do_exit——>exit_notify()【转】
转自:http://blog.csdn.net/sunnybeike/article/details/6907322
版权声明:本文为博主原创文章,未经博主允许不得转载。
- /*
- * Send signals to all our closest relatives so that they know
- * to properly mourn(悼念) us..
- */
- static void exit_notify(struct task_struct *tsk, int group_dead)
- {
- int signal;
- void *cookie;
- /*
- * This does two things:
- *
- * A. Make init inherit all the child processes
- * B. Check to see if any process groups have become orphaned
- * as a result of our exiting, and if they have any stopped
- * jobs, send them a SIGHUP and then a SIGCONT. (POSIX 3.2.2.2)
- */
- forget_original_parent(tsk);
- exit_task_namespaces(tsk); //将task的namespace置为NULL
- write_lock_irq(&tasklist_lock);
- if (group_dead)
- kill_orphaned_pgrp(tsk->group_leader, NULL);
- /* Let father know we died
- *
- * Thread signals are configurable, but you aren't going to use
- * that to send signals to arbitrary processes.
- * That stops right now.
- *
- * If the parent exec id doesn't match the exec id we saved
- * when we started then we know the parent has changed security
- * domain.
- *
- * If our self_exec id doesn't match our parent_exec_id then
- * we have changed execution domain as these two values started
- * the same after a fork.
- */
- if (tsk->exit_signal != SIGCHLD && !task_detached(tsk) &&
- (tsk->parent_exec_id != tsk->real_parent->self_exec_id ||
- tsk->self_exec_id != tsk->parent_exec_id))
- tsk->exit_signal = SIGCHLD;
- signal = tracehook_notify_death(tsk, &cookie, group_dead);
- if (signal >= 0)
- signal = do_notify_parent(tsk, signal);
- tsk->exit_state = signal == DEATH_REAP ? EXIT_DEAD : EXIT_ZOMBIE;
- /* mt-exec, de_thread() is waiting for group leader */
- if (unlikely(tsk->signal->notify_count < 0))
- wake_up_process(tsk->signal->group_exit_task);
- write_unlock_irq(&tasklist_lock);
- tracehook_report_death(tsk, signal, cookie, group_dead);
- /* If the process is dead, release it - nobody will wait for it */
- if (signal == DEATH_REAP)
- release_task(tsk);
- }
如这个函数开头注释的,这个函数负责通知所有与这个进程相关的亲属,以便让他们做出相应的改变,或者“悼念”即将死去的进程。
我们碰到的第一个重要的函数就是:forget_original_parent()
注释中给出了这个函数的作用:(1)让init进程继承这个进程的所有子进程;(2)检查该进程所在的进程组在该进程死后是否会变为孤儿进程组,如果他们已经停止了工作,
则想他们先后发送SIGHUP信号和SIGCONT信号。
在这个函数中,关键要搞清楚进程的“养父”进程——p_pptr和“生父进程”——p_optr的关系,详细的解释可以看《情景分析》 P343。
- static void forget_original_parent(struct task_struct *father)
- {
- struct task_struct *p, *n, *reaper;
- LIST_HEAD(dead_children);
- write_lock_irq(&tasklist_lock);
- /*
- * Note that exit_ptrace() and find_new_reaper() might
- * drop tasklist_lock and reacquire it.
- */
- exit_ptrace(father);
- /*
- * Detach all tasks we were using ptrace on. Called with tasklist held
- * for writing, and returns with it held too. But note it can release
- * and reacquire the lock.
- */
- reaper = find_new_reaper(father); //为即将死去的进程的子进程寻找一个父进程。这个函数的代码还是比较简单的。
- /*
- * When we die, we re-parent all our children.
- * Try to give them to another thread in our thread
- * group, and if no such member exists, give it to
- * the child reaper process (ie "init") in our pid
- * space.
- */
- list_for_each_entry_safe(p, n, &father->children, sibling) { //逐个处理将死进程的子进程
- struct task_struct *t = p;
- do {
- t->real_parent = reaper; //将将死进程的子进程的兄弟进程的real_parent指向reaper进程
- if (t->parent == father) {
- BUG_ON(task_ptrace(t));
- t->parent = t->real_parent;
- }
- if (t->pdeath_signal)
- group_send_sig_info(t->pdeath_signal,
- SEND_SIG_NOINFO, t); //发送SEND_SIG_NOINFO信号,注意task_struct结构中的pdeath_dignal就是当父进程死亡的时候才会被设置,也就是这个时候。
- } while_each_thread(p, t); //逐个处理将死进程的子进程的兄弟进程
- reparent_leader(father, p, &dead_children);//Any that need to be release_task'd are put on the @dead list.见下文详解:
- }
- write_unlock_irq(&tasklist_lock);
- BUG_ON(!list_empty(&father->children));
- list_for_each_entry_safe(p, n, &dead_children, sibling) {
- list_del_init(&p->sibling); //?????????????????????????????????将p从兄弟队列中摘除,<span style="color:#FF0000;">但是兄弟关系是怎么产生的呢?</span>
- release_task(p);//做一些收尾工作,但是并未将task_struct结构删除,因为后者是其新的父进程的任务。
- }
- }
在forget_original_parent函数里边,为什么是两个循环来处理其子进程呢?我是因为父进程的子进程不一定在同一个slibing队列中,比如我们前文讲到的,如果是因为杀死了某个
进程A,而将A进程的子进程C的父进程指向了进程B,但是,我们并没有看到B进程的子进程D的slibing队列有什么变化,因此,D的slibing队列应该是没有将C进程链接进去的,因此就出现了这样的情况,即父进程有多个子进程,但是这些某些子进程之间可能是相互独立的,因此需要两层循环来将要撤销的父进程的所有子进程的父进程指向reaper.
来看一下forget_original_parent()中一个重要的函数reparent_leader():
- /*
- * Any that need to be release_task'd are put on the @dead list.
- */
- static void reparent_leader(struct task_struct *father, struct task_struct *p,
- struct list_head *dead)
- {
- list_move_tail(&p->sibling, &p->real_parent->children); //将进程p从其现有的兄弟队列中退出来,并将其挂到新的real_parent进程的children队列上。
- if (task_detached(p)) //如果进程已经脱离了,即p->exit_signal == -1,那么就直接返回。
- return;
- /*
- * If this is a threaded reparent there is no need to
- * notify anyone anything has happened.
- */
- if (same_thread_group(p->real_parent, father)) //如果将死进程的子进程的新的父进程和将死进程同数一个线程组,那么就返回。因为不需要杀死这个线程组。
- //有关进程组/线程组/会话的知识请参看《UNIX环境高级编程》相关章节
- return;
- /* We don't want people slaying init. */
- p->exit_signal = SIGCHLD;
- /* If it has exited notify the new parent about this child's death. */
- if (!task_ptrace(p) &&
- p->exit_state == EXIT_ZOMBIE && thread_group_empty(p)) { //如果将死进程的子进程没有被跟踪,且其状态是僵死状态并且所在线程组已经是空的了
- do_notify_parent(p, p->exit_signal); //则 Let a parent know about the death of a child. 下文将详述该函数。
- if (task_detached(p)) {
- p->exit_state = EXIT_DEAD;
- /*
- *EXIT_DEAD is the state after an appropriate wait system call has been issued and before the task
- *is completely removed from the system. This state is only of importance if multiple threads issue
- *wait calls for the same task.
- *EXIT_DEAD状态和EXIT_ZOMBIE状态的区别可以参看《深入Linux内核框架》
- */
- list_move_tail(&p->sibling, dead); //<span style="color:#FF0000;">将进程p从其sibling队列中删除并添加到dead队列中。子进程间的兄弟关系是怎么建立的呢?</span>
- }
- }
- kill_orphaned_pgrp(p, father); //一个重要的函数,下文详述:
- }
来看一下reparent_leader函数中的一个重要的函数do_notify_parent():如果在进程没有被跟踪,并且其状态已经是僵死状态,而且其所在的线程组已经是空的了,那就用这个函数向其父进程发送一个信号,让其知道子进程的生命已经结束,而来料理后事儿:
- /*
- * Let a parent know about the death of a child.
- * For a stopped/continued status change, use do_notify_parent_cldstop instead.
- *
- * Returns -1 if our parent ignored us and so we've switched to
- * self-reaping, or else @sig.
- */
- int do_notify_parent(struct task_struct *tsk, int sig)
- {
- struct siginfo info;
- unsigned long flags;
- struct sighand_struct *psig;
- int ret = sig;
- BUG_ON(sig == -1);
- /* do_notify_parent_cldstop should have been called instead. */
- BUG_ON(task_is_stopped_or_traced(tsk));
- BUG_ON(!task_ptrace(tsk) &&
- (tsk->group_leader != tsk || !thread_group_empty(tsk)));
- info.si_signo = sig;
- info.si_errno = 0;
- /*
- * we are under tasklist_lock here so our parent is tied to
- * us and cannot exit and release its namespace.
- *
- * the only it can is to switch its nsproxy with sys_unshare,
- * bu uncharing pid namespaces is not allowed, so we'll always
- * see relevant namespace
- *
- * write_lock() currently calls preempt_disable() which is the
- * same as rcu_read_lock(), but according to Oleg, this is not
- * correct to rely on this
- */
- rcu_read_lock();
- info.si_pid = task_pid_nr_ns(tsk, tsk->parent->nsproxy->pid_ns);
- info.si_uid = __task_cred(tsk)->uid;
- rcu_read_unlock();
- info.si_utime = cputime_to_clock_t(cputime_add(tsk->utime,
- tsk->signal->utime));
- info.si_stime = cputime_to_clock_t(cputime_add(tsk->stime,
- tsk->signal->stime));
- info.si_status = tsk->exit_code & 0x7f;
- if (tsk->exit_code & 0x80)
- info.si_code = CLD_DUMPED;
- else if (tsk->exit_code & 0x7f)
- info.si_code = CLD_KILLED;
- else {
- info.si_code = CLD_EXITED;
- info.si_status = tsk->exit_code >> 8;
- }
- psig = tsk->parent->sighand;
- spin_lock_irqsave(&psig->siglock, flags);
- if (!task_ptrace(tsk) && sig == SIGCHLD &&
- (psig->action[SIGCHLD-1].sa.sa_handler == SIG_IGN ||
- (psig->action[SIGCHLD-1].sa.sa_flags & SA_NOCLDWAIT))) {
- /*
- * We are exiting and our parent doesn't care. POSIX.1
- * defines special semantics for setting SIGCHLD to SIG_IGN
- * or setting the SA_NOCLDWAIT flag: we should be reaped
- * automatically and not left for our parent's wait4 call.
- * Rather than having the parent do it as a magic kind of
- * signal handler, we just set this to tell do_exit that we
- * can be cleaned up without becoming a zombie. Note that
- * we still call __wake_up_parent in this case, because a
- * blocked sys_wait4 might now return -ECHILD.
- *
- * Whether we send SIGCHLD or not for SA_NOCLDWAIT
- * is implementation-defined: we do (if you don't want
- * it, just use SIG_IGN instead).
- */
- ret = tsk->exit_signal = -1;
- if (psig->action[SIGCHLD-1].sa.sa_handler == SIG_IGN)
- sig = -1;
- }
- if (valid_signal(sig) && sig > 0)
- __group_send_sig_info(sig, &info, tsk->parent);
- __wake_up_parent(tsk, tsk->parent);
- spin_unlock_irqrestore(&psig->siglock, flags);
- return ret;
- }
看一下reparent_leader的最后调用的一个函数kill_orphanded_pgrp:
- /*
- * Check to see if any process groups have become orphaned as
- * a result of our exiting, and if they have any stopped jobs,
- * send them a SIGHUP and then a SIGCONT. (POSIX 3.2.2.2)
- */
- static void
- kill_orphaned_pgrp(struct task_struct *tsk, struct task_struct *parent)
- {
- struct pid *pgrp = task_pgrp(tsk);
- struct task_struct *ignored_task = tsk;
- if (!parent)
- /* exit: our father is in a different pgrp than
- * we are and we were the only connection outside.
- */
- parent = tsk->real_parent;
- else
- /* reparent: our child is in a different pgrp than
- * we are, and it was the only connection outside.
- */
- ignored_task = NULL;
- if (task_pgrp(parent) != pgrp && //进程tsk和其父进程不属于同一个组
- task_session(parent) == task_session(tsk) && //进程tsk和其父进程属于一个会话
- will_become_orphaned_pgrp(pgrp, ignored_task) && //进程组将会成为孤儿******************I ask you, have you ever kown what it is to be an orphan?******************************
- has_stopped_jobs(pgrp)) { //是否有被停止的job,被停止的原因可能是因为debugger,可以参看《深入Linux内核框架》
- __kill_pgrp_info(SIGHUP, SEND_SIG_PRIV, pgrp); //向进程组发送SIGHUP信号,干什么用呢?
- __kill_pgrp_info(SIGCONT, SEND_SIG_PRIV, pgrp);//向进程组发送SIGCONT信号,干什么用呢?
- }
- }
那么怎么判断进程组将变成孤儿呢?在kill_orphanded_pgrp中will_become_orphanded_pgrp完成了这项工作:
- /*
- * Determine if a process group is "orphaned", according to the POSIX
- * definition in 2.2.2.52. Orphaned process groups are not to be affected
- * by terminal-generated stop signals. Newly orphaned process groups are
- * to receive a SIGHUP and a SIGCONT.
- *
- * "I ask you, have you ever known what it is to be an orphan?"
- */
- static int will_become_orphaned_pgrp(struct pid *pgrp, struct task_struct *ignored_task)
- {
- struct task_struct *p;
- do_each_pid_task(pgrp, PIDTYPE_PGID, p) { //循环查询线程组中的每一个线程
- if ((p == ignored_task) || //<span style="color:#FF0000;">如果p是pgrp中的一员??</span>
- (p->exit_state && thread_group_empty(p)) || //如果pgrp中的p进程正处于退出状态而且其所在的线程组是空的了
- is_global_init(p->real_parent)) //或者pgrp中p进程的父进程是init进程,说明在该线程组中已经没有其他线程了(即list_empty(&p->thread_group) == 1;)。
- continue;
- if (task_pgrp(p->real_parent) != pgrp && //如果p的父进程和p不再同一个组中
- task_session(p->real_parent) == task_session(p)) //但是p的父进程和p进程功属于一个会话
- return 0; //返回0,不会变成孤儿
- } while_each_pid_task(pgrp, PIDTYPE_PGID, p);
- return 1; //返回1,会变成孤儿。
- }
现在,我们先来总结一下有关孤儿进程的东西,详细的解释可以看《情景分析》:
进程的“生父(p_opptr)”进程和“养父(p_pptr)”进程通常是一致的,但是如果进程被跟踪时,p_pptr就会指向跟踪进程,而p_opptr的指向不变。当一个进程在其子进程之前去世时,就要把他的子进程托付给某个进程。如果当前进程是一个线程,那就托付给同一线程组的下一个线程,是子进程的p_opptr指向这个线程。否则就只好托付给init进程了。如果当前进程和生父进程属于不同的session,不同的组,同时又是其所在组与其父进程之间的唯一纽带,那么一旦当前进程不存在了,这整个组就会变成孤儿。
do_exit——>exit_notify()【转】的更多相关文章
- 20135220谈愈敏Linux Book_3
第3章 进程管理 进程是Unix操作系统抽象概念中最基本的一种,进程管理是操作系统的心脏所在. 3.1 进程 进程:处于执行期的程序以及相关的资源的总称. 线程:在进程中活动的对象,拥有独立的程序计数 ...
- ARM Linux 内核 panic 之cache 一致性 ——Cortex-A9多核cache和TLB一致性广播
ARM Linux 内核 panic 之cache 一致性 ——Cortex-A9多核cache和TLB一致性广播 Cortex-A9的多喝CPU可以接收和执行一致性广播操作,当其使能并处于SMP模式 ...
- Linux进程退出详解(do_exit)--Linux进程的管理与调度(十四)
Linux进程的退出 linux下进程退出的方式 正常退出 从main函数返回return 调用exit 调用_exit 异常退出 调用abort 由信号终止 _exit, exit和_Exit的区别 ...
- do_exit【转】
转自:http://blog.csdn.net/lhf_tiger/article/details/8768874 进程在退出时,必须释放它所拥有的资源,并通过某种方式告诉父进程.进程的退出一般是显示 ...
- [轉]Linux kernel <2.6.29 exit_notify() local root exploit分析(2009-1337)
author : deep_pro目前网上的这个exploit(http://www.milw0rm.com/exploits/8369)的分析是有些问题的(http://forum.evilocta ...
- 《Linux内核设计与实现》读书笔记 第三章 进程管理
第三章进程管理 进程是Unix操作系统抽象概念中最基本的一种.我们拥有操作系统就是为了运行用户程序,因此,进程管理就是所有操作系统的心脏所在. 3.1进程 概念: 进程:处于执行期的程序.但不仅局限于 ...
- liunx中的进程与线程
1. 进程和线程 进程和线程是程序运行时状态,是动态变化的,进程和线程的管理操作(比如,创建,销毁等)都是有内核来实现的. Linux中的进程于Windows相比是很轻量级的,而且不严格区分进程和线程 ...
- Linux 进程管理剖析--转
地址:http://www.ibm.com/developerworks/cn/linux/l-linux-process-management/index.html Linux 是一种动态系统,能够 ...
- Linux进程创建和结束
在Linux中,进程的创建由系统调用fork和vfork完成.它们生成一个子进程并且子进程是父进程的一个复制品. Fork系统调用对应的kernel函数是sys_fork,此函数简单的调用kernel ...
随机推荐
- 36-应用Jwtbearer Authentication
新建.net core webapi项目 E:\coding\netcore>dotnet new webapi --name JwtAuthSample 创建需要用到的实体对象类 namesp ...
- Android 工具类 异常处理类CrashHandler
1.整体分析 1.1.源代码如下,可以直接Copy. public class CrashHandler implements Thread.UncaughtExceptionHandler { pr ...
- 图的深度优先遍历&广度优先遍历
1.什么是图的搜索? 指从一个指定顶点可以到达哪些顶点 2.无向完全图和有向完全图 将具有n(n-1)/2条边的无向图称为无向完全图(完全图就是任意两个顶点都存在边). 将具有n(n-1)条边的有 ...
- python datetime offset-aware与offset-navie相互转换
python datetime offset-aware与offset-navie相互转换 2016年11月13日 16:20:43 阅读数:2393 有时,我们使用python 的datetime模 ...
- linux 检测进程是否存在
1. 直接遍历/proc目录 int find_pid_by_name( char* pidname, pid_t *pidlist) { #define READ_BUF_SIZE 256 DIR ...
- 起始授权机构(SOA)
起始授权机构 编辑 本词条缺少名片图,补充相关内容使词条更完整,还能快速升级,赶紧来编辑吧! 起始授权机构,SOA(Start Of Authority):该记录表明DNS名称服务器是DNS域中的数据 ...
- win10激活(转)
批处理命令激活方法,此方法和激活码可激活 180天 先来说下使用激活码使用方法: 1.同时按下Win键+X,然后选择命令提示符(管理员) 2.在命令提示符中依次输入: slmgr.vbs /upk ( ...
- Buildroot ipa image
参考: https://github.com/csmart/ironic-python-agent/tree/buildroot/imagebuild/buildroot#buildroot-iron ...
- Leetcode 667.优美的排列II
优美的排列II 给定两个整数 n 和 k,你需要实现一个数组,这个数组包含从 1 到 n 的 n 个不同整数,同时满足以下条件: ① 如果这个数组是 [a1, a2, a3, ... , an] ,那 ...
- Vue2 全局过滤器(vue-cli)
先看官方简介: 当前组件注册: export default { data () { return {} }, filters:{ orderBy (){ // doSomething }, uppe ...