Performance Impact of Spectre and Meltdown Mitigations on Windows Systems
cloudblogs.microsoft.com"We currently support 45 editions of Windows. Patches for 41 of them are available now through Windows Update."
Wow. I have to admit, that number larger than I would have guessed. (I probably would have said 20.) But ultimately not too surprising.
Did they not cause this themselves when making 'home' 'professional' 'enterprise' and so on versions of each of their major versions?
Dealing with such a large number of versions must be a nightmare. A nightmare of Microsoft's own creation...
This is why I tacitly approve of forced (or pressured) automatic updates for Windows, macOS, and iOS. Everyone is probably safer when most efforts to fix Zero day exploits, General hardening, etc. are concentrated on fewer versions.
When I want freedom to do what I want with my computer, I run Linux, but for my Apple devices I want auto updates.
I'm not talking about being a nightmare for ysers, but a nightmare for Microsoft, which had to develop and verify the fix works for every OS variant.
Right, which is why Microsoft has been tweaking its support platform with Windows 10 to try to narrow the number of simultaneous versions they must support, then all the efforts to funnel users faster through updates so that they retire updates faster.
All the complaints about Windows 10 forcing users to update are exactly related to Microsoft trying to narrow the forest of possibilities of patch/update/upgrade combinations in the wild.
All the complaints from companies that Windows 10 major update versions now only have 18-month support terms (as opposed to say nearly 10-years like XP), is again, Microsoft trying to shrink the forest to focus on fewer, more important trees.
As a user, I want Microsoft to force more updates if it means better support and faster fixes, and it disappoints me how every time Windows 10 is brought up here on HN, or over on The Verge or Ars Technica, a half dozen people come out of the woodwork to loudly complain about Windows 10 updates.
I don't think it is the updates themselves that are annoying but the fact you have to reboot all the damn time because of it. Someday, somehow, an OS vendor will invent a way to patch a running kernel and it's underlying stack without requiring a reboot.
That will likely only ever come when we build a better programmer with superhuman ability to track system state. But not just kernel programmers: every programmer.
I heard once in a Windows Update talk (probably a BUILD talk I watched on Channel 9?) that the Windows kernel needs far fewer restarts than people assume; Microsoft just doesn't trust most application software in user space to continue to work if they silently swapped kernel components out from under it. Too much software does dumb things with system state or makes wrong assumptions about system calls (despite stacks of manuals telling them otherwise).
The UWP application lifecycle model is built to support the kernel asking an app to pause, save what state it can, and restart at some point later with just a hint of its previous state. So many programmers seem to hate it (and get it wrong) because it means they have to think about state management more than they ever had to before.
That API was informed by the need to restart individual applications without rebooting the entire system. If more apps followed the UWP application lifecycle well, Windows would need fewer reboots.
(Compare to the Xbox One where developers were not given a choice to opt-out of the UWP application lifecycle, and it having mostly just two forced restarts a year. Also note how many game developers and app developers get the UWP application lifecycle wrong and you find games/apps in broken states when you get back to them, requiring a force quit.)
The easiest thing to change is your habits as a user and make sure that reboots aren't a problem to you. Windows 10 gives a lot of warning (more so now than at launch, of course) when reboots are coming up, including not-subtle things like system notifications, and subtle places like wording changes in the Shutdown menus as updates approach (first "Restart" becomes "Update and Restart", then as the deadline looms closer, "Shutdown" becomes "Update and Shutdown"). Find software that saves more state between restarts; encourage applications to move to the UWP application lifecycle (and use it correctly); checkpoint your work more often; speed up your startup and eliminate everything you can from the critical path (sorry, Slack, you can wait a few minutes after I've finished booting; I don't need my Windows Service that performs backups to run Automatic, it's fine to be Automatic (Delayed) delay started by Windows). Those are all things you can do proactively instead of being angry at Windows needing to restart because it is overly-worried your applications will break in mysterious ways if it doesn't.
