Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!swrinde!cs.utexas.edu!ut-emx!ibmchs!auschs!awdprime!testsys.austin.ibm.com!mbrown
From: mbrown@testsys.austin.ibm.com (Mark Brown)
Newsgroups: comp.unix.aix
Subject: Re: malloc (was: making a request to IBM)
Keywords: malloc psalloc paging space
Message-ID: <6644@awdprime.UUCP>
Date: 12 Apr 91 22:55:08 GMT
References: <1991Apr9.024814.1141@appmag.com>
Sender: news@awdprime.UUCP
Reply-To: mbrown@testsys.austin.ibm.com (Mark Brown)
Organization: IBM Austin, TX
Lines: 38

| The problem:  as you all remember,  malloc()  returns  NULL  only
| when the process exceeds its datasize limit.  If malloc returns a
| non-null pointer, the memory  may  turn  out  to  be  exceedingly
| virtual:   there  won't  be any paging space behind it.  AIX runs
| out of paging space when the process actually  uses  the  memory.
| Various  processes  die.   In Info, see `List of Books', `General
| Concepts  and  Procedures',  scroll  ~1/3  down,  `Paging   Space
| Overview'.  See also psmalloc.c in /usr/lpp/bos/samples.  Etc etc
| etc.
| 
| Personally, I think it's a bug.  If  there  is  no  memory  left,
| malloc  should  return  a  NULL.  IBM says it's a feature,  catch
| SIGDANGER if you don't like it.

Yeah, I've heard complaints (and roses) on this one.
The Rationale: Rather than panic the machine, we'd like for it to keep
running as long as possible. Hence, we try to keep running at all costs,
including doing things like this. So, when we do get close to the limit,
we send a warning, than as we go over we start killing the biggest memory
users. (Warning - this processes involved have been overly simplified).

The Idea was to make the machine 'more reliable'. Our research led us
to believe that many processes allocated more memory than actually used in
page space (I think) and we used this knowledge. Understandably, many
UNIX users either a) want the machine to panic, "like UNIX does"; or
b) hate our algorithm for killing jobs. I also think we don't advertise/
document the process involved enough to make it useful to users.

So, do we go back to blowing up processes that allocate too much memory,
even though that memory may actually be there by the time the process
actually uses it? Do we go back to 'panic' when page space fills? There are
reasonable arguments for doing this...


Mark Brown    IBM PSP Austin, TX.     (512) 823-3741   VNET: MBROWN@AUSVMQ
MAIL: mbrown@testsys.austin.ibm.com OR uunet!testsys.austin.ibm.com!mbrown
		Which came first: The Chicken or the Legba?
      DISCLAIMER: Any personal opinions stated here are just that.