08 April 2024, 00:49 | #1 |
Registered User
Join Date: Oct 2019
Location: Ontario / Canada
Posts: 18
|
AmigaOS 3.3 Feature Request [Shutdown]
This may not be the best place to post a new feature request, but the Hyperion site has broken the user account file and denied many users posting privileges.
So, I'm going to throw the idea up here and ... maybe someone will see it. The idea is simple .. we need a workbench [shutdown] option. The reason why is NAND flash... specifically the cheap NAND flash storage without asynchronous power fail protection that 90%+ of Amiga users choose to buy ... oh .. and USB thumb sticks... I know that "The Amiga Way" was to wait for the HDD LED to go out and hit the KA-CHUNK switch to power off ... and in the day of spinning rust media .. that was perfectly valid. Today .. we have a ton of new accelerators which are getting populated with cheap NAND flash storage solutions, not spinning rust, and users are not opting to pay for enterprise storage, with last-gasp holdup caps.. What can and does happen is.... You wait for the HDD LED to go out.. and you flip the power switch... the SSD was a cheap pSLC cache TLC SSD and it had just begun background operations or BKOPS and was copying the pSLC cache to the TLC array and you killed the power... Now on power-up... the SSD will notice the FTL is corrupt and refuse to respond to the host while it's rebuilding the FTL from a trail of bread crumbs.. This takes time.. but Kickstart is not injured SSD aware, so it skips the non-responding SSD and tries to boot elsewhere... the user thinks .. hey this is weird and keeps power cycling the computer.. Eventually the SSD gets rebooted so many times trying to repair itself that it becomes corrupt. There are other such NAND flash storage corruption mechanisms.. Many involve BKOPS just doing its thing and BLAMO! someone kills the power. I've only given one such common example above. There are people in the community that might say 'shutdown' is a driver issue or a storage vendor problem and shutdown is not an OS specific function.. To them I would say: - Drivers have a strict policy of refusing to work during power failure. - The ATA storage vendors have provided the [Standby Immediate] command, we just have to take advantage of it. - If the OS has no responsibility for Shutdown... then we should remove the Startup scripts as well.. What I think would help is a [Shutdown] menu item that sends the [Standby Immediate] command to the ATA devices on the computer and then pops up a window that says "You're computer is safe to power off" It would also be nice.. someday.. to flush and unmount any USB storage devices, but one step at a time. I realize the Amiga is different from other computer systems.. but I feel like many of us are modernizing it (look we're running OS 3.2.2.) and using present day hardware .. maybe it's time to implement [shutdown] or at least a shutdown script to assist where the new hardware really needs it. Last edited by ljmarent; 08 April 2024 at 00:57. |
08 April 2024, 05:41 | #2 |
Registered User
Join Date: May 2021
Location: Melbourne, Australia
Posts: 45
|
Thanks for your suggestion @ljmarent.
I will add it to our list for consideration to see how this might be done. The example is helpful and not something I was personally aware of (though the other devs might be). |
08 April 2024, 06:05 | #3 |
Registered User
Join Date: May 2021
Location: Melbourne, Australia
Posts: 45
|
BTW, a good place to ask such questions is https://developer.amigaos3.net/forum
|
08 April 2024, 07:49 | #4 |
Senior Member
Join Date: Jun 2001
Location: Germany
Posts: 1,667
|
Sorry, but I don't see the problem. First, how does a shutdown function protect from a power failure?! Second, the Amiga OS, or rather the file system, does not use any sort of caching. There is nothing to flush to make the file system "clean".
Also, what you describe does not even happen on a PC when power fails. What you describe is a very, very theoretical issue that is less likely to happen than winning the lottery. Finally, it should not at all the OS' task to make sure that some dirt-cheap flash storage does not get corrupted. |
08 April 2024, 08:06 | #5 | |||||
-
Join Date: Jul 2003
Location: Helsinki / Finland
Age: 43
Posts: 9,940
|
It was explained in the opening post.
Quote:
Quote:
Quote:
Quote:
Quote:
Most consumer SSDs have a SMART attribute for this. Here's mine from my creaky home server: 192 Unsafe_Shutdown_Count 0x0012 100 100 000 Old_age Always - 74 My power has been quite stable over the years, thankfully. Last edited by Jope; 08 April 2024 at 09:03. |
|||||
08 April 2024, 09:12 | #6 |
Amiga user
Join Date: Nov 2008
Location: Sofia / Bulgaria
Posts: 476
|
Yes, shutdown, even if not real shutdown, like shutdown from the power switch is still useful.
