(一)实验目的
理解 Linux 的进程创建和文件执行相关系统调用,掌握操作系统(内核初始化以后的)的启动过程,掌握基本的内核调试技术。
(二)实验内容
通过调试,找出操作系统启动过程中由0号进程、1号进程和普通进程创建的所有进程的进程号,并找出1号进程和每个普通进程执行过的可执行程序。
二、操作方法与实验步骤
(一)实验步骤
(1)启动内核调试,跟踪到内核初始化以后(函数rest_init的入口处)。此时只有一个进程,即0号进程,内核已完成初始化,即将创建1号和2号进程。
(2)首先设置断点跟踪由0号进程、1号进程和普通进程创建的所有进程,同时设置断点跟踪1号进程和普通进程执行过的可执行文件,然后继续调试分析,直到系统启动完成、并出现命令提示符“/#”。提示:
a)所有内核线程的task_struct结构的成员mm的值都是0;如果该值非0,则说明是普通进程。
b)所有的进程创建(包括内核线程)都会最后调用函数_do_fork,新创建的子进程的pid记录在该函数的局部变量p的pid成员中,p指向新进程的进程控制块。
c)所有可执行文件的执行都会通过内核函数do_execve,该函数的参数filename中记录的就是被执行文件的名字。可通过条件断点缩小跟踪范围。
(二)调试流程
加入断点,设置要显示的变量
开始调试,先跳转到了rest_init,此时是0号进程
继续执行,到了0号进程的_do_fork函数,开始单步执行
直到出现了新的进程p=…,用p p->pid查看进程号为1,这说明创建了1号进程
继续执行,到达下一个fork
出现的新进程为进程2
到达下一个断点,用x/s filename->name查看1号进程执行的可执行文件,为sbin/init
继续调试,看到1号进程创建了961号进程
961号进程的可执行文件为/etc/init.d/rcS
961号进程创建了962号进程
962号进程执行可执行文件/bin/mount
961号进程创建963号进程
963号进程执行/bin/mount
961号创建964号,
964执行/sbin/mdev,
回到1号进程,创建965号进程
1号进程创建966号进程
1号进程创建968号进程
1号创建970号进程,
此时qume虚拟机到达如下状态,
在此终端回车后,在qdb界面可以看到965号进程执行的文件,/bin/sh,此时初始化完毕,
代码执行过程如下(没有体现设置断点和显示变量)
(gdb) target remote localhost:1234
Remote debugging using localhost:1234
0x0000fff0 in ?? ()
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = '�00' <repeats 15 times>
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0x0
2: $lx_current().comm = '�00' <repeats 15 times>
1: $lx_current().pid = 0
(gdb) c
Continuing.
Breakpoint 9, rest_init () at init/main.c:387
387 {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0x0
2: $lx_current().comm = "swapper/0�00�00�00�00�00�00"
1: $lx_current().pid = 0
(gdb) c
Continuing.
Breakpoint 10, _do_fork (clone_flags=8389376, stack_start=3245147192,
stack_size=0, parent_tidptr=0x0, child_tidptr=0x0, tls=0)
at kernel/fork.c:1708
1708 {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0x0
2: $lx_current().comm = "swapper/0�00�00�00�00�00�00"
1: $lx_current().pid = 0
(gdb) s
1719 if (!(clone_flags & CLONE_UNTRACED)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0x0
2: $lx_current().comm = "swapper/0�00�00�00�00�00�00"
1: $lx_current().pid = 0
(gdb) s
1710 int trace = 0;
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0x0
2: $lx_current().comm = "swapper/0�00�00�00�00�00�00"
1: $lx_current().pid = 0
(gdb) n
1731 p = copy_process(clone_flags, stack_start, stack_size,
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0x0
2: $lx_current().comm = "swapper/0�00�00�00�00�00�00"
1: $lx_current().pid = 0
(gdb) n
1737 if (!IS_ERR(p)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0x0
2: $lx_current().comm = "swapper/0�00�00�00�00�00�00"
1: $lx_current().pid = 0
(gdb) p p->pid
$31 = 1
(gdb) c
Continuing.
Breakpoint 10, _do_fork (clone_flags=8390400, stack_start=3238405155,
stack_size=0, parent_tidptr=0x0, child_tidptr=0x0, tls=0)
at kernel/fork.c:1708
1708 {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0x0
2: $lx_current().comm = "swapper/0�00�00�00�00�00�00"
1: $lx_current().pid = 0
(gdb) s
1719 if (!(clone_flags & CLONE_UNTRACED)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0x0
2: $lx_current().comm = "swapper/0�00�00�00�00�00�00"
1: $lx_current().pid = 0
(gdb) n
1710 int trace = 0;
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0x0
2: $lx_current().comm = "swapper/0�00�00�00�00�00�00"
1: $lx_current().pid = 0
(gdb) n
1731 p = copy_process(clone_flags, stack_start, stack_size,
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0x0
2: $lx_current().comm = "swapper/0�00�00�00�00�00�00"
1: $lx_current().pid = 0
(gdb) n
1737 if (!IS_ERR(p)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0x0
2: $lx_current().comm = "swapper/0�00�00�00�00�00�00"
1: $lx_current().pid = 0
(gdb) p p
$32 = (struct task_struct *) 0xc74fef00
(gdb) p p->pid
$33 = 2
(gdb) c
Continuing.
Breakpoint 14, do_execve (filename=0xc7534300,
__argv=0xc191a800 <argv_init>, __envp=0xc191a760 <envp_init>)
at fs/exec.c:1643
1643 {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0x0
2: $lx_current().comm = "swapper/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) x/s filename->name
0xc7534310: "sbin/init"
(gdb) c
Continuing.
Breakpoint 11, _do_fork (clone_flags=16657, stack_start=0, stack_size=0,
parent_tidptr=0x0, child_tidptr=0x0, tls=0) at kernel/fork.c:1708
1708 {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) s
1719 if (!(clone_flags & CLONE_UNTRACED)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) s
1720 if (clone_flags & CLONE_VFORK)
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1721 trace = PTRACE_EVENT_VFORK;
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1727 if (likely(!ptrace_event_enabled(current, trace)))
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1728 trace = 0;
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1731 p = copy_process(clone_flags, stack_start, stack_size,
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1737 if (!IS_ERR(p)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) p p->pid
$34 = 961
(gdb) c
Continuing.
Breakpoint 15, do_execve (filename=0xc7534300, __argv=0xbffffcdc,
__envp=0x828fa00) at fs/exec.c:1643
1643 {
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) x/s filename->name
0xc7534310: "/etc/init.d/rcS"
(gdb) c
Continuing.
Breakpoint 12, _do_fork (clone_flags=18874385, stack_start=0,
stack_size=0, parent_tidptr=0x0, child_tidptr=0x828e8e8, tls=0)
at kernel/fork.c:1708
1708 {
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) s
1719 if (!(clone_flags & CLONE_UNTRACED)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1720 if (clone_flags & CLONE_VFORK)
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1722 else if ((clone_flags & CSIGNAL) != SIGCHLD)
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1725 trace = PTRACE_EVENT_FORK;
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1727 if (likely(!ptrace_event_enabled(current, trace)))
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1728 trace = 0;
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1731 p = copy_process(clone_flags, stack_start, stack_size,
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1737 if (!IS_ERR(p)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) p p->pid
$35 = 962
(gdb) c
Continuing.
Breakpoint 15, do_execve (filename=0xc7534300, __argv=0x828fcd0,
__envp=0x828fcec) at fs/exec.c:1643
1643 {
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007c000
5: $lx_current().parent->comm = "rcS�00�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 961
3: $lx_current().mm = (struct mm_struct *) 0xc007da40
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 962
(gdb) x/s filename->name
0xc7534310: "/bin/mount"
(gdb) c
Continuing.
Breakpoint 12, _do_fork (clone_flags=18874385, stack_start=0,
stack_size=0, parent_tidptr=0x0, child_tidptr=0x828e8e8, tls=0)
at kernel/fork.c:1708
1708 {
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) s
1719 if (!(clone_flags & CLONE_UNTRACED)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1720 if (clone_flags & CLONE_VFORK)
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1722 else if ((clone_flags & CSIGNAL) != SIGCHLD)
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1725 trace = PTRACE_EVENT_FORK;
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1727 if (likely(!ptrace_event_enabled(current, trace)))
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1728 trace = 0;
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1731 p = copy_process(clone_flags, stack_start, stack_size,
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1737 if (!IS_ERR(p)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) p p->pid
$36 = 963
(gdb) c
Continuing.
Breakpoint 15, do_execve (filename=0xc7534300, __argv=0x828fcd0,
__envp=0x828fcec) at fs/exec.c:1643
1643 {
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007c000
5: $lx_current().parent->comm = "rcS�00�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 961
3: $lx_current().mm = (struct mm_struct *) 0xc007c2a0
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 963
(gdb) x/s filename->name
0xc7534310: "/bin/mount"
(gdb) c
Continuing.
Breakpoint 12, _do_fork (clone_flags=18874385, stack_start=0,
stack_size=0, parent_tidptr=0x0, child_tidptr=0x828e8e8, tls=0)
at kernel/fork.c:1708
1708 {
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) s
1719 if (!(clone_flags & CLONE_UNTRACED)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1720 if (clone_flags & CLONE_VFORK)
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1722 else if ((clone_flags & CSIGNAL) != SIGCHLD)
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1725 trace = PTRACE_EVENT_FORK;
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1727 if (likely(!ptrace_event_enabled(current, trace)))
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1728 trace = 0;
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1731 p = copy_process(clone_flags, stack_start, stack_size,
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) n
1737 if (!IS_ERR(p)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 961
(gdb) p p->pid
$37 = 964
(gdb) c
Continuing.
Breakpoint 15, do_execve (filename=0xc7534300, __argv=0x828fc68,
__envp=0x828fc74) at fs/exec.c:1643
1643 {
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007c000
5: $lx_current().parent->comm = "rcS�00�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 961
3: $lx_current().mm = (struct mm_struct *) 0xc007c540
2: $lx_current().comm = "rcS�00�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 964
(gdb) x/s filename->name
0xc7534310: "/sbin/mdev"
(gdb) c
Continuing.
Breakpoint 11, _do_fork (clone_flags=18874385, stack_start=0,
stack_size=0, parent_tidptr=0x0, child_tidptr=0x828e8e8, tls=0)
at kernel/fork.c:1708
1708 {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) s
1719 if (!(clone_flags & CLONE_UNTRACED)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1720 if (clone_flags & CLONE_VFORK)
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1722 else if ((clone_flags & CSIGNAL) != SIGCHLD)
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1725 trace = PTRACE_EVENT_FORK;
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1727 if (likely(!ptrace_event_enabled(current, trace)))
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1728 trace = 0;
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1731 p = copy_process(clone_flags, stack_start, stack_size,
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1737 if (!IS_ERR(p)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) p p->pid
$38 = 965
(gdb) c
Continuing.
Breakpoint 11, _do_fork (clone_flags=18874385, stack_start=0,
stack_size=0, parent_tidptr=0x0, child_tidptr=0x828e8e8, tls=0)
at kernel/fork.c:1708
1708 {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) s
1719 if (!(clone_flags & CLONE_UNTRACED)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1720 if (clone_flags & CLONE_VFORK)
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1722 else if ((clone_flags & CSIGNAL) != SIGCHLD)
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1725 trace = PTRACE_EVENT_FORK;
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1727 if (likely(!ptrace_event_enabled(current, trace)))
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1728 trace = 0;
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1731 p = copy_process(clone_flags, stack_start, stack_size,
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1737 if (!IS_ERR(p)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) p p->pid
$39 = 966
(gdb) c
Continuing.
