[Bug 224975] shutdown(8) needs to wait longer for swapoff to avoid a “Cannot allocate memory” error

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Sun Jan 7 21:19:50 UTC 2018 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=224975

Jilles Tjoelker <jilles at FreeBSD.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jilles at FreeBSD.org

--- Comment #1 from Jilles Tjoelker <jilles at FreeBSD.org> ---
Just "waiting for a few seconds" will not help. The order of operations would
have to be adjusted. The current order is (incomplete):

 * shutdown(8) prints final warning message
 * shutdown(8) signals init(8)
 * init(8) sends SIGHUP to all /etc/ttys session leaders and revokes the
terminals
 * init(8) starts rc.shutdown
 * rc.shutdown shuts down some daemons
 * rc.shutdown runs /etc/rc.d/swaplate, turning off swap with the late flag
 * rc.shutdown shuts down other daemons
 * init(8) revokes /dev/console
 * init(8) signals all processes with SIGTERM and then SIGKILL, waiting up to
20 seconds for them to terminate
 * init(8) calls reboot(2) with appropriate arguments
 * kernel syncs
 * kernel unmounts (forcibly) all filesystems
 * kernel turns off all swap
 * kernel instructs hardware to power off, reboot, etc.

As a result, any swap files must be turned off by /etc/rc.d/swaplate. If not,
the kernel will panic when trying to read data from the swap file when turning
it off, since the filesystems have already been unmounted.

You can make scenarios like yours work (without changes to FreeBSD) if you
ensure the memory-eating processes are either shut down by an rc.d script that
runs before swaplate in the shutdown order or are in the foreground of a tty
which is enabled in /etc/ttys.

What could be done in FreeBSD is adding unforced unmount and swapoff after all
processes have been signaled. This could be in init(8) or the kernel. Some
looping may be beneficial since turning off a swap file may make it possible to
unmount a filesystem without forcing.

In case of swap on fuse or the like, it is necessary to turn off the swap
before stopping the fuse daemon. However, it is best to kill as many processes
as possible before turning off swap to avoid paging in useless things and to
avoid high memory pressure.

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-bugs mailing list