Develop Reference

Process and child creation by forking: unexplainable behaviour

I have the following code:
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
int main()
{
for(int i=0;i<3;i++)
{
int cpid=fork();
if(cpid==0)
printf("I am a child with id %d, and my parent is %d\n",getpid(),getppid());
else
printf("I am a parent with id %d\n",getpid());
}
}
I am trying to form a process tree. The output is:
I am a parent with id 9494
I am a parent with id 9494
I am a child with id 9495, and my parent is 9494
I am a parent with id 9494
I am a child with id 9496, and my parent is 9494
I am a parent with id 9495
I am a parent with id 9496
I am a parent with id 9495
I am a child with id 9498, and my parent is 9495
I am a parent with id 9498
I am a child with id 9499, and my parent is 3004
I am a child with id 9497, and my parent is 3004
I am a child with id 9500, and my parent is 3004
I am a child with id 9501, and my parent is 3004
I cannot figure out where is the process with id 3004 coming in. How many total processes are created as a result of this code? What will be the final process tree? I am beginner.

I'll help with the mystery of process 3004. The rest should be reasonably easy to figure out on your own (you might want to add cpid to the second printf() to help with that).
I am a child with id 9499, and my parent is 3004
What happened here is that the original parent of process 9499 had died before 9499 had a chance to call getppid(). When the parent of a process dies, that process gets re-parented. In your case, the new parent's pid is 3004. This process is not part of the process tree created by your program (it probably sits somewhere above it in the overall process tree), so you don't see a "I am a parent with id" for it.
Here is some relevant reading: process re-parenting: controlling who is the new parent.

Try this piece of code.
The output of this code will explain alot more things to you. Some of the processes print their respective printf function after their parent process died. These processes(orphan process) are adopted by some other processes. That could be the reason for a peculiar pid being printed by printf function. Also, there is a race-condition between creation of processes and printing of their respective pid which can be seen in the output of the code below.
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
int main()
{
printf("Main\n");
for(int i=0;i<3;i++) {
printf("Loop index - %d and pid is - %d\n", i, getpid());
int cpid=fork();
if(cpid==0)
printf("I am a child with id %d, and my parent is %d with loop index - %d\n",getpid(),getppid(), i);
else
printf("I am a parent with id %d and with loop index - %d\n",getpid(), i);
}
printf("Terminated - %d\n", getpid());
return 0;
}

is nice() used to change the thread priority or the process priority?

The man page for nice says "nice() adds inc to the nice value for the calling process. So, can we use it to change the nice value for a thread created by pthread_create?
EDIT:
It seems that we can set the nice value per thread.
I wrote an application, setting different nice values for different threads, and observed that the "nicer" thread has been scheduled with lower priority. Checking the output, I found that the string "high priority ................" gets outputted more frequently.
void * thread_function1(void *arg)
{
const pid_t tid = syscall(SYS_gettid);
int ret = setpriority(PRIO_PROCESS, tid, -10);
printf("tid of high priority thread %d , %d\n", tid ,getpriority(PRIO_PROCESS, tid));
while(1)
{
printf("high priority ................\n");
}
}
void * thread_function(void *arg)
{
const pid_t tid = syscall(SYS_gettid);
int ret = setpriority(PRIO_PROCESS, tid, 10);
printf("tid of low priority thread %d , %d \n", tid ,getpriority(PRIO_PROCESS, tid));
while(1)
{
printf("lower priority\n");
}
}
int main()
{
pthread_t id1;
pthread_t id2;
pid_t pid = getpid();
pid_t tid = syscall(SYS_gettid);
printf("main thread : pid = %d , tid = %d \n" , pid, tid);
pthread_create(&id1, NULL, thread_function1, NULL);
pthread_create(&id2, NULL,thread_function, NULL);
pthread_join(id1, NULL);
pthread_join(id2, NULL);
}

The pthreads man page says:
POSIX.1 also requires that threads share a range of other attributes
(i.e., these attributes are process-wide rather than per-thread):
[...]
nice value (setpriority(2))
So, theoretically, the "niceness" value is global to the process and shared by all threads, and you should not be able to set a specific niceness for one or more individual threads.
However, the very same man page also says:
LinuxThreads
The notable features of this implementation are the following:
[...]
Threads do not share a common nice value.
NPTL
[...]
NPTL still has a few non-conformances with POSIX.1:
Threads do not share a common nice value.
So it turns out that both threading implementations on Linux (LinuxThreads and NPTL) actually violate POSIX.1, and you can set a specific niceness for one or more individual threads by passing a tid to setpriority() on these systems.

