46 Commits

Author SHA1 Message Date
msmith
5d544b264c An error in the last commit; the changes were submitted by, not reviewed by,
"D. Rock" <rock@cs.uni-sb.de>
1999-01-30 19:29:10 +00:00
msmith
8e7d737e15 Add a new sysctl node kern.shutdown, off which shutdown-related things
can be hung.

Add a tunable delay at the beginning of the SHUTDOWN_FINAL at_shutdown
queue, allowing time to settle before we launch into the list of things
that are expected to turn the system off.

Fix a bug in at_shutdown_pri() where the second insertion always put
the item in second position in the queue.

Reviewed by:	"D. Rock" <rock@cs.uni-sb.de>
1999-01-30 19:28:30 +00:00
msmith
981941d406 Improved DDB_UNATTENDED behaviour. From the submitter:
There's something that's been bugging me for a while, so I decided to fix it.
FreeBSD now will DTRT WRT DDB and DDB_UNATTENDED (!debugger_on_panic), at least
in my opinion. The behavior change is such that:

	1. Nothing changes when debugger_on_panic != 0.
	2. When DDB_UNATTENDED (!debugger_on_panic), if a panic occurs, the
		machine will reboot. Also, if a trap occurs, the machine will
		panic and reboot, unlike how it broke to DDB before. HOWEVER,
		a trap inside DDB will not cause a panic, allowing full use
		of DDB without having to worry about the machine being stuck
		at a DDB prompt if something goes wrong during the day.
		Patches for this behavior follow my signature, and it would
		be a boon to anyone (like me) who uses DDB_UNATTENDED, but
		actually wants the machine to panic on a trap (otherwise,
		what's the use, if the machine causes a fatal trap rather than
		a true panic, of debugger_on_panic?). The changes cause no
		adverse behavior, but do involve two symbols becoming global

Submitted by:	Brian Feldman <green@unixhelp.org>
1998-12-28 23:03:00 +00:00
archie
982e80577d Examine all occurrences of sprintf(), strcat(), and str[n]cpy()
for possible buffer overflow problems. Replaced most sprintf()'s
with snprintf(); for others cases, added terminating NUL bytes where
appropriate, replaced constants like "16" with sizeof(), etc.

These changes include several bug fixes, but most changes are for
maintainability's sake. Any instance where it wasn't "immediately
obvious" that a buffer overflow could not occur was made safer.

Reviewed by:	Bruce Evans <bde@zeta.org.au>
Reviewed by:	Matthew Dillon <dillon@apollo.backplane.com>
Reviewed by:	Mike Spengler <mks@networkcs.com>
1998-12-04 22:54:57 +00:00
msmith
0784b75a47 Don't count non-local dirty buffers as outstanding when shutting down.
This avoids the fsck-on-reboot symptoms if you're shutting down with a
hung or unreachable NFS server mounted.  Also remove non-local
filesystems from the mount list to prevent the system hanging when it tries
to unmount them (for the same reason).

Drew points out that there's a good argument for forcibly removing all
"non syncable" filesystems from the mount list (eg. NFS mounts, disks
that aren't responding, etc.) as this then allows you to sync and
cleanly unmount their parents.  No such change is included in this
patch.

Submitted by:	Andrew Gallatin <gallatin@cs.duke.edu>
1998-11-13 22:40:37 +00:00
msmith
e79dcdb69f Add the ability to specify where on the at_shutdown queue a handler is
installed.

Remove cpu_power_down, and replace it with an entry at the end of the
SHUTDOWN_FINAL queue in the only place it's used (APM).

Submitted by:	Some ideas from Bruce Walter <walter@fortean.com>
1998-10-30 05:41:15 +00:00
dt
17588de453 Fix precedence bug, so that kernel dump works. 1998-09-20 16:50:31 +00:00
gibbs
590590655f Add a new at_shutdown queue, SHUTDOWN_FINAL. This queue is run at
splhigh() after any system dumps have completed.  SHUTDOWN_POST_SYNC
isn't quite late enough for disk controllers.

Converted at_shutdown queues to use the queue(3) macros.
1998-09-15 08:49:52 +00:00
ache
b9386dfd70 Store formatted panic string in static buffer to make it available later
for savecore.
Previous code give only panic format to savecore
1998-09-06 06:25:18 +00:00
des
db3e7c5e5f Don't check minor number of dump device at all.
Discussed-with: Jörg Wunsch
1998-08-23 14:18:08 +00:00
des
b165af84ca Include opt_devfs.h which defines SLICE, to make previous commit
meaningful.

Pointed out by:	Luoqi Chen
1998-08-19 20:20:52 +00:00
des
62d97a08f1 Enable kernel dumps on SLICE systems. 1998-08-16 11:27:19 +00:00
bde
f0b863f4b5 Fixed printf format errors. 1998-07-11 07:46:16 +00:00
dfr
1d5f38ac22 This commit fixes various 64bit portability problems required for
FreeBSD/alpha.  The most significant item is to change the command
argument to ioctl functions from int to u_long.  This change brings us
inline with various other BSD versions.  Driver writers may like to
use (__FreeBSD_version == 300003) to detect this change.

