(Not honoring follow-up to a group I don't read.)

In comp.os.linux.misc, Farley Flud <ff@linux.rocks> wrote:

Note: the "shutdown" command belongs the package "sysvinit"
and probably has been replaced within the junk Systemd that
has grabbed the balls of most, but not all (and certainly
not mine), GNU/Linux distros.

As I said, I feel very sorry for the helpless distro lackey.

I've been using Linux since about the same time as you, but Unix before
then. I have systems with and without systemd and there are pluses and
minuses.

There are cases where systemd systems can have shutdown installed
but it doesn't work. I don't recall how it happened, but I borked
something and got systemd error messages out of the shutdown command.
One I have saved (from 2016) looks like this:

# shutdown -r now
Failed to start reboot.target: Failed to activate service 'org.freedesktop.systemd1': timed out
See system logs and 'systemctl status reboot.target' for details.
Failed to open /dev/initctl: No such device or address
Failed to talk to init daemon.
# systemctl status reboot.target
Failed to get properties: Connection timed out
#

Not fun.

Elijah
------
posted about the issue in this group at that time

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 18 Apr 2025 04:34:02 -0000 (UTC), Eli the Bearded wrote:

There are cases where systemd systems can have shutdown installed but it doesn't work. I don't recall how it happened, but I borked something and
got systemd error messages out of the shutdown command.
One I have saved (from 2016) looks like this:

# shutdown -r now
Failed to start reboot.target: Failed to activate service 'org.freedesktop.systemd1': timed out
See system logs and 'systemctl status reboot.target' for details.
Failed to open /dev/initctl: No such device or address
Failed to talk to init daemon.
# systemctl status reboot.target
Failed to get properties: Connection timed out
#

Never encountered anything like that. In the earlier days of systemd,
I might hit that notorious “waiting for jobs” message. It might have a 2-minute timeout, only when it got down to zero, it would start over
from 2 minutes again.

Just having a look at what your above situation might be about:

root@theon:~ # ls -l /dev/initctl
lrwxrwxrwx 1 root root 12 Apr 13 17:40 /dev/initctl -> /run/initctl

So this is a named pipe used for communicating with init. Why would it
be deleted? Because there is no way to stop the init process without
bringing down your system (pid 1 is special that way). Perhaps
something else deleted the pipe. If it was just the symlink that was
removed, it should have been possible to put it back.

As for why reboot.target was trying to activate what looks like a
D-Bus service:

root@theon:~ # systemctl show reboot.target | grep -i want
Wants=plymouth-reboot.service plymouth-switch-root-initramfs.service

Can’t see anything that might be related to D-Bus there, at least not
on my current version.

# systemctl status reboot.target
Failed to get properties: Connection timed out
#

Interesting that the message here was not “no such device or address”. Looks like it was using a different communication channel to
communicate with systemd. But it’s the same systemd process, running
as pid 1 under the /sbin/init alias.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In comp.os.linux.misc, Lawrence D'Oliveiro <ldo@nz.invalid> wrote:

Just having a look at what your above situation might be about:

root@theon:~ # ls -l /dev/initctl
lrwxrwxrwx 1 root root 12 Apr 13 17:40 /dev/initctl -> /run/initctl

So this is a named pipe used for communicating with init. Why would it
be deleted? Because there is no way to stop the init process without
bringing down your system (pid 1 is special that way). Perhaps
something else deleted the pipe. If it was just the symlink that was
removed, it should have been possible to put it back.

Going back over the thread, I did figure out and post that the root
issue was systemd failing to recover after a hibernate event. So the
pipe was probably still there, but systemd was out to lunch.

Someone suggeted "magic sysrq keys" as an alternative way to shutdown
the system, but what a mess.

https://en.wikipedia.org/wiki/Magic_SysRq_key

Elijah
------
not sure if he has ever rebooted that way

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Eli the Bearded wrote:

I've been using Linux since about the same time as you, but Unix before
then. I have systems with and without systemd and there are pluses and minuses.

I don't remember if I ever used sync; sync; halt

on linux, but certainly on older *nixes

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 18 Apr 2025 06:38:34 -0000 (UTC), Eli the Bearded wrote:

Someone suggeted "magic sysrq keys" as an alternative way to shutdown
the system, but what a mess.

https://en.wikipedia.org/wiki/Magic_SysRq_key

Never tried them. I think you need to enable them at boot time or
something. As I understand it, they’re handled at a very low, ad-hoc
level, so pressing them will bring your entire kernel to a screeching
halt.

Funny, that reminds me of how the old MacsBug memory-resident debugger
used to work on the old Macintoshes ...

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 18 Apr 2025 08:53:05 +0100, Andy Burns wrote:

I don't remember if I ever used sync; sync; halt

on linux, but certainly on older *nixes

The need for multiple “sync” calls was a bit of voodoo black magic
leftover from a bug/misfeature in early Unix kernels.

I don’t think it’s ever been necessary on Linux.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 18/04/2025 08:53, Andy Burns wrote:

Eli the Bearded wrote:

I've been using Linux since about the same time as you, but Unix before
then. I have systems with and without systemd and there are pluses and
minuses.

I don't remember if I ever used  sync; sync; halt

on linux, but certainly on older *nixes

It is reasonably dirty, but I have used it many times
You don't get file system corruption, but databases will not be
guaranteed to be happy.


--
Karl Marx said religion is the opium of the people.
But Marxism is the crack cocaine.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2025-04-18 12:41, vallor wrote:

On Fri, 18 Apr 2025 12:27:25 +0200, Marc Haber
<mh+usenetspam1118@zugschl.us> wrote in <vtt9ee$heug$1@news1.tnib.de>:

Farley Flud <ff@linux.rocks> wrote:

...

Just checked the man page for shutdown(8), and it says it was
added to systemd 250. It supports the timespec and wall parameters,
but I'm not sure how well...

Anyway, I'm running 255 on Linux Mint 22.1, which
seems to have been pulled in from the System76 repo that I use:

$ systemd --version
systemd 255 (255.4-1ubuntu8.6pop0~1742486928~24.04~40a1bd7~dev)
[...]

Telcontar:~ # l /sbin/poweroff
lrwxrwxrwx 1 root root 18 Mar 20 08:09 /sbin/poweroff -> /usr/bin/systemctl* Telcontar:~ # which shutdown
/sbin/shutdown
Telcontar:~ # l /sbin/shutdown
lrwxrwxrwx 1 root root 18 Mar 20 08:09 /sbin/shutdown -> /usr/bin/systemctl* Telcontar:~ #
Telcontar:~ # whatis poweroff
poweroff (8) - Power off, reboot, or halt the machine
Telcontar:~ # whatis shutdown
shutdown (2) - shut down part of a full-duplex connection
shutdown (3p) - shut down socket send and receive operations
shutdown (8) - Halt, power off or reboot the machine
Telcontar:~ #


Both work perfectly here.

--
Cheers, Carlos.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 18 Apr 2025 10:15:21 +0100, The Natural Philosopher wrote:

You don't get file system corruption, but databases will not be
guaranteed to be happy.

The fundamental problem is that, in order for the shutdown to be clean at
the application level, you need to notify the shutdown at that application level.

Databases are supposed to be robust against this sort of thing, though; that’s what transactions are for.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2025-04-18, Lawrence D'Oliveiro <ldo@nz.invalid> wrote:

On Fri, 18 Apr 2025 08:53:05 +0100, Andy Burns wrote:

I don't remember if I ever used sync; sync; halt

on linux, but certainly on older *nixes

The need for multiple “sync” calls was a bit of voodoo black magic leftover from a bug/misfeature in early Unix kernels.

I don’t think it’s ever been necessary on Linux.

The story I heard was that typing "sync" three times takes long
enough that the system has time to flush all its buffers before
you do anything else.

Sync three times on the console if you want me
Close all the pipes if the answer is no...

(with apologies to Tony Orlando and Dawn)

--
/~\ Charlie Gibbs | Growth for the sake of
\ / <cgibbs@kltpzyxm.invalid> | growth is the ideology
X I'm really at ac.dekanfrus | of the cancer cell.
/ \ if you read it the right way. | -- Edward Abbey

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2025-04-19, Charlie Gibbs <cgibbs@kltpzyxm.invalid> wrote:

On 2025-04-18, Lawrence D'Oliveiro <ldo@nz.invalid> wrote:

On Fri, 18 Apr 2025 08:53:05 +0100, Andy Burns wrote:

I don't remember if I ever used sync; sync; halt

on linux, but certainly on older *nixes

The need for multiple ???sync??? calls was a bit of voodoo black magic
leftover from a bug/misfeature in early Unix kernels.

I don???t think it???s ever been necessary on Linux.

The story I heard was that typing "sync" three times takes long
enough that the system has time to flush all its buffers before
you do anything else.

But sync shouldn't return until the buffers have flushed.
So repeats are not needed.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 19 Apr 2025 21:10:58 -0000 (UTC), Jim Jackson wrote:

On 2025-04-19, Charlie Gibbs <cgibbs@kltpzyxm.invalid> wrote:

On 2025-04-18, Lawrence D'Oliveiro <ldo@nz.invalid> wrote:

On Fri, 18 Apr 2025 08:53:05 +0100, Andy Burns wrote:

I don't remember if I ever used sync; sync; halt

on linux, but certainly on older *nixes

The need for multiple “sync” calls was a bit of voodoo black magic
leftover from a bug/misfeature in early Unix kernels.

I don’t think it’s ever been necessary on Linux.

The story I heard was that typing "sync" three times takes long enough
that the system has time to flush all its buffers before you do
anything else.

But sync shouldn't return until the buffers have flushed.
So repeats are not needed.

Correct. That was the bug.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Jim Jackson <jj@franjam.org.uk> writes:

On 2025-04-19, Charlie Gibbs <cgibbs@kltpzyxm.invalid> wrote:

The story I heard was that typing "sync" three times takes long
enough that the system has time to flush all its buffers before
you do anything else.

But sync shouldn't return until the buffers have flushed.
So repeats are not needed.

sync is allowed to return before the flush has completed. See https://pubs.opengroup.org/onlinepubs/9699919799/functions/sync.html.


On Linux (or any other sensible platform), with the normal user tools,
no explicit syncs are needed at all. The normal shutdown process takes
care of the whole question. The behavior of sync is irrelevant and any
theory about needing typing sync even once is a myth.

On other platforms, the same is usually true.


The exceptions to this are:

(a) An operating system that doesn’t guarantee clean shutdown in the
same way. (Personally I’d consider that a bug.)
(b) Directly issuing a reboot syscall (i.e. bypassing user commands like
halt or systemctl), or interrupting power.

