[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <5642142F.2090302@gmail.com>
Date: Tue, 10 Nov 2015 10:58:39 -0500
From: Austin S Hemmelgarn <ahferroin7@...il.com>
To: Aleksa Sarai <cyphar@...har.com>, Max Kellermann <mk@...all.com>
Cc: Tejun Heo <tj@...nel.org>, cgroups@...r.kernel.org,
lizefan@...wei.com, Johannes Weiner <hannes@...xchg.org>,
max@...mpel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] cgroup_pids: add fork limit
On 2015-11-10 10:25, Aleksa Sarai wrote:
> Processes don't "use up resources" after they've died and been freed
> (which is dealt with inside PIDs). Yes, lots of small processes that
> die quickly could (in principle) make hard work for the scheduler, but
> I don't see how "time spent scheduling in general" is a resource...
> Fork bombs aren't bad because they cause a lot of fork()s, they're bad
> because the *create a bunch of processes that use up memory*, which
> happens because they call fork() a bunch of times and **don't
> exit()**.
While I'm indifferent about the patch, I would like to point out that
fork-bombs are also bad because they eat _a lot_ of processor time, and
I've seen ones designed to bring a system to it's knees just by
saturating the processor with calls to fork() (which is as slow as or
slower than stat() on many commodity systems, setting up the various
structures for a new process is an expensive operation) and clogging up
the scheduler. This isn't as evident of course when you run a fork-bomb
on a laptop or similar system, because you run out of memory and PID's
before the latency from scheduling and so many processes calling fork
really starts to become noticeable, but when you start to look at really
big systems (on the order of hundreds of GB of RAM), it does become much
more noticeable.
Download attachment "smime.p7s" of type "application/pkcs7-signature" (3019 bytes)
Powered by blists - more mailing lists