You might as well get an x86 CPU now, despite Meltdown and its friends

April 22, 2019

A year or so ago I wrote an entry about how Meltdown and Spectre had made it a bad time to get a new x86 CPU, because current CPUs would suffer from expensive mitigations for them and future ones wouldn't. Then I went and bought a new home CPU and machine anyway, and as time has passed I've become more and more convinced that I made the right decision. Now I don't think that people should delay getting new x86 CPUs (or any CPUs), at least not unless you're prepared to wait quite a long time.

Put simply, speculative execution attacks have turned out to be worse than at least I expected back in the days when Meltdown and Spectre were new. New attacks and attack variations keep getting published and it's not clear that people have any idea how to effectively re-design CPUs to close even the current issues, never mind new ones that researchers keep coming up with. That mythical future CPU that will mitigate most everything with significantly less performance penalty is probably years in the future at this point. I'd expect it to take at least one CPU design cycle after people seem to have stopped discovering new speculative execution attacks, and it might be longer than that (it may take CPU designers some time to work out good mitigations, for example).

So yes, any current x86 CPU you buy will pay a performance penalty to deal with speculative execution problems (assuming that you don't turn the mitigations partially or completely off). But so will future ones, although they'll probably pay a lower penalty. Effectively, new CPUs with improved hardware-based mitigations against speculative execution are now one more source of the modest but steady progress in CPU performance. Like a number of other sources of performance improvements (such as additional special SIMD instructions), the improvements will matter a lot to some people and not very much to others. For desktop and general use, they'll probably be useful but not critical.

(It's even possible that future CPUs will see effective decreases in some aspects of performance. For example, Intel dropped HyperThreading in recent generations of i7 CPUs at the same time as they increased the core count. I don't believe Intel has explicitly linked this to speculative execution issues, but certainly HT makes some of them worse, so dropping HT is an easy mitigation that can also be used to drive sales of higher end CPUs in Intel's usual fashion.)

PS: I'm not even going to guess at the benefits and risks of turning various mitigations off in various cases, especially for desktop use, because it depends on so many factors. Right now I'm going with the Linux and Fedora defaults, because that's the easiest way and I have fast enough CPUs and light enough usage that it hopefully doesn't matter a lot to me (but of course I haven't measured that).

Written on 22 April 2019.
« My view on upgrading Prometheus (and Grafana) on an ongoing basis
Go 2 Generics: The usefulness of requiring minimal contracts »

Page tools: View Source, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Mon Apr 22 00:17:23 2019
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.