Integrating fixes for Spectre and Meltdown has been a long, slow process throughout 2018. We’ve seen new vulnerabilities popping up on a fairly regular cadence, with Intel and other vendors rolling out solutions as quickly as they can be developed. To date, most of these fixes haven’t had a significant impact on performance for ordinary users, but there are signs that new patches in the Linux 4.20 kernel can drag Intel performance down. The impact varies from test to test, but the gaps in some benchmarks are above 30 percent.
Phoronix has the details and test results. The Core i9-7980XE takes 1.28x longer in the Rodinia 2.4 heterogeneous compute benchmark suite. Performance in the DaCapo benchmark (V9.12-MR1) is a massive 1.5x worse. Not every test was impacted nearly this much, as there were other tests that showed regressions in the 5-8 percent range.
Michael Larabel spent some time trying to tease apart the problem and where it had come from, initially suspecting that it might be a P-state bug or an unintended scheduler change. Neither was evident. The culprit is STIBP, or Single Thread Indirect Branch Predictors. According to Intel, there are three ways of mitigating branch target injection attacks (Spectre v2): Indirect Branch Restricted Speculation (IBRS), Single Thread Indirect Branch Predictors (STIBP), and Indirect Branch Predictor Barrier (IBPB). IBRS restricts speculation of indirect branches and carries the most severe performance penalty. STIBP is described as “Prevents indirect branch predictions from being controlled by the sibling Hyperthread.”
IBRS flushes the branch prediction cache between privilege levels and disables branch prediction on the sibling CPU thread. The STIBP fix, in contrast, only disables branch prediction on the HT core. The performance impact is variable, but in some cases it seems as though it would be less of a performance hit to simply disable Hyper-Threading altogether.
I would caution against reading into these results as they might apply to Windows users. There are differences between the patches that have been deployed on Linux systems versus their Windows counterparts. Microsoft recently announced, for example, that it will adopt the retpoline fix in Linux for Spectre Variant 2 flaws, improving overall performance in certain workloads. There seems to be some significant performance impacts in the 4.20 kernel, but what I can’t find is a detailed breakdown on exactly whether these fixes are already in Windows or will be added. In short, it’s not clear if these changes to Linux performance have any implications at all for non-Linux software.
Larabel has also written a follow-up article comparing the performance of all Spectre / Meltdown mitigation patches on Intel hardware through the present day. The impact ranges from 2-8 percent in some tests to 25 – 35 percent in others. There’s conclusive evidence that the Linux 4.20 kernel impacts performance in applications where previous patches did not, and several tests where the combined performance impact is enough to put AMD ahead of Intel in tests Intel previously won. How much this will matter to server vendors is unclear; analysts have generally predicted that these security issues would help Intel’s sales figures as companies replace systems. The idea that these ongoing problems could push companies to adopt AMD hardware instead is rarely discussed and AMD has not suggested this is a major source of new customer business.