Ksplice could do it for years on linux. It's owned by Oracle now. AFAIK there is an ongoing development in linux kernel to make it generic feature.
this is only really possible in a very controlled ecosystem. Apple has this down well but MSFT does not. For example for this recent patch certain (major) antivirus vendors rendered computers unusable with the update. What if MSFT force updated everyone and bricked 20+% of windows users? Not a good strategy.
They might also be counting the 40 language packs. https://docs.microsoft.com/en-us/windows-hardware/manufactur...
They’re not.
Random conspiracy theory:
This whole episode of CPU bugs and fixes that cause performance problems (most notably on older hardware) is exactly what the tech industry needed to stimulate consumers into refreshing their old hardware that was previously running fine.
It's almost like planned obsolescence. Msybe it was orchestrated.
(I don't think this actually likely, but it's interesting that it could be rather beneficial in the end for some)
> It's almost like planned obsolescence. Msybe it was orchestrated.
Since 1995? 23 years seems a long time to wait
And risk a serious drop in stock price?
Also new processors won't actually get better performance as a result of fixes. The problems arose in the first place because of a preference of performance over security.
A lot of IP advantage will be wiped off. It will benefit some people, but not the actors behind the errors themselves.
but they still have to design newer hardware without the bugs?
>With Windows 10 on newer silicon (2016-era PCs with Skylake, Kabylake or newer CPU), benchmarks show single-digit slowdowns, but we don’t expect most users to notice a change because these percentages are reflected in milliseconds.
Then, I guess, I am glad I upgraded to 8700k and won't return it. I was upgrading from a 4770, but it seems that one is going to be even slower now.
You might have been even happier with a Ryzen/Threadripper since they are not affected by as many variants of Spectre.
Anyone know if there are performance impacts from the macOS updates released recently to address Spectre/Meltdown?
Seems like syscalls are a lot more expensive, which may or not affect your daily work.
https://reverse.put.as/2018/01/07/measuring-osx-meltdown-pat...
This is the most info I've seen: https://twitter.com/aionescu/status/948609809540046849
I don't find any noticeable drop in day-to-day work like browsing, listening to music, or code in my IDEs. Compiling time might be impacted more, but I don't have any numbers.
This is pretty bad :/
With Windows 8 and Windows 7 on older silicon (2015-era PCs with Haswell or older CPU), we expect most users to notice a decrease in system performance.
That’s random end users. Not workstations and not servers. Wow.
Oh boy that's me!
It's completely anecdotal, but I'm convinced my Phenom-II x6 system's IO has slowed to a crawl in the last few days...
edit: Oh, though it seems there's another thread discussing how the mitigations have slowed down "Haswell and older CPUs significantly".
edit edit: like an idiot, i didn't include the link: https://news.ycombinator.com/item?id=16113289
I would really like to know exactly what compiler changes they made to mitigate Spectre.
It’s probably the retpoline replacement for indirect branches, which traps the speculative execution of the untaken branch in a loop
It'd be great for Microsoft's Singularity/Midori people to discuss these vulnerabilities in the context of such managed operating systems.
This is only for intel cpus right?
Meltdown, for which mitigation has the bigger impact, is Intel only. Spectre is possible on most modern CPUs including AMD and ARM
tldr: should I never ever update my Windows 8 again lest it becomes slow af?
It seems so. Sooner or later people will post some benchmarks so we'll have more precise knowledge. At this point the statements from MS are a bit fuzzy.
Fuzzy, yes. But they do declare that a lot of people will notice slow downs day to day.
They need to ve very conservative in the statements and err on the side of caution. It's better for people to find out is not as bad as they thought than to find out it's worse than they thought.
Microsoft will do so as well:
>We will publish data on benchmark performance in the weeks ahead.
more like "tldr: wait for benchmarks"
Or just do them yourself, like others did:
https://www.reddit.com/r/pcgaming/comments/7ohbfi/i5_2500k_m... http://www.guru3d.com/articles-summary/windows-vulnerability...