Linux system calls

What is a system call?

The Linux kernel contains a set of functions for implementing various system functions, called system calls. Users can invoke system calls in the application to implement some system functionality. From a certain point of view, a system call is very similar to a normal function call. The difference is only that the system call is provided by the operating system core, and the normal function call is provided by the function library or the user itself, running in the user state.

The system call passes the application's request to the kernel, invokes the appropriate kernel function to complete the required processing, and returns the processing result to the application. system calls are interfaces for user programs and kernel interactions. Through the system call can be very convenient and quick implementation of some system functions.

Personally, if the kernel is compared to a class, then the system call is a public interface for external applications to invoke.

Linux common system callsProcess Management relatedFork to create a new process
GETPID Get Process ID
Exit Terminate Process
_exit immediately terminates the process
Execve running an executable file
Wait waits for the child process to end
Waitpid waiting for the specified child process to end

file read and write operationsOpen File
creat creating a new file
Close File descriptor
Read reading files
Write writes a file
Forkthe function of a fork system call is to replicate a process. When a process calls it, it completes with two almost identical processes, and we get a new process.
In Linux, there is only one way to create a new process, which is the fork we are introducing.

Other library functions, such as system (), seem to be able to create new processes, and if you can look at their source code, you'll see that they actually call the fork internally. This includes running the application at the command line, and the new process is made by the shell call Fork. A wonderful thing about a fork call is that it is called only once, but it can return two times, and it may have three different return values:

1. In the parent process, fork returns the process ID of the newly created child process;
2. In the sub-process, fork returns 0;
3. If an error occurs, fork returns a negative value;

In this case, some readers may ask: if the sub-process is almost exactly the same as the parent process after the fork, and the only way to generate a new process in the system is to fork, wouldn't it be that all the processes in the system are identical? So what do we do when we're going to execute a new application?
Don't worry, the exec will talk about it later on. _exit and Exit_exit and exit execute the process as

As you can see, the _exit () function is the simplest: it stops the process directly, clears the memory space it uses, and destroys its various data structures in the kernel; the exit () function makes some packaging on these bases and adds several operations to the exit prior to execution.

the biggest difference between them is that the exit () function checks the opening of the file before calling the exit system, and writes the contents of the file buffer back to the file, which is the "clean I/O buffer" item in the diagram.

In the standard library of Linux, there is a set of functions called "Advanced I/O", which are known as printf (), fopen (), Fread (), fwrite (), which are also known as "Buffered I/O (buffered I/Os)", Its characteristics are corresponding to each open file, there is a buffer in memory, each time you read a file, you will read more than a few records, so that the next time you read a file can be read directly from the memory buffer, each time the file is written, it is only written in memory buffer, etc. to meet a certain number of conditions (reached a certain amount, or encounter specific characters, such as newline character \ n and file Terminator eof, and then write the contents of the buffer once to the file, which greatly increases the speed of file read and write, but also for our programming a little bit of trouble. If there is some data, we think has been written to the file, in fact, because it does not meet the specific conditions, they are only in the buffer, then we use the _exit () function to close the process directly, the data in the buffer will be lost, conversely, if you want to ensure the integrity of the data, you must use Exit () Function.

Instance comparison

Exit.c

#include <stdlib.h>main () {printf ("Output begin\n");p rintf ("content in buffer"); exit (0);}

GCC Exit.c-o exit./exit

Output
Output begin
Content in Buffer

_exit.c

#include <unistd.h>main () {printf ("Output begin\n");p rintf ("content in buffer"); _exit (0);}

GCC _exit.c-o _exit1./_exit

Output
Output begin
Getpid

gets the current process ID. Process ID, which uniquely identifies a process

One or more processes can be combined to form a process group,
One or more process groups can be combined to form a session.
This gives us the ability to perform bulk operations on the process, such as sending signals to each process in the group by sending a signal to a process group.

Waitpid and wait

Before you describe the two system calls, understand the process-related knowledge

after a process has called exit, the process does not disappear immediately, leaving behind a data structure called the zombie process (Zombie). In the 5 states of the Linux process, the zombie process is a very special one, it has abandoned almost all memory space, no executable code, and can not be scheduled, just keep a position in the process list, record the process's exit status and other information for other processes to collect, in addition, The zombie process no longer occupies any memory space.

We have learned the system call exit, which is to get the process to exit, but only to turn a normal process into a zombie process and not destroy it completely.

The role of the waitpid call and the wait call is to collect the information left by the zombie process and to make the process disappear completely.

once the process has called wait, it blocks itself immediately, and the wait automatically parses if a child process of the current process has exited, and if it finds such a child process that has become a zombie, wait collects the child process information and destroys it and returns If no such sub-process is found, wait is stuck here until one appears.

execis called the exec system call, in fact, in Linux, there is no EXEC () function form, exec refers to a set of functions, a total of 6, namely:

#include <unistd.h>int execl (const char *path, const char *arg, ...); int EXECLP (const char *file, const char *arg, ...);  int execle (const char *path, const char *arg, ..., Char *const envp[]); int execv (const char *path, char *const argv[]); int EXECVP (const char *file, char *const argv[]); int execve (const char *path, char *const argv[], char *const envp[]);

only Execve is the real system call, and the others are packaged library functions on this basis.

The role of exec is to find the executable file according to the specified file name and use it to replace the contents of the calling process, in other words, execute an executable file inside the calling process. The executable file here can be either a binary file or a script file that can be executed under any Linux.

Unlike the general case, the function of the EXEC function family does not return after successful execution, because the entity that invokes the process, including the code snippet, the data segment, and the stack have been replaced by the new content, leaving only some surface information, such as the process ID, to remain as it is, rather "Jinchantuoqiao" in the "36 gauge". It looks like an old shell, but it's already infused with a new soul.

Only the calls fail, they return a-1, which is then executed from the point of invocation of the original program.

Now we should understand how Linux executes the new program, and whenever a process thinks that it can't make any contribution to the system or user, he can use the last bit of heat, call any exec, and make himself reborn with a new face, or, more generally, If a process wants to execute another program, it can fork out a new process and call any exec, which looks like a new process is generated by executing the application.

in fact, the second situation is so prevalent that Linux is optimized for it, and we already know that fork will copy all the contents of the calling process into the newly generated subprocess, and the actions of those copies are time consuming. And if we call exec immediately after the fork is finished, the hard copy will be erased immediately, which looks very uneconomical, so people have designed a "copy-on-write (copy-on-write)" technique that does not immediately replicate the contents of the parent process after the fork is finished. But to the real practical time only to copy, so if the next statement is exec, it will not be vain to work hard, but also improve efficiency.

Linux system calls