Re: Back to the future.
From: Nigel Cunningham
Date: Fri Apr 27 2007 - 02:34:38 EST
Hi.
On Fri, 2007-04-27 at 09:18 +0300, Pekka J Enberg wrote:
> On Fri, 27 Apr 2007, Nigel Cunningham wrote:
> > COW is a possibility, but I understood (perhaps wrongly) that Linus was
> > thinking of a single syscall or such like to prepare the snapshot. If
> > you're going to start doing things like this, won't that mean you'd then
> > have to update/redo the snapshot or somehow nullify the effect of
> > anything the programs does so that doing it again after the snapshot is
> > restored doesn't cause problems?
>
> No. The snapshot is just that. A snapshot in time. From kernel point of
> view, it doesn't matter one bit what when you did it or if the state has
> changed before you resume. It's up to userspace to make sure the user
> doesn't do real work while the snapshot is being written to disk and
> machine is shut down.
Sorry Pekka, but that's just broken.
It implies firstly that we tell all userspace programs "I'm sorry, but
I'm suspending at the moment. Can you tip toe quietly around while I do
it?" You can't seriously expect every userspace program to be modified
to adjust it's behaviour according to whether we're writing a snapshot
to disk at the moment or not.
It also implies that we can prepare a snapshot and then happily have the
contents of the disk change so that they don't match the superblock and
other filesystem details we just saved in the snapshot. We can't. At
least not without modifying all the filesystems so that (at a minimum)
they know how to throw away all the metadata they have at resume time
and reread it from disk.
> On Fri, 27 Apr 2007, Nigel Cunningham wrote:
> > I was going to leave it at that and press send, but perhaps that
> > wouldn't be wise. I feel I should also ask what you're thinking of as a
> > means of making sure userspace doesn't do much activity.
>
> When the snapshot pages are COW, we will run out of memory if userspace
> writes to those pages too much. If userspace is blocked, say like
> displaying a "we are suspending" in X which blocks the user from using
> other programs that could generate new writes and mounting filesystems
> read-only, we don't need to worry about running out of memory.
This sounds feasible, but it's only really acceptable if your willing to
have hibernation fail or restart multiple times. If your battery is
running out or you need to rush to put a lappy in your bag because they
train just came early, that's not an option. It's for that very reason
that I've put a lot of effort into trying to make it work first time,
every time. Not there yet, but it's a priority.
By the way, sorry. This email feels like it is pouring a lot of cold
water on your ideas. I don't want to be negative!
Regards,
Nigel
Attachment:
signature.asc
Description: This is a digitally signed message part