On my Macintosh Performa 450, when I shutdown MacOS 7.X, it says at the end that it's safe to turn off, or I can restart with click of a button. If I don't do the procedure of shutdown from the menu item, or the button on the keyboard, I get the annoying message with the next boot of MacOS that I need to shutdown. And some validation probably happens in the back. On AmigaOS 4.1 I am very happy to have the shutdown menu which turns off the machine as well. One very advanced feature that AmigaOS got it only in late 2010-ies. |
08 April 2024, 14:46 | #7 | ||||
Registered User
Join Date: Oct 2019
Location: Ontario / Canada
Posts: 18
|
Quote:
- write the FTL down - stop writing data By sending [Standby Immediate], we are just placing the NAND flash controller in the crash position. Quote:
I'm talking about data at rest from the hosts perspective. SSDs are quite busy internally when you are not actively accessing them. BKOPS are happening inside the NAND flash storage device that you cannot observe. Giving the controller some warning that you are about to kill the power makes a huge difference. By halting BKOPS, you are helping the NAND flash storage controller to preserve your data at rest integrity. Quote:
Nor have you been involved in third party client NAND flash storage testing. Client grade NANDflash storage corruption due to power failure is extremely common, it is far from a "lottery". A lot of things have been added to your PC OS \ BIOS to help mitigate this. Corruption is not as common on PC's today 'exactly because' we have a shutdown warning and BIOS's that wait for an injured SSD to recover on boot. So, we don't get into doom loop scenarios as easily on PC's, but even with those improvements, power fail corruption is still an issue, just a mitigated one. Which the Amiga.. today... does nothing to mitigate. Quote:
The reality is that 'common' client grade NAND flash storage devices from reputable vendors can be corrupted by repeat power failure, which is the same thing as switching off the power switch on an Amiga. The OS is the BEST place for us to broadcast to all IO subsystems to prepare for power loss and prevent data corruption. Making it safe to throw the power switch. My final notes on all of this are: Why should the Amiga OS not be a leader in taking full advantage of NAND flash storage technology ? Why choose to voice an objection to adding a common thing like: - ATA Power Fail Warning [Standby Immediate] - USB flush and auto-unmount - Heaven forbid I ask for TRIM support These sorts of things are OS level and help to reduce failure and user frustration. Which is another way of saying.. these things increase user happiness... how often do we get a chance to do that ? Last edited by ljmarent; 08 April 2024 at 14:55. |
||||
08 April 2024, 15:34 | #8 | ||
Registered User
Join Date: Oct 2009
Location: Germany
Posts: 3,315
|
Quote:
Quote:
|
||
08 April 2024, 16:33 | #9 | ||
Registered User
Join Date: Oct 2019
Location: Ontario / Canada
Posts: 18
|
Quote:
2) Unless you choose to pay for enterprise grade NAND flash storage solution, you're not getting this functionality on the device itself.. Amiga users see $20 256GB client SSDs and maybe out of the corner of their eye they spot the $150 256GB enterprise SSDs and guess what runs through their head ? "They are trying to rip me off" Almost no one is up-to-speed on the differences between client and enterprise NAND flash storage products. We're not going to educate our way out of this, because the cost disparity is too great. On other computer systems, to a large extent, users don't need to be concerned. When the BIOS and OS are NAND flash storage aware, client grade devices can get along well enough. On the Amiga .. no... I ask you in return, why should the AmigaOS, in active development in 2024 remain a BIOS / OS which is completely unaware of, and lacking any support for NAND flash storage ? There are active devs.. and this is a feature that will reduce frustration and unhappiness, without breaking in any way what it is to be Amiga.. If you use spinning rust or enterprise NAND, go ahead and throw the power switch like you always did. Just now .. there would be a Shutdown option in the Workbench menu that can prepare the computer for power off.. And then we can talk to the AmigaOS devs about 'maybe' supporting shutdown triggered flush and unmount for SD cards and USB thumb sticks and heaven forbid ... trim support.. We could actually start supporting NAND flash storage, like other actively developed OS's do and maybe .. we could even do it better ? If only ... I don't know ... maybe someone who is an insider at a major NAND flash and storage manufacturer, could guide interested devs to tech-notes covering known issues and work arounds and answer their questions. Though .. surely no one like that would ever appear ... And I tell you.. if someone like that ever did appear.. She\he would likely be argued 'to death', by people that don't work in the NAND flash storage industry, and 'choose' to ignore how other systems have dealt with the NAND flash storage challenges .. at the BIOS \ OS level. But that's just a hunch.. Quote:
The Ideal Solution: "STANDBY IMMEDIATE (E0), and wait for the output. If that outputs an ABRT, wait a second, then retry. Then, I would issue SLEEP (E6). If that outputs an ABRT, the drive does not support SLEEP, and you should wait 3 seconds, then power off. If the output is successful, wait for the INTRQ line to be asserted. Then, read the ATA status register (to clear the INTRQ). When the INTRQ clears, it is safe to power off." The Good Enough Solution: Just issuing STANDBY IMMEDIATE, stopping all IO, and wait 3 seconds Would do most of the heavy lifting. It's the ATA standard and ATA devices will comply, so it's not something I'd call storage device specifc, no. There could be storage controllers that don't pass the [Standby Immediate] command to the drive or response to the driver. Once we are making the requests at the OS level, we'd find out which controllers do not support this, if any, and could ask those hardware devs to help, if they are still around. If a few ATA host controllers cannot be updated to support this .. that's unfortunate but it does not make the situation worse, in the way that doing nothing does over time. |
||
08 April 2024, 17:51 | #10 |
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,366
|
Should AmigaOS destroy one of its advantages just to support stupidly designed hardware from the PC world ?
After all, mechanical hard drives have been able to park their heads at power off without any special command, since very long. And one should be able to unplug an USB stick without unmounting it first. A separate program doing what is asked here could be fine. But by pity, not in the OS itself. |
08 April 2024, 17:58 | #11 |
Registered User
Join Date: Sep 2018
Location: California
Posts: 366
|
I think this seems like a great idea with zero downsides. I don't understand all the pushback. For many people, this is a home run. For other people, it would be a feature that can easily be ignored forever. *shrug*
|
08 April 2024, 18:15 | #12 |
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,366
|
Yeah, sure. Make it look like win95.
|
08 April 2024, 18:18 | #13 | |
Registered User
Join Date: Aug 2006
Location: Scunthorpe/United Kingdom
Posts: 2,130
|
Quote:
Or you could just pull the plug anyway. I mean, there's literally no way anything bad could happen, is there? |
|
08 April 2024, 18:30 | #14 | |
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,366
|
Quote:
Up to recently, nothing could. Why should this change ? |
|
08 April 2024, 19:15 | #15 |
Registered User
Join Date: Oct 2021
Location: England
Posts: 1,285
|
sounds like the procedure for the a590, needing to park the heads before turning off the machine.
|
08 April 2024, 19:24 | #16 |
Registered User
Join Date: Apr 2023
Location: Sesimbra
Posts: 116
|
[QUOTE=meynaf;1678461
Up to recently, nothing could. Why should this change ?[/QUOTE] Up to recently nobody used SSD or SD cards on their Amigas, now they use. So why not to change? This is a particularly useful and sensible request. If implemented, you could simply ignore and continue to shutdown your Amiga on the power button, just like in 1988. Nothing changes for you. |
08 April 2024, 19:43 | #17 | |
son of 68k
Join Date: Nov 2007
Location: Lyon / France
Age: 51
Posts: 5,366
|
Quote:
I'm not against this feature. I'm against putting it at the wrong place. |
|
08 April 2024, 19:56 | #18 |
Registered User
Join Date: Oct 2007
Location: Athens , Greece
Posts: 1,860
|
Well, it can be optional if that's the problem. But it does make sense right now to have it as a choice.
|
08 April 2024, 19:56 | #19 |
Registered User
Join Date: Oct 2009
Location: Germany
Posts: 3,315
|
I just asked because in theory it sounds good and easy but I fear that in praxis it isn't. Then we have so many different systems (hardware and software configurations) that I also would suggest to have a separate tool the cover all or the most of it. Maybe a small hardware device between IDE port and storage device would be better if possible.
For filesystems you have this: http://aminet.net/package/disk/salv/DiskSafe |
08 April 2024, 19:58 | #20 |
Registered User
Join Date: Aug 2006
Location: Scunthorpe/United Kingdom
Posts: 2,130
|
I guess if there's a modern standard signal that modern flash drives will respond to, then making use of that would be fine?
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
Thread Tools | |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Feature request | Galahad/FLT | request.UAE Wishlist | 4 | 21 February 2019 23:04 |
Feature request | Galahad/FLT | support.WinUAE | 5 | 12 February 2013 19:38 |
Feature Request | Npl | request.UAE Wishlist | 5 | 02 August 2004 21:43 |
Feature request | Fackamato | support.WinUAE | 48 | 26 February 2004 17:23 |
AmigaOS 4 feature list | Korodny | Amiga scene | 1 | 14 January 2003 14:59 |
|
|