A first view of

processes in Linux

1
Objectives
• Understand the concept of a process vs a program
• Get a first understanding of the kernel view of a process
• Know a few tools to investigate process information
• Learn how to create your own processes from a C program
• Learn to write a simple shell!

Note: All the program examples shown here are in the github under the proc/ directory

2
 First concepts Experiment ( here
program)
loopy.c is just a sample

Concepts Source Create a small program (loopy.c)

• Programs are what are written,
compiled, etc etc.
• Processes are what get executed Compile
and Create the executable (and/or .o) file
• System calls are the interface for a create
process to access OS functionality
$ hexdump –cx loopy
Use ls to see the files Use ps to see your Examine $ ldd loopy
in the directory: processes: the files: $ objdump [-hd] loopy
$ ls $ ps $ objdump -d libc.so… | grep syscall
loopy.c PID TTY TIME CMD
loopy 2269 pts/0 00:00:00 bash
3303 pts/0 00:00:12 loopy Examine $ ltrace -x ‘@libc.so*’ loopy busy
3321 pts/0 00:00:00 ps $ strace loopy busy
the $ gdb loopy
execution $ cat /proc/<PID>/maps
3
 RAM
DDR3/…

Where
is the Fetch
proces CPU Decode

s Execute
The Kernel maintains
information about the

Controllers…
process in its internal
data structures
PCH
sk
Di
rd

/home/iiitbuser/loopy
Ha

SATA
controller 4
The kernel’s information about a
process
• Every process has a Process ID – PID see ps(1) getpid(2)
• Along with a process is associated a bunch of things
• Its owner (user), its parent(process), its children(processes)
• The code/file it is executing (like a.out or ./loopy or /bin/ls)
• Memory – Text (Code), data(static variable), stack(auto variables), heap (dynamic)
• Its execution state (Instruction pointer, register values)
• Its other active resources – open files, sockets, other resources
• All this info is maintained by the kernel for each process – Process Control
Block (PCB)
• Kernel creates, updates, deletes PCBs. Uses it for CPU scheduling, memory
allocation, IO scheduling, access control to resources, etc.
5
Three basic process
system calls
fork() , exec() and wait()

6
 Creating processes
programmatically
• All process are created from an initial process: see pstree(1)
• This happens by using a technique consisting of two building blocks
• A process can simply replicate itself creating a new process which is almost
identical but with a new process id (of course) (new box)
• A process can simply remain the same id but the program executing is new,
ie the pid remains the same. (change colour)

1 1 1 1 1 1 1
4 Fork – Create a duplicate
i.e., one new process
Notice:
pstree -p
2
3 ... 3 3
Exec – repurpose the same
Time 0 1 2 3 4 5 7
4
 time

Linux system calls to create 1 1 1

4

processes 3

• On UNIX/ Linux you can explicitly create your own processes using the techniques
mentioned.
• All processes are in RAM, all these replication/overlaying happens in the RAM
• For this there are two useful system calls fork() and often execv():
• fork() simply creates a new process which is a duplicate process. So we end
up with an additional new process which is nearly identical to the calling process.
• Of course they are two separate processes so they have separate PIDs (separate
data/stack/variables etc – almost nothing shared).
• Also there is a quick way to tell which one was the original(parent) and which
was the new one(child). (return value of fork())
• Quick example follows
8
Linux process – fork() – ing off a new process
6376
int i=500; printf(“The Beginning\n”); x is 0
x = fork();
printf(“Hello world\n”); 6375 6375
x is
if ( x == 0) x is ?
6376
printf("I am child\n); time

else Before After

printf("I am parent of fork() call

process: %d", x );
printf(“The End\n”);

9
 What is printed in the following
3170 3171
x i x i
int x; int i=500; ? 500
3171 500 0 500
x = fork();
A A
printf(“A\n”);
if ( x == 0) {
Of course, the process has 0 501
i++; actually the executable
B
printf(“B\n”); version of this code!
} else { 3171 499
i--; C
printf(“C\n”);
499 501
}
printf(“%d\n”,i);
ry: the variables for x and i of the child are completely independent from (not shared with) the parent:
10
ne of the things that is implied by “processes are isolated!”
 Linux processes – replacing code of
an existing process with execv()
char * prog = "/bin/ls";
6375 6375
char * params[] = {"/bin/ls", a.out /bin/ls
“/bin/ls”
"-l", "/home", NULL};
printf("The Beginning\n"); time
printf(“pid=%d\n”,getpid()); Before After
execv(prog, params); exec() call

X
printf(“pid=%d\n”,getpid());
printf("The End\n");
Not a new process, so pid is the same
1. Check man exec and
and notice execv, execvp in addition to other variations.
11
What is printed 3170

i prog params
int i; char * prog = "/bin/ls";
char * params[] = {"/bin/ls", ?  [,,,NULL]
"-l", "/home", NULL};
for(i=0; i < 2 ; i++) { 0  [,,,NULL]
printf("B\n"); B

printf(“%d\n”, getpid()); 3170

execv(prog, params);
}
printf("E\n");

12
What is printed 3170

i prog params
Thei;
int earlier code*(entire
char proguser
= address
"/bin/ls"; ?  [,,,NULL]
space) is replaced by that of the given
char * params[] = {"/bin/ls",
executable.
"-l", "/home", NULL};
No way toi=0;
for(int accessidata
< and
2 ;code of the
i++) {
program before exec was called.
printf("B\n"); B

/bin/ls -l
printf(“%d\n”, getpid()); 3170
execv(prog, params); total 47
} -rwxrwx--- 1 root vb
-rwxrwx--- 1 root vb
printf("E\n"); ..
..
..

13
Waiting for a child process to exit
• wait(2) tells the parent about int i=500; printf(“The Beginning\n”);
when/how a child x = fork();
(i.e., created by fork()) exited. printf(“Hello world\n”);
• It is usually used to wait until a if ( x == 0) {
child finishes executing. printf("I am child\n);
• In the simple form: getchar(); // child waits for user input
wait(int } else {
*wstatus); printf("I am parent of
• Another form: process: %d\n", x );
waitpid(int pid, wait(&wstat);//parent awaits child
int *wstatus, }
int options); printf(“The End\n”);
14
Check your understanding
• See: simple_fork.c simple_exec.c
• Howmany processes are created when the following code is run:

p
1 printf(”A\n”);
p1 p1
2 fork();
@2 @4 @2 @4 p
3 printf(”B\n”);
p2 p3 p2 p3
4 fork();
@4 @4
5 printf(”C\n”); p
p4 p4
6 fork();
p

15
Prelude to writing your own: What is
shell ?
• A shell simply receives input from the
~$ ls
user and runs the corresponding program
• It also takes care of piping and I/O
redirection:
• date | tr [:lower:] [:upper:] > outfile

• It also has some builtin commands like

The $ is called the shell prompt.
You can change it using the environment
setting some environment variable values,
variable PS1 like this: cd, alias, source, exit etc.
$ PS1=’c:> ’
just for fun.

While the common shell is bash (see ps),

there is also sh, csh, ksh etc.

16
 3617
shell

How a shell can be built

$ date fork()

3618
wait() exec() /bin/date
waiting
waiting 3618
$ ./myshell /bin/date
waiting
* /bin/date exit
Monday 03 January …
* /bin/du -s . $ du -s .
fork()
317 . 3619
wait()
* /bin/echo hi waiting
hi exec() /bin/du -s .
waiting
* exit waiting
$ ... /bin/du -s
3619
$ exit
$ .. And so on
$ .. And on until..
See shell.c “exit” is the command
$ exit
17
Summary
We learnt fork (2) exec(3) and wait(2) system calls
We learnt that exec is actually a family of system calls
….wait too comes in multiple forms
18
Things to do and understand
• Learn to use man pages – eg, which man page section has system calls. Diff
between man write and man 2 write
• Investigate the ps command, also check pstree command and
understand notions of parent and child processes.
• Investigating files:
• Use od –cx to see the contents of an a.out file
• See the code/data/stack segment in a program – use gdb or objdump
• Use strace and ltrace to see what system calls are called from your
executable
• Use fork() and exec() together to run simple programs
• Write a very simple shell – like shown in class
19
Things to do and understand
• Learn some helpful system calls (Build your repertoire)
• exec() family of calls – its not one call.
• fork()
• exit()
• sleep()
• Notice that commands can run in the background.
• ./loopy busy &

20
END

21