as someone mentioned, a dedicated real or virtual term (9vx, rpi+9pi) is the right option. is there a reason this might not work for your environment? as for system watchdog, usually an external subsystem is used. i wonder if a cpu (e.g. 9pi) dedicated to monitoring the main cpu's /proc (and perhaps /net) for "abnormal activity" (whatever that is) and killing suspicious procs could work. On Wed Jan 28 2015 at 6:54:01 AM wrote: > > the reason is that each process can have up to 16mb of stack, and this > is unaccounted. > > thus the stack or (seg)?brk can commit to memory that will fault when > you touch it. > > It's a vague recollection, but the fact that the stack is being > overcommitted rings a bell. Thanks, Erik. > > Lucio. > > >