[Libre-soc-dev] maybe get ryzen 7950x for faster compilation and avx512

Timothy Pearson tpearson at raptorengineering.com
Mon Sep 26 20:30:59 BST 2022

----- Original Message -----
> From: "Jacob Lifshay" <programmerjake at gmail.com>
> To: "Timothy Pearson" <tpearson at raptorengineering.com>
> Cc: "Libre-Soc General Development" <libre-soc-dev at lists.libre-soc.org>
> Sent: Monday, September 26, 2022 2:18:49 PM
> Subject: Re: [Libre-soc-dev] maybe get ryzen 7950x for faster compilation and avx512

> On Mon, Sep 26, 2022, 11:25 Timothy Pearson <tpearson at raptorengineering.com>
> wrote:
>> ----- Original Message -----
>> > From: "Jacob Lifshay" <programmerjake at gmail.com>
>> > To: "Timothy Pearson" <tpearson at raptorengineering.com>
>> > Cc: "Libre-Soc General Development" <libre-soc-dev at lists.libre-soc.org>
>> > Sent: Monday, September 26, 2022 1:10:52 PM
>> > Subject: Re: [Libre-soc-dev] maybe get ryzen 7950x for faster
>> compilation and avx512
>> > On Mon, Sep 26, 2022, 10:30 Timothy Pearson <
>> tpearson at raptorengineering.com>
>> > wrote:
>> >
>> >> > I don't have cloud price numbers right now...
>> >> >
>> >> > Jacob
>> >>
>> >> Right, I was talking about the cloud pricing.  A quick glance at Alibaba
>> >> shows ~$60/mo. for four cores of 3.8Ghz x86,
>> >
>> >
>> > if 4 cores is all we're getting, imho that would be a foolish decision
>> -- i
>> > already have a 12-core ryzen 3900x that goes up to iirc 4.5GHz.
>> There are of course other options and pricing plans, and I think you'd
>> need to compare the overall costs.  You've said a few times your workload
>> is single thread performance dependent, but then you keep saying more cores
>> are better.
> that's because there are multiple important workloads -- both
> single-threaded (simulation, formal proofs, etc.) and highly multi-threaded
> (code compilation, running all unittests in parallel, etc.)
>  If you're loading all cores, that Ryzen CPU doesn't boost to the high
>> 5GHz number any more.
> it does stay at around 5-5.1GHz with a all-core load though, which is still
> substantially faster than server hardware or POWER9. It also has a
> substantial IPC improvement.
>  Been there done that with the Family 15h CPUs, and it's still the case
>> from what I'm reading with the 7950.
>> > and I think you'd have to justify the cost savings of having the AMD
>> system
>> >> under your desk vs. just using an inexpensive lease from Alibaba.  Even
>> if
>> >> you used the cloud service 24/7 for a year, that would leave over $1000
>> >> left over could be put diretly toward new development for LibreSoC, and
>> >> when you get to the 1 year or longer level they offer even further
>> pricing
>> >> discounts.
>> >>
>> >> If this was a question of true ownership vs. leasing I'd go toward
>> >> ownership, but with AMD you're still only leasing parts of the CPU so
>> that
>> >> doesn't even enter into the equation sadly.
>> >>
>> >
>> > dismissing it as "leasing" is a bit disingenuous imho, AMD isn't
>> > realistically taking it back after a few years, I'll still have the
>> > hardware and still be able to use it. even if it's proprietary, it's
>> still
>> > something I get to keep using as long as I please without having to pay
>> AMD
>> > more later, and I can sell it when I don't want it anymore.
>> You're still leasing a critical part -- when (not if) AMD drops support,
> I'm using linux, it should still work fine after 15yrs, even if not
> officially supported by AMD.
> In fact, i'm already using unsupported hardware for our gitlab build
> server, it's an 8-core bulldozer cpu iirc.

Indeed, but the firmware for those CPUs is much, much more minimal -- it's "just" horizontal microcode, and as such the potential for a fatal security vulnerability is much lower than with a system that incorporates a PSP.  With the PSP, there's a much higher liklihood that a vulnerability found after the system is out of support makes it effectively impossible to connect the system to the Internet at all.

> when (again, not if) a security flaw is found in the PSP firmware, it's not
>> going to be worth much or even potentially fit for purpose.  Resale value
>> in that case is probably scrap value.
> actually not really, the i7 7700k is just over 5yr old now and is still
> worth around 60% of its original launch price.

Correct, but then again there's no active exploit released yet. ;)  Firmware level exploits are relatively new and are starting to ramp up, so it is probably not a good idea to extrapolate from past "status quo" in terms of malware writers and their interation with vendor signed firmware.

>> I'm also fundamentally opposed to purchasing proprietary hardware as part
>> of a libre design effort, unless there is no other choice.
> because of the 2x single-threaded speedup, i'd estimate a ~30% total
> speedup for developing formal proofs and other things that require running
> long-running single-threaded tasks as part of writing/testing code. this is
> very substantial.

How many single threads do you intend to run at once?  Again, it's probably worth doing a cost analysis with the intended workload as to whether a physical machine, leased server, or leased VPS would be the most cost effective over the timeframe such workloads are expected to be run.  There is no specific reason to have physical control of the hardware in this case unless the cost analysis shows that to be the cheapest option.

>  Saving a bit of time up front, but then having to deal with the system
>> integrity issues that said proprietary hardware presents later on may not
>> be the best long-term decision.
> that's true, though the part we'd likely care the most about in terms of
> integrity is our source code, git makes reviewing new changes and noticing
> force pushes pretty easy.

What if the simulation is subverted or corrupted in a way that introduces (or overlooks) a security flaw?  Undetected PSP RCE is the primary concern, and especially if LibreSoC is targeted at security sensitive applications worldwide it may well be worth a state level actor's time to do this.  At minimum, there should be a plan to verify the results on a slower but more secure machine, e.g. POWER9 or even the older Bulldozer systems.  POWER would be preferred just from a dogfooding perspective IMO.

More information about the Libre-soc-dev mailing list