實驗截圖
設(shè)置斷點(diǎn)。
跟蹤到copy_process函數(shù)。
跟蹤到ret_from_fork()凿傅。
跟蹤ret_from_fork()的匯編代碼。
task_struct數(shù)據(jù)結(jié)構(gòu)分析
struct task_struct {
volatile long state;//進(jìn)程運(yùn)行狀態(tài)雁歌。-1為等待狀態(tài),0為運(yùn)行知残,>0為停止?fàn)顟B(tài)
void *stack; //進(jìn)程的內(nèi)核堆棧
atomic_t usage;
unsigned int flags; //每個進(jìn)程的標(biāo)識符
unsigned int ptrace;//進(jìn)程跟蹤標(biāo)識符
#ifdef CONFIG_SMP //條件編譯靠瞎,即對處理時用到的代碼
struct llist_node wake_entry;
int on_cpu;
struct task_struct *last_wakee;
unsigned long wakee_flips;
unsigned long wakee_flip_decay_ts;
int wake_cpu;
#endif
/*運(yùn)行隊列和進(jìn)程調(diào)度相關(guān)的代碼*/
int on_rq;
int prio, static_prio, normal_prio;
unsigned int rt_priority;
const struct sched_class *sched_class;
struct sched_entity se;
struct sched_rt_entity rt;
#ifdef CONFIG_CGROUP_SCHED
struct task_group *sched_task_group;
#endif
struct sched_dl_entity dl;
#ifdef CONFIG_PREEMPT_NOTIFIERS
/* list of struct preempt_notifier: */
struct hlist_head preempt_notifiers;
#endif
#ifdef CONFIG_BLK_DEV_IO_TRACE
unsigned int btrace_seq;
#endif
unsigned int policy;
int nr_cpus_allowed;
cpumask_t cpus_allowed;
#ifdef CONFIG_PREEMPT_RCU
int rcu_read_lock_nesting;
union rcu_special rcu_read_unlock_special;
struct list_head rcu_node_entry;
#endif /* #ifdef CONFIG_PREEMPT_RCU */
#ifdef CONFIG_TREE_PREEMPT_RCU
struct rcu_node *rcu_blocked_node;
#endif /* #ifdef CONFIG_TREE_PREEMPT_RCU */
#ifdef CONFIG_TASKS_RCU
unsigned long rcu_tasks_nvcsw;
bool rcu_tasks_holdout;
struct list_head rcu_tasks_holdout_list;
int rcu_tasks_idle_cpu;
#endif /* #ifdef CONFIG_TASKS_RCU */
#if defined(CONFIG_SCHEDSTATS) || defined(CONFIG_TASK_DELAY_ACCT)
struct sched_info sched_info;
#endif
struct list_head tasks; //進(jìn)程的鏈表,將所有進(jìn)程通過雙向循環(huán)鏈表鏈接在一起。
#ifdef CONFIG_SMP
struct plist_node pushable_tasks;
struct rb_node pushable_dl_tasks;
#endif
struct mm_struct *mm, *active_mm; //與進(jìn)程的地址空間相關(guān)的數(shù)據(jù)結(jié)構(gòu)
#ifdef CONFIG_COMPAT_BRK
unsigned brk_randomized:1;
#endif
/* per-thread vma caching */
u32 vmacache_seqnum;
struct vm_area_struct *vmacache[VMACACHE_SIZE];
#if defined(SPLIT_RSS_COUNTING)
struct task_rss_stat rss_stat;
#endif
/* task state */
int exit_state;
int exit_code, exit_signal;
int pdeath_signal; /* The signal sent when the parent dies */
unsigned int jobctl; /* JOBCTL_*, siglock protected */
/* Used for emulating ABI behavior of previous Linux versions */
unsigned int personality;
unsigned in_execve:1; /* Tell the LSMs that the process is doing an
* execve */
unsigned in_iowait:1;
/* Revert to default priority/policy when forking */
unsigned sched_reset_on_fork:1;
unsigned sched_contributes_to_load:1;
unsigned long atomic_flags; /* Flags needing atomic access. */
pid_t pid; //進(jìn)程標(biāo)識符
pid_t tgid; //進(jìn)程標(biāo)識符
#ifdef CONFIG_CC_STACKPROTECTOR
/* Canary value for the -fstack-protector gcc feature */
unsigned long stack_canary;
#endif
/*
* pointers to (original) parent process, youngest child, younger sibling,
* older sibling, respectively. (p->father can be replaced with
* p->real_parent->pid)
*/
/*與進(jìn)程父子關(guān)系有關(guān)的代碼*/
struct task_struct __rcu *real_parent; /* real parent process */
struct task_struct __rcu *parent; /* recipient of SIGCHLD, wait4() reports */
/*
* children/sibling forms the list of my natural children
*/
struct list_head children; /* list of my children */
struct list_head sibling; /* linkage in my parent's children list */
struct task_struct *group_leader; /* threadgroup leader */
/*
* ptraced is the list of tasks this task is using ptrace on.