Explicit syncs don’t help as much as you might hope here, for a couple
of reasons:

1) As noted above, sync isn’t guaranteed to block until all data is
flushed anyway; it’s allowed to return immediately, with any pending
writes going on in the background. It happens that on Linux, sync
_does_ block, so that’s not an issue for us, but on many platforms[1]
it is not guaranteed to block.

2) Further writes may be initiated after the final call to sync (if
nothing else, to update st_atime on /sbin/halt and its dependencies);
no matter how many times you run it, even if you wait until the final
sync completes, you still do not have a 100% guarantee about data
persistence.

In short there’s no number of syncs that will guarantee your data is all actually on disk.

[1] Including FreeBSD, Darwin, HP-UX, OSF/1, Ultrix, SunOS, Solaris, V7
and at this point I stop looking.

--
https://www.greenend.org.uk/rjk/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 20/04/2025 08:13, Richard Kettlewell wrote:

On Linux (or any other sensible platform), with the normal user tools,
no explicit syncs are needed at all. The normal shutdown process takes
care of the whole question

Halt works when processes are 'stuck' and wont shut down, sometimes.
Halt is a slightly better alternative than power cycling.

Whether sync is an urban legend or not I dont know


--
"It is an established fact to 97% confidence limits that left wing
conspirators see right wing conspiracies everywhere"

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 4/20/25 08:13, Richard Kettlewell wrote:

In short there’s no number of syncs that will guarantee your data is all actually on disk.

Out of idle curiosity, what will guarantee all pending writes are
flushed to disk, apart from shutdown/reboot?

I seem to remember (from decades back) the actual advice was:

$ sync; sleep 10;

Or some suitable sleep period, rather than multiple sync;

I kind of accepted that in my sloppier younger days, but it seems a bit
naff. Is it even possible to ensure all disk writes have actually
physically been persisted on the disk. If they can do it for shutdown, presumably this is some method, some acknowledgement?

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Pancho <Pancho.Jones@protonmail.com> writes:

Richard Kettlewell wrote:

In short there’s no number of syncs that will guarantee your data is
all actually on disk.

Out of idle curiosity, what will guarantee all pending writes are
flushed to disk, apart from shutdown/reboot?

On Linux, see previous post. Portably (i.e. POSIX/SUS), however, there’s
no way to flush _all_ pending writes and let you know when they’re
complete.

But this rarely matters in practice. If your application needs to block
until data is written to underlying storage, there’s multiple options:
open files with O_SYNC, or add explicit flushes with fsync(2) or
fdatasync(2).

I seem to remember (from decades back) the actual advice was:

$ sync; sleep 10;

Or some suitable sleep period, rather than multiple sync;

Obviously that only works if you know how long it’ll take to flush all pending writes, and that there won’t be any subsequent writes that you
care about before you do whatever it is you’re going to do that makes
you care about the question in the first place.

--
https://www.greenend.org.uk/rjk/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Pancho <Pancho.Jones@protonmail.com> wrote:

If they can do it for shutdown, presumably this is some method,
some acknowledgement?

On shutdown the filesystems are remounted read-only, shown here
in dmesg (captured from serial port):

EXT4-fs (sda3): re-mounted f109ff12-da03-4dfd-ad2a-cbd4eb713c43 ro. Quota mode: disabled.
sd 0:0:0:0: [sda] Synchronizing SCSI cache
reboot: Power off not available: System halted instead

"mount -o ro /deb/sda3" should do the first part during normal
operation too, but you'd need to have "/" on a ramdisk or tmpfs if
every physical filesystem is being mounted read-only.

I'm not so sure about "Synchronizing SCSI cache", is that like
running sync or something else (it didn't appear in dmesg when I
ran "sync" now)? A web search points to the "sg_sync" command
from sg3_utils as a way of triggering it manually: https://manpages.debian.org/bookworm/sg3-utils/sg_sync.8.en.html

It sounds like they're talking about the cache in the drive itself,
making sure data is physically written out before power-off. Sounds
like a good idea. I wonder if there's a risk to unplugging
unmounted USB HDDs without doing that? Or does it only have a real
effect on actual SCSI drives (none present on the system where that
kernel message was captured)?

--
__ __
#_ < |\| |< _#

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Computer Nerd Kev <not@telling.you.invalid> wrote:

"mount -o ro /deb/sda3" should do the first part during normal
operation too

Gah, "mount -o remount,ro /dev/sda3" of course.

--
__ __
#_ < |\| |< _#

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 21 Apr 2025 08:24:22 +1000, Computer Nerd Kev wrote:

It sounds like they're talking about the cache in the drive itself,
making sure data is physically written out before power-off.

Unfortunately, you could be right.

I say “unfortunately“, because I think it’s a dumb idea for drives to have
their own cache.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 22/04/2025 09:35, Carlos E.R. wrote:

On 2025-04-21 02:29, Lawrence D'Oliveiro wrote:

On 21 Apr 2025 08:24:22 +1000, Computer Nerd Kev wrote:

It sounds like they're talking about the cache in the drive itself,
making sure data is physically written out before power-off.

Unfortunately, you could be right.

I say “unfortunately“, because I think it’s a dumb idea for drives to >> have
their own cache.

Not at all. There is a huge speed improvement.

The key is to have a large enough capacitor in the drive to flush all
those caches on power off.

--
“It is not the truth of Marxism that explains the willingness of intellectuals to believe it, but the power that it confers on
intellectuals, in their attempts to control the world. And since...it is
futile to reason someone out of a thing that he was not reasoned into,
we can conclude that Marxism owes its remarkable power to survive every criticism to the fact that it is not a truth-directed but a
power-directed system of thought.”
Sir Roger Scruton

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2025-04-21 02:29, Lawrence D'Oliveiro wrote:

On 21 Apr 2025 08:24:22 +1000, Computer Nerd Kev wrote:

It sounds like they're talking about the cache in the drive itself,
making sure data is physically written out before power-off.