Breakpoint 11, _do_fork (clone_flags=18874385, stack_start=0,
stack_size=0, parent_tidptr=0x0, child_tidptr=0x828e8e8, tls=0)
at kernel/fork.c:1708
1708 {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) s
1719 if (!(clone_flags & CLONE_UNTRACED)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1720 if (clone_flags & CLONE_VFORK)
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1722 else if ((clone_flags & CSIGNAL) != SIGCHLD)
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1725 trace = PTRACE_EVENT_FORK;
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1727 if (likely(!ptrace_event_enabled(current, trace)))
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1728 trace = 0;
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1731 p = copy_process(clone_flags, stack_start, stack_size,
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1737 if (!IS_ERR(p)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) p p->pid
$40 = 968
(gdb) c
Continuing.
Breakpoint 11, _do_fork (clone_flags=18874385, stack_start=0,
stack_size=0, parent_tidptr=0x0, child_tidptr=0x828e8e8, tls=0)
at kernel/fork.c:1708
1708 {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) s
1719 if (!(clone_flags & CLONE_UNTRACED)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1720 if (clone_flags & CLONE_VFORK)
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1722 else if ((clone_flags & CSIGNAL) != SIGCHLD)
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1725 trace = PTRACE_EVENT_FORK;
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1727 if (likely(!ptrace_event_enabled(current, trace)))
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1728 trace = 0;
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1731 p = copy_process(clone_flags, stack_start, stack_size,
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) n
1737 if (!IS_ERR(p)) {
6: $lx_current().parent->mm = (struct mm_struct *) 0x0
5: $lx_current().parent->comm = "swapper/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 0
3: $lx_current().mm = (struct mm_struct *) 0xc007dce0
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 1
(gdb) p p->pid
$41 = 970
(gdb) c
Continuing.
Breakpoint 15, do_execve (filename=0xc7533240, __argv=0xbffffcf0,
__envp=0x828fa00) at fs/exec.c:1643
1643 {
6: $lx_current().parent->mm = (struct mm_struct *) 0xc007dce0
5: $lx_current().parent->comm = "init�00er/0�00�00�00�00�00�00"
4: $lx_current().parent->pid = 1
3: $lx_current().mm = (struct mm_struct *) 0xc007c000
2: $lx_current().comm = "init�00er/0�00�00�00�00�00�00"
1: $lx_current().pid = 965
(gdb) x/s filename->name
0xc7533250: "/bin/sh"
(gdb) c
Continuing.
三、实验结果与分析
(一)实验结果
(1)0号进程创建了1号进程和2号进程。
(2)1号进程创建了961、965、966、968、970号进程, 961号进程执行的文件为“etc/init.d/rcS”,966号进程执行的文件为“?/bin/sh”。
(3)961号进程分别创建了962、963、964号进程。其中962号、963号进程执行的文件为"/bin/mount",964号进程执行的文件为"/sbin/mdev"。
(4)。
(二)实验分析
0号进程是系统创建的第一个进程,也是唯一一个没有通过fork或者kernel_thread产生的进程。0号进程在rest_init中分别通过kernel_init和kthreadd创建了1号进程和2号进程。
1号进程由0号进程通过kernel_init创建,所有用户进程的都是1号进程或该进程的子孙进程创建。在初始化过程中1号进程先是创建了961号进程,再由961号进程创建962、963和964号进程,从而完成了mount和mdev的调用。初始化完毕以后,1号进程创建了965、966、968、970号进程。
四、问题与建议
1.多次实验做的结果不一样,第一次的从962号开始的,后面几次做进程号整体大1,不知道是差别在哪。
2.与同学交流结果也不同,他们最大到了966号进程。
五、老师讲评
0号进程创建了1号和2号线程。
1号进程最开始运行时作为内核线程开始运行的,执行了“kernel_init”函数。
2号线程是专门管理内核线程的线程,所以可以看到所有的内核线程都是2号线程创建的。2号监控链表kthread_create_list,即内核函数入口链表,一旦链表中出现新的函数,2号线程就会创建出新的内核线程来运行,2号干这个事情。
链表稳定后,1号线程先有个同步操作,再执行“init”可执行文件,执行完之后1号就从内核线程变成普通进程,完成转换。962号运行“rcS”,966号运行“sh”,即运行命令解释器,尔后输入什么命令就会创建新的子进程来执行命令。同时967、968、970是与966相似的三个终端。
要求:把内核源代码看一下,kernel_init,kthreadd