OT: I just spend a few minutes searching for the source of the "Not all CPU operations are created equal" slide of the linked presentation (Andrew Kelley - Practical DOD), its here:
"-t 8 matches physical cores. The machine has 16 SMT threads but only 8 cores. On a memory-bound workload, oversubscribing threads adds scheduling cost without adding throughput: the cores are waiting on DDR3, not on each other."
But ... isnt that a classic use case for SMT? Giving T1 sth. to do while T0 is waiting on DDR(3) and vise-versa?
I also dont understand the explanation of "--cpu-moe".
If an expert has ~ 4.0 GiB of Parameters, why does optimizing the sequence of experts minimize cash trashing? With 20 MiB of L3 Cash vs 4.0 GiB of Parameters, it wont cash any noticeable amount of the Parameters, will it?
As mentioned by others, only some Intel Xeon E5-2xxx v4 did support DDR3, and according to Intel, the E5-2620 v4 is not one of them.
> But ... isnt that a classic use case for SMT? Giving T1 sth. to do while T0 is waiting on DDR(3) and vise-versa?
Waiting in terms of latency. When the bus is mostly empty and it takes a while to make a round trip it's great to try to find a few extra passengers to put on it. When the buses are all completely full adding the extra riders just makes the bus stop that much more chaotic.
This is ironically a pretty solid use case for (ex VLIW research) ILP-optimizing compilers.
Given knowable runtime hardware usage patterns (huge bursts of memory bandwidth saturation) and a single limited core/thread-shared resource (memory bandwidth), one could optimize for the constraint ahead of runtime.
Because most of the performance optimization levers you have available to pull are (a) trade compute for memory bandwidth (e.g. compression), (b) preload when memory bandwidth is available, (c) optimize the choice of what's in cache when, (d) align to cache size / memory boundaries.
Or tl;dr, try to approximate GPU ISAs at the CPU compiler level. (Which why would anyone but hobbyists, because everyone else just buys pallets of Nvidia/AMD or designs their own ML chips?)
Yeah, this is just weird to me. I'm not exicted about our new LLM agent overlords, but this seems like a wild overreach by an open source project.
> This project is not meant to be used by any “AI” coding agents at all.
They provide no reasoning. Ironically, this project is in maintenance mode, according to their GitHub README. So... just fork it, and comment out that message. It seems simple enough. This kind of "AI protection" just seems silly and childish. A bit like: "You can use my open source project, but only in the ways that I deem appropriate."
That caveat is modestly famous in open source license law circles. More than a few companies have debated whether or not to allow that package to be used. Fortunately, there are many open source alternatives that do not include that same restriction.
Tangentially related: The commercial license for Java used to say that it was not allowed to be used in an nuclear power plant. I'm not sure if that restriction still exists today.
- Buy an Homepod/Apple TB as a home station
- Everything works locally, even the internet is down.
- no Accounts.
- only one privacy policy: Apple's
- but ofc, you can control everything remote, and Apple makes sure its easy and secure.
Since its Apple, they have to make sure there are downsides, too (beside price):
- If Apple does not deem it worthy, it will not get implemented. [1]
- Things that should be simple are not. Try to set the lights to turn on 10 minutes before your alarm goes off. I'll wait here.
I see a market for a company which builds on home-assistant.
You can tell the nerds: If "corporate" does sth you dont like, you can always go back to home-assistant.
And for everybody else, you can offer a support, a list of compatible/certified devices, an extendable, open API, a vetted applications/script market place, a secure remote connection, ...
[1] It has been a few years, but last time I checked, CO2 Levels still can only be reported as labeled Levels ("high/low/.."), with the actually ppm Value hidden in some auxiliary value. No way around it, Apple needed to put CO2{ type: integer, range: 0-10000} in some json some where, and they did not come around to do it for like half a decade, at which point I stopped caring.
>Try to set the lights to turn on 10 minutes before your alarm goes off
I had a very similar use case: turn on my espresso machine (via smart plug) 20 minutes before I wake up. It should have been simple, as I already have a sleep schedule with a wake up alarm in the system. It turned out to be such a complicated hassle, that it put me off from using HomeKit for anything more complicated than “press a button to turn on a lamp”.
