> >So I think that this architecture:
> >
> > (1) can be made to work today in user space
> > (2) keeps all the complicated rules in user space
> > (3) enables logging with logging mechanisms in user space
> > (4) with a simple mechanism-only kernel patch, this architecture
> > can run about as fast as any possible solution that keeps
> > the complicated rules in user space
>
> It takes two switch context for every trapped system called, isn't it ?
> That would be tooooo slow. Especialy at multiprocessor system.
> For example if you have N processors & N threads then every thread/processor
> have to wait one thread-monitor on 1 processor. Not good.
Who said you have only one thread-monitor? Fork ten of them if you
care!
I did try it, and results are 10x slowdown for cat doing read from
cache, and only cpu being hogged but no slowdown for cat going from
disk. And if you take a look at janus, you'll see that by masking
which syscalls are interesting and which are not you can get overhead
down to lost_in_noise..10%.
Pavel
-- I'm really pavel@ucw.cz. Look at http://195.113.31.123/~pavel. Pavel Hi! I'm a .signature virus! Copy me into your ~/.signature, please!- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/