
Performance Impact of Spectre and Meltdown Mitigations on Windows Systems - bpasero
https://cloudblogs.microsoft.com/microsoftsecure/2018/01/09/understanding-the-performance-impact-of-spectre-and-meltdown-mitigations-on-windows-systems/
======
jzl
_" We currently support 45 editions of Windows. Patches for 41 of them are
available now through Windows Update."_

Wow. I have to admit, that number larger than I would have guessed. (I
probably would have said 20.) But ultimately not too surprising.

~~~
em3rgent0rdr
Dealing with such a large number of versions must be a nightmare. A nightmare
of Microsoft's own creation...

~~~
mark_l_watson
This is why I tacitly approve of forced (or pressured) automatic updates for
Windows, macOS, and iOS. Everyone is probably safer when most efforts to fix
Zero day exploits, General hardening, etc. are concentrated on fewer versions.

When I want freedom to do what I want with my computer, I run Linux, but for
my Apple devices I want auto updates.

~~~
em3rgent0rdr
I'm not talking about being a nightmare for ysers, but a nightmare for
Microsoft, which had to develop and verify the fix works for every OS variant.

~~~
WorldMaker
Right, which is why Microsoft has been tweaking its support platform with
Windows 10 to try to narrow the number of simultaneous versions they must
support, then all the efforts to funnel users faster through updates so that
they retire updates faster.

All the complaints about Windows 10 forcing users to update are exactly
related to Microsoft trying to narrow the forest of possibilities of
patch/update/upgrade combinations in the wild.

All the complaints from companies that Windows 10 major update versions now
only have 18-month support terms (as opposed to say nearly 10-years like XP),
is again, Microsoft trying to shrink the forest to focus on fewer, more
important trees.

As a user, I want Microsoft to force more updates if it means better support
and faster fixes, and it disappoints me how every time Windows 10 is brought
up here on HN, or over on The Verge or Ars Technica, a half dozen people come
out of the woodwork to loudly complain about Windows 10 updates.

~~~
spookthesunset
I don't think it is the updates themselves that are annoying but the fact you
have to reboot all the damn time because of it. Someday, somehow, an OS vendor
will invent a way to patch a running kernel and it's underlying stack without
requiring a reboot.

~~~
WorldMaker
That will likely only ever come when we build a better programmer with
superhuman ability to track system state. But not just kernel programmers:
every programmer.

I heard once in a Windows Update talk (probably a BUILD talk I watched on
Channel 9?) that the Windows kernel needs far fewer restarts than people
assume; Microsoft just doesn't trust most application software in user space
to continue to work if they silently swapped kernel components out from under
it. Too much software does dumb things with system state or makes wrong
assumptions about system calls (despite stacks of manuals telling them
otherwise).

The UWP application lifecycle model is _built_ to support the kernel asking an
app to pause, save what state it can, and restart at some point later with
just a hint of its previous state. So many programmers seem to hate it (and
get it wrong) because it means they have to think about state management more
than they ever had to before.

That API was _informed_ by the need to restart individual applications without
rebooting the entire system. If more apps followed the UWP application
lifecycle _well_ , Windows would need fewer reboots.

(Compare to the Xbox One where developers were not given a choice to opt-out
of the UWP application lifecycle, and it having mostly just two forced
restarts a year. Also note how many game developers and app developers get the
UWP application lifecycle wrong and you find games/apps in broken states when
you get back to them, requiring a force quit.)

The easiest thing to change is your habits as a user and make sure that
reboots aren't a problem to you. Windows 10 gives a lot of warning (more so
now than at launch, of course) when reboots are coming up, including not-
subtle things like system notifications, and subtle places like wording
changes in the Shutdown menus as updates approach (first "Restart" becomes
"Update and Restart", then as the deadline looms closer, "Shutdown" becomes
"Update and Shutdown"). Find software that saves more state between restarts;
encourage applications to move to the UWP application lifecycle (and use it
correctly); checkpoint your work more often; speed up your startup and
eliminate everything you can from the critical path (sorry, Slack, you can
wait a few minutes after I've finished booting; I don't need my Windows
Service that performs backups to run Automatic, it's fine to be Automatic
(Delayed) delay started by Windows). Those are all things you can do
proactively instead of being angry at Windows needing to restart because it is
overly-worried your applications will break in mysterious ways if it doesn't.

------
SimonPStevens
Random conspiracy theory:

This whole episode of CPU bugs and fixes that cause performance problems (most
notably on older hardware) is exactly what the tech industry needed to
stimulate consumers into refreshing their old hardware that was previously
running fine.

It's almost like planned obsolescence. Msybe it was orchestrated.

(I don't think this actually likely, but it's interesting that it could be
rather beneficial in the end for some)

~~~
benaadams
> It's almost like planned obsolescence. Msybe it was orchestrated.

Since 1995? 23 years seems a long time to wait

------
chrisper
>With Windows 10 on newer silicon (2016-era PCs with Skylake, Kabylake or
newer CPU), benchmarks show single-digit slowdowns, but we don’t expect most
users to notice a change because these percentages are reflected in
milliseconds.

Then, I guess, I am glad I upgraded to 8700k and won't return it. I was
upgrading from a 4770, but it seems that one is going to be even slower now.

~~~
glenneroo
You might have been even happier with a Ryzen/Threadripper since they are not
affected by as many variants of Spectre.

------
bbatchelder
Anyone know if there are performance impacts from the macOS updates released
recently to address Spectre/Meltdown?

~~~
m_eiman
Seems like syscalls are a lot more expensive, which may or not affect your
daily work.

[https://reverse.put.as/2018/01/07/measuring-osx-meltdown-
pat...](https://reverse.put.as/2018/01/07/measuring-osx-meltdown-patches-
performance/)

------
ComputerGuru
This is pretty bad :/

 _With Windows 8 and Windows 7 on older silicon (2015-era PCs with Haswell or
older CPU), we expect most users to notice a decrease in system performance._

That’s random end users. Not workstations and not servers. Wow.

~~~
mrguyorama
Oh boy that's me!

------
BuildTheRobots
It's completely anecdotal, but I'm convinced my Phenom-II x6 system's IO has
slowed to a crawl in the last few days...

edit: Oh, though it seems there's another thread discussing how the
mitigations have slowed down "Haswell and older CPUs significantly".

edit edit: like an idiot, i didn't include the link:
[https://news.ycombinator.com/item?id=16113289](https://news.ycombinator.com/item?id=16113289)

------
roca
I would really like to know exactly what compiler changes they made to
mitigate Spectre.

~~~
trelliscoded
It’s probably the retpoline replacement for indirect branches, which traps the
speculative execution of the untaken branch in a loop

------
davidgrenier
It'd be great for Microsoft's Singularity/Midori people to discuss these
vulnerabilities in the context of such managed operating systems.

------
pers0n
This is only for intel cpus right?

~~~
c2h5oh
Meltdown, for which mitigation has the bigger impact, is Intel only. Spectre
is possible on most modern CPUs including AMD and ARM

------
skydv
tldr: should I never ever update my Windows 8 again lest it becomes slow af?

~~~
dvfjsdhgfv
It seems so. Sooner or later people will post some benchmarks so we'll have
more precise knowledge. At this point the statements from MS are a bit fuzzy.

~~~
c12
Fuzzy, yes. But they do declare that a lot of people will notice slow downs
day to day.

~~~
wklauss
They need to ve very conservative in the statements and err on the side of
caution. It's better for people to find out is not as bad as they thought than
to find out it's worse than they thought.

