Inside the Windows Vista Kernel, Part 2

BuR4N writes "Mark Russinovich takes a look at the Windows Kernel and the changes made in Vista. In this second part he describes the workings of the features SuperFetch, ReadyBoost, ReadyBoot, and ReadyDrive and how they improve system performance."

Why 'Ready'?

[gEvil+(beta)]

Why did they choose the 'Ready' prefix for everything? It seems that using 'Hyper' would have actually been a little more descriptive AND cooler sounding. I mean, HyperBoost, HyperBoot, and HyperDrive? Those sound so much better. And I thought these guys were supposedly big into marketing...

Re:Why 'Ready'?

[zappepcs]

Because, damnit! The guy holding the chair kept yelling at them and wanting to know when it will be ready? They changed the name and he put the chair back on the floor!

Re:Why 'Ready'?

[MidVicious]

Well, they Microsoft was gonna go with 'Hyper', but after frequent crashes, one employee, a Star Wars fan, put on a clip from Empire Strikes Back.

"Prepare to make the jump to lightspeed. If Lando's people fixed the HyperDrive."

"Punch it!"

*cough*sputter*cack*hack*pzzzsst*

"That can't be. They told me they fixed it! It's not my fault!"

Re:Why 'Ready'?

[PitaBred]

No seek time. That's the main benefit over a hard drive. If you need lots of data, it's not that great. But if you just need a few bytes, it'll be faster than asking the hard drive. Ask the USB stick for the first few bits of a page, and the hard drive for the rest, and you get the best of both worlds.

At least, that's how I'd design it if I were much of an engineer ;)

Re:Why 'Ready'?

[daeg]

If Hyper was 3 years ago, does that mean HyperCard was ahead of its time?

Re:Why 'Ready'?

[Molt]

Hard disks are faster than Flash RAM for raw transfer speed, but the idea here is to use the Flash to cache small frequently-read files where the hard disk's latency and seek time would be the limiting factor.

Re:Why 'Ready'?

[iluvcapra]

Now if they only had NeverCrash, QuickBoot, HackSafe, SkinnyRAM, and DontNeedAFuckingDirectX9VideoCardToRun ;)

Re:Why 'Ready'?

[Cokeisbomb]

the XP in Windows XP was for eXPerience (http://en.wikipedia.org/wiki/Windows_XP).

Re:Why 'Ready'?

[|Cozmo|]

Actually flash can be a lot faster than 10mb/sec. This one I'm using is nothing special and I just benchmarked it at 21mbytes/sec doing sequential reads and 16.3mb/sec doing sequential writes. While it is still slower than modern SATA disks, that is almost the same speed my old ATAPI drive would get. Running the benchmark only uses about 7% of my cpu. There were some big changes in USB in vista in terms of CPU use.

Re:Why 'Ready'?

[mrchaotica]

"USB 2.0 hi-speed" is 60MB/sec, not 10. Although that's still less than your 80+MB/sec figure, it might be reasonable to assume that it's higher than the sustained transfer speed of the SATA drive. Since ReadyBoost (or whatever) uses memory on the order of hundreds or thousands of megabytes while hard drives have caches on the order of one megabyte, ReadyBoost could still provide a significant speedup for reads larger than 8MB but smaller than 2GB.

Besides, I think the intent is more to have high-speed flash on a fast bus, like on my X60 (which has a SD slot that is not attached through a USB interface, but something else (PCI[e], maybe?) instead. In that case, it conceivably could be faster than the hard drive's burst speed.

Re:Why 'Ready'?

[ratboy666]

So here I sit, thinking about this...

I don't think it would be for frequent writes -- that can kill flash. Especially if there is a fixed area for these writes (unless there is a write spreader thingum in the flash).

Flash does retain information over a power-cycle, and the "seek time" is zero.

I think I would put commonly used small files on the flash that are NOT written very much. Stuff like the old "CONFIG.SYS" of DOS days. Perhaps application relocation information, and resolved load information (seek to HERE and do a BIG READ).

I am trying to figure out what kind of improvement I could get. The load information caching may result in a fairly impressive gain (given the DLL and DLL nesting typically used). Small file caching? It depends on application level behaviour. The OS kernel ITSELF should not benefit from these things, "outer" OS layers (GUI) should benefit slightly.

Re:Is this secure

[atarione]

yeah it is secure

http://blogs.msdn.com/tomarcher/archive/2006/06/02 /615199.aspx

 

Q: Isn't user data on a removable device a security risk?
A: This was one of our first concerns and to mitigate this risk, we use AES-128 to encrypt everything that we write to the device.

Re:ReadyBoost

[Lord+Bitman]

This, combined with H-HDD mentioned later on in the article, seems to cancel themselves out.

Re:ReadyBoost

[atarione]

yeah I saw some ASUS board that had 256MB flash memory onboard for this application (readyboost) reviewed..but I can't remember which model......but I imagine more MB may add this feature as Vista takes off.

Where's the Beef?

[Jerf]

With all these performance-improving things, shouldn't performance actually, you know, be improved?

Many have fallen into the trap of building "intelligent" cache systems that perform worse than the "dumb" cache systems. Remember, every MB of RAM caching an app that you might use is not caching part of the photo that you are editing; caching is subtle work.

So, as I have not used Vista and have no plans to (I'm with Linux), a question: Can anybody tell me that they put Vista on their computer and things are now noticably faster? I've heard from people with the opposite experience, now I'm soliciting evidence that all these Ready* things actually help people.

Re:Where's the Beef?

[Rycross]

Yes, Vista is noticably more performant on my system. However it is a higher end system, and the increase in speed is due to the fact that Vista makes better use of the resources. Its an Athlon X2 system with 2 gigs of ram and an nVidia 7800 GT. Offloading rending to the card, better use of the second processor core, and using more of the RAM to cache applications, I did notice an increase in performance.

Re:Where's the Beef?

[PhrostyMcByte]

I've been using Vista for quite a while now for primarily programming and gaming. "faster" has two areas for me:

1. When using desktop applications- Vista does feel more responsive. This is probably a combination of the I/O optimizations they have done (actual speedup) and the 3d desktop keeping window movements smooth and removing that ugly redraw affect XP has (percieved speedup). Vista also seems to go from cold boot to functional desktop faster. The only OS component which is slower is explorer, because it tries to preview everything (this can be turned off).
2. When gaming, however- Vista is slower. Not by a huge amount, but it is noticable. This is probably because of the 3D drivers using a new API that doesn't seem to give games exclusive access to the card anymore.

I think Microsoft may have unknowingly shot themselves in the foot by making some of the betas public. This made a lot of the "almost-enthusiast, but not really knowledgable" people decide that because the beta had some performance quirks, the RTM must too. And they've been surprisingly loud with it.

Other than some old hardware not having drivers yet, every person I've talked to who has actually ran Vista for a week agreed it is an improvement.

Re:Where's the Beef?

[Tony+Hoyle]

Another data point.

Athlon X2, 2GB RAM, Go 7300. Vista in default configuration runs at about 75% of the speed of XP. Switching the 'Ready' crap off gets it up to about 85-90%.

Power management is unusable - XP 3-3.5 hours, Vista default, 1 hour, Vista with crap off, 2 hours.

Re:Where's the Beef?

[Rycross]

You need a high end system that isn't being totally utilized. I imagine that if I had a single core system with a lesser video card, it wouldn't be as apparent, if at all. Vista only operates smoother on my system because there was a lot of potential there that wasn't being utilized by XP.

I imagine that if I ran solid benchmarks for a single type of task that it would come out less than for XP, but when I multitask my perception is definately that Vista runs smoother.

Re:Where's the Beef?

[wfberg]

With all these performance-improving things, shouldn't performance actually, you know, be improved?

Of course not. That's why they're called SuperFetch, ReadyBoost, ReadyBoot, and ReadyDrive.

My motherboard for example, comes with: BuzzFree, LifePro, PowerPro, SpeedStar, and ActiveArmor. I'm pretty sure all that means is that it, by now, obsolete.

If these features were of any use besides being marketing snakeoil and/or painfully obvious, they'd be called "the hvuk__k() tweak" or "deloop_64" or "-O3" or something.

Re:Where's the Beef?

[benzapp]

Not entirely true. I have a Dell laptop with a Pentium-M 1800 and 1 gig of ram, I also started using a spare 2 gig SD card for ReadyBoost. The machine is faster with Vista than without, although the weak Intel video card disables all the Aero features.

