BTW, please don't take my tone here as "angry". I'm just being
emphatic.

Greg Hudson writes:
> Perry wrote:
> > If my floppy drive has been spinning for an hour, thats clearly not
> > acceptable. There is no way to know how long it will take for the
> > user to hit a key, by which time the damage may have been long since
> > done. All sorts of things can have been left in bad states.
> 
> > What would the point of shutting down the console driver only to
> > have the machine reboot again in a moment be? The answer to this
> > question is simple -- don't shut down the console driver with
> > shutdown hooks on ports that go into a loop in order to fake a halt.
> 
> We obviously have a different conception of what shutdown hooks are to
> be used for.  In the i386 port, the (only) use we've had for shutdown
> hooks is to turn off interrupt handling on devices which cause the
> machine to fail to reboot properly if they're left on.

Thats the only use you've had thus far -- I have a need to use the
facility to fix the floppy spin bug.

Again, modulo the console driver, which is a very special case, I
can't see what the point is in not doing the hooks first. It makes
*more* sense, not less. When the machine claims to be down, it should
be *down*!

> (Yes, these are hardware bugs, but they often don't happen under DOS
> and we have to deal with them.)  Such a device could as easily be a
> serial controller as anything else, and it may thus be necessary to
> disable a serial console in the shutdown hooks.

Well, in that case, there need to be two sets of shutdown hooks, one
run before the "press a key" and one after, with the one after being,
perhaps, just for the console driver. I have actually been hit with
the motor spin bug (see my problem report) and it is a legitimate
problem, unlike the as yet unseen need to disable a serial console
following the reboot button press. If there is actually a need to shut
things down both before and after the "press any key", then we should
simply change the architecture now, while its still largely unused, to
permit you to specify if the shutdown is to occur before or after the
"press any key".

We could also simply arrange to hardcode the disabling of the console
driver in boot() just after the key press, by the way -- that would
handle the port specificity nicely, but I think its unclean and that
adding a facility specifically to add a console shutdown hook is far
better.

> If you want to want to use shutdown handlers to stop the floppy drive
> spinning, you might reasonably argue that shutdown handlers need to be
> run before waiting for the keypress.  Is this actually necessary on
> some ports?

Yes -- in fact, on several ports. After I sent my PR for i386, Theo
sent me mail noting that he found the same bug on the Sparc.

Here is a simple way to reproduce this -- try halting 1) spinning the
floppy motor and 2) immediately halting the machine. You may need to
do this with a script on a slower processor. The floppy motor will
spin FOREVER. Actually, given how bad floppy motors are, it will
merely spin until you need to buy another $30 floppy drive.

I wanted to fix this by inserting a shutdown hook, but unfortunately
that doesn't work on port i386.

Again, if there is a need to shutdown the console driver, either we
should add a facility to shutdownhooks, or we should arrange a special
way to do that following the keypress.

> > The message printed in boot.c says that the machine is down. That
> > means that THE MACHINE IS DOWN.
> 
> So by this reasoning, we can't be willing to accept a keypress,
> because a machine that's down obviously can't respond to keypresses.

Well, lets say that the rule of least astonishment should say that the
only thing it should do at that point is respond to keypresses.

Perry