Meltdown Initial Performance Regressions (opens in new tab)

(brendangregg.com)

226 pointsnatbobc8y ago43 comments

43 comments

36 comments · 9 top-level

scott_s8y ago· 6 in thread

The syscall in his benchmark made me laugh (https://github.com/brendangregg/Misc/blob/master/s1bench/s1b...):

  close(999);	// the syscall (it errors, but so what)

ajross8y ago

It's surprisingly difficult to come up with a syscall that is guaranteed to enter the kernel and come back out on a fast path. Old choices for this were things like getpid() or gettimeofday() which are now handled in the VDSO. This seems fairly clever, honestly.

pmontra8y ago

This is a thing that generates many useless syscalls despite vDSO:

https://blog.packagecloud.io/eng/2017/02/21/set-environment-...

tych08y ago

Why not just syscall(__NR_pid)?

Hello718y ago

getpid is only fast on ia64 according to vdso(7).

jmgao8y ago

glibc caches getpid, so you'll only see the syscall happen after the cache gets invalidated by a call to fork, clone, etc.

koverstreet8y ago

manpages can generally be assumed to be out of date

Scaevolus8y ago· 6 in thread

What syscall rates do different databases sustain at maximum load? Transparent huge pages negating most of the overhead is very good news-- but probably helps less with mmap'd IO which so many databases use.

sargun8y ago

Mmap’d IO is still a shit show because of clearing the CR3 register on page faults.

eloff8y ago

What is a good source to read more about that?

amluto8y ago

What precisely do you mean by "clearing the CR3 register?"

vardump8y ago

Although slightly technically inaccurate, he clearly means a full TLB flush.

Needs to be done on Intel CPUs older than Haswell, on those CPUs without INVPCID support.

With INVPCID you can partially invalidate TLB.

1 more reply

bsdnoob8y ago

Why would that be the case? I don't think you'd be changing page directory very often for mmio

vardump8y ago

I think he means page fault every time a page is not present.

They're slower, because kernel needs to be mapped in and out of virtual address space, just like for syscalls.

If the access pattern is sufficiently local, perhaps this could be mitigated by using large (2MB) pages. A bad idea for a random access pattern, of course.

voidlogic8y ago· 4 in thread

It would be great to see performance deltas for AMD CPUs too, especially since Meltdown only effects Intel and AMD patches for Spectre Variant 2 are considered optional. I would also be nice to see a discussion of AMD's ASID and any differences it has with Intel's PCID when when PCID is addressed.

mangix8y ago

What's being tested here has nothing to do with Spectre. Only KPTI.

bitL8y ago

Maybe a better formulated question would be - do the Meltdown changes to kernel impose performance penalty on AMD processors as well (regardless of exploitability)?

paulmd8y ago

They are not enabled for AMD by default. If you force them to be enabled, they impact performance (of course).

1 more reply

voidlogic8y ago

Thanks, I understand now. What I didn't realize is that KPTI is only related to Meltdown mitigation. Thanks.

mrep8y ago· 3 in thread

> Applications that have high syscall rates include proxies, databases, and others that do lots of tiny I/O. Also microbenchmarks, which often stress-test the system, will suffer the largest losses.

My team's RDS instances got hit hard with a 40% increase in CPU usage: https://imgur.com/a/khGxU

Xorlev8y ago

Clarification of the parent: A 40% increase over baseline (60% util -> 84% util), not an absolute 40% CPU util increase.

Still terrible though. :(

vanderZwan8y ago

> Also microbenchmarks, which often stress-test the system, will suffer the largest losses.

Tangent: this only seems like more proof that we should not rely on them as developers, no?

pdpi8y ago

It’s proof they serve a specific purpose. If the micro benchmark is especially affected by the effect you’re trying to measure, it provides an upper bound of sorts for the effect’s magnitude. This informs the rest of the analysis.

jnordwick8y ago· 3 in thread

An open question is still who should enable the mitigation. The risk-cost doesn't seem to fit too many scenarios.

Meltdown requires running native, intrusted code, and that doesn't apply to too many servers. While it may be possible to chain this onto another exploit, once an attacker has gained remote code execution, you have much bigger problems.

While meltdown is interesting, i wouldn't enable kpti on my database servers buried behind other network infrastructure.

mehrdadn8y ago

> Meltdown requires running native, intrusted code, and that doesn't apply to too many servers. While it may be possible to chain this onto another exploit, once an attacker has gained remote code execution, you have much bigger problems.

https://react-etc.net/entry/exploiting-speculative-execution...

prewett8y ago

You realize he's talking about his servers, and the article is talking about Javascript running in the browser, right? The only things talking to his database server is his own server code via SQL queries; if there's any browsers and third-party Javascript running on that database server he's had a real security meltdown, of the kind that makes Meltdown irrelevant.

1 more reply

jnordwick8y ago

There is no Meltdown JavaScript exploit that i know of. This page lumps them together.

To exploit meltdown you need to peek at specific places of memory (and flush the probe array from cache which might not be possible in JS easily).

1 more reply

b4lancesh33t8y ago· 3 in thread

I'm kinda surprised Netflix weren't already using THP.

Xorlev8y ago

Not a Netflix employee, but at my last role we disabled THP on every instance we had. We had issues with databases (MySQL/Cassandra/HBase), Hadoop, and Java applications.

