Page MenuHomeFreeBSD

sync.8: Document that the "sync dance" is not a thing
ClosedPublic

Authored by 0mp on Dec 2 2021, 12:12 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Jan 10, 11:56 AM
Unknown Object (File)
Dec 22 2024, 1:59 AM
Unknown Object (File)
Nov 27 2024, 6:11 AM
Unknown Object (File)
Nov 24 2024, 2:31 PM
Unknown Object (File)
Nov 24 2024, 2:30 PM
Unknown Object (File)
Nov 24 2024, 6:03 AM
Unknown Object (File)
Nov 23 2024, 10:45 AM
Unknown Object (File)
Nov 20 2024, 10:56 AM

Details

Summary

People still believe that it is essential to run sync(8) a couple of
times before a reboot/halt. Document that this has not been necessary
for a long time now.

MFC after: 2 weeks

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 44638
Build 41526: arc lint + arc unit

Event Timeline

0mp requested review of this revision.Dec 2 2021, 12:12 PM
bcr added a subscriber: bcr.

Sounds good to have in there as these old misconceptions are still around. Approved from my side.

This revision is now accepted and ready to land.Dec 2 2021, 12:15 PM
bin/sync/sync.8
84

This form is wrong. I think it is just .At 7

imp requested changes to this revision.Dec 2 2021, 1:53 PM

I'm not entirely happy with the wording. Give me a few hours to mull.

This revision now requires changes to proceed.Dec 2 2021, 1:53 PM
bin/sync/sync.8
84
This has been unnecessary since
.Bx 4.0 .

is more historically accurate. Older than that, and it gets dicy. because there was no reboot or halt commands. You would just type sync, wait for the lights to stop and then turn off the machine.

Typing sync three times (one line each) was a placebo that would generally suffice in 7th edition machines that were otherwise quiesced system. It replaced the one per line sync as a substitute for waiting.

4.0 BSD introduced reboot and the mostly safe kernel sync (slow disks with lots of dirty buffers might be a problem). System Vr1 on 3B20 had a reboot command, but it was unsafe. System Vr3 AT&T world introduced a similar thing. Many commercial unixes during the 80s had made this operation safe. Linux didn't initially have media stable shutdown (which is why fsck_ext2 had an option to run fsck every N reboots just to be safe).

The other way you can say it is 'This has been unnecessary since the 1980s' and be right w/o going into a deep-dive of history.

I know I said on twitter that it hasn't been necessary since 7th edition, but I was misremembering things slightly....

0mp planned changes to this revision.Dec 3 2021, 12:58 AM
0mp added inline comments.
bin/sync/sync.8
84

Thank you for the wonderful write-up, Warner. I'll dig into it tomorrow and I'll try to wordsmith it into the patch.

  • Say that triple sync has been unnecessary since the 1980s
bin/sync/sync.8
84

I'm wondering if I should add the following paragraphs to this section:

.Pp
On systems older than
.Bx 4.0 ,
commands like
.Xr reboot 8
and
.Xr halt 8
were unavailable.
The shutdown procedure involved running
.Nm ,
waiting for the lights to stop,
and turning off the machine.
.Pp
Issuing three separate
.Nm
commands (one line each) was a placebo that would generally suffice in
.At v7
machines that were otherwise quiesced systems.
It replaced the one-per-line
.Nm
as a substitute for waiting.
.Pp
.Bx 4.0
introduced
.Xr reboot 2
and the mostly safe kernel
.Xr sync 2
(slow disks with lots of dirty buffers might be a problem).
0mp marked 2 inline comments as done.Mar 3 2022, 10:54 PM
pauamma_gundo.com added inline comments.
bin/sync/sync.8
84

If you do, please clarify whether

(slow disks with lots of dirty buffers might be a problem)

is still applicable.

I would love to see this in the man page. Any updates?

Suggested different wording for last paragraph.

bin/sync/sync.8
84

I think that we should use this wording but omit the last parenthetical, or better replace last paragraph with:

.Pp
.Bx 4.0
introduced
.Xr reboot 2
and
.Xr sync 2
which rendered this trick obsolete.
pauamma_gundo.com added inline comments.
bin/sync/sync.8
84

Either works for me.

Apply recommended wording

0mp marked 3 inline comments as done.Apr 23 2024, 2:36 PM
This revision was not accepted when it landed; it landed in state Needs Review.Apr 25 2024, 9:50 AM
This revision was automatically updated to reflect the committed changes.

Late to the party, but I find this passage rather obscure:

It replaced the one per line sync as a substitute for waiting.