The prototype FreeBSD/alpha machdep will follow in a couple of days
time.
1998-06-07 17:13:14 +00:00
tegge
4347025be3 Add forwarding of roundrobin to other cpus. This gives a more regular
update of cpu usage as shown by top when one process is cpu bound
(no system calls) while the system is otherwise idle (except for top).

Don't attempt to switch to the BSP in boot().  If the system was idle when
an interrupt caused a panic, this won't work.  Instead, switch to the BSP
in cpu_reset.

Remove some spurious forward_statclock/forward_hardclock warnings.
1998-05-17 22:12:14 +00:00
bde
53cc68b743 Backed out previous commit. It is invalid to call d_ioctl() on
possibly non-open devices, and we don't want to restrict dumping
to swap devices anwyay.  It is especially invalid to call d_ioctl()
in non-process context for panics.  d_psize() can be called on
non-open devices, at least on non-SLICED ones that support d_dump(),
and setdumpdev() has depended on this for a long time although it
is probably wrong, but even d_psize() can't be called in non-process
context - that's why dumpsys() depends on previously computed values
although these values may be stale.  The historical restriction to
devices with dkpart(dev) == SWAP_PART should go away.
1998-05-12 17:34:02 +00:00
julian
0cb054bfea Add dump support to the DEVFS/slice code.
now we can actually catch our crashes :-)

Submitted by: Luoqi Chen <luoqi@chen.ml.org> (the man who's everywhere)
1998-05-06 22:14:48 +00:00
julian
10c5ccc30a Reviewed by: dyson@freebsd.org (john Dyson), dg@root.com (david greenman)
Submitted by:	Kirk McKusick (mcKusick@mckusick.com)
Obtained from:  WHistle development tree
1998-03-08 09:59:44 +00:00
eivind
a5daa0b2f8 Add HW_WDOG to LINT, and turn it into a new-style option. 1998-02-16 23:57:49 +00:00
julian
cf4eb29e47 Shift a few SYSINT() calls around.
this results in a few functions becoming static, and
the SYSINITs being close to the code they are related to.
setting up the dump device is with dumpsys() and
kicking off the scheduler is with the scheduler.
Mounting root is with the code that does it.

Reviewed by: phk
1997-11-25 07:07:48 +00:00
bde
f5a5851d98 Get buffer stuff by #including <sys/buf.h> instead of <sys/vnode.h>.
Staticized boot().

Fixed a gratuitous ANSIism.
1997-11-18 15:16:43 +00:00
phk
4c8218a5c7 Move the "retval" (3rd) parameter from all syscall functions and put
it in struct proc instead.

This fixes a boatload of compiler warning, and removes a lot of cruft
from the sources.

I have not removed the /*ARGSUSED*/, they will require some looking at.

libkvm, ps and other userland struct proc frobbing programs will need
recompiled.
1997-11-06 19:29:57 +00:00
peter
1428bb8823 Cosmetic adjustment for the trap/double fault/panic cpu id listing.
It now prints the apic id in hex rather than decimal.
1997-09-05 08:54:55 +00:00
bde
6ffb8bf9af Removed unused #includes. 1997-09-02 20:06:59 +00:00
bde
31192fc056 Fixed options SHOW_BUSYBUFS and PANIC_REBOOT_WAIT_TIME which were broken
by incomplete cutting and pasting from machdep.c to kern_shutdown.c.

PR:		3953
1997-08-31 23:08:38 +00:00
peter
3df4daaa03 Correct some things I forgot about until it was too late with smp_active.
smp_active = 1 used to indicate that the system had frozen previously
started AP's, while smp_active = 0 was "AP's not yet started".  I have split
this into smp_started (which is set when the AP's come online), and
smp_active is left for turning on/off AP scheduling.
1997-08-26 18:36:15 +00:00
bde
cd40f0f029 Fixed some formatting and style bugs.
Fixed a gratuitous ANSIism.
1997-08-26 00:24:25 +00:00
julian
c92a006d04 Teach both disk drivers how to cope with a hardware watchdog
while dumping core.. I'm tired of getting 1/2 of a core-dump

conditional on -DHW_WDOG for now
this will migrate to 2.2 as that's where I need it.
1997-08-09 01:44:25 +00:00
julian
9b3d3ce7fa Use up 4 precious bytes to give the kernel a hook to
support hardware watchdogs. The actual functions would be supplied in an LKM
or a linked file, but they need to hang off something.
1997-08-09 01:25:54 +00:00
peter
2dc5ff96e7 Preliminary support for per-cpu data pages.
This eliminates a lot of #ifdef SMP type code.  Things like _curproc reside
in a data page that is unique on each cpu, eliminating the expensive macros
like:    #define curproc (SMPcurproc[cpunumber()])

There are some unresolved bootstrap and address space sharing issues at
present, but Steve is waiting on this for other work.  There is still some
strictly temporary code present that isn't exactly pretty.

This is part of a larger change that has run into some bumps, this part is
standalone so it should be safe.  The temporary code goes away when the
full idle cpu support is finished.

Reviewed by: fsmp, dyson
1997-06-22 16:04:22 +00:00
wollman
d3793afec0 When APM is configured, turn off the power when halting for good. 1997-06-15 02:03:03 +00:00
fsmp
eee5a4f496 Move the printing of "cpu#%d" to AFTER the general panic argument string.
When a panic occurs early in the SMP boot process 'cpunumber()' hangs,
causing the panic string to be lost.  Now the system appears to hang
in 'breakpoint()', but at least the user sees the panic string before the
hang.
1997-05-24 18:35:44 +00:00
peter
6323aa10bf Man the liferafts! Here comes the long awaited SMP -> -current merge!
There are various options documented in i386/conf/LINT, there is more to
come over the next few days.

The kernel should run pretty much "as before" without the options to
activate SMP mode.

There are a handful of known "loose ends" that need to be fixed, but
have been put off since the SMP kernel is in a moderately good condition
at the moment.

This commit is the result of the tinkering and testing over the last 14
months by many people.  A special thanks to Steve Passe for implementing
the APIC code!
1997-04-26 11:46:25 +00:00
peter
94b6d72794 Back out part 1 of the MCFH that changed $Id$ to $FreeBSD$. We are not
ready for it yet.
1997-02-22 09:48:43 +00:00
bde
68c982254b Reduced #include spam in <sys/sysproto.h> and fixed things that depended
on it.

makesyscalls.sh:
This parsed $Id$.  Fixed(?) to parse $FreeBSD$.  The output is wrong when
the id is not expanded in the source file.

syscalls.master:
Fixed declaration of sigsuspend().  There are still some bogons and
spam involving sigset_t.
Use `struct foo *' instead of the equivalent `foo_t *' for some nfs and
lfs syscalls so that <sys/sysproto.h> doesn't depend on <sys/mount.h>.
1997-01-16 15:58:32 +00:00
jkh
808a36ef65 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
julian
eea5d64b87 Further improved version of hadling a HALT when there is no console. 1996-10-31 00:57:28 +00:00
julian
e1b78916a4 if there is no console, cngetc should act like getc and return -1
make callers aware of this in those cases where it can occur.
1996-10-30 21:40:25 +00:00
bde
e0185c45da Changed cncheckc() interface so that it is 8-bit clean - return -1
instead of 0 if there is no input.
1996-09-14 04:31:09 +00:00
bde
f230d30a1e Don't use __dead in the kernel. It was an obfuscation for gcc >= 2.5
and a no-op for gcc >= 2.6.
1996-09-13 09:20:15 +00:00
sos
b2c425deed Fixed two small leftovers form PHK's mega devconf removal commit.. 1996-09-07 19:13:09 +00:00
phk
bca885205d Remove devconf, it never grew up to be of any use. 1996-09-06 23:09:20 +00:00
julian
4d795c594d Remove the old cleanup code as it is no longer used..
also fix two cases of = instead of ==
(cut+paste bug duplication)
1996-08-26 21:47:56 +00:00
julian
e5048c6cd5 Some cleanups to the callout lists recently added.
note that at_shutdown has a new parameter to indicate When
during a shutdown the callout should be made. also
add a RB_POWEROFF flag to reboot "howto" parameter..
tells the reboot code in our at_shutdown module to turn off the UPS
and kill the power. bound to be useful eventually on laptops
1996-08-22 03:50:33 +00:00
julian
65b6e7181b Collect all the functioons concerned with rebooting into one place
also add the at_shutdown callout list, and change the one user of
the present (broken) method (the vn driver) to use the new scheme.
1996-08-19 20:07:07 +00:00
julian
b2b64697e4 move all functions related to shutting down to one file
called kern_shutdown.c

note: I couldn't see anything machine dependant in the
functions boot() and dumpsys() which were in machdep.c
I have left a prototype for cpu_boot() which would go in
machdep.c, but I have nothing to put in it. Iexpect others will
let me know in no uncertain ways that this or that  is machine dependant
and should be there, but I'll way for that to happen.. :)

I haven't actually taken the functions OUT of machdep
or anywhere else yet.. I'm checking in this file so others can have a look
at it and comment. SO PLEASE DO COMMENT!

I am also (in another checkin) addinf a man(9) page for the new
at_shotdown().. er freudian slip there.. at_shutdown() call
so have a look at that (and at_exit and at_fork as well)
and feed me comments..

I'll heck in the changes to make these (shutdown) changes active tomorrow
if no-one objects too strongly..
1996-08-19 02:19:23 +00:00