7

      ​@@tikabass Yes, it works if you have expirienced teammates. But in big tech companies you can have people with different background and C++ expirience (e.g. Java programmers). And ASAN and MT are great tools, indeed.

    • @tikabass
      @tikabass 6 лет назад +9

      @@andreicheremukhin3082 Which is exactly why I ask if they teach anything useful in college.