hoakley March 28, 2021 Macs, Technology

Last Week on My Mac: macOS at 20, APFS at 4

Last week was brightened up by the comments of some of those who, twenty years ago, delivered Mac OS X to us. A few proved particularly insightful, such as the tweets of @imranchaudhri, who kept a NeXT cube to hand to remind Steve Jobs that “things weren’t as good as he remembered.” Perhaps we should all have kept an old Power Mac around to remind us that previous versions of macOS also weren’t as good as we remember.

One thing I do remember repeatedly is the persistent flakiness of the Mac’s file system. Despite the promise of Mac OS X to protect the operating system from the effects of other software crashing, a lot of effort had to be put into preventing HFS+ from developing serious errors. Yet it wasn’t until Mac OS X 10.2.2 in 2002 that Apple introduced journalling to work around those problems, to a degree. Even then, after any serious crash, the cautious Mac user restarted their Mac to ensure that its file system didn’t slide steadily down the slippery slope to serious faults. Whole products like DiskWarrior were built on this lasting Achilles heel, and some days I seemed to be forever fscking around in Single-User Mode.

Just four years ago yesterday (27 March) – with iOS 10.3 – Apple introduced its replacement, APFS. Since then, this new file system has come to epitomise Apple, its strengths, endearing features, and flaws.

At the time, many Mac users wanted Apple to adopt ZFS, then something of a youthful prodigy. Although for some Mac systems it would have been far superior, Apple recognised that it was far from ideal for its biggest market, mobile consumer devices like the iPhone. In its power and flexibility there were other deep problems too. ZFS isn’t so much a file system as a way of life, a fearsome challenge to package neatly in a way that most Mac users could get the best from.

From its design conception, APFS has been intended for use on SSDs. Although it has long been clear that it will never prosper on rotating hard disks, Apple continued to sell iMacs fitted with internal hard disks until last year, knowing that they shipped with a version of macOS which can’t boot from HFS+.

APFS has many powerful features, few of which are properly documented, making it difficult if not impossible for developers to get the best from them. Perhaps the most glaring example of these are snapshots, which Apple has only recently incorporated into Time Machine backups to allow them to be stored on APFS disks. Their documentation is scant and opaque. For example, here’s an excerpt:
smeop_o
No overview available.
obj_phys_t smeop_o;

But from a developer’s point of view, there’s an even bigger problem with snapshots: Apple. A developer can’t even start writing code to work with snapshots without obtaining an ‘entitlement’ from Apple. That isn’t automatic: according to semi-official accounts, this privilege is “only being granted to backup application developers and only after very close review”. So in order to access features within APFS, developers have to be specially licensed by Apple, who won’t approve anything it doesn’t like. The effect of this is stifling.

Let’s say I want to make some major changes to my Data volume. Before doing so, I want to save a snapshot of that volume, so that in the event that something goes horribly wrong, I can quickly roll back to the state of the volume immediately prior to those changes. Despite having had snapshots in macOS for over three years, I know of no app which does just that. You can use the command tool tmutil, which makes Time Machine snapshots, but once those reach 24 hours of age, Time Machine automatically deletes them, whether or not it created them. There’s no apparent way to alter this behaviour and retain that snapshot for another day or two as the user might wish. That’s all because Apple doesn’t want you to be able to use features which it built into APFS.

My most recent example of Apple controlling what we can do with macOS is in sparse files, another jewel in the crown that is APFS. Although these were introduced to macOS over three years ago, Apple has only recently made it possible for apps to determine whether any given file is stored in sparse format. As you have come to expect, developer documentation is a sparse file in itself.

issparsedoc

As I’ll be explaining here tomorrow morning, what we had presumed were rare exceptions are more common, because the decision as to whether a file is stored in sparse format isn’t under the direct control of apps, but is determined for them by APFS.

Neither is this confined to APFS. Speak to anyone who has been involved in the recent development of security software for macOS about obtaining Apple’s licence to use the EndpointSecurity API, or even create drivers which use DriverKit. Of course there are cogent arguments for wanting to protect Mac users from rogue software, but it demonstrates how little Apple has changed over those twenty years. Isn’t this exactly the opposite of what we all expected when Apple apparently embraced the open?

