2 * Copyright (c) 1986, 1988, 1991, 1993
3 * The Regents of the University of California. All rights reserved.
4 * (c) UNIX System Laboratories, Inc.
5 * All or some portions of this file are derived from material licensed
6 * to the University of California by American Telephone and Telegraph
7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with
8 * the permission of UNIX System Laboratories, Inc.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. All advertising materials mentioning features or use of this software
19 * must display the following acknowledgement:
20 * This product includes software developed by the University of
21 * California, Berkeley and its contributors.
22 * 4. Neither the name of the University nor the names of its contributors
23 * may be used to endorse or promote products derived from this software
24 * without specific prior written permission.
26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
38 * @(#)kern_shutdown.c 8.3 (Berkeley) 1/21/94
39 * $FreeBSD: src/sys/kern/kern_shutdown.c,v 1.72.2.12 2002/02/21 19:15:10 dillon Exp $
40 * $DragonFly: src/sys/kern/kern_shutdown.c,v 1.62 2008/01/05 13:23:48 corecode Exp $
44 #include "opt_ddb_trace.h"
45 #include "opt_hw_wdog.h"
46 #include "opt_panic.h"
47 #include "opt_show_busybufs.h"
49 #include <sys/param.h>
50 #include <sys/systm.h>
51 #include <sys/eventhandler.h>
54 #include <sys/diskslice.h>
55 #include <sys/reboot.h>
58 #include <sys/fcntl.h> /* FREAD */
59 #include <sys/stat.h> /* S_IFCHR */
60 #include <sys/vnode.h>
61 #include <sys/kernel.h>
62 #include <sys/kerneldump.h>
63 #include <sys/kthread.h>
64 #include <sys/malloc.h>
65 #include <sys/mount.h>
66 #include <sys/queue.h>
67 #include <sys/sysctl.h>
68 #include <sys/vkernel.h>
70 #include <sys/sysproto.h>
71 #include <sys/device.h>
74 #include <sys/kerneldump.h>
75 #include <sys/kern_syscall.h>
76 #include <vm/vm_map.h>
79 #include <sys/thread2.h>
82 #include <machine/clock.h>
83 #include <machine/md_var.h>
84 #include <machine/smp.h> /* smp_active_mask, cpuid */
85 #include <machine/vmparam.h>
86 #include <machine/thread.h>
88 #include <sys/signalvar.h>
91 #include <dev/misc/gpio/gpio.h>
93 #ifndef PANIC_REBOOT_WAIT_TIME
94 #define PANIC_REBOOT_WAIT_TIME 15 /* default to 15 seconds */
98 * Note that stdarg.h and the ANSI style va_start macro is used for both
99 * ANSI and traditional C compilers. We use the machine version to stay
100 * within the confines of the kernel header files.
102 #include <machine/stdarg.h>
106 #ifdef DDB_UNATTENDED
107 int debugger_on_panic = 0;
109 int debugger_on_panic = 1;
111 SYSCTL_INT(_debug, OID_AUTO, debugger_on_panic, CTLFLAG_RW,
112 &debugger_on_panic, 0, "Run debugger on kernel panic");
115 int trace_on_panic = 1;
117 int trace_on_panic = 0;
119 SYSCTL_INT(_debug, OID_AUTO, trace_on_panic, CTLFLAG_RW,
120 &trace_on_panic, 0, "Print stack trace on kernel panic");
123 static int sync_on_panic = 0;
124 SYSCTL_INT(_kern, OID_AUTO, sync_on_panic, CTLFLAG_RW,
125 &sync_on_panic, 0, "Do a sync before rebooting from a panic");
127 SYSCTL_NODE(_kern, OID_AUTO, shutdown, CTLFLAG_RW, 0, "Shutdown environment");
131 * If there is a hardware watchdog, point this at the function needed to
133 * It's needed when the kernel needs to do some lengthy operations.
134 * e.g. in wd.c when dumping core.. It's most annoying to have
135 * your precious core-dump only half written because the wdog kicked in.
137 watchdog_tickle_fn wdog_tickler = NULL;
141 * Variable panicstr contains argument to first call to panic; used as flag
142 * to indicate that the kernel has already called panic.
144 const char *panicstr;
146 int dumping; /* system is dumping */
147 static struct dumperinfo dumper; /* selected dumper */
150 u_int panic_cpu_interlock; /* panic interlock */
151 globaldata_t panic_cpu_gd; /* which cpu took the panic */
154 int bootverbose = 0; /* note: assignment to force non-bss */
155 SYSCTL_INT(_debug, OID_AUTO, bootverbose, CTLFLAG_RW,
156 &bootverbose, 0, "Verbose kernel messages");
158 int cold = 1; /* note: assignment to force non-bss */
159 int dumplo; /* OBSOLETE - savecore compat */
162 static void boot (int) __dead2;
163 static int setdumpdev (cdev_t dev);
164 static void poweroff_wait (void *, int);
165 static void print_uptime (void);
166 static void shutdown_halt (void *junk, int howto);
167 static void shutdown_panic (void *junk, int howto);
168 static void shutdown_reset (void *junk, int howto);
169 static int shutdown_busycount1(struct buf *bp, void *info);
170 static int shutdown_busycount2(struct buf *bp, void *info);
171 static void shutdown_cleanup_proc(struct proc *p);
173 /* register various local shutdown events */
175 shutdown_conf(void *unused)
177 EVENTHANDLER_REGISTER(shutdown_final, poweroff_wait, NULL, SHUTDOWN_PRI_FIRST);
178 EVENTHANDLER_REGISTER(shutdown_final, shutdown_halt, NULL, SHUTDOWN_PRI_LAST + 100);
179 EVENTHANDLER_REGISTER(shutdown_final, shutdown_panic, NULL, SHUTDOWN_PRI_LAST + 100);
180 EVENTHANDLER_REGISTER(shutdown_final, shutdown_reset, NULL, SHUTDOWN_PRI_LAST + 200);
183 SYSINIT(shutdown_conf, SI_BOOT2_MACHDEP, SI_ORDER_ANY, shutdown_conf, NULL)
188 * The system call that results in a reboot
191 sys_reboot(struct reboot_args *uap)
193 struct thread *td = curthread;
196 if ((error = priv_check(td, PRIV_REBOOT)))
204 * Called by events that want to shut down.. e.g <CTL><ALT><DEL> on a PC
206 static int shutdown_howto = 0;
209 shutdown_nice(int howto)
211 shutdown_howto = howto;
213 /* Send a signal to init(8) and have it shutdown the world */
214 if (initproc != NULL) {
215 ksignal(initproc, SIGINT);
217 /* No init(8) running, so simply reboot */
222 static int waittime = -1;
224 struct thread *dumpthread;
235 if (ts.tv_sec >= 86400) {
236 kprintf("%ldd", ts.tv_sec / 86400);
240 if (f || ts.tv_sec >= 3600) {
241 kprintf("%ldh", ts.tv_sec / 3600);
245 if (f || ts.tv_sec >= 60) {
246 kprintf("%ldm", ts.tv_sec / 60);
250 kprintf("%lds\n", ts.tv_sec);
254 * Go through the rigmarole of shutting down..
255 * this used to be in machdep.c but I'll be dammned if I could see
256 * anything machine dependant in it.
262 * Get rid of any user scheduler baggage and then give
263 * us a high priority.
265 if (curthread->td_release)
266 curthread->td_release(curthread);
267 lwkt_setpri_self(TDPRI_MAX);
269 /* collect extra flags that shutdown_nice might have set */
270 howto |= shutdown_howto;
274 * We really want to shutdown on the BSP. Subsystems such as ACPI
275 * can't power-down the box otherwise.
277 if (smp_active_mask > 1) {
278 kprintf("boot() called on cpu#%d\n", mycpu->gd_cpuid);
280 if (panicstr == NULL && mycpu->gd_cpuid != 0) {
281 kprintf("Switching to cpu #0 for shutdown\n");
282 lwkt_setcpu_self(globaldata_find(0));
286 * Do any callouts that should be done BEFORE syncing the filesystems.
288 EVENTHANDLER_INVOKE(shutdown_pre_sync, howto);
291 * Try to get rid of any remaining FS references. The calling
292 * process, proc0, and init may still hold references. The
293 * VFS cache subsystem may still hold a root reference to root.
295 * XXX this needs work. We really need to SIGSTOP all remaining
296 * processes in order to avoid blowups due to proc0's filesystem
297 * references going away. For now just make sure that the init
298 * process is stopped.