According to the man page for setpriority, a lower nice value (nice values are in the range of -20 to 20) means higher priority in scheduling. It looks like your program works as expected (nice = -10 gives this thread higher priority).

I wanted to test how changing these values really affects the thread's priority, so I modified your snippet to this benchmark:
Running on default SCHED_OTHER scheduling policy
Created 12 low priority threads to make sure they compete on resources - on Red hat 7 with 8 cores. (cat /proc/cpuinfo)
Modified the thread_function() to do some "number crunching work"
When setting to edge priorities you can definitely see with top -H that the high priority thread runs more often, but no starvation occurs to other threads. relevant fields are NI and TIME+
From top man page:
NI -- Nice Value
The nice value of the task. A negative nice value means
higher priority, whereas a positive nice value means lower
priority. Zero in this field simply means priority will not
be adjusted in determining a task's dispatch-ability.
TIME -- CPU Time
Total CPU time the task has used since it started.
#include<cstdio>
#include<pthread.h>
#include<unistd.h>
#include<sys/syscall.h>
#include<sys/resource.h>
#include <stdio.h>
#include <stdlib.h>
#define NUM_THREADS 12
struct ThreadParams{
const char* priority;
const int niceLevel;
};
void * thread_function(void *arg)
{
const pid_t tid = syscall(SYS_gettid);
struct ThreadParams* params = (ThreadParams*)arg;
int ret = setpriority(PRIO_PROCESS, tid, params->niceLevel);
printf("tid of %s priority thread %d , %d\n", params->priority, tid ,getpriority(PRIO_PROCESS, tid));
long long int count = 0;
while(1)
{
count++;
if(count == 10000000000) //10^10 iterations
{
printf("%s priority ................\n", params->priority);
count = 0;
}
}
}
int main()
{
pthread_t tIdHigh;
pthread_t tIdsLow[NUM_THREADS];
pid_t pid = getpid();
pid_t tid = syscall(SYS_gettid);
printf("main thread : pid = %d , tid = %d \n" , pid, tid);
struct ThreadParams highParams = {"High", -20};
struct ThreadParams lowParams = {"Low", 19};
for(int i=0; i < NUM_THREADS ; i++)
{
pthread_create(&(tIdsLow[i]), NULL,thread_function, &lowParams);
}
pthread_create(&tIdHigh, NULL, thread_function, &highParams);
for(int i=0; i < NUM_THREADS ; i++)
{
pthread_join(tIdsLow[i], NULL);
}
pthread_join(tIdHigh, NULL);
return 0;
}
Compiled with g++ <FILE_NAME>.cpp -lpthread.
Run top -H -p $(pidof <PROCESS_NAME>) to enable Threads-mode and get information for specific process

Programmatically get parent pid of another process?

I tried google, but found getppid() which gets the parent pid of the current process.
I need something like getppid(some_other_pid), is there such a thing? Basically takes the pid of some process and returns the parent process' pid.

I think the simplest thing would be to open "/proc" and parse the contents.
You'll find the ppid as the 4th parameter of /proc/pid/stat
In C, libproc has a get_proc_stats function for parsing that file: see Given a child PID how can you get the parent PID for an example.

or from a unix shell you can try ps -p <child_pid> -o ppid=

I am 7 years late to the party but for anyone who may stumble upon this question, here's an alternative solution on OS X. Other answers posted here are correct and sysctl() will do the job, but you can also use proc_pidinfo to obtain a lot of useful information about a process.
#include <libproc.h>
int getppid(const pid_t pid)
{
proc_bsdinfo info;
proc_pidinfo(pid, PROC_PIDTBSDINFO, 0, &info, sizeof(info));
return info.pbi_ppid;
}
Obviously, additional error checking is required.

You can have a look at sysctl() system call and this link.

one more way to get it from proc entry:
cat /proc/<pid>/status | grep PPid:

We can use pstree command also.
pstree -p -s <pid of the process>
pstree -s gives tree of all the ancestors. Adding -p will give you the pid as well.
Example :Assume there is a process with pid=6206. Using the pstree command
pstree -p -s 6206
You will get the process tree.
systemd(1)───lightdm(1066)───lightdm(1191)───upstart(1360)───gnome-terminal-(5222)───bash(5229)───cpu-print(6206)
Here the parent PID is 5229

An easy way to craft this in pure C with only standard libraries:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#define MAXBUF (BUFSIZ * 2)
int pgetppid(int pid) {
int ppid;
char buf[MAXBUF];
char procname[32]; // Holds /proc/4294967296/status\0
FILE *fp;
snprintf(procname, sizeof(procname), "/proc/%u/status", pid);
fp = fopen(procname, "r");
if (fp != NULL) {
size_t ret = fread(buf, sizeof(char), MAXBUF-1, fp);
if (!ret) {
return 0;
} else {
buf[ret++] = '\0'; // Terminate it.
}
}
fclose(fp);
char *ppid_loc = strstr(buf, "\nPPid:");
if (ppid_loc) {
ppid = sscanf(ppid_loc, "\nPPid:%d", &ppid);
if (!ppid || ppid == EOF) {
return 0;
}
return ppid;
} else {
return 0;
}
}
int main () {
int ppid, pid = 373; // my current cron pid
ppid = pgetppid(pid);
printf("PPid = %d\n", ppid);
}

Can I set the process group of an existing process?