23Comments

Add yours

1

EcleX on March 28, 2021 at 7:11 am

Many thanks for the great article. Is there an API for APFS? I mean, one that could be used by developers of driver applications like DiskWarrior, TechTool Pro or Drive Genius? Likewise for backup applications like SuperDuper or Carbon Copy Cloner to make bootable backups, etc?

LikeLiked by 1 person
- 2
  
  hoakley on March 28, 2021 at 8:21 am
  
  Thank you.
  There is no coherent API for APFS, neither is there for HFS+. APIs for generally useful file system functions are extensive, but of little or no help to those developing specialist apps. Normally they have to access data within the file system using much lower-level techniques and using C/C++ interfaces defining structures, etc. There are additional higher-level C/C++ calls available, and features which are provided in command tools such as asr.
  Howard.
  
  LikeLiked by 1 person
  - 3
    
    EcleX on March 28, 2021 at 10:38 am
    
    Thanks. I asked because Micromat said this:
    
    APFS support status
    It is important to note as well that Techtool Pro uses a low-level API to test, repair, rebuild, and defragment Mac OS Extended volumes. No such API yet exists for APFS, and it is unclear if Apple will make one available.
    https://www.micromat.com/support/knowledge-base/techtool-pro-13-knowledge-base/apfs-support-status-13
    
    LikeLiked by 1 person
    - 4
      
      hoakley on March 28, 2021 at 11:38 am
      
      Thank you. It’s not as simple as that says. If you want to read Apple’s definitive documentation for HFS+, that too doesn’t provide any API for tasks such as defragmentation.
      However, I think I can answer the question as to whether defragmentation is ever going to help running APFS on rotating hard disks: no. The big problem is that defragmenting the data on the disk isn’t difficult, but isn’t the root of the problem. The root lies in the fragmentation which occurs in the most active data on disk, the file system metadata. You can have a perfectly defragged hard disk working sweetly, but every change that’s made to the file system metadata fragments that. This is because APFS is designed for SSDs, and in more than four years trying to improve its performance on rotating hard disks, little progress has been made. It’s a design feature, I’m afraid, and not going to go away even if you defragment the data every day.
      Howard.
      
      LikeLike
  - 5
    
    EcleX on March 28, 2021 at 11:51 am
    
    Thanks. I was asking mainly for the repair and mostly for the directory-rebuilding feature.
    
    LikeLiked by 1 person
    - 6
      
      hoakley on March 28, 2021 at 12:40 pm
      
      Why on earth would you want to rebuild directories in APFS?
      If there’s damage to or a problem in the file system, then you need to check and repair it using Disk Utility or the tool it calls, fsck_apfs. Given that the latter has been maturing over about 5 years and is written (I believe) by the same team that has implemented AFPS, I think it will be a very long time before any third-party tool can match its performance.
      And as far as I can see there’s nothing in the HFS+ docs about any API to rebuild directories in HFS+ either.
      Howard.
      
      LikeLike
  - 7
    
    EcleX on March 28, 2021 at 5:21 pm
    
    There is an API for HFS+ that developers working on disk utilities can obtain from Apple. On the other hand, it is better to rebuild the disk directory from scratch than to repair it, since the latter may generate even more damage if the directory is severely damaged. That has been the critical patented advantage of DiskWarrior for HFS+ over the years that no other utility (including Apple’s Disk Utility) had. Maybe Rusty Little (Alsoft/DiskWarrior Project Manager) could comment here about it, as he has done in the past.
    
    LikeLiked by 1 person
    - 8
      
      hoakley on March 28, 2021 at 7:27 pm
      
      Thank you.
      When you refer to an API, do you mean headers or a private framework? Presumably, this is only released under an NDA?
      You write that “it is better to rebuild the disk directory from scratch than to repair it”. Is that about HFS+ or APFS, or a universal rule? I’d love to know how you could build this in APFS, for example. Presumably you’re talking about the directory B-tree? Or something else? Does fsck_apfs not contain a heuristic to make such decisions, or don’t Apple file system engineers know this rule?
      Finally, I know well DiskWarrior’s abilities to address the shortcomings of HFS+. What shortcomings are there in APFS which it would address?
      Howard.
      
      LikeLike
  - 9
    
    EcleX on March 28, 2021 at 8:14 pm
    
    Thanks. I meant what Micromat said (above), which I understand is an Application Programming Interface to allow developers to build applications to fix disk issues. In this case, it is released by Apple to specific developers only and under NDA.
    
    On the other hand, rebuilding the disk directory is better than repairing, it as explained here:
    
    DiskWarrior in Depth
    DiskWarrior resolves existing disk damage by rebuilding your disk directory using data recovered from the original directory, thereby recovering files and folders that you thought were lost.
    …/…
    DiskWarrior is not a disk repair program in the conventional sense.
    …/…
    Other products attempt to repair your directory one step at a time, ignoring the big picture of what is truly wrong with your directory, and risking file information that could be saved. Too often, they will incorrectly begin to “repair” your directory, and then give up when they realize that they have modified the directory to an irreparable state.
    Source: https://www.alsoft.com/in-depth
    
    Problems in APFS disks do arise that Disk Utility cannot fix. There is where a third-party utility is needed. You can find examples (many of then in the Apple Developer Forums) searching Google for
    How to fix APFS corruption
    
    LikeLiked by 1 person
    - 10
      
      hoakley on March 28, 2021 at 8:48 pm
      
      Thank you. We’re going round in circles yet again, but…
      1. What Micromat wrote was “Techtool Pro uses a low-level API”. That’s exactly what I referred to above when I wrote “Normally they have to access data within the file system using much lower-level techniques and using C/C++ interfaces defining structures, etc.” Micromat doesn’t refer to anything released under NDA, or specifically to selected developers, nor could it, of course. It’s a matter of common knowledge that Apple hasn’t released full documentation for APFS, as I wrote above. The header file etc. information provided in the current reference is disparate and incomplete. And that appears to be a common problem which that note complains of too. These aren’t just for developers to build apps to fix disk issues, but cover a lot of other info such as which are sparse files, and which are clones. The latter is a particular problem with APFS, and the current reference manual doesn’t cover that important aspect.
      2. You refer specifically to DiskWarrior, which an app which is built for HFS+, which is a completely different file system. You can’t draw conclusions about what APFS may or may not need from HFS+. I have tried to explain this to you repeatedly. APFS was designed from scratch as a ‘modern’ file system. Which other modern file systems need 3rd party utilities to rebuild their directories?
      3. Every file system can undergo damage which is irreparable. However, APFS like other modern file systems incorporates features which are specifically designed to prevent this, and to make salvage or repair more successful. Your conclusion that a third-party utility would do any better is wholly unjustified. I think that Apple’s APFS team have deeper knowledge and understanding, and vastly greater experience, of APFS and how to repair it than anyone else on the planet. Or do you think someone else does? If they do, where’s their repair utility, then? Until we see that a 3rd party utility can deliver something better, I’m not going to bank on that ever happening. Indeed, the last time that I looked at 3rd party HFS+ repair tools, I discovered that several were no more than friendly front-ends to fsck_hfs, admitting that they couldn’t do any better!
      4. You appear obsessed with a need for a tool to rebuild APFS directories, which in my long and extensive experience with the file system is exceedingly rare now. Do you also routinely rebuild the engine in your car whenever it needs a service? Because that’s what you are advocating in the file system.
      5. I think you’ve already agreed that the most common situation for HFS+ directories to get into trouble is on backup disks. Do you understand that, when you back up to APFS, that isn’t a problem, because of the file system structure on the backup volume? The backup volume doesn’t accrue millions of files and hard links in the way that it has to in HFS+, and its file system is actually very small and changes just once an hour. The chances of acquiring errors are therefore remote to say the least. With TMA, gone are the days of frequent disk errors on the backup store.
      Howard.
      
      LikeLike
11

hhanche on March 28, 2021 at 8:52 am

FWIW, it seems that you can stop Time Machine from deleting an old snapshot merely by mounting it with mount_apfs -s …

The mount does not survive a reboot, though, unless you take extra steps. I haven’t tried that.

LikeLiked by 1 person
- 12
  
  hoakley on March 28, 2021 at 11:30 am
  
  Thank you – yes, if you keep a snapshot mounted, it can’t be deleted.
  But doesn’t this just reflect how we’ve had to develop workarounds (which in themselves are counter-productive) in order to do what we need with the riches which are locked away in macOS? Wouldn’t you have thought that a corporation which invested in developing these wonderful features would be encouraging their use, rather than stifling it?
  Howard.
  
