Profile cover photo
Profile photo
Jan Moren
18,688 followers -
Janne. In Osaka. And Okinawa.
Janne. In Osaka. And Okinawa.

18,688 followers
About
Posts

I got the Meltdown/Spectre kernel update on my work laptop. So I decided to take a look if there's a performance difference for compute-bound workloads. I shut down all my other apps, ran the benchmarks, rebooted, ran benchmarks again.

I tried two very simple benchmarks: running "convert -charcoal 10" on a largish image; and running a simple Python starfield simulation that uses MPI for multiprocess communication. I ran each of them ten times, after first dry-running them once.

The first one uses 4 threads (2 cores * 2 hyperthreads on this laptop), and is effectively completely compute-bound. The Starfield simulation alternates computation (almost all of which happens in a linear algebra library through Scipy), with coordination using MPI. I used only two processes; hyperthreading makes little sense for compute-bound workloads.

End result:

Both apps have almost exactly the same average execution time before and after: 10.02 vs. 9.93; and 9.35 vs. 9.30.

The minimum run time is also all but equal: 9.8 vs. 9.81; and 9.30 vs. 9.25. All well within the noise level.

I also looked at the communication time for the MPI app: average of 0.079 vs. 0.0828; and a minimum of 0.052 vs. 0,06. Absolute average deviation was 0.012 and 0.011, so while there seems to be an increase in communications, this data is too noisy to make it definite.

Now, this test is far from perfect of course:

* I compared a long-running system with a freshly rebooted one. True, but I did stop other apps first, and if the effect of the patch is small enough to disappear due to this, the effect is too small to worry about in practice.

* These were extremely compute-bound apps. Absolutely; one does a large convolution, the other a big pile of matrix operations. But the purpose of this little test was to see the effect on just that kind of apps. I'm sure that I/O-bound stuff such as databases will see a much more significant effect but that's not what I worry about here.

* Testing HPC-type workoads on a laptop is, well, dumb. Yep. Actually, I expect the convolution test to be reasonably accurate. But an MPI job with only two processes is of course not very realistic. A real test would use one or more real compute nodes, a realistic workload and dozens of processes.

This is a noisy test, and too small scale to give any definite answers, but it does seem to me that whatever the impact on patching Meltdown will be on compute-bound work like this (or, I expect, games), it's small enough not to make a real-life difference. A little reassuring to know.
Add a comment...

Post has attachment
My cold is over. I'm home alone. What's for dinner? Spam donburi! Never say we don't take the culinary high road in this house :)
Photo
Add a comment...

Three day weekend! And I'm sick as a dog, with fever, cough and a sore throat. Outside it's been raining all weekend, so it's not as if I would have spent the time at the beach or something anyhow.

Instead I'm drinking hot tea, reading a book about squid and feeling a little sorry for myself. I think I've earned it.
Add a comment...

Post has shared content
Common sense advice regarding the latest vulnerability.

I can add that from what we can determine, the slowdowns that the needed OS changes will cause will likely be in the 1%-10% range in practice. The only exceptions are if you run things in a VM or container, and databases, both of which may see a worse performance hit that that. At the other end, GPU offloaded code won't slow down at all (it's not running on the host after all), and compute-bound code in general - games and most HPC code - will be right at the 1%-2% lower end.

But yes, its not a good day for computing, and especially not for Intel and not for cloud providers. The Intel-specific bug is the one that needs a performance-hurting OS change, so they just lost some practical performance compared to their rivals. And stuff running in the cloud is always virtualized, so their performance hit will be a lot worse than for things hosted locally. Private HPC clusters such as ours may well decide to not even enable that particular patch; the cloud providers don't have that luxury.
Various less technical folks have been asking a lot about what they should be doing about the new exploits. These are my personal opinions.

1. Most embedded devices are probably not affected because a) they typically use small low power processors that don't speculate or not much. b) they only run code that was loaded on them by the vendor. Many don't even implement any kind of internal security model so this exploit doesn't make them any less secure than they were - which for much Internet of Things stuff is alas not very.

2. If your personal desktop/laptop is set up as things typically are with you having a single login that lets you do everything then all your apps don't need this exploit to hack one another and you are pretty much trusting the suppliers of them as well as your OS supplier. What you do need to care about big time is javascript because the exploit can be remotely used by javascript on web pages to steal stuff from your system memory. Mozilla and Chrome both have pending updates. and some recommendations about protection. Also consider things like Adblockers and extensions like noscript that can stop a lot of junk running in the first place. Do that ASAP. When OS updates appear apply them.

3. If you are using a public cloud then make sure your cloud provider has taken appropriate measures to protect your virtual machine from everyone else. Actually updating your own guest kernel is less of a priority. If your provider does not have a fix then now is a good time to practice that recovery plan you should have for what to do when your cloud provider goes down.....

4. Phones are a bit more complicated but if you've got a cheap crappy phone the chances are the processor in it is not that vulnerable and you get to laugh at people with ultra high tech toys. What we don't have yet is any good list of processors which are not affected but judging by the ARM provided list of afflicted processors it seems likely that an awful lot of low end phone stuff simply isn't going to be vulnerable in the first place.

Overall though the general rules apply because it's not the only vulnerability that is going to be discovered this year, and it doesn't take a security hole to break a system. So keep backups, test they work and have an up to date plan for what to do if/when your machine gets hit by something evil (or for that matter gets killed by coffee, cats, fire or other natural disasters).

Do you have the phone number to cancel your bank cards if you have no computer or internet ?.
Do you know how to restore a backup on a new machine ?
If you are dealing with proprietary software do you have copies of any license keys ?
What plan do you have to change passwords on accounts and how will you do it with no PC of your own working?

Add a comment...

Post has attachment
Now, if we could also convince these people that homoeopathy is real, they'd die of thirst from trying to live on trace amounts of water, thereby increasing the mean world IQ and freeing up a bit of resources for non-insane humans.
Add a comment...

Post has attachment
Biggest surprise of the year: Swedish snus (made in Sweden and all) on sale at a cafe in Itami airport, Osaka. It wasn't long ago this stuff was completely forbidden for sale in Japan.

Granted, this is mini pouches, and heavily sweetened (ugh), but still. And when you consider how common it still is to smoke here it makes some sense to allow this as a less harmful alternative.

Also, I guess Japan really has been opening up its market if they allow a foreign import to compete with JC.
Photo
Add a comment...

Post has attachment
Add a comment...

Post has attachment
Blog: With New Year upon us, a reminder of warmer times in Singapore.
Add a comment...

Post has shared content
Add a comment...

Post has attachment
Hot mojito at JR Umeda station.
Photo
Add a comment...
Wait while more posts are being loaded