I have a bunch of mini-server processes running. They're in the same process group as a FastCGI server I need to stop. The FastCGI server will kill everything in its process group, but I need those mini-servers to keep running.
Can I change the process group of a running, non-child process (they're children of PID 1)? setpgid() fails with "No such process" though I'm positive its there.
This is on Fedora Core 10.
NOTE the processes are already running. New servers do setsid(). These are some servers spawned by older code which did not.

One thing you could try is to do setsid() in the miniservers. That will make them session and process group leaders.
Also, keep in mind that you can't change the process group id to one from another session, and that you have to do the call to change the process group either from within the process that you want to change the group of, or from the parent of the process.
I've recently written some test code to periodically change the process group of a set of processes for a very similar task. You need not change the group id periodically, it's just that I thought I might evade a certain script that periodically checked for a group that runs for longer than a certain amount of time. It may also help you track down the error that you get with setpgid():
#include <stdlib.h>
#include <unistd.h>
#include <stdio.h>
#include <fcntl.h>
#include <errno.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <string.h>
void err(const char *msg);
void prn(const char *msg);
void mydaemon();
int main(int arc, char *argv[]) {
mydaemon();
if (setsid() < 0)
err("setsid");
int secs = 5*60;
/* creating a pipe for the group leader to send changed
group ids to the child */
int pidx[2];
if (pipe(pidx))
err("pipe");
fcntl(pidx[0], F_SETFL, O_NONBLOCK);
fcntl(pidx[1], F_SETFL, O_NONBLOCK);
prn("begin");
/* here the child forks, it's a stand in for the set of
processes that need to have their group ids changed */
int child = fork();
switch (child) {
case -1: err("fork3");
case 0:
close(pidx[1]);
while(1) {
sleep(7);
secs -= 7;
if (secs <= 0) { prn("end child"); exit(0); }
int pid;
/* read new pid if available */
if (read(pidx[0], &pid, sizeof pid) != sizeof pid) continue;
/* set new process group id */
if (setpgid(getpid(), pid)) err("setpgid2");
prn("child group changed");
}
default: break;
}
close(pidx[0]);
/* here the group leader is forked every 20 seconds so that
a new process group can be sent to the child via the pipe */
while (1) {
sleep(20);
secs -= 20;
int pid = fork();
switch (pid) {
case -1: err("fork2");
case 0:
pid = getpid();
/* set process group leader for this process */
if (setpgid(pid, pid)) err("setpgid1");
/* inform child of change */
if (write(pidx[1], &pid, sizeof pid) != sizeof pid) err("write");
prn("group leader changed");
break;
default:
close(pidx[1]);
_exit(0);
}
if (secs <= 0) { prn("end leader"); exit(0); }
}
}
void prn(const char *msg) {
char buf[256];
strcpy(buf, msg);
strcat(buf, "\n");
write(2, buf, strlen(buf));
}
void err(const char *msg) {
char buf[256];
strcpy(buf, msg);
strcat(buf, ": ");
strcat(buf, strerror(errno));
prn(buf);
exit(1);
}
void mydaemon() {
int pid = fork();
switch (pid) {
case -1: err("fork");
case 0: break;
default: _exit(0);
}
close(0);
close(1);
/* close(2); let's keep stderr */
}

After some research I figured it out. Inshalla got the essential problem, "you can't change the process group id to one from another session" which explains why my setpgid() was failing (with a misleading message). However, it seems you can change it from any other process in the group (not necessarily the parent).
Since these processes were started by a FastCGI server and that FastCGI server was still running and in the same process group. Thus the problem, can't restart the FastCGI server without killing the servers it spawned. I wrote a new CGI program which did a setpgid() on the running servers, executed it through a web request and problem solved!