  LikeLiked by 1 person
  - 13
    
    hhanche on March 29, 2021 at 2:47 pm
    
    Yes, and yes. For instance, if I have excempted an APFS volume from being backed up by Time Machine, I can’t create any snapshots on it either. I find it silly and infuriating. I suspect, though, that the restrictions exist so that people won’t find themselves running out of disk space due to snapshots whose existence they may not even know about, or have forgotten they created in the first place.
    
    LikeLiked by 1 person
14

Maciej on March 28, 2021 at 3:30 pm

“Apple continued to sell iMacs fitted with internal hard disks until last year (…)”
Apple to this day sells 21.5-inch iMacs with an option of replacing 256 GB SSD with Fusion Drive. I bet that using Big Sur on a machine with 32 GB SSD and 1 TB 5400 RPM HDD must be a really “nice” experience.

LikeLiked by 1 person
- 15
  
  hoakley on March 28, 2021 at 7:17 pm
  
  Thank you. Yes, although because of its SSD, that option seems to be more successful with APFS than the hard disk only version which they were still selling last year.
  Howard.
  
  LikeLike
16

almeath on March 29, 2021 at 12:48 am

I won’t miss HFS+ when I finally get around to converting my several mechanical 2TB encrypted backup disks. Although I routinely ran Disk Warrior on them, I recently lost about 80% of the (non-essential) data on one of them after attempting to defragment the drive. That ended up corrupting a large portion of the files and I discovered the problem too late for a DiskWarrior rebuild to help.. the various images and archives had been thoroughly corrupted. Although the disk is mechanical I understand that a defragment would likewise not be required with APFS. I am still not entirely sure if the new format will lead to excessive disk wear and fragmentation that will noticeably affect performance. PS, you have a typo in paragraph 3, it should read 10.13.

LikeLiked by 1 person
- 17
  
  almeath on March 29, 2021 at 1:57 am
  
  Sorry, my mistake, you did not make a typo, I was reading it too fast and forgot that iOS brought out APFS first, before it was later introduced in macOS.
  
  LikeLiked by 1 person
  - 18
    
    hoakley on March 29, 2021 at 8:00 am
    
    No problems. I always welcome eagle eyes.
    Howard.
    
    LikeLike
- 19
  
  hoakley on March 29, 2021 at 7:56 am
  
  Ouch!
  As far as anyone knows, it isn’t possible to defragment a disk with APFS. In any case, it’s not the file data which is most at need, but the file system metadata.
  One fundamental difference between APFS and HFS+ backups is that APFS doesn’t throw them all into the same file system, but hives off each backup into its own snapshot, which has its own file system which is read-only. So the volume directory data for the backup volume remains small and relatively inactive. This should greatly improve reliability, especially in conjunction with all the other features such as copy-on-write and checksums in the metadata.
  Howard.
  
  LikeLike
20

wowfunhappy on March 29, 2021 at 1:52 am

> ZFS isn’t so much a file system as a way of life, a fearsome challenge to package neatly in a way that most Mac users could get the best from.

Eh, I don’t know about that. I’m using the third-party openzfsonosx.org on my Mac, and as far as I’m concerned it works beautifully. I don’t actively notice it’s there.

It does take a small amount of work in the Terminal to set up, but I don’t think an official implementation would need more than a small amount of Apple magic.

It wouldn’t make much sense on an iPhone though, so I can understand why Apple went with APFS.

LikeLiked by 1 person
- 21
  
  hoakley on March 29, 2021 at 8:00 am
  
  Thank you.
  I stand by what I have written: for the wide range of uses to which Macs are applied, ZFS would be a serious challenge to package into simple GUI apps without forcing many users to administer it from the command line. Even its basic concepts are a struggle with most Mac users. How long is that official ZFS manual now?
  Howard.
  
  LikeLike
22

Sebby on March 29, 2021 at 9:39 am

As a general observation, I am no happier with snake oil appearing in the macOS ecosystem any more than I am in any other, and in particular the Windows ecosystem. The Mac isn’t immune to snake-oil salesmen. Third-party tools can only do things differently if they have special insider knowledge and with APFS that’s basically nil. JHFS+ has been documented for decades and was simple enough and fragile enough (yes, even when journaled) that there was scope (though much less than often thought, IMO) for added value. I just think people should engage their faculties when considering alternatives and ask themselves whether the OS vendor really isn’t the better steward of such software.

LikeLiked by 1 person
- 23
  
  hoakley on March 29, 2021 at 10:16 pm
  
  Thank you. My thoughts exactly.
  Howard.
  
  LikeLike