I hear it's gotten a lot better since then, and the compactor doesn't freeze stuff like it used to.

nvarsj8y ago

THP can cause serious problems (like “freeze your application for 1s while I compact its pages without asking”). Use at your own risk. It’s much better to use explicit huge pages.

photon-torpedo8y ago

Previous HN discussion on THP: https://news.ycombinator.com/item?id=15795337

rmrfrmrf8y ago· 1 in thread

Out of curiosity, why does the syscall rate scale descend from left to right?

tyingq8y ago

He chose to graph from high syscall rate to low. I was initially confused, as most people would have shown the ramp up, left to right. Doesn't matter much though, once you get it.

kev0098y ago· 1 in thread

Do you have any idea how much it will regress your I/O workload on OCA?

brendangregg8y ago

The OCA team were working on it, but I don't have a number. My guess is small, since it uses sendfile and then the packets are all done kernel to kernel. So the syscall rate should be relatively low.

vbernat8y ago

It would be interesting to know the interaction between the patched host and the patched guest. As a simple example, if the host aggressively flushes the TLB, the performance impact on the guest of doing the same could be lower. On the other hand, depending on how the host was patched, the loss of performance of the guest could be different when using some features.

j / k navigate · click thread line to collapse

43 comments

36 comments · 9 top-level

scott_s8y ago· 6 in thread

The syscall in his benchmark made me laugh (https://github.com/brendangregg/Misc/blob/master/s1bench/s1b...):

  close(999);	// the syscall (it errors, but so what)

ajross8y ago

pmontra8y ago

This is a thing that generates many useless syscalls despite vDSO:

https://blog.packagecloud.io/eng/2017/02/21/set-environment-...

tych08y ago

Why not just syscall(__NR_pid)?

Hello718y ago

getpid is only fast on ia64 according to vdso(7).

jmgao8y ago

glibc caches getpid, so you'll only see the syscall happen after the cache gets invalidated by a call to fork, clone, etc.

koverstreet8y ago

manpages can generally be assumed to be out of date

Scaevolus8y ago· 6 in thread

sargun8y ago

Mmap’d IO is still a shit show because of clearing the CR3 register on page faults.

eloff8y ago

What is a good source to read more about that?

amluto8y ago

What precisely do you mean by "clearing the CR3 register?"

vardump8y ago

Although slightly technically inaccurate, he clearly means a full TLB flush.

Needs to be done on Intel CPUs older than Haswell, on those CPUs without INVPCID support.

With INVPCID you can partially invalidate TLB.

1 more reply

bsdnoob8y ago

Why would that be the case? I don't think you'd be changing page directory very often for mmio

vardump8y ago

I think he means page fault every time a page is not present.

They're slower, because kernel needs to be mapped in and out of virtual address space, just like for syscalls.

If the access pattern is sufficiently local, perhaps this could be mitigated by using large (2MB) pages. A bad idea for a random access pattern, of course.

voidlogic8y ago· 4 in thread

mangix8y ago

What's being tested here has nothing to do with Spectre. Only KPTI.

bitL8y ago

Maybe a better formulated question would be - do the Meltdown changes to kernel impose performance penalty on AMD processors as well (regardless of exploitability)?

paulmd8y ago

They are not enabled for AMD by default. If you force them to be enabled, they impact performance (of course).

1 more reply

voidlogic8y ago

Thanks, I understand now. What I didn't realize is that KPTI is only related to Meltdown mitigation. Thanks.

mrep8y ago· 3 in thread

> Applications that have high syscall rates include proxies, databases, and others that do lots of tiny I/O. Also microbenchmarks, which often stress-test the system, will suffer the largest losses.

My team's RDS instances got hit hard with a 40% increase in CPU usage: https://imgur.com/a/khGxU

Xorlev8y ago

Clarification of the parent: A 40% increase over baseline (60% util -> 84% util), not an absolute 40% CPU util increase.

Still terrible though. :(

vanderZwan8y ago

> Also microbenchmarks, which often stress-test the system, will suffer the largest losses.

Tangent: this only seems like more proof that we should not rely on them as developers, no?

pdpi8y ago

jnordwick8y ago· 3 in thread

An open question is still who should enable the mitigation. The risk-cost doesn't seem to fit too many scenarios.

While meltdown is interesting, i wouldn't enable kpti on my database servers buried behind other network infrastructure.

mehrdadn8y ago

https://react-etc.net/entry/exploiting-speculative-execution...

prewett8y ago

1 more reply

jnordwick8y ago

There is no Meltdown JavaScript exploit that i know of. This page lumps them together.

To exploit meltdown you need to peek at specific places of memory (and flush the probe array from cache which might not be possible in JS easily).

1 more reply

b4lancesh33t8y ago· 3 in thread

I'm kinda surprised Netflix weren't already using THP.

Xorlev8y ago

Not a Netflix employee, but at my last role we disabled THP on every instance we had. We had issues with databases (MySQL/Cassandra/HBase), Hadoop, and Java applications.

I hear it's gotten a lot better since then, and the compactor doesn't freeze stuff like it used to.

nvarsj8y ago

THP can cause serious problems (like “freeze your application for 1s while I compact its pages without asking”). Use at your own risk. It’s much better to use explicit huge pages.

photon-torpedo8y ago

Previous HN discussion on THP: https://news.ycombinator.com/item?id=15795337

rmrfrmrf8y ago· 1 in thread

Out of curiosity, why does the syscall rate scale descend from left to right?

tyingq8y ago

He chose to graph from high syscall rate to low. I was initially confused, as most people would have shown the ramp up, left to right. Doesn't matter much though, once you get it.

kev0098y ago· 1 in thread

Do you have any idea how much it will regress your I/O workload on OCA?

brendangregg8y ago

The OCA team were working on it, but I don't have a number. My guess is small, since it uses sendfile and then the packets are all done kernel to kernel. So the syscall rate should be relatively low.

vbernat8y ago

j / k navigate · click thread line to collapse