Massive security hole in CPU's incoming?Official Meltdown/Spectre Discussion Thread

Page 29 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.

csbin

Senior member
Feb 4, 2013
838
351
136
http://bbs.ngacn.cc/read.php?tid=13199794

Clevo W230SS,Core i7-4712MQ

bios patch +windows patch

PCMARK10 : 3303 ---> 2657




9aQ5-e6y5K1oT3cSrl-ef.png


9aQ5-7mcrZ1nT3cS12w-nm.png



9aQ5-fvueK27T3cS12w-nm.jpg
 

PingSpike

Lifer
Feb 25, 2004
21,729
559
126
This is something that I've noticed. No mention of the micro code bios patch that is going to cause the big hit to performance, because it affect speculative branch prediction more so than the OS update. They mention the motherboard bios upgrade, but only grab the windows update! Expect further losses in performance!

Yeah, what I'm getting out of this is sit tight because what we've seen so far isn't really the whole story. It seems like early benchmarks may not have been using all the fixes. Not sure if the shoes are done dropping.

Some things I've read (and I'm sure its referenced here in the thread most likely) suggest that there's a microcode workaround for one of the spectre variants that is pretty cheap as far as performance cost goes on older chips. But skylake and newer actually has to use a more expensive workaround.
 

nOOky

Platinum Member
Aug 17, 2004
2,827
1,849
136
I'd edit the thread title unless it only applies to Xeon processors? :)
 

bsp2020

Member
Dec 29, 2015
103
114
116
An indicator of Intel's Damage control skills perhaps
You should buy AMD stocks and wait for the market to realize how big a problem this is for Intel. AMD's server just went from "competitive" to "dominating by 2X or more" overnight. This is an opportunity to make money for all of us who understand what is going on. There is no way Intel will not lose significant server market share from this.

The only way to get to servers in data center is through network and the patch slows down network traffic significantly for small packets. Intel server's IO performance went down the drain just in time for AMD EPYC's arrival that offers superior IO performance. EPYC offered superior IO performance using more PCIe lanes that are connected directly to CPUs. That superiority just went from "price/performance competitive" to "dominating in every metric".

People who are benchmarking the effect of gaming performance of the patch just does not understand what is going on. Every disk access and network traffic happens through system call and the meltdown patch slows down all system calls. What type of workload uses disk and network a lot? Data center server workload, of course.

Buy AMD shares and wait a few month to profit. The stock price will move like it was 2016 all over again. :)
 
Last edited:

plopke

Senior member
Jan 26, 2010
238
74
101
https://www.techspot.com/article/1554-meltdown-flaw-cpu-performance-windows/

Gaming performance got even better after the patch for Intel...:rolleyes:
"When we tested and published this article, the Windows 10 emergency fix had been out for just a few hours and no microcode or firmware updates had become available."
Lets hope for gaming these results stay the same when it is tested with firmware update also , for now all these news articles that only tested the patch are no indication of performance. If i look true the thread the one place gaming might be impacted is that game servers will suffer.
 
Last edited:
  • Like
Reactions: PingSpike and IEC

tential

Diamond Member
May 13, 2008
7,355
642
121
https://www.techspot.com/article/1554-meltdown-flaw-cpu-performance-windows/

Gaming performance got even better after the patch for Intel...:rolleyes:

I've just seen the AMD subreddit BLOW UP with how they're all going to switch from intel to AMD because of this and they're afraid they're going to lose performance.
Yet I've seen few benchmarks, or data supporting anyone freaking out, just fear mongering.

In fact, most of what I see is just speculation, no one seems to have done much of any testing. It's really annoying, because I couldn't care LESS about Spectre/Meltdown, unless you have performance numbers. If you have zero data, why are we even talking?! That's been the frustrating thing. Tell me the performance hit, or I really just don't care.
 
Feb 4, 2009
34,506
15,737
136
What is a reasonable time estimate for Intel to release newly designed chips that do not have this flaw?
 

tential

Diamond Member
May 13, 2008
7,355
642
121
You should buy AMD stocks and wait for the market to realize how big a problem this is for Intel. AMD's server just went from "competitive" to "dominating by 2X or more" overnight. This is an opportunity to make money for all of us who understand what is going on. There is no way Intel will not lose significant server market share from this.

