Noah Kennedy

So there I was, a wall of unsafe FFI on one side, with a panic unwinding the stack towards me from another...

One of the perks of working @Cloudflare is getting access to the internal blog

New record #DDoS attack: 5.8 Tbps peak. @Cloudflare systems automatically mitigated without any human intervention or anything slowing down. If you’re not using us for DDoS mitigation, call your current provider and ask what will happen when this beast comes for them.

@ag_dubs @IamStan that can be arranged

@IamStan any further elaboration will require a shared in-person beverage.

Yeah I’ll go ahead and integrate this into my belief system

tale as old as time

For context, I'm revisiting the use of io_uring for multi-threaded work-stealing asynchronous systems.

@axboe What's the specified behavior for io_uring when two threads try and invoke io_uring_enter simultaneously, with one trying to submit events only and the other waiting for completions only? I couldn't find this documented anywhere.

@mitsuhiko @m_ou_se @djco I'm with @mitsuhiko here - this is such a monumentally painful thing to setup in a manner that it actually works and isn't incredibly brittle and dangerous to have in the codebase that I would treat this as a non-possibility. I've actually tried this a few times and NO

@m_ou_se @despisecomputer @djco From my experience in Rust without unwinding it’s incredibly hard to do something useful. You end up with accidentally deadlocking and async in the hook is super hard. Would not attempt.

@djco @mitsuhiko FWIW, all the folks I spoke to at big tech companies who run Rust (web) servers in production said they don't rely on unwinding, but just abort the process and have it restarted by a supervisor (e.g. systemd or a parent webserver process).

@m_ou_se @djco @mitsuhiko I've definitely seen a few cases where this ends up being a vuln, but it's incredibly rare.

@despisecomputer @djco @mitsuhiko Is the handling of panics through unwinding (including reporting, etc.) fast enough that it doesn't become a DOS vulnerability?

@m_ou_se @djco @mitsuhiko Also, for any bug where external input can cause a panic, this quickly becomes a severe DOS vulnerability.

@m_ou_se @djco @mitsuhiko At Cloudflare this is not generally the case - we would rather have other requests be handled to completion as normal than gracelessly kill the process, especially with stuff like QUIC where you might not be able to send reset packets (I am ignoring stateless resets)

@LunaFoxgirlVT you mean how one can launch 90kg projectiles over 300 meters?

@mycoliza how many people were out drinking when this line was uttered?

“the NixOS of fantasy roleplaying games”

Decided to join the hype: Bentley vs #Linux

@mycoliza i need to rethink things

@despisecomputer the red bull’s still in there, huh?

I drank 4 cans of red bull before coming to the airport this morning so that I could grow wings in the event of an airborne emergency or missed flight.

@mycoliza i got to 10 before i stopped

@PiquantParvenu so sorry to hear, i've been in this situation as well a number of times. it's crazy though how significant the transition to "full useless" mode is

@mycoliza which may have been my bigger issue tbh

@despisecomputer it’s 13 hours later

@mycoliza also i bought more energy drinks on the way out of the airport after landing

@mycoliza i still regret this decision