It's not as fast as my main system which is similar to the parent poster, but overall on my two machines, Vista is a significant improvement and I think worth the upgrade price.

Re:Where's the Beef?

[QuietLagoon]

With all these performance-improving things, shouldn't performance actually, you know, be improved?

Yes, it should.

The fact that performance has not improved is the reason behind articles like this in which Microsoft is talking about how great Vista is, when it really is disappointment.

Re:Where's the Beef?

[octopus72]

Gaming problems are probably related to still experimental and less optimised 3D drivers for Vista's new graphic card driver model. 3D drivers for XP by ATI/Nvidia are usually full of nasty hacks, purpose of which is to speed up major gaming benchmarks (3Dmark, Quake, Doom, UT etc.). I guess many of those tricks aren't, well, portable (easily) to a new driver model. Vista can use XP drivers drivers though, but I guess this could work less than optimal.

As DWM shuts down whenever app locks front buffer (and direct3D games do that), I doubt that compositing is a reason why games perform slower. Another possibility is that scheduler classes (described in first part article) might affect CPU performance of games tweaked to run well with XP scheduling (e.g. I experienced hiccups with PES6).

Regarding article(s), I must say I'm not that impressed with amount of changes that got in their kernel since XP (except maybe by new driver framework which is a different story). In many areas mentioned in articles, Linux kernel is leaps and bounds ahead (scheduler,MM,IO-areas which saw huge refinements during 2.6 cycle and are constantly being improved). In others it is on-par (or almost here, like with PM or init mechanism). Exception seems to be Ready* stuff, but this is not really "a next big" thing anyway and seems as something that few decent kernel hackers could implement in a month or two. Also Vista now seems to have better graphic driver model (though DRI is closing the gap) and better userspace driver model (except they don't have FUSE equivalent).

Vista seems quite slow to me

[El+Cubano]

Some friends were visiting last night and they had recently purchased a new HP laptop (1.6 GHz CPU and 1 GB RAM with 80 GB HDD). I was struck by how abysmally slow Vista was. The thing had Vista Home Premium on it. Putting a blank CD entailed a wait of anywhere from 15 to 25 seconds before the stupid dialog came up asking if I wanted to burn something to the blank disc. Connecting to a wireless network was a complete disaster. My wireless network is setup to not broadcast its SSID, so I had to enter the setting manually along with the WPA password. As soon as I was done, the thing would take the dialog away and then not connect. It took me 30 minutes of hunting to find the listing that had the wireless networks I had manually entered in (as opposed to the networks which were broadcasting). To top if off, the system kept prompting to allow things that it really seemed I should not need to be asked. I am seriously not trying to troll here, this is just
my first impression of vista.

Re:Vista seems quite slow to me

[RKThoadan]

You haven't purchased a Dell laptop recently have you. For your average business class Latitude a Core 2 Duo at 1.66 Ghz is the default processor... I just confirmed it. A Latitude D620 (a very mainstream model) has that as it's default CPU. Ghz just doesn't mean much anymore.

Re:Vista seems quite slow to me

[TheRaven64]

Anything would be slow on that laptop (well except for dos or stripped down linux distros). Excuse me? Anything slow on a 1.6GHz machine? What on earth are you smoking? The only things that should come close to taxing a 1GHz or faster x86 chip are:

1. Video editing.
2. Large compile jobs.
3. Some resource-intensive games.

My two backup machines are a 1.5GHz G4 and a 1.2GHz Celeron M, and they are both acceptably fast for 90% of what I do. For the vast majority of users a 1GHz Pentium III is more than adequate. You don't need to run 'dos or a stripped down linux distro,' Windows 2000, XP, or a full *NIX distrubution will be perfectly happy. I have a 500MHz UltraSPARC IIi on my desk, and it has no problems with a full install of Solaris 10, a desktop environment, and a few apps.

You can run DOS or a small *NIX distribution quite happily on a low-end 486 (a 286 lets you run a lot of DOS apps pretty fast). You certainly don't need anything like a 1.6GHz machine.

My pentium M 1.8ghz I bought a year ago runs XP slow Either you have a tiny amount of RAM, or a huge amount of malware. Windows XP was released in 2001. The Pentium M was released in 2004. You are running XP on a CPU two Moore-generations newer than the fastest CPU available at the time of XP's launch.

Improve?

[Anonymous+Daredevil]

This benchmark article shows that SuperFetch and ReadyBoost can help improve app launch times a bit, but mostly only if you have woefully tiny amounts of RAM in your computer.

However, this slew of benchmarks shows Vista to be slower across the board then XP.

bah same old

[tomstdenis]

Anyone remember smartdrv of yesteryear? How about fastopen? :-)

Tom

Inside the kerne;l

[Cally]

You are lost in a twisty maze of APIs, all alike. It is dark. You are likely to be hit on the head by a chair thrown by a Grue.

Re:Inside the kerne;l

[melikamp]

You are lost in a twisty maze of APIs, all alike. It is dark. You are likely to be hit on the head by a chair thrown by a Grue.

look around

You find yourself in a small, low-level module with dark, twisted passages leading to the West, East and South. The module is illuminated by a single dim pixel; it flickers as if it can go out at any moment. There is a shut window in the wall to the North.

open window

As soon as you start opening the window, it makes a screeching system call that sends shivers down your spine. A security exception is summoned.

security exception bites

You die.

Re:Why 'Ready'? - More Absorbed IP

[TaoPhoenix]

Because they swiped it from Commodore. Light Out, MS.

Poke 53280,0
Poke 53281,0

Ready.

Slowing down over time?

[HockeyPuck]

I always notice the greatest improvement in speed is when I reinstall XP, then about 9months later it slows down again. (no it's not spyware, filesystem frag etc..). This slowdown phenom. is well documented in windows cirlces.

Does Vista suffer from this same problem?

Re:Slowing down over time?

[gad_zuki!]

I have found the exact opposite to be true. I hate reinstalling and almost never do. I have installs that are years old that are pretty damn fast. The most obvious culprits are users who install any app they can find, have dozens of system tray icons, dozens of startup objects, dozens of unecessary services, spyware, etc. They complain about 'slowness' then do a reinstall which only removes all this unecessary software and blame MS. I'm more than a little skeptical fo these claims.

Granted, the OS could be doing moer to assist these users, but for the part its just poor user maintenance. Of course, all OS's will develop crust over time, but that doesnt mean a noticable performance drop. My aging system at home, which gets some serious abuse, produces the same FPS in bf2 as someone with a fresh install with the same hardware. It encodes video just as quickly. It feels as reponsive. It runs graphical benchmarks just as well. If windows performance degrades over time than I have some mystical power to be immune from this. Or more likely, the crap most users do to their computer just piles up, they dont bother to examine their systems, do a reinstall, and just bitch about MS.

Inside the Windows Vista Kernel ...

[Anomolous+Cowturd]

... no one can hear you scream.

Inside the Windows Vista kernel...

[BeProf]

#include

int main() {
        uac_alert("You are attempting to initialize variables. Cancel or allow?");
        int i;

        uac_alert("You are attempting to enter a loop. Cancel or allow?");
        for (i = 0; i 100; i++) {
                uac_alert("You are attempting to iterate a loop. Cancel or allow?");
                i++;
        }

        uac_alert("You are attempting to exit program. Cancel or allow?");
        return 0;
}

Re:Inside the Windows Vista kernel...

[Urban+Garlic]

I think it's cool that there's an "i++" in both the loop body and in the for statement, making it be subtly incremented twice per iteration, but I must warn you that posting real Microsoft code on slashdot could get you in trouble.

Re:Is this REALLY secure?

[mpapet]

Instead of just assuming that the AES-128 is the golden key that locks cached data, please consider that their implementation may be lacking.

For example, where are they storing the encryption key? It's certainly on the PC somewhere accessible to all for now.

Security programming is hard, really hard. I don't doubt that Microsoft has very gifted security programmers, but I very much doubt that they were given free reign. Most likely they were forced to implement managerial compromises that, well, compromise the system security.

Also consider the CPU cycles required to do the encrypting/decrypting and that this is just one of MANY tasks the OS is doing with encryption-bound services. Those are just two factors that hardly constitutes speedy/secure anything.

Re:Is this REALLY secure?

