shutdown_nice during boot

Andriy Gapon avg at
Wed May 6 16:38:33 UTC 2009

First, let me simply paste the whole body of shutdown_nice function:
shutdown_nice(int howto)

        shutdown_howto = howto;

        /* Send a signal to init(8) and have it shutdown the world */
        if (initproc != NULL) {
                psignal(initproc, SIGINT);
        } else {
                /* No init(8) running, so simply reboot */

Now, initproc is initialized quite early during boot to make sure that PID of 1 is
reserved for init. Actual init process is executed at the very end of boot. Right
after init is forked it ignores all signals because this is how proc0 is set up.
Only when it is actually executed it explicitly re-enables signals and installs
certain handlers.

Because of the above there is a time frame where initproc != NULL but any signal
for init gets ignored.
There are not many places where shutdown_nice can be called during that time
frame, but I think that there are some.
Very unlikely, but theoretically possible situation: a system starts overheating
immediately after power on, acpi_tz driver detects this and calls shutdown_nice at
the wrong time, the system keeps booting up and eventually melts down.

It may be possible to make sure that shutdown_nice is never called at the wrong
time by tweaking all the places where it's used.

But maybe there is a way to make shutdown_nice behave in a usual way even during
that inconvenient timeframe.

It's possible to re-enable SIGINT right after init is forked, but this way it will
be delivered to init before it installs signal handlers and thus init would simply
terminate resulting in "Going nowhere without my init!" panic.

Please share your ideas.
Thank you!

Andriy Gapon

More information about the freebsd-arch mailing list