What does that refer to exactly? To typing only a single sync, as evoked in the previous paragraph ("The shutdown procedure involved running...")?
If yes, I would suggest replacing the whole paragraph:

Typing sync three times (one line each) was a placebo that would generally suffice in 7th edition machines that were otherwise quiesced system. It replaced the one per line sync as a substitute for waiting.

with something like:
"""
Typing sync three times (one line each) would generally suffice in 7th edition machines that were otherwise quiesced system for all dirty buffers to reach the disks. This placebo procedure was in effect just a substitute for waiting.
"""
Or did you mean something else?

Since reboot and shutdown system calls were added just after v7, the sync 3 times dance is a placebo. It was marginally useful on v7 before powering off. It's existed in lore as being necessary when it hasn't been. And since all it does is schedule IO you can't use it to know data is on the disk.

In D33233#1025440, @imp wrote:

Since reboot and shutdown system calls were added just after v7, the sync 3 times dance is a placebo. It was marginally useful on v7 before powering off. It's existed in lore as being necessary when it hasn't been. And since all it does is schedule IO you can't use it to know data is on the disk.

Yes, all of this was clear to me. I'm only talking about the formulation of the specific passage quoted above. I don't understand the mention of "one per line sync" in the quoted sentence, and I think it is confusing.

My suggested text explicitly ties "placebo" to the sync-3-times dance, not to the use of sync before powering down the machine. I don't think the latter is a placebo: Of course, it doesn't guarantee that everything is on disk (and nothing prevents new buffers to become dirty between issuing the sync and the power off), but at least it speeds up the process, so the operator can wait less before pulling the plug in an almost safe manner. Do you consider that last part to be a placebo as well?

There's almost no difference between sync; shutdown and just shutdow other than more typing. The latter does a sync first thing anyway (in the system call) so you may start the io a smidgen earlier with the former... but sync doesn't guarantee the io will be done before shutdown starts... so even doing them on sepatate lines might only gain you the time it takes you to type shutdown at the expense of typing 5 extra characters.

In D33233#1025445, @imp wrote:

There's almost no difference between sync; shutdown and just shutdow other than more typing. The latter does a sync first thing anyway (in the system call) so you may start the io a smidgen earlier with the former... but sync doesn't guarantee the io will be done before shutdown starts... so even doing them on sepatate lines might only gain you the time it takes you to type shutdown at the expense of typing 5 extra characters.

The main difference is that you control the time you leave to the system to actually write to disk. Typing sync and then shutdown almost immediately indeed doesn't make much sense. Waiting for some seconds or much more does, if you know statistically that all writes will have finished by that chosen time. This new text suggests instead an empirical evaluation, but otherwise is the same idea:

The shutdown procedure involved running sync, waiting for the lights to stop, and turning off the machine.

I think my proposed formulation is essentially compatible with that. Revising it a little bit:
"""
Typing sync three times (one line each) would generally leave enough time for all dirty buffers to reach the disks in 7th edition machines that were otherwise quiesced systems. This placebo procedure was in reality no more than a substitute for waiting.
"""
Are you OK with it?

In D33233#1025445, @imp wrote:

There's almost no difference between sync; shutdown and just shutdow other than more typing. The latter does a sync first thing anyway (in the system call) so you may start the io a smidgen earlier with the former... but sync doesn't guarantee the io will be done before shutdown starts... so even doing them on sepatate lines might only gain you the time it takes you to type shutdown at the expense of typing 5 extra characters.

The main difference is that you control the time you leave to the system to actually write to disk. Typing sync and then shutdown almost immediately indeed doesn't make much sense. Waiting for some seconds or much more does, if you know statistically that all writes will have finished by that chosen time.

Kinda yes, kinda know. sync ; shutdown is a shorthand that people have used. You are suggesting sync <time passes> shutdown, which is different.

This new text suggests instead an empirical evaluation, but otherwise is the same idea:

The shutdown procedure involved running sync, waiting for the lights to stop, and turning off the machine.

I think my proposed formulation is essentially compatible with that. Revising it a little bit:
"""
Typing sync three times (one line each) would generally leave enough time for all dirty buffers to reach the disks in 7th edition machines that were otherwise quiesced systems. This placebo procedure was in reality no more than a substitute for waiting.
"""
Are you OK with it?

Almost. The placebo was designed to take enough time for the worst case number of buffers that could be dirty, and there's some indirect evidence that it was 'by design to take time' rather than the other way around 'a process that also happened to take enough time'. The evidence for it being cause, rather than effect, is a bit weak though.

"Typing sync three times before shutting the system off was designed to occupy the operator for enough time for all dirty buffers to make it to the disk in the absence of a safe shutdown command."