300 if (panicstr == NULL) {
301 shutdown_cleanup_proc(curproc);
302 shutdown_cleanup_proc(&proc0);
304 if (initproc != curproc) {
305 ksignal(initproc, SIGSTOP);
306 tsleep(boot, 0, "shutdn", hz / 20);
308 shutdown_cleanup_proc(initproc);
310 vfs_cache_setroot(NULL, NULL);
314 * Now sync filesystems
316 if (!cold && (howto & RB_NOSYNC) == 0 && waittime < 0) {
317 int iter, nbusy, pbusy;
320 kprintf("\nsyncing disks... ");
322 sys_sync(NULL); /* YYY was sync(&proc0, NULL). why proc0 ? */
325 * With soft updates, some buffers that are
326 * written will be remarked as dirty until other
327 * buffers are written.
329 for (iter = pbusy = 0; iter < 20; iter++) {
330 nbusy = scan_all_buffers(shutdown_busycount1, NULL);
333 kprintf("%d ", nbusy);
339 * Process soft update work queue if buffers don't sync
340 * after 6 iterations by permitting the syncer to run.
345 sys_sync(NULL); /* YYY was sync(&proc0, NULL). why proc0 ? */
346 tsleep(boot, 0, "shutdn", hz * iter / 20 + 1);
350 * Count only busy local buffers to prevent forcing
351 * a fsck if we're just a client of a wedged NFS server
353 nbusy = scan_all_buffers(shutdown_busycount2, NULL);
356 * Failed to sync all blocks. Indicate this and don't
357 * unmount filesystems (thus forcing an fsck on reboot).
359 kprintf("giving up on %d buffers\n", nbusy);
361 Debugger("busy buffer problem");
363 tsleep(boot, 0, "shutdn", hz * 5 + 1);
367 * Unmount filesystems
369 if (panicstr == NULL)
372 tsleep(boot, 0, "shutdn", hz / 10 + 1);
378 * Dump before doing post_sync shutdown ops
381 if ((howto & (RB_HALT|RB_DUMP)) == RB_DUMP && !cold &&
382 dumper.dumper != NULL && !dumping) {
388 * Ok, now do things that assume all filesystem activity has
389 * been completed. This will also call the device shutdown
392 EVENTHANDLER_INVOKE(shutdown_post_sync, howto);
394 /* Now that we're going to really halt the system... */
395 EVENTHANDLER_INVOKE(shutdown_final, howto);
397 for(;;) ; /* safety against shutdown_reset not working */
402 shutdown_busycount1(struct buf *bp, void *info)
404 if ((bp->b_flags & B_INVAL) == 0 && BUF_REFCNT(bp) > 0)
406 if ((bp->b_flags & (B_DELWRI | B_INVAL)) == B_DELWRI)
412 shutdown_busycount2(struct buf *bp, void *info)
414 if (((bp->b_flags & B_INVAL) == 0 && BUF_REFCNT(bp)) ||
415 ((bp->b_flags & (B_DELWRI|B_INVAL)) == B_DELWRI)) {
417 * Only count buffers undergoing write I/O
418 * on the related vnode.
420 if (bp->b_vp == NULL ||
421 bio_track_active(&bp->b_vp->v_track_write) == 0) {
424 #if defined(SHOW_BUSYBUFS) || defined(DIAGNOSTIC)
426 "%p dev:?, flags:%08x, loffset:%lld, doffset:%lld\n",
428 bp->b_flags, bp->b_loffset,
429 bp->b_bio2.bio_offset);
437 * If the shutdown was a clean halt, behave accordingly.
440 shutdown_halt(void *junk, int howto)
442 if (howto & RB_HALT) {
444 kprintf("The operating system has halted.\n");
445 #ifdef _KERNEL_VIRTUAL
448 kprintf("Please press any key to reboot.\n\n");
450 case -1: /* No console, just die */
462 * Check to see if the system paniced, pause and then reboot
463 * according to the specified delay.
466 shutdown_panic(void *junk, int howto)
470 if (howto & RB_DUMP) {
471 if (PANIC_REBOOT_WAIT_TIME != 0) {
472 if (PANIC_REBOOT_WAIT_TIME != -1) {
473 kprintf("Automatic reboot in %d seconds - "
474 "press a key on the console to abort\n",
475 PANIC_REBOOT_WAIT_TIME);
476 for (loop = PANIC_REBOOT_WAIT_TIME * 10;
478 DELAY(1000 * 100); /* 1/10th second */
479 /* Did user type a key? */
480 if (cncheckc() != -1)
486 } else { /* zero time specified - reboot NOW */
489 kprintf("--> Press a key on the console to reboot,\n");
490 kprintf("--> or switch off the system now.\n");
496 * Everything done, now reset
499 shutdown_reset(void *junk, int howto)
501 kprintf("Rebooting...\n");
502 DELAY(1000000); /* wait 1 sec for kprintf's to complete and be read */
503 /* cpu_boot(howto); */ /* doesn't do anything at the moment */
505 /* NOTREACHED */ /* assuming reset worked */
509 * Try to remove FS references in the specified process. This function
510 * is used during shutdown
514 shutdown_cleanup_proc(struct proc *p)
516 struct filedesc *fdp;
521 if ((fdp = p->p_fd) != NULL) {
524 cache_drop(&fdp->fd_ncdir);
529 cache_drop(&fdp->fd_nrdir);
534 cache_drop(&fdp->fd_njdir);
547 pmap_remove_pages(vmspace_pmap(vm),
549 VM_MAX_USER_ADDRESS);
550 vm_map_remove(&vm->vm_map,
552 VM_MAX_USER_ADDRESS);
557 * Magic number for savecore
559 * exported (symorder) and used at least by savecore(8)
561 * Mark it as used so that gcc doesn't optimize it away.
563 __attribute__((__used__))
564 static u_long const dumpmag = 0x8fca0101UL;
566 __attribute__((__used__))
567 static int dumpsize = 0; /* also for savecore */
569 static int dodump = 1;
571 SYSCTL_INT(_machdep, OID_AUTO, do_dump, CTLFLAG_RW, &dodump, 0,
572 "Try to perform coredump on kernel panic");
575 mkdumpheader(struct kerneldumpheader *kdh, char *magic, uint32_t archver,
576 uint64_t dumplen, uint32_t blksz)
578 bzero(kdh, sizeof(*kdh));
579 strncpy(kdh->magic, magic, sizeof(kdh->magic));
580 strncpy(kdh->architecture, MACHINE_ARCH, sizeof(kdh->architecture));
581 kdh->version = htod32(KERNELDUMPVERSION);
582 kdh->architectureversion = htod32(archver);
583 kdh->dumplength = htod64(dumplen);
584 kdh->dumptime = htod64(time_second);
585 kdh->blocksize = htod32(blksz);
586 strncpy(kdh->hostname, hostname, sizeof(kdh->hostname));
587 strncpy(kdh->versionstring, version, sizeof(kdh->versionstring));
588 if (panicstr != NULL)
589 strncpy(kdh->panicstring, panicstr, sizeof(kdh->panicstring));
590 kdh->parity = kerneldump_parity(kdh);
594 setdumpdev(cdev_t dev)
600 disk_dumpconf(NULL, 0/*off*/);
605 * We have to open the device before we can perform ioctls on it,
606 * or the slice/label data may not be present. Device opens are
607 * usually tracked by specfs, but the dump device can be set in
608 * early boot and may not be open so this is somewhat of a hack.
610 doopen = (dev->si_sysref.refcnt == 1);
612 error = dev_dopen(dev, FREAD, S_IFCHR, proc0.p_ucred);
616 error = disk_dumpconf(dev, 1/*on*/);
622 static void dump_conf (void *dummy);
624 dump_conf(void *dummy)
629 path = kmalloc(MNAMELEN, M_TEMP, M_WAITOK);
630 if (TUNABLE_STR_FETCH("dumpdev", path, MNAMELEN) != 0) {
631 dev = kgetdiskbyname(path);
636 if (setdumpdev(dumpdev) != 0)
640 SYSINIT(dump_conf, SI_SUB_DUMP_CONF, SI_ORDER_FIRST, dump_conf, NULL)
643 sysctl_kern_dumpdev(SYSCTL_HANDLER_ARGS)
648 ndumpdev = dev2udev(dumpdev);
649 error = sysctl_handle_opaque(oidp, &ndumpdev, sizeof ndumpdev, req);
650 if (error == 0 && req->newptr != NULL)
651 error = setdumpdev(udev2dev(ndumpdev, 0));
655 SYSCTL_PROC(_kern, KERN_DUMPDEV, dumpdev, CTLTYPE_OPAQUE|CTLFLAG_RW,
656 0, sizeof dumpdev, sysctl_kern_dumpdev, "T,udev_t", "");
659 * Panic is called on unresolvable fatal errors. It prints "panic: mesg",
660 * and then reboots. If we are called twice, then we avoid trying to sync
661 * the disks as this often leads to recursive panics.
664 panic(const char *fmt, ...)
666 int bootopt, newpanic;
668 static char buf[256];
672 * If a panic occurs on multiple cpus before the first is able to
673 * halt the other cpus, only one cpu is allowed to take the panic.
674 * Attempt to be verbose about this situation but if the kprintf()
675 * itself panics don't let us overrun the kernel stack.
677 * Be very nasty about descheduling our thread at the lowest
678 * level possible in an attempt to freeze the thread without
679 * inducing further panics.
681 * Bumping gd_trap_nesting_level will also bypass assertions in
682 * lwkt_switch() and allow us to switch away even if we are a
683 * FAST interrupt or IPI.
685 if (atomic_poll_acquire_int(&panic_cpu_interlock)) {
686 panic_cpu_gd = mycpu;
687 } else if (panic_cpu_gd != mycpu) {
689 ++mycpu->gd_trap_nesting_level;
690 if (mycpu->gd_trap_nesting_level < 25) {
691 kprintf("SECONDARY PANIC ON CPU %d THREAD %p\n",
692 mycpu->gd_cpuid, curthread);
694 curthread->td_release = NULL; /* be a grinch */
696 lwkt_deschedule_self(curthread);
700 /* --mycpu->gd_trap_nesting_level */
704 bootopt = RB_AUTOBOOT | RB_DUMP;
705 if (sync_on_panic == 0)
706 bootopt |= RB_NOSYNC;
709 bootopt |= RB_NOSYNC;
716 kvsnprintf(buf, sizeof(buf), fmt, ap);
720 kprintf("panic: %s\n", buf);
722 /* two separate prints in case of an unmapped page and trap */
723 kprintf("mp_lock = %08x; ", mp_lock);
724 kprintf("cpuid = %d\n", mycpu->gd_cpuid);
727 #if (NGPIO > 0) && defined(ERROR_LED_ON_PANIC)
728 led_switch("error", 1);
731 #if defined(WDOG_DISABLE_ON_PANIC) && defined(WATCHDOG_ENABLE)
736 if (newpanic && trace_on_panic)
738 if (debugger_on_panic)
745 * Support for poweroff delay.
747 #ifndef POWEROFF_DELAY
748 # define POWEROFF_DELAY 5000
750 static int poweroff_delay = POWEROFF_DELAY;
752 SYSCTL_INT(_kern_shutdown, OID_AUTO, poweroff_delay, CTLFLAG_RW,
753 &poweroff_delay, 0, "");
756 poweroff_wait(void *junk, int howto)
758 if(!(howto & RB_POWEROFF) || poweroff_delay <= 0)
760 DELAY(poweroff_delay * 1000);
764 * Some system processes (e.g. syncer) need to be stopped at appropriate
765 * points in their main loops prior to a system shutdown, so that they
766 * won't interfere with the shutdown process (e.g. by holding a disk buf
767 * to cause sync to fail). For each of these system processes, register
768 * shutdown_kproc() as a handler for one of shutdown events.
770 static int kproc_shutdown_wait = 60;
771 SYSCTL_INT(_kern_shutdown, OID_AUTO, kproc_shutdown_wait, CTLFLAG_RW,
772 &kproc_shutdown_wait, 0, "");
775 shutdown_kproc(void *arg, int howto)
784 td = (struct thread *)arg;
785 if ((p = td->td_proc) != NULL) {
786 kprintf("Waiting (max %d seconds) for system process `%s' to stop...",
787 kproc_shutdown_wait, p->p_comm);
789 kprintf("Waiting (max %d seconds) for system thread %s to stop...",
790 kproc_shutdown_wait, td->td_comm);
792 error = suspend_kproc(td, kproc_shutdown_wait * hz);
794 if (error == EWOULDBLOCK)
795 kprintf("timed out\n");
797 kprintf("stopped\n");
800 /* Registration of dumpers */
802 set_dumper(struct dumperinfo *di)
805 bzero(&dumper, sizeof(dumper));
809 if (dumper.dumper != NULL)
816 #if defined (_KERNEL_VIRTUAL)
817 /* VKERNELs don't support dumps */
819 dumpsys(struct dumperinfo *di __unused)
821 kprintf("VKERNEL doesn't support dumps\n");
projects / dragonfly.git / blob