2. Operating Systems I PT / FF 14
Operating System Concepts
• Computer platform as collection of
hardware resources
• Applications are executed
to perform some task
• Developing for one hardware
platform is inefficient -
portability through abstraction
• Resources are made available
to multiple applications
• Multi-processing and multi-tasking
• Processor is switched among multiple applications to allow progress for all of them
• Shared memory is made available to all processes in an ordered fashion
2
Computer Hardware
Operating System
Utilities
Application Programs
End User
Programmer
OS Designer
(C) Stallings 2004
3. Operating Systems I PT / FF 14
Basic Concept: Process
• Unit of execution in operating system is traditionally a process
• Term introduced with MULTICS in the 60‘s to generalize job concept
• Instance of an executed program binary
• Management of multiple running processes is a core operating system task
• Concurrent utilization of resources demands some management
• Operating system must prevent independent processes from mutual code and
data access (isolation)
• Sharing should be explicitly allowable under given security constraints
• Same holds for devices offering resources (storage, communication, ...)
3
4. Operating Systems I PT / FF 14
Process Image
• Collection of process information is often called image
• Context / execution state
• Status information in the CPU for time sharing
• Management information, such as priority,
security tokens and call stacks
• Program code
• Potentially shared between running processes
(e.g. libraries)
• Associated system resources
• Must be subject to security checks
• Data
4
5. Operating Systems I PT / FF 14
Life of a Process
• Reasons for process creation
• New application / job start
• Interactive logon by a user
• Operating system service is started (e.g. printer spooler)
• Spawned by an existing process - parent process vs. child process
• Reasons for process termination
• Completion signaled by process itself - HALT instruction, system call, return jump
• Indication from the user in an interactive process
• Request from parent process or administrator
• Failure condition - execution time limits, lack of memory, protection error,
arithmetic error, I/O failure, invalid instruction, privileged instruction, parent
termination, ...
5
6. Operating Systems I PT / FF 14
Process Control Block
• A process is internally characterized by a
process control block
• Unique identifier
• Execution state (e.g. running, suspended, terminated)
• Priority level in comparison to other processes
• CPU context state related to this process, such as the
program counter
• Memory regions for code and data used by the process
• I/O status information, such as outstanding requests,
devices and open files
• Accounting information: time limits, clock time used, ...
• Security information, e.g. process owner
6
7. Operating Systems I PT / FF 14
Process Control Block
• Contains all the process information needed by the operating system
• Is read and / or modified by many parts of the kernel
• Protection of these structures is crucial, but fast access must still be possible
• Process creation involves:
• Assignment of a new unique process identifier
• Allocation of memory for the process
• Initialization of a new process control block
• Adding the control block into management structures, e.g. for dispatching
• Loading necessary data (code, libraries) into the allocated memory space
7
8. Operating Systems I PT / FF 14
Processes and Resources
• Operating system manages the use of system resources by processes
(processor cycles, main memory, I/O devices)
• Resource allocation is permanently changing, system needs management tables
• Handles and identifiers work as index
in the management tables
8
9. Operating Systems I PT / FF 14
Resource Tables
• Memory tables
• Keep track of physical memory and virtual memory per process
• Allocation of swapping space to processes
• Protection attributes
• I/O tables
• Status of current I/O operation
• Memory location being used as source or destination of the operation
• File tables
• Information about location and attributes of files may be managed by the kernel
• All operating system resource tables are subject to memory management too !
9
10. Operating Systems I PT / FF 14
Dispatching
• Process control block
• Information allows the interruption and continuation of any
given process at any given time
• Interruption is not directly visible to the application
• Multi-tasking is managed by the operating system
• Dispatcher
• Code that switches a processor from one process to another
• Relies on queue of ready-to-be-executed processes
• Most simple process state model:
running vs. not running
10
11. Operating Systems I PT / FF 14
Dispatching
• Process dispatching relies on some kind of execution interruption
• Interrupt: An external event triggers the execution of a handler function
• Clock interrupt, I/O interrupt, memory controller interrupt
• Trap: An error or exception condition occurred within the running process
• Typically noticed by hardware itself, such as the memory controller
• Operating system trap handler decides on necessary activity
• Processor hardware detects pending interrupt / trap
• Sets the program counter to the starting address of the interrupt handler
• Leads to switch from user to kernel mode, in order to allow privileged instructions
• Handler for the clock interrupt typically activates the dispatcher code
11
12. Operating Systems I PT / FF 14
Dispatching
• Several steps for a process switch
• Save the context of the processor
• Update the control block of the running process to reflect the state change
• Add a reference to this control block in the appropriate queue
• Select another process for execution
• Update the control block of the selected process
• Update memory management data structures
• Restored the saved processor context of the selected process,
including program counter
12
13. Operating Systems I PT / FF 14
Five-State Process Model
13
• Waiting for something renders a
process unusable for dispatching
• Examples: Blocking system call,
synchronization primitives
• Single queue approach is inappropriate
in practice
• Extension of state model
• Dispatch queue contains only processes in „ready“ state
• Explicit consideration of preparation
phase in the operating system kernel
(code loading, memory allocation, ...)
