Spectre / Meltdown & Digital Audio Production

Anyone worried that the patches being pushed will affect a DAW in negative aspects? I kind of am... Haven't patched my system yet. Anyone else ?  

https://github.com/IAIK/meltdown/

Having read about this stuff for the past week, the takeaway for me is this:

1) if you know what you are doing, your DAW CPU usage is in the 80%s, you keep your audio computer off the internet and you do not run suspicious and weird software on it, you should be fine. 

2) otherwise, install the patch.

 

From what I understand, whatever slowdown will occur after the patch affects mostly database applications that need to move large amounts of memory in and out of the processor's cache, which is basically like a hyper-fast mini RAM where the processor writes the results of the calculations it makes. I do not know enough about the internals of DAW and DSP programming, but my gut tells me that the patch will not affect you unless you regularly work with your DAW and the CPU is at 80% or more usage (and not counting the time when you'r rendering something to WAV).

Edited January 11, 2018 by thawkins

You'll be fine (Unless: Caveat #1 You're running Windows with an AMD processor, Caveat #2 Your antivirus software hasn't been patched yet and manually tweak the registry to grab the patch)

So far the pre-/post- patch results have should near negligible changes - Some results are better by a tiny bit, some are worse by a tiny bit - https://www.techspot.com/article/1554-meltdown-flaw-cpu-performance-windows/

 

Unless you're doing something that has regular kernel calls (eg aforementioned database users, data centres, servers etc.) everything will be fine in the world.

Could someone break this down for me?  

 

Tried to read up about it but I'm still pretty confused. 

most DSP algorithms probably don't make a lot of use of branching (in the machine code, the C code might do, but would be likely optimized out), so there's not going to be much speculative execution going on (which is what's going on with Spectre), so those things won't be affected much probably (but I'm no expert on DSP algorithms so I could be wrong). Meltdown related performance issues affect code which heavily interacts with the kernel, and since audio drivers in Windows are now in user mode for many years now that shouldn't really be a problem (dunno about *nix). the biggest performance hits are likely to be with network and file i/o heavy stuff, it's mostly going to hit cloud services, servers, things like that.

Edited January 11, 2018 by caze

...any SIMD optimized code is also likely to be immune from Spectre slowdowns, because SIMD operations don't work well with branching, so they're usually coded in a non-branching manner. not sure how much SIMD is used in DSP stuff though.

lots of bsods since the patches started getting pushed out. ryzen here. hadn't seen a bsod since xp i don't think. this new thing is hideous 

  On 1/11/2018 at 7:59 PM, juiceciuj said:

lots of bsods since the patches started getting pushed out. ryzen here. hadn't seen a bsod since xp i don't think. this new thing is hideous

Am I right in thinking Ryzen is AMD ... if so yep you might wanna do a rollback until this is fixed, just be glad you can even boot your machine: https://www.theverge.com/2018/1/9/16867068/microsoft-meltdown-spectre-security-updates-amd-pcs-issues

fuck updates in the goat ass. 

 

every month is a security update for something.

 

did read about some AMD chips being bricked by the MS patches.. lol... great...  still have XP on my AMD laptop that never gets used anyways... 

  On 1/11/2018 at 8:08 PM, mcbpete said:

 

  On 1/11/2018 at 7:59 PM, juiceciuj said:

lots of bsods since the patches started getting pushed out. ryzen here. hadn't seen a bsod since xp i don't think. this new thing is hideous

Am I right in thinking Ryzen is AMD ... if so yep you might wanna do a rollback until this is fixed, just be glad you can even boot your machine: https://www.theverge.com/2018/1/9/16867068/microsoft-meltdown-spectre-security-updates-amd-pcs-issues

ryzen is amd, yeah. the ones being bricked are processors that are 10+ yrs old though. this is just shoddy microsoft patching i'm sure. when that report initially came out i think engadget posted the article with a picture of a ryzen processor and everyone flipped out because they weren't affected. #fakenews

Phew, hopefully you'll get a patch for the patch soon. I had some BSODs for the first time on Win10 recently but it turns out it the VirtualMidi drivers I had really not doing what they were meant to and Ableton was not happy.

i think the way this works is you have to physically open up your computer case.. take a shit in it.. then close it back up. 

