Perry E. Metzger wrote:
> matthew green <mrg@eterna.com.au> writes:
> >    You mean like, perhaps, a system already on the edge of collapse where
> >    the delays will make the collapse worse, as has already been explained
> >    by others?
> > 
> > so, if fork() is failing how is the system actually going to get the
> > work done it needs to get done anyway?  that's the bit i don't get.
> 
> thttpd would only fork if it tried to run a cgi. Static content could
> still be served without any trouble though. Since thttpd is event
> driven (which is why it kicks apache's ass in terms of performance),
> the pause stops ALL i/o, not just that for the cgi requester. Bad bad
> bad bad bad.

It's perfecetly legit for fork() to block until the child can be
forked. The EAGAIN thing is optional. SUSv3 says:

"""
The [EAGAIN] error exists to warn applications that such a condition
might occur. Whether it occurs or not is not in any practical sense
under the control of the application because the condition is
usually a consequence of the user's use of the system, not of the
application's code. Thus, no application can or should rely upon
its occurrence under any circumstances, nor should the exact
semantics of what concept of "user" is used be of concern to the
application writer. Validation writers should be cognizant of this
limitation.
"""
 
> It is true that you could hack thttpd to avoid this happening, but it
> is only the easiest example of why the idea is bad, it is hardly the
> only one. In general, I don't want my processes to block unless they
> ask to, period -- it screws up everything from userland threads
> packages to all event driven servers.

All event driven servers which fork unbounded number of children,
and depend on the OS limits to force the runaway application to
behave, that is.

If the fork() fails, the app would error out and wouldn't be able
to do anything useful anyway.

My opinion is  that if you frequently bump into your limits during
normal operation, the system is not configured properly.

I don't consider thttpd as valid example. If it's serving CGI (the
only time when it forks, besides directory index), it's trivially
DoSable and thus totally unsuitable for any public server.

More in reply to Bill's mail.

Jaromir
-- 
Jaromir Dolecek <jdolecek@NetBSD.org>            http://www.NetBSD.org/
-=- We should be mindful of the potential goal, but as the tantric    -=-
-=- Buddhist masters say, ``You may notice during meditation that you -=-
-=- sometimes levitate or glow.   Do not let this distract you.''     -=-