* This includes both natural children and PTRACE_ATTACH targets.
* p->ptrace_entry is p's link on the p->parent->ptraced list.
*/
struct list_head ptraced;
struct list_head ptrace_entry;
/* PID/PID hash table linkage. */
struct pid_link pids[PIDTYPE_MAX];
struct list_head thread_group;
struct list_head thread_node;
struct completion *vfork_done; /* for vfork() */
int __user *set_child_tid; /* CLONE_CHILD_SETTID */
int __user *clear_child_tid; /* CLONE_CHILD_CLEARTID */
/*與時間相關(guān)的代碼*/
cputime_t utime, stime, utimescaled, stimescaled;
cputime_t gtime;
#ifndef CONFIG_VIRT_CPU_ACCOUNTING_NATIVE
struct cputime prev_cputime;
#endif
#ifdef CONFIG_VIRT_CPU_ACCOUNTING_GEN
seqlock_t vtime_seqlock;
unsigned long long vtime_snap;
enum {
VTIME_SLEEPING = 0,
VTIME_USER,
VTIME_SYS,
} vtime_snap_whence;
#endif
unsigned long nvcsw, nivcsw; /* context switch counts */
u64 start_time; /* monotonic time in nsec */
u64 real_start_time; /* boot based time in nsec */
/* mm fault and swap info: this can arguably be seen as either mm-specific or thread-specific */
unsigned long min_flt, maj_flt;
struct task_cputime cputime_expires;
struct list_head cpu_timers[3];
/* process credentials */
const struct cred __rcu *real_cred; /* objective and real subjective task
* credentials (COW) */
const struct cred __rcu *cred; /* effective (overridable) subjective task
* credentials (COW) */
char comm[TASK_COMM_LEN]; /* executable name excluding path
- access with [gs]et_task_comm (which lock
it with task_lock())
- initialized normally by setup_new_exec */
/* file system info */
int link_count, total_link_count;
#ifdef CONFIG_SYSVIPC
/* ipc stuff */
struct sysv_sem sysvsem;
struct sysv_shm sysvshm;
#endif
#ifdef CONFIG_DETECT_HUNG_TASK
/* hung task detection */
unsigned long last_switch_count;
#endif
/* 與CPU有關(guān)的數(shù)據(jù)結(jié)構(gòu)*/
struct thread_struct thread;
/* filesystem information */
struct fs_struct *fs;//與文件系統(tǒng)有關(guān)的數(shù)據(jù)結(jié)構(gòu)
/* open file information */
struct files_struct *files; //文件描述符
/* namespaces */
struct nsproxy *nsproxy;
/* 與信號處理相關(guān)的數(shù)據(jù)結(jié)構(gòu) */
struct signal_struct *signal;
struct sighand_struct *sighand;
sigset_t blocked, real_blocked;
sigset_t saved_sigmask; /* restored if set_restore_sigmask() was used */
struct sigpending pending;
unsigned long sas_ss_sp;
size_t sas_ss_size;
int (*notifier)(void *priv);
void *notifier_data;
sigset_t *notifier_mask;
struct callback_head *task_works;
struct audit_context *audit_context;
#ifdef CONFIG_AUDITSYSCALL
kuid_t loginuid;
unsigned int sessionid;
#endif
struct seccomp seccomp;
/* Thread group tracking */
u32 parent_exec_id;
u32 self_exec_id;
/* Protection of (de-)allocation: mm, files, fs, tty, keyrings, mems_allowed,
* mempolicy */
spinlock_t alloc_lock;
/* Protection of the PI data structures: */
raw_spinlock_t pi_lock;
#ifdef CONFIG_RT_MUTEXES //互斥鎖
/* PI waiters blocked on a rt_mutex held by this task */
struct rb_root pi_waiters;
