Re: [PATCH 18/38] C/R: core stuff

From: Andrew Morton
Date: Wed May 27 2009 - 18:41:00 EST

On Thu, 28 May 2009 02:17:53 +0400
Alexey Dobriyan <adobriyan@xxxxxxxxx> wrote:

> > 1) Whether or not allow c/r of sub-container (partial hierarchy)
> >
> > 2) Creation of restarting process hierarchy in kernel or in userspace
> >
> > As for #1, you are the _only_ one who advocates restricting c/r to
> > a full container only. I guess you have your reasons, but I'm unsure
> > what they may be.
> The reason is that checkpointing half-frozen, half-live container is
> essentially equivalent to live container which adds much complexity
> to code fundamentally preventing kernel from taking coherent snapshot.
> In such situations kernel will do its job badly.
> Manpage will be filled with strings like "if $FOO is shared then $BAR is
> not guaranteed".
> What to do if user simply doesn't know if container is bounded?
> Checkpoint and to hell with consequences?
> If two tasks share mm_struct you can't even detect that pages you dump
> aren't filled with garbage meanwhile from second task.
> If two tasks share mm_struct, other task can issue AIO indefinitely
> preventing from taking even coherent filesystem snapshot.
> That's why I raise this issue again to hear from people what they think
> and these people shouldn't be containers and C/R people, because the
> latter already made up their minds.
> This is super-important issue to get right from the beginning.

<pipes up>

yeah, checkpointing a partial hierarchy at this stage sounds like
overreach. Get full-container working usably first, think about
sub-containers in version 2.

<pipes down again>
