logo

Process

Last Updated: 2023-09-18

PID

  • PID 0: swapper or sched, responsible for paging.
  • PID 1: systemd. The systemd daemon serves as the root of the user space's process tree. Read more: systemd

User Mode vs Kernel Mode

  • User mode: the application does not have full access to hardware resources, e.g. a process can't issue I/O requests, that will raise an exception, then OS would kill the process.
  • Kernel mode: the OS has access to the full resources of the machine.

Interrupt

Software interrupt:

  • to enter kernel-space from user-space.
  • synchronous.
  • produced by software.
  • The defined software interrupt on x86 is interrupt number 128 (int $0x80).
  • trap is a kind of software interrupt.

Hardware interrupt:

  • asynchronous.
  • produced by hardware.
  • IRQ = Interrupt Request. Sent by a hardware device to interrupt the processor
  • e.g. timer (irq=0), keyboard (irq=1), etc.

Concepts

  • Process Control Block (PCB): a fancy way of talking about a C structure that contains information about each process.
  • Exception: Exceptions are produced by the processor while executing instructions either in response to a programming error (for example, divide by zero) or abnormal conditions that must be handled by the kernel (for example, a page fault).

Thread vs Process

Each thread has its own private set of registers it uses for computation; thus, if there are two threads that are running on a single processor, when switching from running one (T1) to running the other (T2), a context switch must take place.

  • Thread: separate registers; shared memory, opened files.
  • Process: separate address space, opened files.

Single-threaded vs Multi-threaded

  • Single-threaded Process: only one stack, one heap.
  • Multi-threaded Process: multiple stacks, one heap.

Thread Context Switch vs Process Context Switch

  • Same:
    • handing control over to the operating system kernel.
  • Different:
    • Context switch between processes: save memory (address space) state to process control block (PCB).
    • Context switch between threads: save register stats to thread control blocks (TCBs), the address space remains the same.

Green Thread vs Native Thread

  • Green Thread: scheduled by a runtime library or virtual machine (VM), emulating multithreaded environments without relying on any native OS capabilities; managed in user space instead of kernel space, enabling them to work in environments that do not have native thread support.
  • Native Thread: native thread supported by the underlying operating system.

System Calls

  • fork()
  • exec()
  • wait()
  • kill()

fork() and exec()

  • fork(): creates a new process from current one with new pid, memory space, registers
  • exec(): loads code (and static data) from that executable and overwrites its current code segment (and current static data) with it; the heap and stack and other parts of the memory space of the program are re-initialized. (no new process created)

Reason for the separation of fork() and exec(): it lets the shell run code after the call to fork() but before the call to exec(); this code can alter the environment of the about-to-be-run program, and thus enables a variety of interesting features to be readily built.

exec has 6 functions:

#include <unistd.h>

int execl(const char *path, const char *arg, ...);
int execlp(const char *file, const char *arg, ...);
int execle(const char *path, const char *arg, ..., char *const envp[]);
int execv(const char *path, char *const argv[]);
int execvp(const char *file, char *const argv[]);
int execve(const char *path, char *const argv[], char *const envp[]);

Note:

  • the 3 execv* functions use char *argv[] for arguments, execl* functions need to list out all args and use NULL at the end.
  • execle and execve use envp[] to replace default environment params, others use default
  • execlp and execvp do not need full path, they will try to find the file from PATH environment param, others need the full path.
  • only execve is the real sys call, others are built on top of it.

Cooperative vs Non-cooperative

If CPU is running some user program, it cannot run OS, thus OS cannot switch processes.

  • Cooperative: Processes that run for too long are assumed to periodically give up the CPU so that the OS can decide to run some other task (yield system call, or other system calls)
  • Non-cooperative: timer interrupt, "A timer device can be programmed to raise an interrupt every so many milliseconds; when the interrupt is raised, the currently running process is halted, and a pre-configured interrupt handler in the OS runs. At this point, the OS has regained control of the CPU, and thus can do what it pleases: stop the current process, and start a different one."

Commands

  • start a process
    • foreground
    • background
  • stop a process
  • kill a process
  • schedule a process

pstree

$ pstree
init─┬─acpid
     ├─apache2───2*[apache2───26*[{apache2}]]
     ├─atd
     ├─cron
     ...

Get PID

$ pgrep mongod

Multiple programs under the same name:

$ ps -eo pid,args | grep 'java -jar start.jar'| grep -v grep | cut -c1-6

Step by Step:

  • ps -e: show all the pids
  • ps -o pid,args: specify the fields to show:
$ ps -eo pid,args
12498 -bash
14132 java -jar start.jar
17489 grep java -jar start.jar
...
  • grep 'java -jar start.jar': only leave the specified commands:
$ ps -eo pid,args | grep 'java -jar start.jar'
14132 java -jar start.jar
17489 grep java -jar start.jar
  • grep -v grep: exclude the grep itself:
$ ps -eo pid,args | grep 'java -jar start.jar'| grep -v grep
14132 java -jar start.jar
  • cut -c1-6: cut the first 6 characters:
$ ps -eo pid,args | grep 'java -jar start.jar'| grep -v grep | cut -c1-6
14132

Other ways to get pid: echo $$ or echo $!.

kill

kill does not just kill, it's actually a signal sender.

Send SIGTERM signal to process. (-TERM is the default)

$ kill -TERM <pid>

Send multiple signals: (9=SIGKILL, 13=SIGPIPE)

$ kill -{13, 9} <pid>

More about available signals:

$ man 7 signal