Dhinu's Learning: Process Management

Process:

http://www.makelinux.net/books/lkd2/?u=ch09lev1sec1

Normal program execution occurs in user-space. When a program executes a system call (see Chapter 5, "System Calls") or triggers an exception, it enters kernel-space. At this point, the kernel is said to be "executing on behalf of the process" and is in process context.

The system call for fork() is clone().
The kernel stores the list of processes in a circular doubly linked list called the task list.
The process descriptor contains the data that describes the executing program—open files, the process’s address space, pending signals, the process’s state, and much more
In linux, a thread is merely a process that shares certain resources with other processes.

The significant difference between kernel threads and normal processes is that kernel threads do not have an address space.
They operate only in kernel-space and do not context switch into user-space.
Kernel threads, however, are schedulable and preemptable, the same as normal processes.
You can see the kernel threads on your Linux system by running the command ps -ef

All processes are descendents of the init process, whose PID is one. The kernel starts init in the last step of the boot process. The init process, in turn, reads the system initscripts and executes more programs, eventually completing the boot process.
Every process on the system has exactly one parent. Likewise, every process has zero or more children. Processes that are all direct children of the same parent are called siblings. The relationship between processes is stored in the process descriptor. Each task_struct has a pointer to the parent's task_struct, named parent, and a list of children, named children.
The init task's process descriptor is statically allocated as init_task.

The first, fork(), creates a child process that is a copy of the current task. It differs from the parent only in its PID (which is unique), its PPID (parent’s PID, which is set to the original process), and certain resources and statistics, such as pending signals, which are not inherited.

The page tables of the process address space is not copied until a write operation.
This is because in most of the cases, the fork() is followed by an exec() which will create a new address space after fork().
By copy-on -write technique, the only thing which happens during fork() is to create a new process descriptor for the child process.

creates a new kernel stack, thread_info structure, and task_struct for the new process. The new values are identical to those of the current task. At this point, the child and parent process descriptors are identical.
It then checks that the new child will not exceed the resource limits on the number of processes for the current user.
Now the child needs to differentiate itself from its parent. Various members of the process descriptor are cleared or set to initial values
Next, the child's state is set to TASK_UNINTERRUPTIBLE, to ensure that it does not yet run.
Next, it calls get_pid() to assign an available PID to the new task.
Next, open files, filesystem information, signal handlers, process address space, and namespace are either shared or duplicated.
Next, the remaining timeslice between the parent and its child is split between the two.
Finally, the PID of the new child is returned to the caller.

Generally it occurs when the process calls the exit() system call, either explicitly when it is ready to terminate or implicitly on return from the main subroutine of any program. (That is, the C compiler places a call to exit() after main() returns.)
A process can also terminate involuntarily.This occurs when the process receives a signal or exception it cannot handle or ignore.
If the parent process exits before child, reparent a task's children on exit to either another process in the current thread group or, if that fails, the init process.