Deep down inside the linux kernel .. Part 1

Process Management

After a very busy 2nd semester finally decided to dedicate an article on Process Management .

What can readers expect in this article ?????/.

1)A comphrehensive info on process and its management

2)The beauty and simplicity of process management unlike windows OMG!!!! . Windows in the name of abstraction have complicated so many things .

In linux a task is represented by struct task_struct which declaration is present in sched.h . Use cscope utility to search through the kernel . cscope coupled with vim is like a soldier armed with a sword and shield .

Linux does not have the concept of threads . There is no difference between threads and process . Lets analyse the need for a thread . A process can have multiple paths of execution(each execution path is a thread ) . To speak in the language of computers . Each process has a process descriptor with a pid . The process descriptor points to threads . Each thread access the resource of the process and also can have resources private to it. Thread is light weight process (the time to make a thread ready to run or context switch is very less ) .

Linux philosophy is that process in linux are itself light then why should have something called a thread . So in linux when you want to create threads (For eg: 4 threads) we create 4 task_struct structures . They are created using the clone system call ( clone() system call is internally called by fork() , vfork() ).


CLONE_VM – The address space of the parent and child should be shared
CLONE_FS – The file system resources should be shared
CLONE_FILES – The file descriptors(including the device files ) should be shared
CLONE_SIGHAND – The signal handlers should be shared

When a parent creates 4 childs and each will share the address space of the parent and each thread can have private resources and they are light weight which is nothing but a thread .

Everyone would know fork() ( remember the small code snippet in Galvin 😉 ) Then what is vfork() ??? Why we need them ???

When we use vfork() the parent suspends its execution and allows the child to execute in the address space of the parent . Any change made ny child will be visible to parent . vfork() was introduced as an alternative because of the overhead involved in initial implementation of fork() which duplicates the page tables of parent for the child . Then fork() was reimplemented to use copy_on_write() so vfork() is seldom is nowadays . vfork() is also implemented using clone


Process Termination

It is one of the most interestesting and mysterious topic one would face . Ask a person what a zombie process is ?? Each would come up with a truely different answer . The best way to clear the doubts is go through some Linux kernel books and by investigating the kernel code

What happens when process exits ??

1) The process exits by calling exit() function . When the process’s state is set to TASK_INTERUPTTIBLE then it will respond to external signals . In such a case also when it receives a command to terminate itself it will call the exit() function . From the exit() function the control moves to do_exit() which does a huge number of tasks

2)It will call del_timer_sync() to remove any timers the process has queued in the timer list .

3)It will deallocate the mm_struct(used for process management ) if it is not shared . The function which does is exit_mm() .

4)If the process is enqueued in the wait queue for wait on any semaphore it is dequeued . The function which does is exit_sem() .

5)The exit_fs() , exit_files() , exit_namespace() , exit_sighand() decrements the usage count for the resource which the child held.

6)Then after this it calls exit_notify() which called the forget_orginal_parent() function to reparent the child of the process to init process(has pid 1) or another process in the thread group . After this the state of the process is set to TASK_ZOMBIE and it next step is to call the schedule() function .

7)When the process is in the zombie state. All the resources held by the process is removed . All it holds it the thread_union structure ie . It holds the kernel stack , thread_info structure , task_struct structure . It holds 8kb worth space . The task_struct is not deallocated because it contains the exit code and status of the child which will be read by the parent . When the parent issues wait() system call the child process status and return code is read and the zombie process is removed by calling the release_task() . Again it performs a number of steps which you can finding by investigating the kernel code of exit.c source file .

8)There is no risk of zombie process because each and every child of the parent is reparent to init . init calls the wait() system call for removing the zombie process

Note : There is a difference between orphan process and zombie process . An orphan process is one which has lost its parent and reparented to the init task.

This is some info on Process Management . You can say just an introduction .I’m planning to write more when i find sometime . Till then c u ppl!!!!!


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: