From owner-cvs-all  Tue Feb 19 15:39: 7 2002
Delivered-To: cvs-all@freebsd.org
Received: from patrocles.silby.com (d23.as29.nwbl0.wi.voyager.net [169.207.73.23])
	by hub.freebsd.org (Postfix) with ESMTP
	id F0E1E37B404; Tue, 19 Feb 2002 15:38:59 -0800 (PST)
Received: from patrocles.silby.com (localhost [127.0.0.1])
	by patrocles.silby.com (8.12.2/8.12.2) with ESMTP id g1JHgiFY004528;
	Tue, 19 Feb 2002 17:42:44 GMT
	(envelope-from silby@silby.com)
Received: from localhost (silby@localhost)
	by patrocles.silby.com (8.12.2/8.12.2/Submit) with ESMTP id g1JHgf7U004525;
	Tue, 19 Feb 2002 17:42:43 GMT
X-Authentication-Warning: patrocles.silby.com: silby owned process doing -bs
Date: Tue, 19 Feb 2002 17:42:41 +0000 (GMT)
From: Mike Silbersack <silby@silby.com>
To: Sheldon Hearn <sheldonh@starjuice.net>
Cc: cvs-committers@FreeBSD.org, <cvs-all@FreeBSD.org>
Subject: Re: cvs commit: src/sys/kern kern_fork.c 
In-Reply-To: <15675.1014160079@axl.seasidesoftware.co.za>
Message-ID: <20020219173356.S3645-100000@patrocles.silby.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG


On Wed, 20 Feb 2002, Sheldon Hearn wrote:

> On Mon, 18 Feb 2002 19:15:28 PST, Mike Silbersack wrote:
>
> >   Log:
> >   A few misc forkbomb defenses:
> >
> >   - Remove the printing of "proc: table full".  When the table
> >     really is full, this would flood the screen/logs, making
> >     the problem tougher to deal with.
>
> I like the idea that my console won't be filled with crap, but what clue
> will I get now that kern.maxfiles needs to be bumped?
>
> Ciao,
> Sheldon.

This affects maxproc, not maxfiles.  If you are hitting the limit, I
expect that your apps would start complaining.

If ratelimited, those message could certainly be useful.  If I get some
time, I'll look into doing that.  Actually, what would be a good idea is
to have one kernel thread that woke up every few seconds and reported
resource shortages, then the various subsystems which have all these
warning messages could just export their counters, and the "warning
daemon" could print the warnings occasionally.  (The people could get
fancy and add pre-failure diagnostics like "you've been running at 75%
maxproc usage, it's time to up maxusers or add more ram.")

But in the meantime, program logs or top would be the best way to monitor
for that condition.  The non-ratelimited messages were just too much of a
DoS themselves.

Mike "Silby" Silbersack


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message