Unfortunately, you could be right.

I say “unfortunately“, because I think it’s a dumb idea for drives to have
their own cache.

Not at all. There is a huge speed improvement.

--
Cheers, Carlos.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2025-04-22 11:03, The Natural Philosopher wrote:

On 22/04/2025 09:35, Carlos E.R. wrote:

On 2025-04-21 02:29, Lawrence D'Oliveiro wrote:

On 21 Apr 2025 08:24:22 +1000, Computer Nerd Kev wrote:

It sounds like they're talking about the cache in the drive itself,
making sure data is physically written out before power-off.

Unfortunately, you could be right.

I say “unfortunately“, because I think it’s a dumb idea for drives to >>> have
their own cache.

Not at all. There is a huge speed improvement.

The key is to have a large enough capacitor in the drive to flush all
those caches on power off.

Or power off by command, not pulling the cable.

--
Cheers, Carlos.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 4/22/25 10:27, Carlos E.R. wrote:

On 2025-04-22 11:03, The Natural Philosopher wrote:

On 22/04/2025 09:35, Carlos E.R. wrote:

On 2025-04-21 02:29, Lawrence D'Oliveiro wrote:

On 21 Apr 2025 08:24:22 +1000, Computer Nerd Kev wrote:

It sounds like they're talking about the cache in the drive itself,
making sure data is physically written out before power-off.

Unfortunately, you could be right.

I say “unfortunately“, because I think it’s a dumb idea for drives >>>> to have
their own cache.

Not at all. There is a huge speed improvement.

The key is to have a large enough capacitor in the drive to flush all
those caches on power off.

Or power off by command, not pulling the cable.

Safely taking drives offline, how to do it safely, is the motivation
for this sub-thread. Not just shutdown, also dismount, maybe USB eject.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 22/04/2025 10:27, Carlos E.R. wrote:

On 2025-04-22 11:03, The Natural Philosopher wrote:

On 22/04/2025 09:35, Carlos E.R. wrote:

On 2025-04-21 02:29, Lawrence D'Oliveiro wrote:

On 21 Apr 2025 08:24:22 +1000, Computer Nerd Kev wrote:

It sounds like they're talking about the cache in the drive itself,
making sure data is physically written out before power-off.

Unfortunately, you could be right.

I say “unfortunately“, because I think it’s a dumb idea for drives >>>> to have
their own cache.

Not at all. There is a huge speed improvement.

The key is to have a large enough capacitor in the drive to flush all
those caches on power off.

Or power off by command, not pulling the cable.

The reason you pull the cable is

(i) the electricity company did it for you
(ii) the power off button/command didn't work.
(iii) There was no swap left and you couldn't even log in to issue the
shutdown command


--
It’s easier to fool people than to convince them that they have been fooled. Mark Twain

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 4/22/25 12:13, The Natural Philosopher wrote:

On 22/04/2025 10:27, Carlos E.R. wrote:

On 2025-04-22 11:03, The Natural Philosopher wrote:

On 22/04/2025 09:35, Carlos E.R. wrote:

On 2025-04-21 02:29, Lawrence D'Oliveiro wrote:

On 21 Apr 2025 08:24:22 +1000, Computer Nerd Kev wrote:

It sounds like they're talking about the cache in the drive itself, >>>>>> making sure data is physically written out before power-off.

Unfortunately, you could be right.

I say “unfortunately“, because I think it’s a dumb idea for drives >>>>> to have
their own cache.

Not at all. There is a huge speed improvement.

The key is to have a large enough capacitor in the drive to flush all
those caches on power off.

Or power off by command, not pulling the cable.

The reason you pull the cable is

(i) the electricity company did it for you
(ii) the power off button/command didn't work.
(iii) There was no swap left and you couldn't even log in to issue the shutdown command

My Orange Pi 5 freezes all the time. I don't know if the power off
button is any better than pulling the power cable.

One thing I have been pondering, is a hardware heartbeat. I vaguely
remember reading that such a thing exists. I wondered if it was possible
to hang a clean-up routine off it. i.e if something stops the heartbeat
try to flush writes to disk, before the power reset. It is probably a
stupid idea, because by the time the computer was frozen enough to
prevent the heartbeat, it is probably too sick to run any clean-up code,
and/or the pending disk writes may still leave the disk in an
inconsistent state.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 22/04/2025 12:38, Pancho wrote:

On 4/22/25 12:13, The Natural Philosopher wrote:

On 22/04/2025 10:27, Carlos E.R. wrote:

On 2025-04-22 11:03, The Natural Philosopher wrote:

On 22/04/2025 09:35, Carlos E.R. wrote:

On 2025-04-21 02:29, Lawrence D'Oliveiro wrote:

On 21 Apr 2025 08:24:22 +1000, Computer Nerd Kev wrote:

It sounds like they're talking about the cache in the drive itself, >>>>>>> making sure data is physically written out before power-off.

Unfortunately, you could be right.

I say “unfortunately“, because I think it’s a dumb idea for drives >>>>>> to have
their own cache.

Not at all. There is a huge speed improvement.

The key is to have a large enough capacitor in the drive to flush
all those caches on power off.

Or power off by command, not pulling the cable.

The reason you pull the cable is

(i) the electricity company did it for you
(ii) the power off button/command didn't work.
(iii) There was no swap left and you couldn't even log in to issue the
shutdown command

My Orange Pi 5 freezes all the time. I don't know if the power off
button is any better than pulling the power cable.

I have herd several tinmes that orange Pis are not as good as raspberry..

One thing I have been pondering, is a hardware heartbeat.

A watchdog timer?

I vaguely
remember reading that such a thing exists. I wondered if it was possible
to hang a clean-up routine off it. i.e if something stops the heartbeat
try to flush writes to disk, before the power reset.

It depends on the architecture, In many cases the watchdog timer is an interrupt that cant issue a cleanup command itself.

It is probably a
stupid idea, because by the time the computer was frozen enough to
prevent the heartbeat, it is probably too sick to run any clean-up code, and/or the pending disk writes may still leave the disk in an
inconsistent state.

Something has to reset the heartbeat. You need a loop and sleep that
resets a variable and an ISR that counts down to zero,. If it gets there
it means the main loop is permanently junked. But the problem there is
that what can it do? foreground processes are by definition junked, and
doing a disk flush command from an ISR is a bit iffy to say the least...




--
“The fundamental cause of the trouble in the modern world today is that
the stupid are cocksure while the intelligent are full of doubt."

- Bertrand Russell

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

The Natural Philosopher <tnp@invalid.invalid> writes:

On 22/04/2025 09:35, Carlos E.R. wrote:

On 2025-04-21 02:29, Lawrence D'Oliveiro wrote:

On 21 Apr 2025 08:24:22 +1000, Computer Nerd Kev wrote:

It sounds like they're talking about the cache in the drive itself,
making sure data is physically written out before power-off.

Unfortunately, you could be right.

I say “unfortunately“, because I think it’s a dumb idea for drives >>> to have
their own cache.

Not at all. There is a huge speed improvement.

The key is to have a large enough capacitor in the drive to flush all
those caches on power off.

You still need to protect caches and buffers higher up the stack, or (if possible) design your system to be resilient against power failure. (For example, a mail server will only tell an SMTP client that it’s recieved
a message when it’s completed an fsync() on the queue file.)

Storage devices need _some_ internal buffering, to manage the
relationship between the logical blocks visible to the host device and
the physical storage. If that’s too small then a hard disk risks
spending all its time seeking between tracks rather than actually
reading or writing anything (or some differently structured waste of
time on an SSD).

--
https://www.greenend.org.uk/rjk/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, 22 Apr 2025 10:35:48 +0200, Carlos E.R. wrote:

... I think it’s a dumb idea for drives to have their own cache.

Not at all. There is a huge speed improvement.

Not as fast as the OS can achieve by caching things in main RAM.

Remember, the on-drive cache is on the wrong side of an interface (SATA,
NVME etc) that is not designed to run at main RAM speeds. Whereas the
interface between CPU and main RAM is. That’s why on-drive cache is a
waste of time.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, 22 Apr 2025 18:20:01 +0100, Richard Kettlewell wrote:

Storage devices need _some_ internal buffering, to manage the
relationship between the logical blocks visible to the host device and
the physical storage. If that’s too small then a hard disk risks
spending all its time seeking between tracks rather than actually
reading or writing anything (or some differently structured waste of
time on an SSD).

Operating systems have tried-and-tested algorithms going back decades,
like scatter-read, gather-write (or is it gather-read, scatter-write?), elevator seeking and all the rest of it, precisely to take such problems
in their stride.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, 22 Apr 2025 18:20:01 +0100, Richard Kettlewell wrote:

Storage devices need _some_ internal buffering, to manage the
relationship between the logical blocks visible to the host device and
the physical storage. If that’s too small then a hard disk risks
spending all its time seeking between tracks rather than actually
reading or writing anything (or some differently structured waste of
time on an SSD).

Operating systems have tried-and-tested algorithms going back decades,
like scatter-read, gather-write (or is it gather-read, scatter-write?), elevator seeking and all the rest of it, precisely to take such problems
in their stride.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, 22 Apr 2025 10:03:09 +0100, The Natural Philosopher wrote:

The key is to have a large enough capacitor in the drive to flush all
those caches on power off.

Just another potential point of failure.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Tue, 22 Apr 2025 12:38:58 +0100, Pancho wrote:

One thing I have been pondering, is a hardware heartbeat. I vaguely
remember reading that such a thing exists.

For interfacing with hot-spare systems, yes. There’s a Linux facility
called “DRBD” to help with this.

Also there is something called “STONITH”, which is to make sure the dead system really is properly dead, rather than stuck in a zombie state which
would interfere with operations of the replacement spare.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 22/04/2025 18:20, Richard Kettlewell wrote:

The Natural Philosopher <tnp@invalid.invalid> writes:

On 22/04/2025 09:35, Carlos E.R. wrote:

On 2025-04-21 02:29, Lawrence D'Oliveiro wrote:

On 21 Apr 2025 08:24:22 +1000, Computer Nerd Kev wrote:

It sounds like they're talking about the cache in the drive itself,
making sure data is physically written out before power-off.

Unfortunately, you could be right.

I say “unfortunately“, because I think it’s a dumb idea for drives >>>> to have
their own cache.

Not at all. There is a huge speed improvement.

The key is to have a large enough capacitor in the drive to flush all
those caches on power off.

