Understanding and Managing Zombie Processes in Linux — With Working Example!
In Linux, a Zombie Process is a process that has completed execution but still has an entry in the process table. This article explains zombie processes in simple terms and provides a step-by-step guide to simulate and manage a zombie process using a Docker container.
# Let’s start with “What is a Zombie Process?”
> To understand Zombie, let’s try to understand the Basic Lifecycle of a Process 👇
1. Execution: A process executes its tasks.
2. Termination: After completing its tasks, the process terminates.
3. Zombie State: The process moves into a zombie state if its parent process hasn’t yet read its exit status.
4. Reaping/Collecting: The parent process collects the exit status using system calls like wait()
, and the zombie process entry is removed from the process table.
— — — — — — — — — — — — OPTIONAL — — — — — — — — — — — — — —
To those to hear the word process table
for the first time, let me take a quick detour of what is a Process Table:
The process table
is a table or a record used by the operating system to keep track of all active processes. Each entry contains essential information about a process, such as its unique Process ID (PID), state, memory usage, and more. It helps manage and schedule processes, allocate resources, and facilitate communication between them. Without this record or table, it is impossible to manage the thousands of processes.
In simple words, if you are a Microsoft Windows users, it is the programs that you see in Task Manager
GUI.
For Linux users, you can find the process table
using ps
or top
commands:
Useful Resources on Processes: Geeksforgeeks
— — — — — — — — — — — — OPTIONAL — — — — — — — — — — — — — —
> Why Do Zombie Processes Occur?
When a child process terminates, but its parent process does not call wait()
to collect the exit()
status. This leaves an entry in the process table until the parent process acknowledges the information from the terminated child process.
> Resource Impact
While zombie processes do not consume CPU or memory resources, they occupy a slot in the process table. If too many zombies accumulate, it can prevent the creation of new processes.
If you have a question 🤔 of “What is the total size of the process table or how many maximum processes I could simultaneously run?”
As a Linux users, try running:
# Linux
$ cat /proc/sys/kernel/pid_max
$ 99999
# Note, 99999 is the number of pid_max, but remember, each process utilizes
# a part of the memory so it will be challenging to occupy the
# complete process table.
For Windows, please feel free to use the “Windows Subsystem for Linux(WSL)”
# Simulating and Managing a Zombie Process
* Step 1: Create a Docker Container
(Assuming, you already installed Docker Desktop and its dependencies)
Start by creating a Docker container
with an Ubuntu
image:
docker run -it - name zombie-demo ubuntu
* Step 2: Write a Program to Generate a Zombie Process
Inside the Docker container, create a C
program to demonstrate a zombie process. Save the following code as zombie.c
:
// zombie.c
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>
int main() {
pid_t pid = fork();
if (pid < 0) {
// Fork failed
perror("fork");
exit(EXIT_FAILURE);
}
if (pid == 0) {
// Child process
printf("Child process (PID: %d) exiting...\n", getpid());
exit(EXIT_SUCCESS); // Exit, but parent won't clean up
} else {
// Parent process
printf("Parent process (PID: %d) sleeping...\n", getpid());
sleep(60); // Sleep for a while to allow checking zombie status
printf("Parent process waking up...\n");
}
return 0;
}
* Step 3: Compile and Run the Program
Install gcc
(refer, what is GNU Compiler Collection) if it’s not already available and compile the program:
apt-get update
apt-get install -y gcc
gcc -o zombie zombie.c ## Compiling the C program
./zombie ## To run the compiled program
Output
After 60 seconds i.e. once the parent process completes the sleep cycle, you’ll get this Output:
* Step 4: Check for Zombie Processes
In another terminal, check the process list to identify the zombie process:
ps aux | grep 'Z'
You should see an entry with a status of Z
(for zombie), such as:
From the above top
command, you could clearly notice that the Zombie is updated to 1
and you can notice the character Z
against a Zombie command.
* Step 5: Manage Zombie Processes
After the parent process completes its sleep
, it should automatically clean up the zombie process. You can manually kill
the zombie process by sending a signal to the parent process:
kill -s SIGCHLD <enter_the_parent_pid>
To Find the parent process ID (PID)
with:
ps aux | grep 'zombie'
Or, just use top as mentioned above
> Conclusion
Zombie processes are those that have finished execution but remain in the process table
because their parent hasn’t collected their exit()
status. By using Docker
and a simple C program
, you can simulate and manage zombie processes to understand their behavior and how to handle them effectively.
> Additional Resources
- You can check this WikiPedia page on Zombie Processes, it is interesting with a code snippet.
- Useful Resources on Processes: Geeksforgeeks