Ever since Spectre and Meltdown broke in January 2018, we’ve known that the combined impact of patching these security issues would impact raw performance. The question, especially as new disclosures have stacked up, is how large the impacts would be and how would they change the performance comparison between Intel and AMD?
Phoronix has put that question to the test with a substantial suite of benchmarks across multiple Intel platforms, including the 6800K (Broadwell-E), 8700K (Coffee Lake), 7980XE (Skylake-SP), Ryzen 7 2700X, and Threadripper 2990WX. These chips collectively represent all of the recent major architectures in play.
The collective impact of enabling all patches is not a positive for Intel. While the impacts vary tremendously from virtually nothing too significant on an application-by-application level, the collective whack is ~15-16 percent on all Intel CPUs without Hyper-Threading disabled. Disabling increases the overall performance impact to 20 percent (for the 7980XE), 24.8 percent (8700K) and 20.5 percent (6800K).
Data by Phoronix
The AMD CPUs are not tested with HT disabled, because disabling SMT isn’t a required fix for the situation on AMD chips, but the cumulative impact of the decline is much smaller. AMD loses ~3 percent with all fixes enabled. The impact of these changes is enough to change the relative performance weighting between the tested solutions. With no fixes applied, across its entire test suite, the CPU performance ranking is:
With the full suite of mitigations enabled, the CPU performance ranking is:
AMD, in other words, now leads the aggregate performance metrics, moving from 3rd and 4th to 1st and 3rd. This isn’t the same as winning every test, and since the degree to which each test responds to these changes varies, you can’t claim that the 2990WX is now across-the-board faster than the 7980XE in the Phoronix benchmark suite. It isn’t. But the cumulative impact of these patches could result in more tests where Intel and AMD switch rankings as a result of performance impacts that only hit one vendor.
To date, we’ve seen no sign that Spectre and Meltdown have driven any additional business to AMD’s Epyc servers. AMD has made no such claims. The company has good reason not to — there’s no guarantee that a future article won’t find crippling bugs in AMD’s features that require solutions that badly impact performance. Were AMD to take an aggressive marketing stance on its supposed invulnerability to many of these topics, it could find itself facing angry customers and even lawsuits for product misrepresentation if it tries to play the “We’re a more secure x86 than Intel,” card too hard.
But if these issues continue to stack up and solely impacting Intel, with performance fixes that simply don’t take chunks out of AMD, it’s going to start impacting performance comparisons. The question of which security fixes need to be enabled for which servers to guarantee practically good security is also going to be a topic of discussion. We’re closing in on two years since Spectre and Meltdown were identified and 18 months since they were publicly disclosed, but characterizing their impact on workloads and users remains difficult to do at scale. How much these flaws impact you depends on what kind of work you’re doing and how exposed you are. Thus far, no real-world attacks that leverage Spectre, Meltdown, L1TF, ZombieLoad, Spoiler, or any of the other named attacks have been observed.
It is still unclear how much Intel owners need to be concerned about the practical, real-world impact of these threats. But enabling the full suite of fixes definitely incurs a significant performance penalty. This is most visible with the Core i7-8700K, which falls back to offering unpatched Broadwell 6800K performance — and the 6800K is a three-year-old CPU with a much lower maximum clock speed.