You still need to protect caches and buffers higher up the stack, or (if possible) design your system to be resilient against power failure. (For example, a mail server will only tell an SMTP client that it’s recieved
a message when it’s completed an fsync() on the queue file.)

Storage devices need _some_ internal buffering, to manage the
relationship between the logical blocks visible to the host device and
the physical storage. If that’s too small then a hard disk risks
spending all its time seeking between tracks rather than actually
reading or writing anything (or some differently structured waste of
time on an SSD).

Of course. Conceptually the challenge is an orderly retreat when
superior officers have just been shot, so to speak.


--
The higher up the mountainside
The greener grows the grass.
The higher up the monkey climbs
The more he shows his arse.

Traditional

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2025-04-23 00:43, Lawrence D'Oliveiro wrote:

On Tue, 22 Apr 2025 10:35:48 +0200, Carlos E.R. wrote:

... I think it’s a dumb idea for drives to have their own cache.

Not at all. There is a huge speed improvement.

Not as fast as the OS can achieve by caching things in main RAM.

Remember, the on-drive cache is on the wrong side of an interface (SATA,
NVME etc) that is not designed to run at main RAM speeds. Whereas the interface between CPU and main RAM is. That’s why on-drive cache is a
waste of time.

The on drive cache is on the right side to take advantage of the drive
own algorithms to move the head. The firmware takes decisions on where
sectors actually are, and what sectors to actually read or write and in
what order. The operating system doesn't have actual knowledge of the
internal layout of the disk platters and can not optimize for the actual situation.

--
Cheers, Carlos.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 4/22/25 14:29, The Natural Philosopher wrote:

On 22/04/2025 12:38, Pancho wrote:

On 4/22/25 12:13, The Natural Philosopher wrote:

On 22/04/2025 10:27, Carlos E.R. wrote:

On 2025-04-22 11:03, The Natural Philosopher wrote:

On 22/04/2025 09:35, Carlos E.R. wrote:

On 2025-04-21 02:29, Lawrence D'Oliveiro wrote:

On 21 Apr 2025 08:24:22 +1000, Computer Nerd Kev wrote:

It sounds like they're talking about the cache in the drive itself, >>>>>>>> making sure data is physically written out before power-off.

Unfortunately, you could be right.

I say “unfortunately“, because I think it’s a dumb idea for >>>>>>> drives to have
their own cache.

Not at all. There is a huge speed improvement.

The key is to have a large enough capacitor in the drive to flush
all those caches on power off.

Or power off by command, not pulling the cable.

The reason you pull the cable is

(i) the electricity company did it for you
(ii) the power off button/command didn't work.
(iii) There was no swap left and you couldn't even log in to issue
the shutdown command

My Orange Pi 5 freezes all the time. I don't know if the power off
button is any better than pulling the power cable.

I have herd several tinmes that orange Pis are not as good as raspberry..

The oPi5 hardware is much better than the rPi5. The oPi5 has 4 extra
efficiency cores, the oPi5 RK3588 is 8nm, the rPi5 Broadcom BCM2712 is
16nm. The oPi5 comes with a NVMe socket.

In practice the oPi5 seems faster, and uses about half the power, it
will run off a normal(ish) USB power plug.

The problem is the OS (I use Armbian) isn't quite as good a rPi5.
Although the oPi5 is getting better and has open source GPU drivers.

For a GUI/Desktop the rPi5 is still a little buggy compared to Intel/AMD
Linux. While the rPi/Pi OS is good for a server, I wouldn't recommend
either it, or the oPi5, as a desktop, unless you like tinkering.

My perception is that the Aarch64 SoC Linux software is improving. Maybe
the next round of devices will truly be mass market desktops.

One thing I have been pondering, is a hardware heartbeat.

A watchdog timer?

Yeah, that is the proper name. I see they do provide a service to force
a reboot. Which I guess is what I wanted.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

The Natural Philosopher <tnp@invalid.invalid> wrote at 11:13 this Tuesday (GMT):

On 22/04/2025 10:27, Carlos E.R. wrote:

On 2025-04-22 11:03, The Natural Philosopher wrote:

On 22/04/2025 09:35, Carlos E.R. wrote:

On 2025-04-21 02:29, Lawrence D'Oliveiro wrote:

On 21 Apr 2025 08:24:22 +1000, Computer Nerd Kev wrote:

It sounds like they're talking about the cache in the drive itself, >>>>>> making sure data is physically written out before power-off.

Unfortunately, you could be right.

I say “unfortunately“, because I think it’s a dumb idea for drives >>>>> to have
their own cache.

Not at all. There is a huge speed improvement.

The key is to have a large enough capacitor in the drive to flush all
those caches on power off.

Or power off by command, not pulling the cable.

The reason you pull the cable is

(i) the electricity company did it for you
(ii) the power off button/command didn't work.
(iii) There was no swap left and you couldn't even log in to issue the shutdown command

I thought there's an OOM killer built in to prevent running out of ram?
--
user <candycane> is generated from /dev/urandom

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Wed, 23 Apr 2025 19:20:05 -0000 (UTC), candycanearter07 wrote:

I thought there's an OOM killer built in to prevent running out of ram?

The dreaded Linux OOM killer is part of a mechanism where the kernel never
says no when processes ask for more RAM. This is configurable.

There are still people who don’t like the way the OOM killer works, even
if its algorithm is well-documented. So they implement their own process killers (e.g. Android) to try to stop things getting to the point where
the kernel itself has to take action.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Wed, 23 Apr 2025 13:35:14 +0200, Carlos E.R. wrote:

On 2025-04-23 00:43, Lawrence D'Oliveiro wrote:

On Tue, 22 Apr 2025 10:35:48 +0200, Carlos E.R. wrote:

... I think it’s a dumb idea for drives to have their own cache.

