The Meltdown and Spectre vulnerabilities disclosed this week affect millions of PCs, servers, and mobile devices. The good news is that companies have been busy rolling out software updates that should make it less likely that someone will exploit one of these vulnerabilities to steal your personal data.

Some of those patches affect your personal devices like your phone, laptop, or desktop computers. Others are rolling out to servers, where the risk is even greater since multiple users log into the same server simultaneously and an unpatched server could leak your data to an attacker.

The Meltdown-related security updates are expected to offer pretty strong protection against that exploit variant, and while there seems to be some disagreement over whether it’s entirely possible to prevent Spectre-based attacks via software updates alone, Intel claims that it’s rolling out updates that will make its chips “immune” to both form of attack.

But at what cost? Early reports had suggested that the “fix” for Meltdown would take a toll on performance since it’s basically a workaround that could make certain tasks take longer to complete. Intel says the impact is negligible for most users. But it turns out that it all depends on what it is you’re trying to do with a computer.

Epic Games

Phoronix has been running benchmarks to see how computers perform before and after updating to the patched Linux kernel 4.15. It looks like the difference really is unnoticeable for some tasks such as gaming. But for others, such as Wine, virtual machines, Redis, and PostgreSQL, it can be pretty significant.

CNX-Software ran some before-and-after benchmarks on a computer with an Intel Pentium N4200 Apollo Lake processor and Windows 10 and found almost no difference in PCMark 10 and 3DMark scores, and only modest differences in CrystalDiskMark read/write scores.

Google says it’s rolled out updates on its own systems and found the impact on performance to be negligible. Meanwhile, Epic games says it’s seen a huge spike in CPU usage on its servers since implementing updates to protect against Meltdown attacks, and that’s resulting in “unexpected issues” affecting stability and logins for the Fortnite video game.

Epic isn’t the only company that’s seen an impact on its cloud servers.

So were those early reports suggesting that the security updates could slow computers by as much as 30 percent overblown? Yes and no. It’s entirely possible that casual PC users won’t notice any difference at all, depending on what they use their PC for. And some cloud services aren’t feeling the heat too much either. But others are seeing a serious spike in CPU usage, which could be expensive both in terms of processing power and money.

There may be additional software updates that could help mitigate the performance impact of this vulnerability mitigation. But simply applying the patches and continuing to run existing software seems to lead to mixed results.

via Hacker News

Support Liliputing

Liliputing's primary sources of revenue are advertising and affiliate links (if you click the "Shop" button at the top of the page and buy something on Amazon, for example, we'll get a small commission).

But there are several ways you can support the site directly even if you're using an ad blocker* and hate online shopping.

Contribute to our Patreon campaign


Contribute via PayPal

* If you are using an ad blocker like uBlock Origin and seeing a pop-up message at the bottom of the screen, we have a guide that may help you disable it.

Subscribe to Liliputing via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 9,543 other subscribers

11 replies on “Meltdown mitigation updates have either very little impact on performance… or a lot, depending on the task”

  1. Totally unrelated, but just this morning I was thinking how now even a 15 watt CPU can run either a backup program or an antivirus scan without affecting the performance of other normal tasks (e.g. browsing, document processing, etc.). I hope that is still true after these patches.

    But as to this topic, the point shouldn’t be whether you can run a test and see a performance hit, the test should be whether it is somehow noticeable.

  2. “CNX-Software ran some before-and-after benchmarks on a computer with an Intel Pentium N4200 Apollo Lake processor and Windows 10 and found almost no difference in PCMark 10 and 3DMark scores, and only modest differences in CrystalDiskMark read/write scores. ”

    Not sure that anyone would want to game using an N4200 chip 😛

    1. It’s sufficient to play (much) older titles and to emulate anything PSX generation or older. I do that every now and then.

  3. It’s unfortunate that virtualized OS’s may see somewhat noticeable performance drops. Apart from bloated websites, virtual machines are the most resource intensive things I run on my personal computers. Hopefully, I don’t end up noticing it for my applications.

  4. I’m most worried about how this will affect audio software. Hopefully some benchmarks come up to show what affect this will have on things like amp/cab sims, soft synths, and various DAW tasks.

    1. Audio production and synthesis workloads generally tend to follow the same curves as gaming, at least as far as CPU is concerned, so I’m hopeful that this will be true in the post-patch world too.

      1. I hope so too. I’m just worried that gaming isn’t affected as much because of how much gets handed off to the GPU. That said, I don’t know enough to know whether that’s the case. I guess I’ll find out once the patches start rolling out.

  5. Why you omitting that after the “patch”(how don’t fix nothing) compilation of Java code have a 60% to 90% performance drop???

    1. I don’t believe Brad ever implied his post here was meant to be a complete and exhaustive list of all Meltdown mitigation impacts. Instead of petulantly pointing an accusing finger, why not add to the community pool of knowledge by including a link backing up your claim here about the impact to Java code compilation for folks to read for themselves?

      1. Maybe Scheldon made it up like most Internet commenters’ “statistics”? I couldn’t find anything other than RedHat’s analsyis where Java VM performance loss is “modest”:

        Modest: 3-7% – Database analytics, Decision Support System (DSS), and Java VMs are impacted less than the “Measurable” category. These applications may have significant sequential disk or network traffic, but kernel/device drivers are able to aggregate requests to moderate level of kernel-to-user transitions. Examples include SPECjbb2005, Queries/Hour and overall analytic timing (sec).

Comments are closed.