Generally is faster (fewer rounds per byte). If you have 256 bits available for your hash and you're on a 64 bit architecture, I've yet to see a case where you're not better off for performance and security choosing SHA-512/256 over SHA-256, assuming you have the choice.
Is this still true? I understood SHA256 to be faster than SHA512 due to hardware acceleration on current CPUs; dedicated instructions exist for the former but not the latter.
It seems like it's not true on a MacBook with the Apple M1 processor; SHA-256 is now significantly faster. It still seems to be true on a couple of Intel machines I have access to.
Googling i noticed there seems to be a bug in openssl where it does not use optimized sha-512 on m1 (but does for sha256) - https://github.com/openssl/openssl/issues/14897 so that might be the explanation.
Also i think the length of the input matters when comparing sha256 vs sha512.