Not at all. There is a huge speed improvement.

Not as fast as the OS can achieve by caching things in main RAM.

Remember, the on-drive cache is on the wrong side of an interface
(SATA, NVME etc) that is not designed to run at main RAM speeds.
Whereas the interface between CPU and main RAM is. That’s why on-drive
cache is a waste of time.

The on drive cache is on the right side to take advantage of the drive
own algorithms to move the head. The firmware takes decisions on where sectors actually are, and what sectors to actually read or write and in
what order. The operating system doesn't have actual knowledge of the internal layout of the disk platters and can not optimize for the actual situation.

Yes it can. It uses algorithms I previously mentioned -- scatter read,
gather write, elevator seeking -- to assemble together large sequences of
I/O requests, larger than any on-drive cache can handle.

All the on-drive cache can offer is another potential point where things
can go wrong, leading to data loss.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Lawrence D'Oliveiro <ldo@nz.invalid> wrote at 00:24 this Thursday (GMT):

On Wed, 23 Apr 2025 19:20:05 -0000 (UTC), candycanearter07 wrote:

I thought there's an OOM killer built in to prevent running out of ram?

The dreaded Linux OOM killer is part of a mechanism where the kernel never says no when processes ask for more RAM. This is configurable.

There are still people who don’t like the way the OOM killer works, even
if its algorithm is well-documented. So they implement their own process killers (e.g. Android) to try to stop things getting to the point where
the kernel itself has to take action.

Fair enough. As long as those solutions work..
--
user <candycane> is generated from /dev/urandom

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2025-04-24 02:23, Lawrence D'Oliveiro wrote:

On Wed, 23 Apr 2025 13:35:14 +0200, Carlos E.R. wrote:

On 2025-04-23 00:43, Lawrence D'Oliveiro wrote:

On Tue, 22 Apr 2025 10:35:48 +0200, Carlos E.R. wrote:

... I think it’s a dumb idea for drives to have their own cache.

Not at all. There is a huge speed improvement.

Not as fast as the OS can achieve by caching things in main RAM.

Remember, the on-drive cache is on the wrong side of an interface
(SATA, NVME etc) that is not designed to run at main RAM speeds.
Whereas the interface between CPU and main RAM is. That’s why on-drive >>> cache is a waste of time.

The on drive cache is on the right side to take advantage of the drive
own algorithms to move the head. The firmware takes decisions on where
sectors actually are, and what sectors to actually read or write and in
what order. The operating system doesn't have actual knowledge of the
internal layout of the disk platters and can not optimize for the actual
situation.

Yes it can. It uses algorithms I previously mentioned -- scatter read,
gather write, elevator seeking -- to assemble together large sequences of
I/O requests, larger than any on-drive cache can handle.

No, it can not. It does not have the access.

All the on-drive cache can offer is another potential point where things
can go wrong, leading to data loss.

--
Cheers, Carlos.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 25 Apr 2025 23:20:31 +0200, Carlos E.R. wrote:

No, it can not. It does not have the access.

You don’t need “access” to do bulk transfers larger than any on-drive cache can help with.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 25 Apr 2025 17:50:03 -0000 (UTC), candycanearter07 wrote:

Fair enough. As long as those solutions work..

Or you could, you know, simply configure your kernel to say “no, sorry, there’s not enough RAM for that”.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 25/04/2025 22:20, Carlos E.R. wrote:

Yes it can. It uses algorithms I previously mentioned -- scatter read,
gather write, elevator seeking -- to assemble together large sequences of
I/O requests, larger than any on-drive cache can handle.

No, it can not. It does not have the access.

For SSD, no. SSD is a device that mimics a hard drive with 'sectors' and 'tracks'.
It *dynamically* (for wear levelling) maps between a 'virtual hard
drive' and its underlying weirdness of flash RAM blocks and pages.

There is nothing the operating system can do to optimise this except
not do multiple writes to a 'sector' if possible.



--
Canada is all right really, though not for the whole weekend.

"Saki"

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

The Natural Philosopher <tnp@invalid.invalid> writes:

On 25/04/2025 22:20, Carlos E.R. wrote:

Yes it can. It uses algorithms I previously mentioned -- scatter read,
gather write, elevator seeking -- to assemble together large sequences of >>> I/O requests, larger than any on-drive cache can handle.

No, it can not. It does not have the access.

For SSD, no. SSD is a device that mimics a hard drive with 'sectors'
and 'tracks'.
It *dynamically* (for wear levelling) maps between a 'virtual hard
drive' and its underlying weirdness of flash RAM blocks and pages.

Kernels don’t generally pay much attention to the geometry of
traditional hard drives either. In principle they could, and Linux has
internal APIs to retrieve device geometry, but in practice they don’t
(see if you can find a filesystem that uses hd_geometry). Even if they
did the geometry would at best be an approximation due to sector
remapping. And that’s before we get onto oddities like SMR.

The reality is that storage devices are in a better position to manage
this than OS kernels are, and the entire computer industry worked this
out long ago.

There is nothing the operating system can do to optimise this except
not do multiple writes to a 'sector' if possible.

If you want to optimize OS and/or application behavior for SSDs then https://pages.cs.wisc.edu/~jhe/eurosys17-he.pdf looks like a good
starting point. Based on s3.2 and perhaps s3.4 I think re-using a single logical sector will be fine and possibly a net win, at least on a proper
SSD where the logical/physical mapping is fully dynamic.

