Init: Graceful termination and signal propagation #8

New issue

Closed

opened 2026-02-11 19:21:19 +00:00 by thabeta · 1 comment

thabeta commented 2026-02-11 19:21:19 +00:00

Owner

Copy link

The chvm-init binary (pid 1) handles signals in signal.rs. The implementation needs to ensure atomic cleanup of mounts and termination of child processes.

Proposed Changes:

1. Ensure signals are propagated to the entire process group.
2. Implement a timeout for processes to exit before sending force kill signals.
3. Verify filesystem integrity by ensuring proper unmounting before exit.

The `chvm-init` binary (pid 1) handles signals in `signal.rs`. The implementation needs to ensure atomic cleanup of mounts and termination of child processes. **Proposed Changes:** 1. Ensure signals are propagated to the entire process group. 2. Implement a timeout for processes to exit before sending force kill signals. 3. Verify filesystem integrity by ensuring proper unmounting before exit.

rawan self-assigned this 2026-03-09 10:09:57 +00:00

rawan commented 2026-03-10 15:26:25 +00:00

Member

Copy link

Changes implemented:

1. Re-entrancy guard on poweroff
   Added AtomicBool flag. The first thread to call poweroff() claims it. Any subsequent callers loop on pause() forever, preventing concurrent shutdown races on unmounts and the reboot syscall.

2. Child process termination before unmounting
   Added terminate_all_children() which runs before sync() and unmounts:

   • Sends SIGTERM to all child processes
   • Polls for up to 3 seconds, reaping exited children every 50ms
   • If any children survive, sends SIGKILL and reaps for up to 1 second

This ensures all file handles on mounts are released before umount runs

Changes implemented: 1. Re-entrancy guard on `poweroff` Added AtomicBool flag. The first thread to call poweroff() claims it. Any subsequent callers loop on pause() forever, preventing concurrent shutdown races on unmounts and the reboot syscall. 2. Child process termination before unmounting Added `terminate_all_children()` which runs before sync() and unmounts: - Sends SIGTERM to all child processes - Polls for up to 3 seconds, reaping exited children every 50ms - If any children survive, sends SIGKILL and reaps for up to 1 second This ensures all file handles on mounts are released before umount runs

rawan referenced this issue 2026-03-10 22:02:16 +00:00

Init: Graceful termination and signal propagation #29

thabeta added this to the ACTIVE project 2026-03-12 10:53:26 +00:00

rawan closed this issue 2026-03-12 11:13:58 +00:00

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

development

archive/my_hypervisor-pre-rewrite-branch

feat/adr-004-os-client

development_storage_dedupe

main

development_oci_layer

archive/my_hypervisor-pre-rewrite

v0.1.5

v0.1.4

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

ACTIVE

Assignees

Clear assignees

No assignees

rawan

2 participants

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

geomind_code/my_hypervisor#8

No description provided.