• Explicit consideration of blocked
(not-runnable) processes
14. Operating Systems I PT / FF 14
Operating System within the User Process
• Separation between user stack and kernel stack for
different modes
• Mode switch happens within the same process
• Dispatching may take place during user mode or kernel
mode operation
• Wake-up after event wait (e.g. system call) does not
demand additional context switch activities
• Even though operating system code is executed in the
user‘s process environment, isolation is still guaranteed
• Distribution of processes over multiple processors
effectively distributes the operating system activities
• Became default for Unix since SVR4, meanwhile also for
all other modern operating systems
14
15. Operating Systems I PT / FF 14
Unix SVR4: Process States
15
User Running Executing, in user mode
Kernel Running Executing, in kernel mode
Ready to Run, in Memory Ready to run as soon as being chosen
Asleep in Memory Waiting for an event, unable to execute
Ready to Run, Swapped Ready to run, but still not in memory
Sleeping, Swapped
Waiting for an event, unable to execute,
swapped out
Preempted
Returning from kernel mode,
but the kernel switched to another one
Created Process is newly created, not ready to run so far
Zombie
Process is gone with his resource allocations,
but record is left for parent process
Same dispatch queue
17. Operating Systems I PT / FF 14
Linux: Process Control Block
• include/sched.h
• Relevant data structure task_struct for process management
• Status and execution information, files being used, information about
interprocess communication, signal handlers, ...
• List of possible task states
• TASK_RUNNING, TASK_STOPPED, TASK_ZOMBIE
• TASK_INTERRUPTIBLE: Waits for an event, can be interrupted by a signal
• TASK_UNINTERRUPTIBLE: Suspended by kernel, no wakeup from signals
• Typically stucked in a system call that cannot be interrupted by a signal
handler in user mode
17
18. Operating Systems I PT / FF 14
Windows: Process Control Block
18
Quota&Block&
Exit&Status&
Primary&Access&Token&
Process&ID&
Parent&Process&ID&
Excep;on&Port&
Debugger&Port&
Handle&Table&
Process&Environment&Block&
Create&and&Exit&Time&
Next&Process&Block&
Image&File&Name&
Process&Priority&Class&
Memory&Management&Informa;on&
EPROCESS&
Kernel&Process&Block&(or&PCB)&
Image&Base&Address&
Win32&Process&Block&
Dispatcher&Header&
Processor&Affinity&
Kernel&Time&
User&Time&
Inwwap/Outswap&List&Entry&
Process&Spin&Lock&
Resident&Kernel&Stack&Count&
Process&Base&Priority&
Default&Thread&Quantum&
Process&State&
Thread&Seed&
Disable&Boost&Flag&
Process&Page&Directory&
KTHREAD& ."."."
(C) Russinovich et al.
19. Operating Systems I PT / FF 14
Unix: Process Creation
• Forking: Fundamental Unix concept, difference to VMS / Windows
• Child processes come to live as copy of their parent processes
• A new unique ID is created
• The operating system adds the new process to the management tables
• The process image of the parent is copied
• Shared memory regions are always left out
• Modern fork() variations can copy only parts of it
• Reference counters for parent-owned resources are increased
• Child process state is changed to ready to run
• fork() system call returns the process ID of the newly created child to the parent
19
21. 21
#include <stdio.h>!
#include <unistd.h>!
#include <stdlib.h> !
int main ()!
{!
int pid, j, i; !
pid = fork();!
if (pid == 0)!
{!
/* child */!
for (j=0; j < 10; j++) {!
printf ("Child process: %d (PID: %d)n", j, getpid());!
sleep (1);!
}!
exit (0);!
} else if (pid > 0) { !
/* parent */!
for (i=0; i < 10; i++) {!
printf ("Parent process: %d (PID: %d)n", i, getpid());!
sleep (1);!
}!
} else { !
/* Negative result means we have a problem */!
fprintf (stderr, "Error");!
exit (1);!
}!
return 0;!
}
22. Operating Systems I PT / FF 1422
Unix: Process Creation
• vfork() system call
• Lazy copy mechanism, intended for the case where the child calls exec
immediately after forking
• clone() system call (e.g. in Linux)
• Child process can share configurable amount of resources with parent
• Used to implement a thread concept without changing the kernel
• execve() system call
• Transforms the calling process into a new process
• File descriptors, security descriptors and signal configuration is inherited
• fork / exec is an established pattern for process creation in Unix systems
23. Operating Systems I PT / FF 14
Windows: Process Creation
• The Windows subsystem has no understanding of parent / child relationship
• But the operating system kernel has !!!
