Gather instructions are part of Intel® Advanced Vector Extensions 2 (Intel® AVX2) and Intel® Advanced Vector Extensions 512 (Intel® AVX-512). These gather instructions are used for vectorization to speed up memory accesses to load multiple values from memory operands.
Vectorized applications are a subset of the overall datacenter workload landscape. Gather instructions are executed in targeted use cases to optimize for data movement to support execution of downstream instructions.
When the microcode mitigation for Gather Data Sampling (GDS) is applied, the majority of server and client application-based benchmarks are expected to show minimal performance impact, since these benchmarks rarely use gather instructions. However, some datacenter and high-performance computing applications, such as machine learning (ML) libraries, numerical libraries, graphic design and rendering software, and certain scientific applications, may see significant performance impact from the GDS microcode mitigation. The performance or resource utilization impact of the GDS mitigation on applications varies primarily depending on the frequency of gather instructions in the application code. Workloads which do not heavily rely on gather instructions are not expected to be impacted by the presence of the GDS microcode mitigation. However, a performance impact will be observed if the gather instructions are in the hot (frequently executed) path.
Given the potential impacts, system administrators, application developers, and users are urged to carefully consider the threat model applicable to their systems when deciding whether and where to implement the mitigation for GDS, in order to find their appropriate balance of security and performance. Exploiting the GDS vulnerabilities outside of the controlled conditions of a research environment is a complex undertaking. GDS vulnerabilities have been classified as medium severity per the industry standard CVSS, and it is important to note that there are no reports of any real-world exploits of these vulnerabilities.
GDS mitigation is enabled by default, and Intel provides an option to disable the mitigation. If system administrators determine the risk of system exposure to GDS to be low, then they may choose to disable the mitigation using the methods provided by operating system vendors (OSVs). Refer to Threat Analysis Guidance for Gather Data Sampling for guidance on how to evaluate your system’s GDS exposure, and the Gather Data Sampling technical documentation for additional performance considerations and mitigation options, including compiling options.
Performance on Client
Heavily optimized applications that rely on vectorization and gather instructions to achieve the highest performance may see an impact with the GDS mitigation update. These are applications like graphical libraries, binaries, and video editing software that might use gather instructions. Our analysis has identified some specialized cases where client applications may see a performance impact. For example, certain digital art application add-ons have shown some performance impact. However, most client applications are not expected to be noticeably impacted because gather instructions are not typically used in the hot path.
Performance on Server
Though most applications will not see any performance impact from the GDS mitigation, heavily optimized applications that rely heavily on vectorization and gather instructions in the hot path to achieve the highest performance possible may see performance drops that will range from modest to significant. The applications with the highest performance impacts will be those where gather instructions are part of the hot path (for example, Large-scale Atomic/Molecular Massively Parallel Simulator (LAMMPS), GROningen Machine for Chemical Simulations (GROMACS), and Nanoscale Molecular Dynamics (NAMD)). These gather instructions might be introduced by the developer manually or might be generated by the compiler. In this second scenario, the specific compiler and the flags passed to the compiler may have a significant role in the overall performance impact. In general, applications using flags for performance optimization and for vectorization might see larger performance impact if the binary generated by the compiler includes gather instructions in the hot path.
- Gather Data Sampling technical documentation
- Threat Analysis Guidance for Gather Data Sampling
- Reading and Writing Model Specific Registers (MSRs) in Linux*