MOO-cows Mailing List Archive
Task RAM-usage limits...
So far, most of the discussion of what happens when the MOO runs out of RAM
has been that killing tasks does a lot more damage than shutting down the
MOO and that most tasks are vital to the MOO's operation while panicking the
MOO is just an inconvenience. For MOOs running on very small systems which
run out of RAM regularly, this may be true, but on larger public MOOs,
losing hours worth of data and leaving the server down until someone can
start it up again is usually a very Bad Thing. On most MOOs, it's (almost)
impossible for the MOO to run out of memory under normal use. Well-designed
core tasks vital to the MOO's operation should never run out of memory, so
there's no real danger of them getting killed. The point is that people are
using this panicking behavior to damage MOOs. If any task going over a
certain amount of memory were simply killed, this could not happen. So
while it is possible for important tasks to get killed, I think having a
memory quota for tasks would save a lot more trouble than it would cause.
Not that I'm saying it would be trivial to do, I haven't looked at the code
but I'm sure there's no easy way to trace which verb called the malloc().
Another idea (or maybe someone already suggested this) is just to put a
limit on the total amount of memory that each task can use. Maybe there's a
good way to exempt certain tasks from this?
Well, anyway, I think it would be a Good Thing, despite the chance of an
important task getting killed. Besides, if a task grows so big that the MOO
panics, it doesn't dump that task, right? So it gets killed anyway?
What if, instead of imposing a limit on the total amount of memory a task
could allocate, we just set a limit on the total amount of information one
Var could hold? that would stop people from doing stuff like:
;;a = "--"; while(1) a = strsub(a, "-", a); endwhile *and*
;;this.p = "--"; while(1) this.p = strsub(this.p, "-", this.p); endwhile
But then it would have to be set pretty high to accomidate huge alists and
things, but we'd have the same problem with whole task limits.
Of course this sounds like a pretty big change, so I'm sure Pavel won't be
doing it, but it's something to think about...
Subject Index |