tech-kern: Re: The right place for doshutdownhooks()

Subject: Re: The right place for doshutdownhooks()
To: Greg Hudson <ghudson@MIT.EDU>
From: Chris G Demetriou <Chris_G_Demetriou@BALVENIE.PDL.CS.CMU.EDU>
List: tech-kern
Date: 11/20/1995 02:32:50

[ sorry for the scattered nature of this message; it's late. ]

> Chris wrote:
> >        (1) it's not guaranteed that all shutdown handlers can
> >                actually print things to the console, which
> >                i think is a big bummer, and,
> 
> So you're saying that you want some of the hardware to be active when
> other pieces of hardware are being shut down.  If you really want
> thus, rather than pretending that you could never need to disable the
> console before rebooting, add that functionality to the shutdown
> hooks.

It's a matter of "system services."

The question is, what "system services" can shutdown hooks rely on?
I definitely think that they should be able to rely on printf and
input, if only for debugging.  Indeed, if you can't have those, then
you _cannot_ debug shutdown hooks with ddb, which seems a necessity.
(I would go so far as to say that, on ports which support ddb, you
want to have ddb usable for as much 'C' code as you can.  That
includes the 'C' code that implements shutdown hooks.)  Given that,
you can't be shutting down console services via 'shutdown hooks'
(because, though they're called in a 'stack' order, there's no
guarantee that any given one is first).

If you say that console services are available while all shutdown
hooks are run, it doesn't make a difference whether or not you use the
console (e.g. to print the 'halting' message) before or after you run
the shutdown hooks.  In the absence of that, why do it after?

> >        (2) you can't ever honestly say "the system is now halting."
> 
> This is equivalent to Perry's argument that "THE MACHINE IS DOWN."

And it's not a particularly bad one.

On a related note, at some point in the future, devices should have
'shutdown' routines, and a shutdown routine should be run for every
device, before rebooting.  It would take the place of many current
'hooks'.  However, you're going to need basic console services --
if only for ddb -- there too.

The smarter devices are, the sooner you will want to shut them
down.  In the absence of any compelling cause to move the invocation
of shutdown hooks (and, in the future, device shutdown routines) to
after the "halted" message, why do it?

cgd