From owner-freebsd-stable@FreeBSD.ORG Wed Dec 15 15:29:20 2010 Return-Path: Delivered-To: stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 789FA1065675 for ; Wed, 15 Dec 2010 15:29:20 +0000 (UTC) (envelope-from mamalos@eng.auth.gr) Received: from vergina.eng.auth.gr (vergina.eng.auth.gr [155.207.18.1]) by mx1.freebsd.org (Postfix) with ESMTP id E21468FC13 for ; Wed, 15 Dec 2010 15:29:19 +0000 (UTC) Received: from mamalacation.ee.auth.gr (mamalacation.ee.auth.gr [155.207.33.29]) by vergina.eng.auth.gr (8.14.3/8.14.3) with ESMTP id oBFFSX7J002157; Wed, 15 Dec 2010 17:28:33 +0200 (EET) (envelope-from mamalos@eng.auth.gr) Message-ID: <4D08DE9C.1060108@eng.auth.gr> Date: Wed, 15 Dec 2010 17:28:28 +0200 From: George Mamalakis User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.2.12) Gecko/20101103 Lightning/1.0b2 Thunderbird/3.1.6 MIME-Version: 1.0 To: Kostik Belousov References: <4D08A0A1.40205@eng.auth.gr> <4D08C61C.4090006@eng.auth.gr> <20101215135143.GY33073@deviant.kiev.zoral.com.ua> In-Reply-To: <20101215135143.GY33073@deviant.kiev.zoral.com.ua> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: stable@freebsd.org Subject: Re: vm.swap_reserved toooooo large? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Dec 2010 15:29:20 -0000 On 15/12/2010 15:51, Kostik Belousov wrote: > On Wed, Dec 15, 2010 at 03:43:56PM +0200, George Mamalakis wrote: >> On 15/12/2010 13:26, Trond Endrest??l wrote: >>> On Wed, 15 Dec 2010 13:04+0200, George Mamalakis wrote: >>> >>>> I was testing a program that would exhaust all my memory (in C++), >>>> and when this would happen, it would call set_new_handler() along >>>> with one of my functions that would inform the user about the lack >>>> of memory and then it would exit the program. Instead, the program >>>> was force-killed by the kernel (signal 9) and I was informed that: >>> If all your process' memory is exhausted, then there is no memory left >>> for the runtime system for doing I/O and the other stuff you want. >>> Next, unless I'm on drugs, maybe you should call set_new_handler() >>> before you actually run out of memory. Just my $0.02. >>> >>> >>> Trond. >>> >>> >>> >>> _______________________________________________ >>> freebsd-stable@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >>> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >> Trond, >> >> My problem was not that the program was force-killed, my problem was >> that the system reserved 500G+ of swap, even though the total size is 4G. > Read tuning(7), in particular, the description of vm.overcommit sysctl. Thank you Kostik, it proves that I was missing something fundamental after all :) On the other hand, what I noticed was that during the process of allocating the huge amount of memory, root processes got killed, which at first seems rational, on the other hand it is a bit strange. My dmesg shows: pid 1732 (npviewer.bin), uid 1001: exited on signal 11 (core dumped) pid 2227 (npviewer.bin), uid 1001: exited on signal 11 (core dumped) swap zone exhausted, increase kern.maxswzone pid 1544 (console-kit-daemon), uid 0, was killed: out of swap space swap zone exhausted, increase kern.maxswzone pid 2864 (memory), uid 1001, was killed: out of swap space swap zone exhausted, increase kern.maxswzone pid 1676 (gconf-helper), uid 1001, was killed: out of swap space where one can see that pid 1544 was killed before 2864, which is the process that caused all this mess. Yes, I know that I should use limits so as not to allow such things to happen, but on the other hand, if a malicious user causes such a situation he/she may gain access to information through core-dumps on root processes, AND cause DoS attacks. If it were for me, I would sort all processes based on their memory consumption, and start by killing those that have the highest value (top-bottom) that are NOT owned by root (just a thought, without thinking about it too much), so as to prevent such situations from happening. No need to answer my questions, they are rhetorical. I assume that there must be some good reason behind this behavior. Thanx again for all the help. -- George Mamalakis IT Officer Electrical and Computer Engineer (Aristotle Un. of Thessaloniki), MSc (Imperial College of London) Department of Electrical and Computer Engineering Faculty of Engineering Aristotle University of Thessaloniki phone number : +30 (2310) 994379