The episode where Microsoft won't tell me what's REALLY going on
-
@sloosecannon said in The episode where Microsoft won't tell me what's REALLY going on:
Is that a thing in Server though?
Yes.
If you turn on Fast Boot.
-
@RaceProUK said in The episode where Microsoft won't tell me what's REALLY going on:
@heterodox said in The episode where Microsoft won't tell me what's REALLY going on:
Also would be good to know whether it applies to servers.
It does if you turn it on ;)
Well, great, now I have to ask my servers whether I turn them on.
-
@RaceProUK said in The episode where Microsoft won't tell me what's REALLY going on:
@sloosecannon said in The episode where Microsoft won't tell me what's REALLY going on:
Is that a thing in Server though?
Yes.
If you turn on Fast Boot.
Huh, TIL. That seems exactly like the kind of consumer feature they remove from Server.
Also, apparently the rest of the thread where this exact question was discussed didn't stream in. Woohoo mobile!
-
@RaceProUK said in The episode where Microsoft won't tell me what's REALLY going on:
Yes.
If you turn on Fast Boot.
Not sure I really would see the point if it doesn't apply to restarts. Shutdowns aren't very common for servers outside of emergency maintenance conditions, which is probably why it's not on by default.
-
@heterodox said in The episode where Microsoft won't tell me what's REALLY going on:
@RaceProUK said in The episode where Microsoft won't tell me what's REALLY going on:
Yes.
If you turn on Fast Boot.
Not sure I really would see the point if it doesn't apply to restarts. Shutdowns aren't very common for servers outside of emergency maintenance conditions, which is probably why it's not on by default.
Also your boot time doesn't really matter too much when it takes so long to get through BIOS. Since on my servers it takes like 5 minutes just to get to Windows anyways...
-
@sloosecannon said in The episode where Microsoft won't tell me what's REALLY going on:
Also your boot time doesn't really matter too much when it takes so long to get through BIOS. Since on my servers it takes like 5 minutes just to get to Windows anyways...
Wow, that's atrocious.
-
@heterodox said in The episode where Microsoft won't tell me what's REALLY going on:
@sloosecannon said in The episode where Microsoft won't tell me what's REALLY going on:
Also your boot time doesn't really matter too much when it takes so long to get through BIOS. Since on my servers it takes like 5 minutes just to get to Windows anyways...
Wow, that's atrocious.
Is it better on newer servers? The ones I have access to are... A few years old... But they take absolutely forever to get through all the BIOS/UEFI stuff.
-
@sloosecannon said in The episode where Microsoft won't tell me what's REALLY going on:
Is it better on newer servers? The ones I have access to are... A few years old... But they take absolutely forever to get through all the BIOS/UEFI stuff.
Well, most of the servers I work on are virtual, so. Maybe take 5 seconds to get through the BIOS unless I've set a boot delay. My workstation at home is half-server but doesn't take much longer than that to get through the status information, RAID manager, etc.
-
@sloosecannon said in The episode where Microsoft won't tell me what's REALLY going on:
Is it better on newer servers?
There is usually a couple options you can tweak in the BIOS to make initialization faster.
Even a 10 yo machine shouldn't take 5 minutes to get to Windows.Check your boot order, for example.
-
@TimeBandit said in The episode where Microsoft won't tell me what's REALLY going on:
Check your boot order, for example.
That's a good call. A server shouldn't be looking at removable media, shouldn't be looking for network boot, etc. (Didn't think of this since our security standards preclude it anyway.)
-
@heterodox said in The episode where Microsoft won't tell me what's REALLY going on:
A server shouldn't be looking at removable media, shouldn't be looking for network boot, etc.
Exactly. I've seen servers trying CD/DVD, USB boot, NetBoot, everything else..
Then the HD
-
@heterodox said in The episode where Microsoft won't tell me what's REALLY going on:
is the "Windows is applying updates... 25%" with a spinner or whatnot during the restart, which I've not seen on a server
I see it literally every time on servers, since the only time I reboot them is when doing updates.
-
@heterodox said in The episode where Microsoft won't tell me what's REALLY going on:
@sloosecannon said in The episode where Microsoft won't tell me what's REALLY going on:
Also your boot time doesn't really matter too much when it takes so long to get through BIOS. Since on my servers it takes like 5 minutes just to get to Windows anyways...
Wow, that's atrocious.
Yeah. Server mobos are trwtf.
-
@sloosecannon said in The episode where Microsoft won't tell me what's REALLY going on:
@heterodox said in The episode where Microsoft won't tell me what's REALLY going on:
@sloosecannon said in The episode where Microsoft won't tell me what's REALLY going on:
Also your boot time doesn't really matter too much when it takes so long to get through BIOS. Since on my servers it takes like 5 minutes just to get to Windows anyways...
Wow, that's atrocious.
Is it better on newer servers? The ones I have access to are... A few years old... But they take absolutely forever to get through all the BIOS/UEFI stuff.
Brand new Supermicro board, takes 30 seconds or so to init the bmc, reboots, 40 seconds for... Something. 10 seconds for drive detection, 20 seconds for onboard network/storage card init,. 30 seconds to reinit, then finally it tries to uefi the bootloader from disk.
-
@TimeBandit said in The episode where Microsoft won't tell me what's REALLY going on:
Insults are the arguments employed by those who are in the wrong.
It's a classical distraction tactic: throw out an emotionally-charged grenade so the audience is too distracted by the flashy explosion to notice that you don't have an actual argument.
IMO it ought to be considered an Internet Law, perhaps a superset of Godwin's Law: the first person to stoop to insults in an argument loses, because he has implicitly conceded that he's got nothing.
-
@anonymous234 said in The episode where Microsoft won't tell me what's REALLY going on:
@heterodox There was also the time when Windows Update stopped working on all new Windows 7 installs, because the update checking algorithm scaled exponentially with the number of available updates (how?!)
-
@RaceProUK said in The episode where Microsoft won't tell me what's REALLY going on:
Your counter-argument to "Windows can do this thing Linux can do" is "Linux can do this thing Windows can do"?
My guess is that because I said Windows could do it, but I didn't explicitly also say Linux could do it in the same post, he assumed that I didn't know Linux could do it and posting that article was some form of trying to call me an idiot.
At least, I can't work out why else he would have posted the link to that article.
-
@heterodox said in The episode where Microsoft won't tell me what's REALLY going on:
That's not a trivial proposition in either Linux or Windows, given they both have monolithic kernels (modular or not).
Maybe; but it's worked in NT since Vista's new driver model.
@heterodox said in The episode where Microsoft won't tell me what's REALLY going on:
but even that's becoming pretty tricky given all the DRM hooks in the kernel,
Wha... wha?
@heterodox said in The episode where Microsoft won't tell me what's REALLY going on:
and for I/O devices it's really not possible without disruption.
Network connections bounce up and down all the time, so it's not really a big deal there. USB devices are all hot-swappable, so it's not huge deal there. We've already talked about GPUs-- what other "I/O" devices do you have in mind?
-
@blakeyrat said in The episode where Microsoft won't tell me what's REALLY going on:
My guess is that because I said Windows could do it, but I didn't explicitly also say Linux could do it in the same post
@blakeyrat said in The episode where Microsoft won't tell me what's REALLY going on:
That's also true on Windows. Windows can also swap-out drivers for most bits of hardware without rebooting as an added bonus.
The bold part is the key.
-
@TimeBandit said in The episode where Microsoft won't tell me what's REALLY going on:
The bold part is the key.
Key to what?
-
@blakeyrat said in The episode where Microsoft won't tell me what's REALLY going on:
Wha... wha?
Talking about the Linux kernel there. I don't know anything about the innards of the Windows kernel except what's publicly documented for driver developers.
@blakeyrat said in The episode where Microsoft won't tell me what's REALLY going on:
Network connections bounce up and down all the time
Um... maybe yours do. Mine don't. In a production environment, network connections "bouncing up and down all the time" would generally be considered bad.
-
The part I don't get is, why do kernel updates require you to close all your programs and shut everything down?
Now, before anyone responds with something like "because the programs are using kernel objects, duh!", hear me out.
- Programs are using kernel objects.
- The kernel knows which objects each program is using. It keeps track of them. We know this because it's documented that all handles are closed upon program termination, no matter how it gets terminated, which means the kernel has to have this information in order to close them.
- If the kernel has a list of which objects each program is using, it can perform a procedure like the following:
- Suspend all programs
- For each program, serialize the list of kernel objects
- Replace the kernel module
- Initialize the kernel module
- For each program, deserialize the list of kernel objects, restoring their original state (or the equivalent, if internals have changed) and hooking them up to the same handle values as before
- Resume all suspended programs
- This would be significantly faster and less disruptive than requiring you to shut down all programs and reboot the system.
- So why doesn't it do that?
-
@blakeyrat said in The episode where Microsoft won't tell me what's REALLY going on:
@TimeBandit said in The episode where Microsoft won't tell me what's REALLY going on:
The bold part is the key.
Key to what?
His heart, of course!
-
@masonwheeler said in The episode where Microsoft won't tell me what's REALLY going on:
(or the equivalent, if internals have changed)
Is that possible?
@masonwheeler said in The episode where Microsoft won't tell me what's REALLY going on:
This would be significantly faster and less disruptive than requiring you to shut down all programs and reboot the system.
Is that true?
-
@masonwheeler said in The episode where Microsoft won't tell me what's REALLY going on:
So why doesn't it do that?
Because serializing I/O and expecting a de-serialization to perfectly restore the initial state is fools errand?
Though, to be fair if your program were written to handle such unexpected events it's not unreasonable for it to have its own state-save mechanism... Slippery slope and all that.
-
@masonwheeler Because in order to "restore their original state", you'd have to write code specific to each source version-target version pair's internals. It's a to releasing an update quickly, and you don't generally want those barriers when you consider the content of most critical/security updates that would impact the kernel.
Also, there are some kernel objects that don't belong to a program. (e.g. in Linux, XSI IPC objects, but I'm sure there are better examples in both Linux and Windows.) Not everything is something to which an application can acquire a handle, there may be new initialization code that can't be run after the system has already started up, you have to consider kernel-mode drivers that can acquire handles to objects, and you can't suspend those because they handle interrupts...
So, basically because writing operating systems is hard. If you think you can do better, you should try it. (And I'm not being sarcastic there, it's a fun learning exercise.)
-
@blakeyrat said in The episode where Microsoft won't tell me what's REALLY going on:
@masonwheeler said in The episode where Microsoft won't tell me what's REALLY going on:
(or the equivalent, if internals have changed)
Is that possible?
If the update does not break API compatibility with the existing program, then yes, it's possible by definition.
-
@masonwheeler said in The episode where Microsoft won't tell me what's REALLY going on:
If the update does not break API compatibility with the existing program, then yes, it's possible by definition.
Right; but what about kernal objects that are held by the application? How does your little upgrade tool know whether the application made a copy of that object into another bit of memory and is planning to restore it before calling into the kernel again? How do you know that the copy's even in the same process? What happens when that copy's retrieved, and used in another kernel call? Can the kernel recognize it's the "old" data structure and upgrade it on-the-fly?
I think you'd have to rewrite both Linux and NT kernels from scratch to implement what you're planning here. Could it be made to work? Possible. Could it be made to work in NT or Linux? I doubt it.
-
@blakeyrat said in The episode where Microsoft won't tell me what's REALLY going on:
Right; but what about kernal objects that are held by the application? How does your little upgrade tool know whether the application made a copy of that object into another bit of memory
I'mma stop you right there. Userspace applications don't get kernel objects, that's why they're called kernel objects. They get handles to the kernel object, and APIs that take the handle as an input parameter.
-
@masonwheeler said in The episode where Microsoft won't tell me what's REALLY going on:
I'mma stop you right there.
Ok.
@masonwheeler said in The episode where Microsoft won't tell me what's REALLY going on:
Userspace applications don't get kernel objects, that's why they're called kernel objects.
Yeah, Windows ain't that clean. There's a lot of shit where you ask the kernel for data structures, which you then store on its behalf, and later pass back in.
Unless you're going to be pedantic and draw a distinction between "the kernel" and "the Win32 API", but the problem is: your theoretical update program can't do that because the shit its updating is written in Win32. Generally-speaking.
Who knows, maybe it'd work in Linux. I doubt it. But I don't know Linux as well. Like what about all those
ioctl()
calls?
-
@masonwheeler said in The episode where Microsoft won't tell me what's REALLY going on:
I'mma stop you right there. Userspace applications don't get kernel objects, that's why they're called kernel objects. They get handles to the kernel object, and APIs that take the handle as an input parameter.
Disregarding the driver interface entirely is a fundamental flaw of your argument.
-
@blakeyrat said in The episode where Microsoft won't tell me what's REALLY going on:
Windows-style locking of files is actually a great solution to this exact problem, if Linux users would pull their head out of their asses and realize it.
I hate when tortoise or whatever locks some file or directory, and I can't delete it until I guess who is locking it. Sometimes a lost cmd.exe that has the directory I want deleted as it's current directory.
-
@heterodox said in The episode where Microsoft won't tell me what's REALLY going on:
Disregarding the driver interface entirely is a fundamental flaw of your argument.
Well if Linus pulled his head out of his fat ass, he'd have a stable driver ABI in the first place. Ironically, that isn't an issue in Windows.
-
@RaceProUK said in The episode where Microsoft won't tell me what's REALLY going on:
@heterodox said in The episode where Microsoft won't tell me what's REALLY going on:
@anonymous234 said in The episode where Microsoft won't tell me what's REALLY going on:
The problem with Windows Update on servers is not really that it requires a restart, it's that the restart takes much longer than a normal one.
Yeah, @Tsaukpaetra brought that up yesterday, I think. I've seen that a lot more on home SKUs than on servers and I'll grant I have no idea what Windows is doing at that point in the process. Maybe pre-installation/post-installation scripts? Why can't they run those asynchronously? Those may be more utilized by updates that aren't applicable to Windows Server, I don't know.
Actually, the reason it takes longer is because a normal shutdown doesn't actually do a full shutdown.
Since Windows 8 (IIRC; may be 7), a normal shutdown shuts down the userspace, but hibernates kernelspace, thus allowing the next boot to be a lot quicker, as it's really a wake from hibernation. However, when rebooting for an update that affects kernelspace, the kernelspace needs to be fully shut down, and that takes longer than hibernating it.
Fast boot is not likely making that much of a difference here.
I always boot with Fast boot disabled because it keeps NTFS partitions in an "unsafe" state so that dual booting to Linux means the latter can't mount those partitions (also, some USB audio driver I use corrupts its state during Fast boot - yay!).
There are times where Windows takes noticeably longer to boot; it always shows the spinner on a blue background and "Please don't turn off your PC while installing updates". It's that part that we're objecting to; likely it's making some kind of snapshot of the system before pushing through with the updates but it always appears to be just sitting there...
-
@blakeyrat said in The episode where Microsoft won't tell me what's REALLY going on:
Well if Linus pulled his head out of his fat ass, he'd have a stable driver ABI in the first place. Ironically, that isn't an issue in Windows.
Mmm, having developed Windows drivers I can't fully agree with you that it isn't an issue, but it's certainly an issue with @masonwheeler's argument that you can suspend everything that uses kernel data structures. Drivers are part of the kernel and can't be suspended (speaking of the majority). Not to mention updates aren't only to data structures but also to initialization routines that by their nature aren't idempotent.
-
@powerlord said in The episode where Microsoft won't tell me what's REALLY going on:
What amused me about that is that Ubuntu, which is based on Debian, has kernel updates nearly every other week. Almost all of them involve local privilege escalations of some sort or another in the kernel or one of its drivers (which, for the uninformed, are shipped with the kernel).
Debian stable uses older, stable stuff. Ubuntu ships newer broken stuff.
-
@JBert said in The episode where Microsoft won't tell me what's REALLY going on:
likely it's making some kind of snapshot of the system before pushing through with the updates
Not likely making a snapshot: it is making a snapshot
-
@heterodox So the point is, neither Windows nor Linux can do it, but there are vastly different reasons they can't. Word.
-
@blakeyrat said in The episode where Microsoft won't tell me what's REALLY going on:
My guess is that because I said Windows could do it, but I didn't explicitly also say Linux could do it in the same post, he assumed that I didn't know Linux could do it and posting that article was some form of trying to call me an idiot.
My guess is that he understood the "added bonus" as something that only windows can do, and we can't let windows win the argument, can we?
-
@wharrgarbl So it's my fault he can't read, I guess? Whatever.
-
@RaceProUK said in The episode where Microsoft won't tell me what's REALLY going on:
Not likely making a snapshot: it is making a snapshot
Hmmm. A VSS snapshot is very fast but it's probably doing something more comprehensive, which would indeed explain it. If a Linux update fails, there are a fair few cases in which you're simply fucked, whereas if a Windows update fails, I haven't seen a system become utterly fucked yet (it's still probably a system you'll want to replace in the near future). Seen both happen.
@blakeyrat said in The episode where Microsoft won't tell me what's REALLY going on:
@heterodox So the point is, neither Windows nor Linux can do it, but there are vastly different reasons they can't. Word.
Kind of and kind of not; the main reason they can't is because the idea's completely simplistic and untenable on its face. Don't think we disagree on that.
-
@masonwheeler said in The episode where Microsoft won't tell me what's REALLY going on:
The part I don't get is, why do kernel updates require you to close all your programs and shut everything down?
There is work in that direction, but it's full of hazard warnings:
WARNING: Use with caution! Kernel crashes, spontaneous reboots, and data loss may occur!
-
@wharrgarbl said in The episode where Microsoft won't tell me what's REALLY going on:
There is work in that direction, but it's full of hazard warnings:
And it still only works for very specific types of updates:
Patches which modify init functions (annotated with __init ) are not supported.
Patches which modify statically allocated data are not supported.
Patches which change the way a function interacts with dynamically allocated data might be safe, or might not. (ed.-- love caveats like that)
Patches which modify functions in vdso are not supported.
Patches which modify functions that are missing a fentry call are not supported.That being said, within its scope it's pretty good; used it last year to patch Dirty Cow before an official update was available.
@wharrgarbl said in The episode where Microsoft won't tell me what's REALLY going on:
Kernel crashes, spontaneous reboots, and data loss may occur!
Well, at least the "spontaneous reboots" part will result in what you should have been doing.
-
@heterodox said in The episode where Microsoft won't tell me what's REALLY going on:
whereas if a Windows update fails, I haven't seen a system become utterly fucked yet
I've had three different machines get stuck in a bootloop somehow during a cumulative update. Reboot, applying update. Reboot, couldn't update, rolling back. Reboot, applying update, etc. Not even a system restore fixed that.
-
@TimeBandit said in The episode where Microsoft won't tell me what's REALLY going on:
@powerlord said in The episode where Microsoft won't tell me what's REALLY going on:
What amused me about that is that Ubuntu, which is based on Debian, has kernel updates nearly every other week. Almost all of them involve local privilege escalations of some sort or another in the kernel or one of its drivers (which, for the uninformed, are shipped with the kernel).
Ubuntu is based on Debian Testing, with some packages from Unstable, and custom patches they write.
No wonder they have to patch the kernel so often
I'm glad you brought up Debian Testing. Here's what you get when you search for "linux-image" on packages.debian.org against testing.
Your keyword was too generic.
Please consider using a longer keyword or more keywords.Limiting it to the amd64 architecture returns the same response.
So, it still brings up the question of how many local privilege escalations are in the kernel Debian Stable is pushing and how long those exist because of how slow Debian is to promote packages to stable.
-
@sloosecannon True, of course, but it does it for other devices as well. I'm thinking of some other occurrences that have happened. Let's just say that I've spent too much time installing Windows on my personal computer. Additionally, I'd like it if the setup would allow you install Windows off of the first device it detects with a Windows installation, not just fail.
-
@powerlord said in The episode where Microsoft won't tell me what's REALLY going on:
So, it still brings up the question of how many local privilege escalations are in the kernel Debian Stable is pushing and how long those exist because of how slow Debian is to promote packages to stable.
Read it yourself
Hint: security fixes are done in a timely manner
-
@Tsaukpaetra said in The episode where Microsoft won't tell me what's REALLY going on:
Though, to be fair if your program were written to handle such unexpected events it's not unreasonable for it to have its own state-save mechanism...
Programs written for mobile devices are encouraged to do exactly that, and it means that restarting a mobile is typically No Big Deal. (They also don't have an expectation of a stable IP address, which limits a bunch of other things that cause problems with restarts.) Larger systems aren't usually written to work that way though, an effect that's even stronger for servers than desktops or laptops.
-
I think the problem is, Time---------Bandit still hasn't discovered the joys of Hurd.
-
@Magus said in The episode where Microsoft won't tell me what's REALLY going on:
still hasn't discovered the joys of Hurd
Turn right at the Fountain of Youth, keep going past the Eidolon, and do a sharp left at the End of the Rainbow.