Skip to content

Question: why MAP_PRIVATE for first BRANCH instead of userfaultfd for everything? #257

Description

@Bug-Keeper

Reading the design — MAP_PRIVATE mmap of memory.bin as the CoW primitive, then optionally userfaultfd (v0.3 scaffolding per docs/design/userfaultfd.md) for live branching. The current code lands on MemoryBackend::File as default and MemoryBackend::Userfault is bail-only (crates/forkd-vmm/src/lib.rs:1035-1040).

Two related questions for the design discussion:

  1. What's holding you back from defaulting Userfault for spawn, not just BRANCH? The prewarm flag (prewarm_scratch_dir) is explicitly there to compensate for the cold-cache penalty of MAP_PRIVATE — which userfaultfd dodges entirely because pages are served on demand. If the handler is implemented, would there be any reason to keep File as the default at all?

  2. Why a per-child uffd handler socket rather than a daemon-wide one? The Userfault { handler_sock: PathBuf } shape in MemoryBackend (lib.rs:284-289) implies one socket per child. A single handler with a routing layer could amortize the metadata bookkeeping across all children of a tag — particularly relevant for the 100-children fanout numbers in the README. I'd expect the design doc to address this trade-off but couldn't find it.

I'm asking because I'm thinking about contributing to the uffd path for v0.3 and want to make sure I don't go in the wrong direction.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions