From owner-freebsd-hackers Tue Apr 28 13:06:22 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA21252 for freebsd-hackers-outgoing; Tue, 28 Apr 1998 13:06:22 -0700 (PDT) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from mail.virginia.edu (mail.Virginia.EDU [128.143.2.9]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id NAA21236 for ; Tue, 28 Apr 1998 13:06:10 -0700 (PDT) (envelope-from atf3r@cs.virginia.edu) Received: from ares.cs.virginia.edu by mail.virginia.edu id aa19691; 28 Apr 98 16:04 EDT Received: from mamba.cs.Virginia.EDU (mamba-fo.cs.Virginia.EDU [128.143.136.18]) by ares.cs.Virginia.EDU (8.8.5/8.8.5) with ESMTP id QAA11436; Tue, 28 Apr 1998 16:03:55 -0400 (EDT) Received: from localhost (atf3r@localhost) by mamba.cs.Virginia.EDU (8.7.5/8.7.3) with SMTP id QAA13701; Tue, 28 Apr 1998 16:03:54 -0400 (EDT) X-Authentication-Warning: mamba.cs.Virginia.EDU: atf3r owned process doing -bs Date: Tue, 28 Apr 1998 16:03:54 -0400 (EDT) From: "Adrian T. Filipi-Martin" Reply-To: Adrian Filipi-Martin To: Garance A Drosihn cc: freebsd-hackers@FreeBSD.ORG Subject: Re: SIGDANGER In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 28 Apr 1998, Garance A Drosihn wrote: > If you have a system which does overallocate, you're going to randomly > pick processes to kill. Or maybe the system will even make a pretty > good guess at what to kill. That is a true statement with or without > SIGDANGER. The question is, will there be any way for some critical > process (system daemons, the X-server, whatever) to tell the system > "No, don't kill me, try to kill someone else first!". > > The example you give isn't particularly interesting, as I (as a system > administrator) don't really care if any or all of those pittly little > processes ( :-) ) get killed. I may, however, be very unhappy if sshd > or the main lpd process gets killed just because they *happen* to be > the process which requests memory at the wrong time while you're running > that "danger.c" program. Ok. I'll buy that. My concearn is that every process of "interest" will need to have a SIGDANGER handler added. Just because my shell didn't have a handler, doesn't mean I want it killed off. I see that presently there is no security in the present situation and that it may get killed off anyway. If a default handler for SIGDANGER were provided that prevented a process form being killed on the first SIGDANGER and instead flushed any freed memory in the malloc free lists, and then only on the second reception of SIGDANGER tried to exit, I would feel more comfortable. A second chance handler like this seems reasonable as it may free up some resources without killing too many processes needlessly. Adrian -- adrian@virginia.edu ---->>>>| If I were stranded on a desert island, and System Administrator --->>>| I could only have one OS for my computer, Neurosurgical Visualization Lab ->>| it would be FreeBSD. Think about it..... http://www.nvl.virginia.edu/ ->| http://www.freebsd.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message