From nobody Wed Jan 12 21:42:18 2022 X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id B21401940E4D for ; Wed, 12 Jan 2022 21:42:27 +0000 (UTC) (envelope-from ralph41096@protonmail.com) Received: from mail-4319.protonmail.ch (mail-4319.protonmail.ch [185.70.43.19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "protonmail.com", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JZ1Hl32p4z4ttF for ; Wed, 12 Jan 2022 21:42:27 +0000 (UTC) (envelope-from ralph41096@protonmail.com) Date: Wed, 12 Jan 2022 21:42:18 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail2; t=1642023739; bh=mj5NF5u02UhjoRgfauPojzz8EkmGnlUHehypWqBPKlU=; h=Date:To:From:Cc:Reply-To:Subject:Message-ID:In-Reply-To: References:From:To:Cc; b=bpjOgSxJV0bRe8L8FjEmF+Er3tLjGPMJO+KlWra1Cf0hoH2ZZMaRMaOcTtH8OgrQQ 1nORzd/c3H2+K4rldNooVBzCyvd2MOp5USFctapJDZexzGg0vMAztw8WNrqTghvyUW QEKioc9dyUzJa+M2vvkfqeaYhvvWUg24kLKD1N8sigVDcm4NelVvAqSwX4Hrwfo5/q UeAbAruRvbSO3uqvwq4LBIzNCRaURQTxeSIPOdx1/mkOilGM6MUGRtdSIR4sqXkT+9 So8DgG2Ww1NB3IpMUdymBM6Qm0xURvvx50xC22NFLUvIShYTkowY7zBVw7sQz8hoRx AUBN8+QS7mjwg== To: Peter Jeremy From: Ambert Cc: "freebsd-hackers@freebsd.org" Reply-To: Ambert Subject: Re: Out-of-swap killer and SIGTERM signal Message-ID: In-Reply-To: References: List-Id: Technical discussions relating to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-hackers List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-hackers@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-0.7 required=10.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_ENVFROM_END_DIGIT, FREEMAIL_FROM,FREEMAIL_REPLYTO_END_DIGIT shortcircuit=no autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mailout.protonmail.ch X-Rspamd-Queue-Id: 4JZ1Hl32p4z4ttF X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-ThisMailContainsUnwantedMimeParts: N On 2022-01-12, Peter Jeremy wrote: > There have been lots of discussions about this in the past, starting > in about 1998, (though I agree that it's been about 4 years since the > last discussion). I suggest you search for "freebsd+sigdanger" for > previous discussions. Thank you for the keyword. After a search, I find that the previous threads containing the keyword "sigdanger" discuss extensively two subjects: 1) How to exclude a process from the reach of the OOM killer. And how to ask the OOM killer to kill a given process first. 2) How to provide feedback about memory usage to processes, to give them a hint that they should reduce their memory footprint, if possible. This feedback can be a signal sent to all processes, or system-wide flags readable by any process who cares about a potential memory shortage. Those two subjects are interesting, but I am talking about something else. My suggestion is almost never mentionned in previous threads. When it is mentionned [1] [2], there is no objection whatsoever, from anyone. There is not even a comment about it. Sending SIGTERM a few seconds before SIGKILL is useful because it allows a condemned process to exit gracefully, just like it would during a shutdown(8). And it is simple to implement. There is no need to change the algorithm selecting condemned processes, and there is no need to change a single line of code in userland. For the administrator, only two tasks require extra work: - set up a little bit of extra swap during the installation of FreeBSD - set a couple of sysctl values: the duration of the grace period (vm.grace_period =3D zero milliseconds by default), and the amount of extra swap that will not be usable normally (vm.grace_space =3D zero bytes by default) Excerpt from a historical thread: On 1998-04-27, Jordan K. Hubbard wrote: > All the SIGDANGER (Will Robinson) signal is meant to do is give a > process a little _warning_ before it's chosen as the designated > sacrifice for the evening and terminated in an untimely fashion. > > I don't think the question here is "is this a good idea" - it's a > perfectly reasonable idea and one which has been proposed before. > The question here is really "what are the proposed semantics of > this mechanism?", e.g. how long do you wait from the time you > SIGDANGER the process and actually shoot it down, and what > happens if you're also critically short of resources and don't > have much time to wait? [1] https://docs.freebsd.org/cgi/getmsg.cgi?fetch=3D209768+0+archive/1998/freeb= sd-hackers/19980426.freebsd-hackers [2] https://lists.freebsd.org/pipermail/freebsd-current/2008-January/081743.htm= l Ambert