struct rb_node *pi_waiters_leftmost;
/* Deadlock detection and priority inheritance handling */
struct rt_mutex_waiter *pi_blocked_on;
#endif
#ifdef CONFIG_DEBUG_MUTEXES//互斥鎖
/* mutex deadlock detection */
struct mutex_waiter *blocked_on;
#endif
#ifdef CONFIG_TRACE_IRQFLAGS //與調(diào)試相關(guān)的數(shù)據(jù)結(jié)構(gòu)
unsigned int irq_events;
unsigned long hardirq_enable_ip;
unsigned long hardirq_disable_ip;
unsigned int hardirq_enable_event;
unsigned int hardirq_disable_event;
int hardirqs_enabled;
int hardirq_context;
unsigned long softirq_disable_ip;
unsigned long softirq_enable_ip;
unsigned int softirq_disable_event;
unsigned int softirq_enable_event;
int softirqs_enabled;
int softirq_context;
#endif
#ifdef CONFIG_LOCKDEP
# define MAX_LOCK_DEPTH 48UL
u64 curr_chain_key;
int lockdep_depth;
unsigned int lockdep_recursion;
struct held_lock held_locks[MAX_LOCK_DEPTH];
gfp_t lockdep_reclaim_gfp;
#endif
/* journalling filesystem info */
void *journal_info;
/* stacked block device info */
struct bio_list *bio_list;
#ifdef CONFIG_BLOCK
/* stack plugging */
struct blk_plug *plug;
#endif
/* VM state */
struct reclaim_state *reclaim_state;
struct backing_dev_info *backing_dev_info;
struct io_context *io_context;
unsigned long ptrace_message;
siginfo_t *last_siginfo; /* For ptrace use. */
struct task_io_accounting ioac;
#if defined(CONFIG_TASK_XACCT)
u64 acct_rss_mem1; /* accumulated rss usage */
u64 acct_vm_mem1; /* accumulated virtual memory usage */
cputime_t acct_timexpd; /* stime + utime since last update */
#endif
#ifdef CONFIG_CPUSETS
nodemask_t mems_allowed; /* Protected by alloc_lock */
seqcount_t mems_allowed_seq; /* Seqence no to catch updates */
int cpuset_mem_spread_rotor;
int cpuset_slab_spread_rotor;
#endif
#ifdef CONFIG_CGROUPS
/* Control Group info protected by css_set_lock */
struct css_set __rcu *cgroups;
/* cg_list protected by css_set_lock and tsk->alloc_lock */
struct list_head cg_list;
#endif
#ifdef CONFIG_FUTEX
struct robust_list_head __user *robust_list;
#ifdef CONFIG_COMPAT
struct compat_robust_list_head __user *compat_robust_list;
#endif
struct list_head pi_state_list;
struct futex_pi_state *pi_state_cache;
#endif
#ifdef CONFIG_PERF_EVENTS
struct perf_event_context *perf_event_ctxp[perf_nr_task_contexts];
struct mutex perf_event_mutex;
struct list_head perf_event_list;
#endif
#ifdef CONFIG_DEBUG_PREEMPT
unsigned long preempt_disable_ip;
#endif
#ifdef CONFIG_NUMA
struct mempolicy *mempolicy; /* Protected by alloc_lock */
short il_next;
short pref_node_fork;
#endif
#ifdef CONFIG_NUMA_BALANCING
int numa_scan_seq;
unsigned int numa_scan_period;
unsigned int numa_scan_period_max;
int numa_preferred_nid;
unsigned long numa_migrate_retry;
u64 node_stamp; /* migration stamp */
u64 last_task_numa_placement;
u64 last_sum_exec_runtime;
struct callback_head numa_work;
struct list_head numa_entry;
struct numa_group *numa_group;
/*
* Exponential decaying average of faults on a per-node basis.
* Scheduling placement decisions are made based on the these counts.
* The values remain static for the duration of a PTE scan
*/
unsigned long *numa_faults_memory;
unsigned long total_numa_faults;
/*
* numa_faults_buffer records faults per node during the current
* scan window. When the scan completes, the counts in
* numa_faults_memory decay and these values are copied.
*/
unsigned long *numa_faults_buffer_memory;
/*
* Track the nodes the process was running on when a NUMA hinting
* fault was incurred.
*/
unsigned long *numa_faults_cpu;
unsigned long *numa_faults_buffer_cpu;
/*
* numa_faults_locality tracks if faults recorded during the last
* scan window were remote/local. The task scan period is adapted
* based on the locality of the faults with different weights
* depending on whether they were shared or private faults
*/
unsigned long numa_faults_locality[2];
unsigned long numa_pages_migrated;
#endif /* CONFIG_NUMA_BALANCING */
struct rcu_head rcu;
/*
* 與管道相關(guān)的數(shù)據(jù)結(jié)構(gòu)
*/
struct pipe_inode_info *splice_pipe;
struct page_frag task_frag;
#ifdef CONFIG_TASK_DELAY_ACCT
struct task_delay_info *delays;
#endif
#ifdef CONFIG_FAULT_INJECTION
int make_it_fail;
#endif
/*
* when (nr_dirtied >= nr_dirtied_pause), it's time to call
* balance_dirty_pages() for some dirty throttling pause
*/
int nr_dirtied;
int nr_dirtied_pause;
unsigned long dirty_paused_when; /* start of a write-and-pause period */
#ifdef CONFIG_LATENCYTOP
int latency_record_count;
struct latency_record latency_record[LT_SAVECOUNT];
#endif
/*
* time slack values; these are used to round up poll() and
* select() etc timeout values. These are in nanoseconds.
*/
unsigned long timer_slack_ns;
unsigned long default_timer_slack_ns;
#ifdef CONFIG_FUNCTION_GRAPH_TRACER
/* Index of current stored address in ret_stack */
int curr_ret_stack;
/* Stack of return addresses for return function tracing */
struct ftrace_ret_stack *ret_stack;
/* time stamp for last schedule */
unsigned long long ftrace_timestamp;
/*
* Number of functions that haven't been traced
* because of depth overrun.
*/
atomic_t trace_overrun;
/* Pause for the tracing */
atomic_t tracing_graph_pause;
#endif
#ifdef CONFIG_TRACING
/* state flags for use by tracers */
unsigned long trace;
/* bitmask and counter of trace recursion */
unsigned long trace_recursion;
#endif /* CONFIG_TRACING */
#ifdef CONFIG_MEMCG /* memcg uses this to do batch job */
unsigned int memcg_kmem_skip_account;