[TheRaven64]

For example, where are they storing the encryption key? I would imagine in RAM, in ring-0, so it's lost when you reboot (it's just a cache, so it doesn't matter if it's unrecoverable) and it should be impossible for a userspace process to get at it while the system is running.

Also consider the CPU cycles required to do the encrypting/decrypting and that this is just one of MANY tasks the OS is doing with encryption-bound services. A modern CPU can execute around 300 million instructions per hard disk seek. AES decrypting a block of data is trivial next to that. This is why ZFS adds a SHA hash to every block; it's a tiny overhead on a modern CPU.

Re:"how they improve system performance"

[majortom1981]

Dont blame microsoft. You were the one who bought a vista notebook with only 512 ram.

WTF

[abradsn]

Windows Vista uses the same boot-time prefetching as Windows XP did if the system has less than 512MB of memory, but if the system has 700MB or more of RAM, it uses an in-RAM cache to optimize the boot process.

Okay, so I just wanted to nitpick a sentence here. What happens between 512 and 700. I presume it does the same thing at XP would have. But this sentence is confusing, and perhaps implies that perhaps Ms. PacMan will get launched in this scenario.

Overall though, an interesting series. Kudos to the author.

Re:WTF

[Peter+La+Casse]

Windows Vista uses the same boot-time prefetching as Windows XP did if the system has less than 512MB of memory, but if the system has 700MB or more of RAM, it uses an in-RAM cache to optimize the boot process.

Okay, so I just wanted to nitpick a sentence here. What happens between 512 and 700.

If you have between 512 and 700 MB of memory, Vista tears a rift in the space-time continuum. IMPORTANT: whatever you do, DO NOT install Vista on a computer with between 512 and 700 MB of RAM.

Re:I think I will be ReadyNever

[nmb3000]

Not to mention that nobody had to invoke Godwin during a flamewar between the kernel and shell teams! Hell, do the two teams at Microsoft even have flamewars? If not, how can they possibly communicate?

*Yawn* Let me know when they get some REAL developers over in Redmond.

Re:ReadyBoost

[DigitAl56K]

Flash can survive only so many write operations. Normally it's not a practical limitation, but what happens when the OS is constantly doing rw's for caching?

The last thing I need is to have data corrupted as it moves through a bad flash stick, and is then potentially written back out to the hard drive later.

Where's the room for incremental improvement?

[ivan256]

If they pick the best names the first time around, they won't have any room to innovate new fancy names for these technologies in the next Windows.

Really the title of this article should be "Microsoft Implements Fresh New Names for Existing and Obvious Technology in Vista Kernel."

Re:I think I will be ReadyNever

[rev063]

Yes, you can simply put your swap partition on a flash device as opposed to the hard disk. An experienced Linux user can do this in a few seconds at the command line, and it wouldn't be hard to automate it with a HAL script if anyone thinks it's worthwhile.

That's hardly the same thing. Simply putting the swap file on a flash device is unlikely to be beneficial, and probably harmful. From what I read in the article, the Windows feature selectively uses flash when it would be faster (random access reads) but defers to the disk for block-sequential reads, which would be faster than flash memory. Seems smart to me, and according to them gets you a 20% performance boost, which is nice. It also encrypts the data on the flash drive, so you don't have sensitive info unencrypted on an easily lost or stolen thumbdrive.

Doesn't seem like Linux can do that. I'm not making any judgement on the relative benefits of Windows and Linux here, but the kneejerk fanboy "linux can do that too!" response needed to be addressed.

Re:I think I will be ReadyNever

[drsmithy]

Basically, using flash memory for swap. Linux has been able to do this for a long time.

This is not what ReadyBoost is doing.

Re:Is this secure

[Slashcrap]

That depends on who your neighbor is: a pimple faced, socially awkard, teenager that spends his spare time turning toasters into Linux boxen or a grandmother who can't seem to access voice mail on her new "modular" telephone? Considering that encryption is AES 128, it may be compromised by one of the two types of neighbors.

If you replaced "pimply Linux geek" with "respected crypto analyst with large amounts of computing resources at his disposal", you'd still be just as wrong.

Did you confuse AES128 with 56bit DES or something?

If you do have an example of someone breaking AES128, don't post it - publish it.