bits 0x2e - Calender Week 46, 2023

Good reads

On memory barrier

MIT’s xv6 kernel is a great project that teaches OS basics, from pagetable to threading, from kernel to user. To make it better, it has a great documentation and has been ported to many architectures. Linux kernel source code is a vault, but it’s too much black magic for beginners.

A promising OS/ASM tutorial in chinese.
全网首发!为手写OS量身定制的一套汇编教程,从零基础到精通,学会也能用汇编手写操作 系统 There aren’t so many good learning materials in my mother tongue. I listened to the first 3 sessions as a podcast and find it pretty nice. I could use this to refresh my knowledges.

Encoding of immediate values on AArch64 by Dominik Inführ

Hacking ADHD – Strategies for the Modern Developer

Spectre Side Channels in kernel docs:

Spectre Returns! Speculation Attacks using the Return Stack Buffer, 2018 paper by Koruyeh et. al.

Branch predictor: How many “if"s are too many? Including x86 and M1 benchmarks! by Marek Majkowski

  • A quick answer of “how many” is, for EPYC 7642, 4096 in a hot loop, that’s the size limit of the BTB.

Takeaways are specific to their CPU model under test.1

Takeaway 0 - branches always-taken occupy BTB, branches never taken do not.

Takeaway 1 - On this CPU a branch instruction that is taken but not predicted, costs ~7 cycles more than one that is taken and predicted. Even if the branch was unconditional.

Takeaway 2 - conditional branches never-taken are basically free - at least on this CPU.

Takeaway 3 - In the hot code you want to have less than 2K function calls

Branch prediction by Dan Luu

Static branch prediction on newer Intel processors (series of 5 articles) by Matt Godbolt,

Reading privileged memory with a side-channel by Jann Horn, Project Zero

I wonder how they reverse engineered this?

void bhb_update(uint58_t *bhb_state, unsigned long src, unsigned long dst) {
    *bhb_state <<= 2;
    *bhb_state ^= (dst & 0x3f);
    *bhb_state ^= (src & 0xc0) >> 6;
    *bhb_state ^= (src & 0xc00) >> (10 - 2);
    *bhb_state ^= (src & 0xc000) >> (14 - 4);
    *bhb_state ^= (src & 0x30) << (6 - 4);
    *bhb_state ^= (src & 0x300) << (8 - 8);
    *bhb_state ^= (src & 0x3000) >> (12 - 10);
    *bhb_state ^= (src & 0x30000) >> (16 - 12);
    *bhb_state ^= (src & 0xc0000) >> (18 - 14);

Fun stuffs

Zork: The Great Inner Workings by Rok Ajdnik


“Warum bin ich unendlich müde, und warum schlaf ich nicht”
The line from knorkator’s track “warum” precisely describes my recent mode. I haven’t been having sleeping issue for weeks, and I always have my days and nights rolled over. I need to change that… Seriously.

Fry scream

I really need to take some time to learn the real “fry”. However I’m not sure about the sound isolation in my apartment….

  1. I ran the code on my i5-6440 laptop and got the similar results ↩︎

Nov 14, 2023

[+] click to leave a comment [+]
the comment system on this blog works via email. The button
below will generate a mailto: link based on this page's url 
and invoke your email client - please edit the comment there!

[optional] even better, encrypt the email with my public key

- don't modify the subject field
- specify a nickname, otherwise your comment will be shown as   
- your email address will not be disclosed
- you agree that the comment is to be made public.
- to take down a comment, send the request via email.


[BITS] - the weekly archive -
bits 0x31 - Calender Week 49, 2023 (WIP)
bits 0x30 - Calender Week 48, 2023
bits 0x2f - Calender Week 47, 2023
bits 0x2e - Calender Week 46, 2023
bits 0x2d - Calender Week 45, 2023
bits 0x2c - Calender Week 44, 2023
bits 0x2b - Calender Week 43, 2023
bits 0x2a - Calender Week 42, 2023