Answer: Because the "random stuff" (plugins for VS Code and other IDEs) solves real problems and nothing bad happens most of the time.
Almost no manager will sign-off spending time on building stuff in-house if its available "for free".
This is also in no way a new thing. How much code was written in notepad++ in the '00ies? Did anyone bother to check if the plugins did sth. malicious? We also used some weird closed-src "addon" for the Nullsoft installer to get a product out of the door, dont remember what the problem was exactly....
"solves real problems and nothing bad happens most of the time."
Like Wordpress plugins previously that'll work for now but we're now on the trajectory of relearning that same lesson, because people are automating discovery and exploitation of these extensions and plugins and whatnot around text editors and MCP and so on.
Though I suspect we'll first see a torrent of exploitation similar to what was done to Wordpress instances, and then a change of behaviour, because as you allude to, the people with influence didn't learn from previous experiences with similar technologies.
I suppose people did learn that it isn't that bad or costly after all and the risk and the bandaids are still better than the cost of being the first to try and fix software supply chains for good. As things stand, I don't know how that might even be done if it's supposed to not be a better bandaid and someone has to do the legwork and it can't be so costly or impractical to overworked IT teams that everyone is just going to ignore it.
Can relate. A lot of the times it is the process that is slowing people down, and it is unrealistic for any corporation to do security audition for everything developers need on time, so unfortunately rules have to be bent.
Some big corps resort to a different tactics: they ONLY allow in-house tools. IDEs, communication tools, everything you need on a daily basis, they make in-house tools for that. It costs a lot of money but they care about security.
Worse, is when the "team" doing the auditing is one guy, and that guy leaves with no replacement... and you need to explain to mgt that their new product release hasn't gone out for 3 months because you can't get the new versions of modules cleared and into the internal repo for production apps.
Actually happened at one of the largest banks in the world when I was contracting there. And that was mostly just a license/legal audit, not even a full source/security audit.
> solves real problems and nothing bad happens most of the time
Aaand this is why AI is taking our jobs and we all rightfully deserve to be laid off. This utter lack of risk awareness and care for quality is what created the need for autonomous agents to dig through and build upon man-made slop.
Honestly, I find it rich that we’re the ones who think that AI is the one that’s producing slop. Give any agent clear harnesses and it’ll produce better code than a human would close to 100% of the time. That’s still as indeterministic as the way you used “most of the time”, but the deviation tends to be smaller and the quality and rigor is much higher.
Are you suggesting that AI-written code tends to be more secure than human-written code? Because there are many examples to the contrary, starting with MoltBook.
Not really, no. That's not even the point. Say for example they're just the same level of security. Then what value does a human even offer to a company if AI can do the same quality of work faster? It's not as if the company benefits from something like "human discernment", because as predicated in this thread, developers exactly have none of that, since they don't care about the security aspect of the VSCode extensions that they use. Might as well lay off the human developers and just use AI for as long as the latter is cheaper. How many people does a company really need to update its VSCode to the version that blocks the malicious extension? Do you need more than one and does that person have to be full-time?
Not reading that AI slop, if you need to flash the VBIOS of 3080 (or any GPU), do the following:
1. Get a new VBIOS from a trusted source. I recommend TPU[1], they have a HUGE collection.
2. Backup the current VBIOS (e.g. GPU-Z has a on-click option to backup and upload it to TPU)
3. Have a working 2nd GPU[2] (or another PC with a free PCIe slot) so that you have the option the flash back the orignal VBIOS in case things go south [3]
4. Test that your backup GPU/PC works BEFORE flashing any VBIOS, goddamit!
The whole point of it was for Linux, not windows, no gui, to enable this feature. Your recommendation is for windows, a gui tool, and basically everything this project was anti.
GE 10.34 released March 23th, 5 days after 10.33 - any reason to test with 10.33 in June? Was there a regression?
reply