[Filligree]

More than a doubling of CPU use, but for consistency's sake:

The other percentages we've been offered have been in terms of performance reduction. We were told to expect a range of 5-30%; this is about 60%.

Somewhere a sysadmin's hair has started smoldering.

[forgotpw2018]

Intel's PR dept is in overdrive, but the truth about this vulnerability is that it's essentially worst-case.

It really only affects workloads where high performance is important. The average user might not see an impact but if you need fast IO God help you. The solution is to 'make less syscalls' but the problem is that syscalls have always been slow and the people making a lot of them are only doing so because they absolutely have to

[djsumdog]

I wonder if we'll start seeing more userspace storage drivers because of this.

If anything, for big shops like this one, I wouldn't be surprised if we saw a move away from hosted providers (the "cloud" .. god I still hate it when people use that word), and return to co-located setups.

At least for people who need immediately performance needs, AMD might make a lot of short term sales right now.

[walshemj]

will be interesting to see the trend in sales of threadripper an eypc

[Waterluvian]

Isn't that like saying that it turns out this car we sold can only do 150, not 200. But it's okay because most of you never drive above 80 anyways.

You're right. Most people who just surf the Netflix and download the YouTubes will not notice. But it's still a form of fraud, even to those who never max out CPU. I think fraud is a strong word knowing that this wasn't intentional. But they sold a lesser product than they advertised and need to make customers whole. Otherwise it pretty much is fraud.

[anonacct37]

I think people are underestimating how bad webapps are. I do... a lot of computing and by far the most CPU intensive applications on my computer are webviews. Either Gmail in chrome or slack. I'm actually going to be upgrading my laptop soon because slack+3 organizations crushes my laptop.

Do you think browser vendors have been pushing JIT research forward, investing in webasm, and building things like servo because websites are so fast and light on CPU?

[metaobject]

I’d go farther, anybody who is concerned with application performance may soon see/smell their hair smoldering.

We write a lot of code that needs to run as fast as possible (processing, post-processing, generating real-time weather/satellite data) and I’m concerned about time windows and whether we’ll be able to meet requirements.

[nine_k]

I suppose these guys just don't apply the patch. They are not running in a public cloud with potentially hostile neighboring VMs; they run their own trusted code. They might choose to tighten perimeter security instead, in the short term.

[bsenftner]

Meltdown is aptly named, as that is what's gonna happen to the global corporate services market, "efficiently" hosted in the cloud and scraping for profitability.

[rdtsc]

For pure computational cases Meltdown vulnerability remediation might not impact you as much. Meltdown fixes would affect applications that do a lot of syscalls - lots of socket IO, IPC stuff, small and frequent disk IO ops etc.

You'll probably see a wide variety of benchmark results anything from no impact to things like above. So just make sure you measure carefully with your own workload.

[toast0]

Data processing where number crunching is the key problem may not be affected much. Data processing where fetching and assembling the data from many sources is likely to see larger slowdowns. Pure communications workloads are also likely to see larger slowdowns.