Fundamentals of Information Security system design 11th week 20135218 Jing Mengxin

Source: Internet
Author: User
Tags signal handler sleep function terminates

8th. Abnormal control Flow

Control Flow: Controls the transfer sequence.

Control transfer: From an instruction to the next instruction. Cases:从k到k+1的过渡称为控制转移。

Exception control Flow: The modern operating system responds to the system state by causing mutations in the control flow, known as abnormal control flows.

Smoothing: means that the instructions are contiguous in memory.

Mutation: A non-contiguous occurrence, usually caused by instructions such as jumps, calls, and returns.

8.1 Exceptions

An exception is one of the ECF, partially implemented by hardware, and partly by the operating system. Is the ECF located between the hardware and the operating system.

On the hardware, the state of the system is actually the state of the processor, the state of the processor is usually different bits and signals (bits of the Register), and the change in processor state (say a bit) is called an event .

How the exception is handled:




Category of exception

Categories of exceptions-interrupts, traps, failures, and terminations

1 Interrupt handling: Asynchronous means that a hardware interrupt is not caused by any instruction, but by an event of an external I/O device.


2 Traps and system calls: System calls are encapsulated functions that are internally implemented by instruction Int N.

The most important use of 3 traps is to provide system calls. System calls run in kernel mode and can access stacks in the kernel.


4 The parameters of the system call are passed through a generic register instead of a stack, such as the%EAX storage system call number,%EBX,%ECX,%EDX,%ESI,%EDI,%EBP stores up to six parameters,%esp is not available, because it is overwritten after entering kernel mode.

5 failure

61 Classic Failure example is a page fault, when the instruction refers to a virtual address, and the virtual address corresponding to the physical pages are not in memory, so must be removed from the disk when the failure occurs.

7 termination

8 termination is the result of an unrecoverable fatal error, usually a hardware error, such as a parity error that occurs when a dram or SRAM bit is damaged. The terminating handler never returns control to the application. The handler returns control to an abort routine, which terminates the application.

Each type of exception in the system is assigned the exception number of a unique nonnegative integer, some of which are assigned by the processor designer: 0 Divide, missing pages, memory access violation, breakpoints, arithmetic overflow

Some are assigned by the operating system Kernel Designer: System calls, signals from external i/o devices.

we refer to system calls and the wrapper functions associated with them as system-level functions. 8.2 Process

Exceptions are the basic building blocks that are required to allow the operating system to provide the concept of a process.

Process (operating system layer): logical control flow, private address space, multitasking, concurrency, parallelism, context, context switching, scheduling.





A sequence of PC values is called a logical control flow .

Concurrent streams:

1 Concurrent streams: Concurrent streams the execution of one logical stream overlaps the other stream in time, called a parallel stream

2 Concurrency: The general phenomenon of concurrent execution of multiple streams is called concurrency.

3 multitasking: Multiple processes concurrency is called multitasking.

4 Parallel: The concurrent stream is on a different CPU or computer, called parallel.

The general phenomenon of concurrent execution of multiple streams is called concurrency .

The concept of a process and other processes running in turn is called multi-tasking .

x86 the top of the Linux address space is reserved for the kernel: Code,数据、栈。

The operating system kernel uses a higher-level exception control flow to achieve multitasking. This exception control flow is called a context switch .


At some point in the process execution, the kernel can decide to preempt the current process and restart a previously preempted process. This decision is called scheduling and is handled by code called the Scheduler in the kernel.

Context Switch:


8.3 System call Error
8.4 Process Control

The process is always in one of the following three states:


The process includes:

Get Process ID

Creating and terminating processes

Reclaim Child processes

Let the process hibernate

Load and run the program

During the recycling process:

1 Recycle: When a process terminates, the kernel does not immediately purge it from the system. Instead, the process is kept in a state that has been terminated until it is reclaimed by its parent process.

2 Zombie Process: a process that has been terminated but not yet reclaimed is called a zombie process.

3 Two ways to reclaim sub-processes: 1, init process 2 for the kernel, parent process waitpid function

The 4 waitpid function is somewhat complex, and by default (when options=0), waitpid suspends execution of the calling process, knowing that it waits for a child process in the collection to terminate.

Let the process hibernate:

1 The Sleep function suspends a process for a specified period of time.

2 If the requested amount of time has arrived, sleep returns 0, otherwise the number of seconds left to sleep is returned. The latter case is possible if the sleep function is returned prematurely due to a signal interruption. We will discuss the signal in detail in section 8.5

The 3 pause function lets the calling function hibernate until the process receives a signal.

of the fork function Three parameters:pid、status、options。

wait function equivalent to Waitpid ( -1, &status, 0).

The execve function loads and runs a new program in the context of the current process. The fork is called two times back, Execve is called once, and never returned.

the difference between the fork function and the EXECVE function:
8.5 signal

The underlying hardware exception is handled by the kernel exception handler,

Send signal--the kernel tells the destination process that a signal is coming by updating a state in the context of the destination process.


How to send a signal/bin/kill、键盘发送信号、kill函数、alarm函数。

Receive signal:

1.忽略 2.终止 3.执行信号处理程序,捕获信号

Each signal type has a predetermined default behavior:

(1) Process termination

(2) Process termination and dump memory

(3) process stops until the Sigcont model is restarted

(4) process ignores the signal

Signal Processing:

The pending signal is blocked. UNIX signal handlers typically block pending signals of the type being processed by the current handler.

Pending signals are not queued for processing. Any type at most has only one pending signal. Therefore, if a signal of two type K is transmitted to a destination process, and because the destination process is currently executing a signal K handler, so the signal K is blocked, then the second and the signal is simply discarded, he will not wait in line.

System calls can be interrupted. System calls such as read, wait, and accept can potentially block a process for a long time, called a slow system call. In some systems, when the handler captures a signal, the interrupted slow system call no longer resumes when the signal handler returns, but immediately returns to the user an error condition and sets the errno to Eintr.

Three different methods

    • Perform the default action

    • Ignore signal

    • Capture signal: Perform signal processing function, switch to user state.

Capture: Signal function.

8.6 Non-local jump

C language provides a user-level exception control flow form- non-local jump .

The C language provides a form of user-level exception control flow called a local jump. Provided through the setjmp and LONGJMP functions.

The SETJMP function is called only once, but is returned multiple times: once when setjmp is first called and the calling environment is stored in the buffer env.

Once is called for each corresponding longjmp. On the other hand, longjmp is called only once, but never returned.

8.7 Tools for manipulating processes
    • STRACE: Prints the trajectory of each system call that is being called by a running program and its child processes. Right
    • PS: Lists the processes in the current system (including zombie processes)
    • TOP: Prints out information about the current process resource usage.
    • PMAP: Displays the memory mappings for the process. Proc: A virtual file system that outputs the contents of a large number of kernel data structures in ASCII text format, the user program can be cat 2/proc/load avg ", observing the average load on Linux systems.


The eighth chapter of the textbook, which comes from the "in-depth understanding computer system" PDF version.

Fundamentals of Information Security system design 11th week 20135218 Jing Mengxin

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.