It sounds like you actually want to daemonise the process rather than move process groups. (Note: one can move process groups, but I believe you need to be in the same session and the target needs to already be a process group.)
But first, see if daemonising works for you:
#include <unistd.h>
#include <stdio.h>
int main() {
if (fork() == 0) {
setsid();
if (fork() == 0) {
printf("I'm still running! pid:%d", getpid());
sleep(10);
}
_exit(0);
}
return 0;
}
Obviously you should actually check for errors and such in real code, but the above should work.
The inner process will continue running even when the main process exits. Looking at the status of the inner process from /proc we find that it is, indeed, a child of init:
Name: a.out
State: S (sleeping)
Tgid: 21513
Pid: 21513
PPid: 1
TracerPid: 0

ptrace'ing of parent process

Can child process use the ptrace system call to trace its parent?
Os is linux 2.6
Thanks.
upd1:
I want to trace process1 from "itself". It is impossible, so I do fork and try to do ptrace(process1_pid, PTRACE_ATTACH) from child process. But I can't, there is a strange error, like kernel prohibits child from tracing their parent processes
UPD2: such tracing can be prohibited by security policies. Which polices do this? Where is the checking code in the kernel?
UPD3: on my embedded linux I have no errors with PEEKDATA, but not with GETREGS:
child: getregs parent: -1
errno is 1, strerror is Operation not permitted
errno = EPERM

This question really interested me. So I wrote some code to try it out.
Firstly keep in mind, that when tracing a process, the tracing process becomes a parent for most purposes, except in name (i.e. getppid()). Firstly, a snippet of the PTRACE_ATTACH section of the manual is helpful:
PTRACE_ATTACH
Attaches to the process specified in pid, making it a traced
"child" of the calling process; the behavior of the child is as
if it had done a PTRACE_TRACEME. The calling process actually
becomes the parent of the child process for most purposes (e.g.,
it will receive notification of child events and appears in
ps(1) output as the child's parent), but a getppid(2) by the
child will still return the PID of the original parent. The
child is sent a SIGSTOP, but will not necessarily have stopped
by the completion of this call; use wait(2) to wait for the
child to stop. (addr and data are ignored.)
Now here is the code I wrote to test and verify that you can in fact ptrace() your parent (you can build this by dumping it in a file named blah.c and running make blah:
#include <assert.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/ptrace.h>
int main()
{
pid_t pid = fork();
assert(pid != -1);
int status;
long readme = 0;
if (pid)
{
readme = 42;
printf("parent: child pid is %d\n", pid);
assert(pid == wait(&status));
printf("parent: child terminated?\n");
assert(0 == status);
}
else
{
pid_t tracee = getppid();
printf("child: parent pid is %d\n", tracee);
sleep(1); // give parent time to set readme
assert(0 == ptrace(PTRACE_ATTACH, tracee));
assert(tracee == waitpid(tracee, &status, 0));
printf("child: parent should be stopped\n");
printf("child: peeking at parent: %ld\n", ptrace(PTRACE_PEEKDATA, tracee, &readme));
}
return 0;
}
Note that I'm exploiting the replication of the parent's virtual address space to know where to look. Also note that when the child then terminates, I suspect there's an implicit detach which must allow the parent to continue, I didn't investigate further.

Yes it is possible...
Even GETREGS works.
Checked on x86
(based on Matt Joiner code, thanks him)
#include <assert.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/ptrace.h>
#include <sys/types.h>
#include <sys/user.h>
int main()
{
pid_t pid = fork();
// assert(pid != -1);
int status;
long readme = 0;
struct user_regs_struct regs;
if (pid)
{
readme = 42;
printf("parent: child pid is %d\n", pid);
assert(pid == wait(&status));
printf("parent: child terminated?\n");
assert(0 == status);
}
else
{
pid_t tracee = getppid();
printf("child: parent pid is %d\n", tracee);
sleep(1); // give parent time to set readme
assert(0 == ptrace(PTRACE_ATTACH, tracee));
assert(tracee == waitpid(tracee, &status, 0));
printf("child: parent should be stopped\n");
printf("child: peeking at parent: %ld\n", ptrace(PTRACE_PEEKDATA, tracee, &readme, NULL));
printf("Regs was %p, %p, %p, %p; &status is %p \n", regs.eax, regs.ebx, regs.ecx, regs.edx, &status);
printf("child: getregs parent: %ld\n", ptrace(PTRACE_GETREGS, tracee, NULL, &regs));
printf("Regs is %p, %p, %p, %p; &status is %p \n", regs.eax, regs.ebx, regs.ecx, regs.edx, &status);
}
return 0;
}
result:
child: parent pid is 1188
parent: child pid is 1189
child: parent should be stopped
child: peeking at parent: 42
Regs was (nil), (nil), (nil), (nil); &status is 0xbfffea50
child: getregs parent: 0
Regs is 0xfffffe00, 0xffffffff, 0xbfffea50, (nil); &status is 0xbfffea50
parent: child terminated?