AMD chips are affected, just not by Meltdown, but they're just as vulnerable to timing attacks where speculative execution is used. AMDs response to this has been very poor, very low on transparency compared to Intel.

 

It doesn't look like the non-bootable AMDs are bricked either, a firmware update should fix them.

i mean it's probably a gov't mandated vulnerability that's gotten loose. 

no, it's just a consequence that computers, both at the very lowest level (in this case the microcode that runs CPU circuitry), and at every level of abstraction all the way up to the UI, are horrendously complicated. more so than they need to be, and the more complicated something is the more likely it is to find ways to do stuff that wasn't part of the design spec.

I hope Intel takes a big hit from this and the CPU market opens up a bit

CPU market was already opening up, lots of ARM laptops coming onto the market for example (now that Windows runs on ARM, it even runs x86 apps via a low-level instruction translator). ARM are still some way off powering high-end desktop systems, but that'll no doubt change in the next few years. AMD is seeing better performance in their recent chips compared to Intel's latest offerings too. 

 

...unless you mean someone else other than them getting into the game, doesn't seem likely.

  On 1/11/2018 at 11:35 PM, caze said:

CPU market was already opening up, lots of ARM laptops coming onto the market for example (now that Windows runs on ARM, it even runs x86 apps via a low-level instruction translator). ARM are still some way off powering high-end desktop systems, but that'll no doubt change in the next few years. AMD is seeing better performance in their recent chips compared to Intel's latest offerings too. 

 

...unless you mean someone else other than them getting into the game, doesn't seem likely.

 

nice, to be honest it's been a while since I checked out on hardware matters. Nice to see ARM is doing well... a couple profs at uni drilled this idea into my head that Intel are the devil

  On 1/11/2018 at 10:09 PM, caze said:

no, it's just a consequence that computers, both at the very lowest level (in this case the microcode that runs CPU circuitry), and at every level of abstraction all the way up to the UI, are horrendously complicated. more so than they need to be, and the more complicated something is the more likely it is to find ways to do stuff that wasn't part of the design spec.

AMEN!!

On the bright side, if you keep a desktop for production work that stays off line and always try to get your equipment secondhand like me, the next year or two might see some really good machines being unloaded at very low prices when/if a hardware level fix for this stuff rolls out.  Because who is going to want an inherently compromised server?.

I have read that a hardware fix is probably more likely 4-5 years away because the vulnerabilities are there in part because of a pretty low level design issue and the turnaround time for designing a new generation of CPUs is something in that time scale.

 

I think what we might see is that people are going to take a chance and selectively apply that patch only to equipment that randos get to run code on. So this means cloud providers like Amazon because they provide virtual machines, and everyday internet users because of Javascript (and that might get fixed by implementing deliberately inaccurate timers in web browsers). For stuff running deep in locked up environments that have no direct connection to the open net, the patch is not really necessary.

  On 1/14/2018 at 9:40 AM, thawkins said:

(and that might get fixed by implementing deliberately inaccurate timers in web browsers)

Yeah that exact technique has been employed in Firefox as of v57.0.4 https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/

​My reactions, by the sentence...

 

  On 1/11/2018 at 12:45 PM, mcbpete said:

You'll be fine (Unless: You're running Windows with an AMD processor, 

...oh fuck.

 

  Quote

 

Unless you're doing something that has regular kernel calls (eg aforementioned database users, data centres, servers etc.) everything will be fine in the world.

*whew*

 

 

So, general users are unaffected? Or am I missing some part of this all? I haven't read anything at all about this yet, though I'm starting to now.

What is this