On Thu, Jun 15, 2006 at 06:07:38PM +0200, Pavel Cahyna wrote:
> Hello,
> 
> thanks for looking at this. I have some comments (but I must admit not
> having enough knowledge about file system internals).
> 
> - PR 32167 describes some issues with snapshots, and not all of them seem
>   to be adressed. For example yamt writes there that VFS_SYNC is not enough 
>   to make the filesystem consistent.

Yes. This one is independent of the other issues.

> > ** The approach described here resolves these issues.  It replaces the
> > "write gates" by "access file system gates".  Goal is to make every system
> > call atomic with regards to file system suspension.  It will do all operations
> > on a file system either before or after a suspension but will never do one part
> > before and another part after the suspension.  Allowing recursion makes it
> > easier to place the gates.  So the advantages are:
> > 
> > - It is semantically well defined.
> > 
> > - It is possible to add a DEBUG option to check it.  Every VOP called on
> 
> Every VOP? This probably does not include VOPs called from VFS_SYNC ?

VOP's from the thread running the suspension and from the syncer are not
checked.  Those from the thread running the suspension are ok and those
from the syncer are checked only for suspended file systems.

> >   a suspending or suspended file system is an error (there are minor
> >   exceptions: syncer and part of pagedaemon).
> 
> Isn't this a contradiction? What if the syncer or the pagedaemon attempt
> to write to a suspended filesystem?

The pagedaemon part can be removed.  The syncer accessing a suspended file
system is catched.

> > void vngate_suspend(void)
> > 
> >   Suspend all gates of this thread.  Must be called before a thread may go to
> >   long (interruptible) sleep.  Further vngate_(enter|leave) calls ar forbidden.
> 
> What does it mean to suspend a gate? That suspension is now temporarily
> allowed?

Yes. The suspension cannot wait for threads to return from a long sleep.
Therefore all gates of this thread are temporarily disabled and get enabled
when the thread returns from long sleep (waiting for a suspension in progress).

> Pavel

-- 
Juergen Hannken-Illjes - hannken@eis.cs.tu-bs.de - TU Braunschweig (Germany)