Find the answer to your Linux question:
Results 1 to 7 of 7
How does a SIGKILL Signal terminate a process. There is no Signal handler for SIGKILL , then what is the code that is executed which kills the process. I have ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Dec 2011
    Posts
    30

    process termination through SIGKILL signal


    How does a SIGKILL Signal terminate a process.
    There is no Signal handler for SIGKILL , then what is the code that is executed which kills the process. I have traced the Kill() system call but didnt got any clue!!
    Can any one please tell me how this Signal terminates a process AND what is the code that is executed to do that

  2. #2
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,701
    SIGKILL can't be caught or ignored, and will simply terminate the process.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

  3. #3
    Just Joined!
    Join Date
    Dec 2011
    Posts
    30
    Quote Originally Posted by Rubberman View Post
    SIGKILL can't be caught or ignored, and will simply terminate the process.
    emanueljsmith08@gmail.com

    Ya , know that sigkill cant be caught and ignored !! But this was not my question I have asked how a process terminates because of SIGKILL and what code is executed so that the process frees its resources .. I also know that SIGKILL is fatal and might not give chance to the process to perform cleanup of resources .. But SIGTERM is a signal which allows the process to perform the cleanup of the resources .. So, what is the code that is executed for this??? I want to know how exactly these signal makes the process to release its resources and terminate .. I have traced a lot of code of the kernel for this but didnt got any answer
    Please tell me how and what code in the kernel is executed to release the resources of the process and terminate it??
    I have also googled a lot but no clue
    Please help me out!!

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,701
    Quote Originally Posted by Innovator View Post
    emanueljsmith08@gmail.com

    Ya , know that sigkill cant be caught and ignored !! But this was not my question I have asked how a process terminates because of SIGKILL and what code is executed so that the process frees its resources .. I also know that SIGKILL is fatal and might not give chance to the process to perform cleanup of resources .. But SIGTERM is a signal which allows the process to perform the cleanup of the resources .. So, what is the code that is executed for this??? I want to know how exactly these signal makes the process to release its resources and terminate .. I have traced a lot of code of the kernel for this but didnt got any answer
    Please tell me how and what code in the kernel is executed to release the resources of the process and terminate it??
    I have also googled a lot but no clue
    Please help me out!!
    Ok. SIGTERM can be "caught" by a handler. SIGKILL cannot. When a process is delivered a SIGKILL signal, all resources are released immediately. This includes open file handles, network sockets, memory, etc. The major difference between SIGKILL and SIGABRT is that a SIGABRT will also create a core-dump file for later post-mortem analysis (stack frame, variable settings, etc). Also, you can trap SIGABRT in order to do other useful stuff. SIGKILL is basically a "you are dead" signal. SIGABRT is a "you are going to die - do you have any last requests?" signal.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

  6. #5
    Just Joined!
    Join Date
    Feb 2012
    Location
    Hyderabad, India
    Posts
    11
    Quote Originally Posted by Innovator View Post
    emanueljsmith08@gmail.com

    Ya , know that sigkill cant be caught and ignored !! But this was not my question I have asked how a process terminates because of SIGKILL and what code is executed so that the process frees its resources .. I also know that SIGKILL is fatal and might not give chance to the process to perform cleanup of resources .. But SIGTERM is a signal which allows the process to perform the cleanup of the resources .. So, what is the code that is executed for this??? I want to know how exactly these signal makes the process to release its resources and terminate .. I have traced a lot of code of the kernel for this but didnt got any answer
    Please tell me how and what code in the kernel is executed to release the resources of the process and terminate it??
    I have also googled a lot but no clue
    Please help me out!!
    There will be no signal handler for SIGKILL or SIGSTOP. When the kernel notices that the signal is SIGKILL or SIGSTOP some default action (means default code) will be executed. When a signal is delivered a function do_signal() will be called in the kernel. This function calls get_signal_to_deliver() function intern. get_signal_to_deliver() function checks if the signal is SIGSTOP then executes some default code like this:

    if (sig_kernel_stop(signr)) {
    /*
    * The default action is to stop all threads in
    * the thread group. The job control signals
    * do nothing in an orphaned pgrp, but SIGSTOP
    * always works. Note that siglock needs to be
    * dropped during the call to is_orphaned_pgrp()
    * because of lock ordering with tasklist_lock.
    * This allows an intervening SIGCONT to be posted.
    * We need to check for that and bail out if necessary.
    */
    if (signr != SIGSTOP) {
    spin_unlock_irq(&sighand->siglock);

    /* signals can be posted during this window */

    if (is_current_pgrp_orphaned())
    goto relock;

    spin_lock_irq(&sighand->siglock);
    }

    if (likely(do_signal_stop(info->si_signo))) {
    /* It released the siglock. */
    goto relock;
    }

    /*
    * We didn't actually stop, due to a race
    * with SIGCONT or something like that.
    */
    continue;
    }

    For SIGKILL the following code is executed.