struct memcg_oom_info {
struct mem_cgroup *memcg;
gfp_t gfp_mask;
int order;
unsigned int may_oom:1;
} memcg_oom;
#endif
#ifdef CONFIG_UPROBES
struct uprobe_task *utask;
#endif
#if defined(CONFIG_BCACHE) || defined(CONFIG_BCACHE_MODULE)
unsigned int sequential_io;
unsigned int sequential_io_avg;
#endif
};
fork函數(shù)創(chuàng)建新進(jìn)程過程分析
在Linux系統(tǒng)中fork()通過調(diào)用clone系統(tǒng)調(diào)用實現(xiàn)其功能乏盐,而clone()是通過調(diào)用do_fork()實現(xiàn)的佳窑。
do_fork()定義在kernel/fork.c文件中。 該函數(shù)調(diào)用copy_process()開始創(chuàng)建新進(jìn)程父能。工作過程如下:
1.調(diào)用dup_task_struct()為新進(jìn)程創(chuàng)建一個內(nèi)核棧神凑、thread_info結(jié)構(gòu)和task_struct(PCB),這些值與當(dāng)前進(jìn)程的值相同何吝。此時溉委,子進(jìn)程和父進(jìn)程的描述符是完全相同的。
2.檢查并確保新創(chuàng)建這個子進(jìn)程后爱榕,當(dāng)前用戶所擁有的進(jìn)程數(shù)目沒有超出給它分配的資源的限制瓣喊。
3.子進(jìn)程著手使自己與父進(jìn)程區(qū)別開來。進(jìn)程描述符內(nèi)的許多成員都要被清0或設(shè)為初始值黔酥。那些不是繼承而來的進(jìn)程描述符成員藻三,主要是統(tǒng)計信息。task_struct中的大多數(shù)數(shù)據(jù)都依然未被修改絮爷。
4.子進(jìn)程的狀態(tài)被設(shè)置為TASK_UNINTERRUPTINLE趴酣,以保證它不會投入運(yùn)行梨树。(注:TASK_UNINTERRUPTIBLE使進(jìn)程只能被wake_up()喚醒坑夯,即等待狀態(tài)。等待狀態(tài)不可被信號解除抡四。)
5.copy_process()調(diào)用copy_flags()以更新task_struct的flags成員柜蜈。表明進(jìn)程是否擁有超級用戶權(quán)限的PE_SUPERPRIV標(biāo)志被清0。表明進(jìn)程還沒有調(diào)用exec()的函數(shù)的PF_FORKNOEXEC標(biāo)志被設(shè)置指巡。
6.調(diào)用alloc_pid()為新進(jìn)程分配一個有效的PID淑履。
7.根據(jù)傳遞給clone()的參數(shù)標(biāo)志,copy_process()拷貝或共享打開文件藻雪、文件系統(tǒng)信息秘噪、信號處理函數(shù)、進(jìn)程地址空間和命名空間等勉耀。在一般情況下指煎,這些資源會被給定進(jìn)程的所有線程共享;否則便斥,這些資源對每個進(jìn)程是不同的至壤,因此被拷貝到這里。
8.最后枢纠,copy_process()做掃尾工作并返回一個指向子進(jìn)程的指針像街。
回到do_fork函數(shù),如果copy_process()函數(shù)成功返回,新創(chuàng)建的子進(jìn)程被喚醒并讓其投入運(yùn)行镰绎。
子進(jìn)程是從哪開始執(zhí)行的脓斩?
當(dāng)執(zhí)行到
p->thread.ip = (unsigned long) ret_from_fork; //調(diào)度到子進(jìn)程時的第一條指令地址。
時畴栖,即子進(jìn)程得到CPU時它從這個位置開始執(zhí)行的俭厚。
而執(zhí)行這條語句
*childregs = *current_pt_regs(); //復(fù)制內(nèi)核堆棧
保證了新進(jìn)程的執(zhí)行起點(diǎn)和內(nèi)核堆棧的一致性。
如下圖gdb跟蹤所示驶臊。
新進(jìn)程執(zhí)行起點(diǎn)對應(yīng)的堆棧狀態(tài)分析
gdb調(diào)試分析
總結(jié)
Linux創(chuàng)建一個新進(jìn)程的過程:系統(tǒng)通過sys_fork挪挤、sys_clone、sys_vfork三個系統(tǒng)調(diào)用中的任意一個創(chuàng)建新進(jìn)程关翎,這三個系統(tǒng)調(diào)用都調(diào)用do_fork()函數(shù)扛门,由do_fork()函數(shù)調(diào)用其它函數(shù)復(fù)制父進(jìn)程的PCB,創(chuàng)建新進(jìn)程的內(nèi)核棧纵寝,然后根據(jù)創(chuàng)建時的參數(shù)修改新進(jìn)程PCB中的信息將其與父進(jìn)程區(qū)分開來论寨,為子進(jìn)程分配新的PID號,最后將其返回用戶態(tài)爽茴。
參考資料
《Linux內(nèi)核設(shè)計與實現(xiàn)》原書第三版
Sawoom原創(chuàng)作品轉(zhuǎn)載請注明出處
《Linux內(nèi)核分析》MOOC課程http://mooc.study.163.com/course/USTC-1000029000