It might be different on the cheapest USB stick you can find, but your expectations should be low in that case anyway.

--
https://www.greenend.org.uk/rjk/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 26 Apr 2025 10:32:10 +0100, The Natural Philosopher wrote:

[Flash storage] *dynamically* (for wear levelling) maps between a
'virtual hard drive' and its underlying weirdness of flash RAM
blocks and pages.

There is nothing the operating system can do to optimise this ...

Linux has some alternative filesystems in the standard kernel that are specifically designed to include wear-levelling in their storage-
allocation algorithms.

The firmware in SSDs that makes it pretend to work like a hard drive is
very complex, and of course it has bugs. It would be nice to be able to simplify things by getting rid of most of that layer.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 26 Apr 2025 17:08:53 +0100, Richard Kettlewell wrote:

The reality is that storage devices are in a better position to manage
this than OS kernels are ...

But storage devices cannot know how they are used, as part of an array, or
an LVM logical volume which is carved out of a volume group, or whatever.
Or how the filesystem is structured on top of that. Only the OS knows
this.

Does the drive know how the journalling works, or where the redundant superblocks are located? No, it doesn’t. What is the algorithm for
spreading out those copies of the superblock to try to ensure that a
single head crash is unlikely to destroy them all? Does the drive itself
help with this? No.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

John Ames <commodorejohn@gmail.com> writes:

Lawrence D'Oliveiro <ldo@nz.invalid> wrote:

Fair enough. As long as those solutions work..

Or you could, you know, simply configure your kernel to say “no,
sorry, there’s not enough RAM for that”.

The whole idea of *not* doing that - pretending that resources are
infinite and arbitrarily murdering on the sly to maintain the fiction
- is utterly baffling to me. I'm curious what the rationale is behind
it.

The choice is between memory allocation failing (generally leading to
processes existing or not even starting in the first place) when there
is plenty left due to pessimistic book-keeping, or killing processes
only when you genuinely run out of memory.

The default is overcommit (i.e. the latter). It’s just a default, so if
you don’t like it, you can disable it.

--
https://www.greenend.org.uk/rjk/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 28 Apr 2025 07:45:51 -0700, John Ames wrote:

On Fri, 25 Apr 2025 23:15:25 -0000 (UTC)
Lawrence D'Oliveiro <ldo@nz.invalid> wrote:

Or you could, you know, simply configure your kernel to say “no,
sorry, there’s not enough RAM for that”.

The whole idea of *not* doing that - pretending that resources are
infinite and arbitrarily murdering on the sly to maintain the fiction -
is utterly baffling to me. I'm curious what the rationale is behind it.

I think one reason is that a lot of software is sloppily written to assume
that memory allocations will always succeed.

Another thing to think about is: what if all the system memory is
exhausted, and the superuser tries to login to fix the situation, but
can’t?

<https://manpages.debian.org/proc_sys_vm(5)>

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 28/04/2025 20:18, Richard Kettlewell wrote:

John Ames <commodorejohn@gmail.com> writes:

Lawrence D'Oliveiro <ldo@nz.invalid> wrote:

Fair enough. As long as those solutions work..

Or you could, you know, simply configure your kernel to say “no,
sorry, there’s not enough RAM for that”.

The whole idea of *not* doing that - pretending that resources are
infinite and arbitrarily murdering on the sly to maintain the fiction
- is utterly baffling to me. I'm curious what the rationale is behind
it.

The choice is between memory allocation failing (generally leading to processes existing or not even starting in the first place) when there
is plenty left due to pessimistic book-keeping, or killing processes
only when you genuinely run out of memory.

The default is overcommit (i.e. the latter). It’s just a default, so if
you don’t like it, you can disable it.

*You* can Richard. Most of the rest of us wouldn't know where to start :-)


--
If you tell a lie big enough and keep repeating it, people will
eventually come to believe it. The lie can be maintained only for such
time as the State can shield the people from the political, economic
and/or military consequences of the lie. It thus becomes vitally
important for the State to use all of its powers to repress dissent, for
the truth is the mortal enemy of the lie, and thus by extension, the
truth is the greatest enemy of the State.

Joseph Goebbels

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

The Natural Philosopher <tnp@invalid.invalid> writes:

Richard Kettlewell wrote:

The default is overcommit (i.e. the latter). It’s just a default, so
if you don’t like it, you can disable it.

*You* can Richard. Most of the rest of us wouldn't know where to start
:-)

Most people have no reason to change the setting, so that works out OK l-)

--
https://www.greenend.org.uk/rjk/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 29/04/2025 18:29, Richard Kettlewell wrote:

The Natural Philosopher <tnp@invalid.invalid> writes:

Richard Kettlewell wrote:

The default is overcommit (i.e. the latter). It’s just a default, so
if you don’t like it, you can disable it.

*You* can Richard. Most of the rest of us wouldn't know where to start
:-)

Most people have no reason to change the setting, so that works out OK l-)

Indeed, but that is orthogonal to the point I was making.
I have had many *nix machines go tits up on me. essentially running out
of RAM and swap.

Very easy to DOS or DDOS an apache server or even a mail server by
flooding it with attempts to spoof addresses.

And be unable to ssh in to fix it.

Dirty shutdowns work

--
“The ultimate result of shielding men from the effects of folly is to
fill the world with fools.”

Herbert Spencer

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)