On 12/17/19 3:16 PM, Mina Almasry wrote:
The design we went with based on previous discussions is as follows: hugetlb pages faulted without a prior reservation get accounted at fault time, rather than reservation time, and if the fault causes the counter to cross the limit, the charge fails, hence the fault fails, hence the process gets sigbus'd.
Ok, sorry I did not recall the design discussion.
No worries! It has indeed been a while since that discussion.
This means that one counter I'm adding here can cover both use cases: if the userspace uses MAP_NORESERVE, then their memory is accounted at fault time and they may get sigbus'd.
Let's make sure this is clearly documented. Someone could be surprised if their application not using reserves gets a SIGBUS because there is a reserve limit.
I have some stuff on that already in the docs patch, but I'll beef that section up to ensure there is no confusion.