The only way to get to servers in data center is through network and the patch slows down network traffic significantly for small packets. Intel server's IO performance went down the drain just in time for AMD EPYC's arrival that offers superior IO performance. EPYC offered superior IO performance using more PCIe lanes that are connected directly to CPUs. That superiority just went from "price/performance competitive" to "dominating in every metric".

People who are benchmarking the effect of gaming performance of the patch just does not understand what is going on. Every disk access and network traffic happens through system call and the meltdown patch slows down all system calls. What type of workload uses disk and network a lot? Data center server workload, of course.

Buy AMD shares and wait a few month to profit. The stock price will move like it was 2016 all over again. :)
Tell that to all the gamers who are freaking out and thinking they need to do something. No data supporting their claims yet, just a ton of fear mongering. On reddit anyway.
 

wahdangun

Golden Member
Feb 3, 2011
1,007
148
106
Tell that to all the gamers who are freaking out and thinking they need to do something. No data supporting their claims yet, just a ton of fear mongering. On reddit anyway.

Umm I have a several VM affected by this bug mainly VM that hosted ms-sql and posgress-sql,(odoo), and since the update my user start complaining about slowdown, and what's make me angry was Ms forced update my server, and the worst thing is my antivirus stop working after that (I'm using immunet av).
 
Feb 4, 2009
34,506
15,737
136
All of my machines are over 4 years and don't think motherbaord/PC vendor will make new BIOS, and if I don't visit websites that host malwares, do I really have to patch?

==

Now Intel says it can fix the bug?

http://www.businessinsider.com/inte...n-2018-1?utm_source=markets&utm_medium=ingest

To my understanding there is a possibility of worms infecting machines basically if your machine is connected to the internet it is vulnerable
*I am no subject matter expert in this area*
 

mxnerd

Diamond Member
Jul 6, 2007
6,799
1,100
126
To my understanding there is a possibility of worms infecting machines basically if your machine is connected to the internet it is vulnerable
*I am no subject matter expert in this area*

OK. I probably misunderstood what Intel said.

Intel said 90% of its CPUs released in the past 5 years can be fixed, but didn't say the performance will not be affected by the patch. The performance will get hit, but not major. Should I believe it?
 

Hitman928

Diamond Member
Apr 15, 2012
5,182
7,633
136
All of my machines are over 4 years and don't think motherbaord/PC vendor will make new BIOS, and if I don't visit websites that host malwares, do I really have to patch?

==

Now Intel says it can fix the bug?

http://www.businessinsider.com/inte...n-2018-1?utm_source=markets&utm_medium=ingest

Intel has said a lot of things since this came out, very little of it really true. The Spectre bug isn't truly fixable without rethinking all modern CPU designs. Intel does have a fix for 2 specific attacks using the Spectre bug, but they haven't made their CPUs "immune" to what Spectre really is. Same thing for AMD, though the fix for both specific types of Spectre attacks we have right now hurts less on AMD than it does on Intel.
 

IEC

Elite Member
Super Moderator
Jun 10, 2004
14,323
4,904
136
To my understanding there is a possibility of worms infecting machines basically if your machine is connected to the internet it is vulnerable
*I am no subject matter expert in this area*

There is a proof of concept Javascript attack demonstrated by a researcher where he was stealing passwords in real time as the user typed them in. While it's more difficult to use these vulnerabilities/bugs to actually deliver payloads to machines, it is not impossible.
 
May 11, 2008
19,306
1,130
126
I was wondering people, system calls will be slower. Mainly the requests to drives and network is applicable here for users.
We notice that i/o to drives is slower and mostly servers will notice this or clients that do small 4k reads and writes.
Are there tests done on networking already ?
With all the games testing and people saying it is negliable , how is it when doing multiplayer games ?
For the client , will this affect when playing a multiplayer game client ?
And for the server, how will this affect a multiplayer game server ?