Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933576Ab1CXKwd (ORCPT ); Thu, 24 Mar 2011 06:52:33 -0400 Received: from mail-iw0-f174.google.com ([209.85.214.174]:46709 "EHLO mail-iw0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751465Ab1CXKwb (ORCPT ); Thu, 24 Mar 2011 06:52:31 -0400 DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; b=vK20C/bJHwpeotKFpQ0BzvhNhW4KwfSvlJ8PJSodaa7baJLqgWNv3fIsIXHh0eNJs6 3gMAuG7a3LEMQnnUn00su3lnOId70TgFxNakc5wzvzmwt8le2XDG1KsCM4dpWm2wIjvw c28HiVxOd3wb1qJLvJa2s8JZnQxj6u2lOzeP4= Date: Thu, 24 Mar 2011 19:52:22 +0900 From: Minchan Kim To: KAMEZAWA Hiroyuki Cc: "linux-mm@kvack.org" , "linux-kernel@vger.kernel.org" , "rientjes@google.com" , Andrey Vagin , KOSAKI Motohiro , Hugh Dickins , Johannes Weiner , Rik van Riel Subject: Re: [PATCH 0/4] forkbomb killer Message-ID: <20110324105222.GA2625@barrios-desktop> References: <20110324182240.5fe56de2.kamezawa.hiroyu@jp.fujitsu.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20110324182240.5fe56de2.kamezawa.hiroyu@jp.fujitsu.com> User-Agent: Mutt/1.5.20 (2009-06-14) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 3276 Lines: 79 Hi Kame, On Thu, Mar 24, 2011 at 06:22:40PM +0900, KAMEZAWA Hiroyuki wrote: > > Cleaned up and fixed unclear logics. and removed RFC. > Maybe this version is easy to be read. > > > When we see forkbomb, it tends can be a fatal one. > > When A user makes a forkbomb (and sometimes reaches ulimit.... > In this case, > - If the system is not in OOM, the admin may be able to kill all threads by > hand..but forkbomb may be faster than pkill() by admin. > - If the system is in OOM, the admin needs to reboot system. > OOM killer is slow than forkbomb. > > So, I think forkbomb killer is appreciated. It's better than reboot. > > At implementing forkbomb killer, one of difficult case is like this > > # forkbomb(){ forkbomb|forkbomb & } ; forkbomb > > With this, parent tasks will exit() before the system goes under OOM. > So, it's difficult to know the whole image of forkbomb. > > This patch introduce a subsystem to track mm's history and records it > even after the task exit. (It will be flushed periodically.) > > I tested with several forkbomb cases and this patch seems work fine. > > Maybe some more 'heuristics' can be added....but I think this simple > one works enough. Any comments are welcome. Sorry for the late review. Recently I dont' have enough time to review patches. Even I didn't start to review this series but I want to review this series. It's one of my interest features. :) But before digging in code, I would like to make a consensus to others to need this feature. Let's Cc others. What I think is that about "cost(frequent case) VS effectiveness(very rare case)" as you expected. :) 1. At least, I don't meet any fork-bomb case for a few years. My primary linux usage is just desktop and developement enviroment, NOT server. Only thing I have seen is just ltp or intentional fork-bomb test like hackbench. AFAIR, ltp case was fixed a few years ago. Although it happens suddenly, reboot in desktop isn't critical as much as server's one. 2. I don't know server enviroment but I think applications executing on server are selected by admin carefully. So virus program like fork-bomb is unlikely in there. (Maybe I am wrong. You know than me). If some normal program becomes fork-bomb unexpectedly, it's critical. Admin should select application with much testing very carefully. But I don't know the reality. :( Of course, although he did such efforts, he could meet OOM hang situation. In the case, he can't avoid rebooting. Sad. But for helping him, should we pay cost in normal situation?(Again said, I didn't start looking at your code so I can't expect the cost but at least it's more than as-is). It could help developing many virus program and to make careless admins. It's just my private opinion. I don't have enough experience so I hope listen other's opinions about generic fork-bomb killer, not memcg. I don't intend to ignore your effort but justify your and my effort rightly. Thanks for your effort, Kame. :) -- Kind regards, Minchan Kim -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/