• CreateProcess() system call
• Similar to fork() / execve()
combination
• No process group concept
• Since processes are objects,
they have handles
• Universal waiting function
for all Windows handles
allows to wait for process
termination - WaitForSingleObject()
23
BOOL$CreateProcess($
$$$$LPCSTR$lpApplica6onName,$
$$$$LPSTR$lpCommandLine,$
$$$$LPSECURITY_ATTRIBUTES$lpProcessAAributes,$
$$$$LPSECURITY_ATTRIBUTES$lpThreadAAributes,$
$$$$BOOL$bInheritHandles,$
$$$$DWORD$dwCrea6onFlags,$
$$$$LPVOID$lpEnvironment,$
$$$$LPCSTR$lpCurrentDirectory,$
$$$$LPSTARTUPINFO$lpStartupInfo,$
$$$$LPPROCESS_INFORMATION$lpProcessInforma6on)$
24. Operating Systems I PT / FF 14
Windows: Why Do Processes Exit ?
• Application normally decides to terminate (ExitProcess)
• Request from graphical user interface
• Windows C library calls ExitProcess() when the main() function returns
• Desktop can request an orderly exit
• Task manager sends WM_CLOSE message to the window‘s message loop
• Forced termination by TerminateProcess() system call
• 5 seconds after an orderly exit request, the Desktop asks the user for allowance
• Task manager: „End Process“
• Unhandled exceptions catched by the
operating system itself
24
25. Operating Systems I PT / FF 14
Windows: Processes during System Start
25
Process'Based+Windows+Code:
System+Startup+Processes+(cont.)
smss.exe Session+Manager
Takes+parameters+from+
HKEY_LOCAL_MACHINESystemCurrentControlSet
ControlSession+Manager
Launches+required+subsystems+(csrss)+and+then+winlogon
csrss.exe Windows+subsystem
winlogon.exe Logon+process:+Launches+services.exe+&+lsass.exe;+presents+first+login+
prompt
When+someone+logs+in,+launches+apps+in+
SoftwareMicrosoftWindows+NTWinLogonUserinit
services.exe Service+Controller;+also,+home+for+many+Windows'supplied+services
Starts+processes+for+services+not+part+of+services.exe+(driven+by+
RegistryMachineSystemCurrentControlSetServices+)
lsass.exe Local+Security+Authentication+Server
userinit.exe Started+after+logon;+starts+Explorer.exe+(see+
SoftwareMicrosoftWindows+NTCurrentVersionWinLogonShell)+
and+exits+(hence+Explorer+appears+to+be+an+orphan)
explorer.exe and+its+children+are+the+creators+of+all+interactive+apps
58
(C) Russinovich et al.
26. Operating Systems I PT / FF 14
Jobs / Process Groups
• Jobs in Windows are collections of processes
• Can be used to enable control over some unique settings (total CPU time,
memory usage, run-time restrictions, security restrictions, scheduling settings, ...)
• How do processes become part of a job?
• Job object has to be created (CreateJobObject)
• Then processes are explicitly added (AssignProcessToJob)
• Processes created by processes in a job automatically are part of the job
• Unless restricted, processes can “break away” from a job
• Counter part in Unix are process groups, traditional and feature-rich concept
• Process groups are grouped into sessions
• exec() system calls inherit process group and session membership
26
27. Operating Systems I PT / FF 14
Services and Daemons
• Operating system code running in user processes is default
• Still demands permanently running (operating system) activities
• Windows: Core system processes (e.g. csrss.exe, lsass.exe),
service processes
• Unix: Daemons
• Services and daemons have
no direct user interface
• Executed with specialized
security credentials,
independent from current
user
• Managed by operating
system mechanisms
27
Life%of%a%Service
Install%time
Setup%application%tells%Service%Controller%
about%the%service
System%boot/initialization
SCM%reads%registry,%starts
services%as%directed
Management/maintenance
Control%panel%can%start%and%stop%services%
and%change%startup%parameters
52
Service
Controller/
Manager
(Services.Exe)
Setup
Application
CreateService
Registry
Service
Processes
Control
Panel (C) Russinovich et al.
28. Operating Systems I PT / FF 14
Summary
• Processes are the traditional foundation for operating systems
• Representation of a running application
• Kernel performs dispatching between multiple running processes
• Process creation and termination are complex tasks
• Kernel manages the resources available to the processes
• Unix systems have the process tree concept
• fork() / exec() programming model
• NT kernel has also parent / child notion for processes
• Not reflected in Windows subsystem, therefore not part of the programming model
• Today, processes mainly provide a capsule for multiple execution threads
28