    /*
    * Death signals, no core dump.
    */
    do_group_exit(info->si_signo);

    Check get_signal_to_deliver() in linux/kernel/signal.c for more info

  7. #6
    Just Joined!
    Join Date
    Dec 2011
    Posts
    30
    Quote Originally Posted by vedasolutions View Post
    There will be no signal handler for SIGKILL or SIGSTOP. When the kernel notices that the signal is SIGKILL or SIGSTOP some default action (means default code) will be executed. When a signal is delivered a function do_signal() will be called in the kernel. This function calls get_signal_to_deliver() function intern. get_signal_to_deliver() function checks if the signal is SIGSTOP then executes some default code like this:

    if (sig_kernel_stop(signr)) {
    /*
    * The default action is to stop all threads in
    * the thread group. The job control signals
    * do nothing in an orphaned pgrp, but SIGSTOP
    * always works. Note that siglock needs to be
    * dropped during the call to is_orphaned_pgrp()
    * because of lock ordering with tasklist_lock.
    * This allows an intervening SIGCONT to be posted.
    * We need to check for that and bail out if necessary.
    */
    if (signr != SIGSTOP) {
    spin_unlock_irq(&sighand->siglock);

    /* signals can be posted during this window */

    if (is_current_pgrp_orphaned())
    goto relock;

    spin_lock_irq(&sighand->siglock);
    }

    if (likely(do_signal_stop(info->si_signo))) {
    /* It released the siglock. */
    goto relock;
    }

    /*
    * We didn't actually stop, due to a race
    * with SIGCONT or something like that.
    */
    continue;
    }

    For SIGKILL the following code is executed.

    /*
    * Death signals, no core dump.
    */
    do_group_exit(info->si_signo);

    Check get_signal_to_deliver() in linux/kernel/signal.c for more info

    Thank you very much your answer really help!!
    But I am killing a Client program(UNIX SOCKET) using
    kill -9 pid_of_client
    I have trace the whole kill system call
    1) It calls to kill_something_info() function which calls kill_pid_info() etc..
    Then group_send_sig_info() etc.
    I have traced the kill system call but none of the function called in it calls do_signal() function which u said.
    Also the other functions which u said are not called in the kill
    system call.. And I am killing the client using kill system call and SIGKILL signal..
    If the kill() doesnt calls do_signal then which part of the kernel calls it ?? I mean is there other part of kill() which I have not traced ??
    because from my study I didnt get anywhere that Kill() calls do_signal(),do_group_exit() and do_exit() function..
    Your answer is absoluet right but I want to know how the control passes from the kill() to the required function like do_signal , when kill() doesnt itself calls do_signal()..

  8. #7
    Just Joined!
    Join Date
    Feb 2012
    Location
    Hyderabad, India
    Posts
    11
    Quote Originally Posted by Innovator View Post
    Thank you very much your answer really help!!
    But I am killing a Client program(UNIX SOCKET) using
    kill -9 pid_of_client
    I have trace the whole kill system call
    1) It calls to kill_something_info() function which calls kill_pid_info() etc..
    Then group_send_sig_info() etc.
    I have traced the kill system call but none of the function called in it calls do_signal() function which u said.
    Also the other functions which u said are not called in the kill
    system call.. And I am killing the client using kill system call and SIGKILL signal..
    If the kill() doesnt calls do_signal then which part of the kernel calls it ?? I mean is there other part of kill() which I have not traced ??
    because from my study I didnt get anywhere that Kill() calls do_signal(),do_group_exit() and do_exit() function..
    Your answer is absoluet right but I want to know how the control passes from the kill() to the required function like do_signal , when kill() doesnt itself calls do_signal()..

    As you know there are two stages in the signal, signal generation and signal delivery. When you use the kill command to send a signal to a process, this command calls this sys_kill and sys_kill updates the process signal data structures accordingly. And this also sets the _TIF_SIGPENDING flags in the thread_info structure flags. This step is called signal generation.You have traced upto here. And your kill process comes back.

    When the process that you signaled is woken up and when the process context is switching to userspace, it checks if the thread_info _TIF_SIGPENDING flag is set. If yes it will execute the do_signal and the process that I have explained in the previous post executed. This is called signal delivery.

    These are the sequence of function called when the signal is delivered.

    resume_userspace->work_pending->work_notifysig->do_notify_resume->do_signal ....

    use ctags and trace the above functions

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •