Workspace overflow handling

Poul-Henning Kamp phk at
Mon Feb 9 22:25:56 CET 2015

In message <CABtDKm7X7niJvLYYSAnOMgZGM_eoZdNq7b6tNejRd2N8ermM=A at>
, Dridi Boukelmoune writes:

>I know this is half off-topic, but on top of not panicking on memory
>exhaustion, I thought we could also "panic" a single thread when it's a
>worker (regardless of the issue) when we can't serve a 5xx response.

It's a workable solution when you have memory protection between
your threads (which is, if you think about it, basically why it
works for UNIX kernels to coredump processes.

But for threads in the same address space, using non-isolated means
of intercommunication (ie: userland mtx/condvar with kernel assist)
as opposed to kernel mediated means of intercommunication, it
invariably becomes hairy, bugprone and full of races.

Thus I'm not very thrilled about this idea.

>The current assert system is a bit too unforgiving for many cases.

I fully agree, but still preferable to running with inconsistent
data structures.

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

More information about the varnish-dev mailing list