no edit summary
The process dumper (lets call it a dumper further) does the following steps during checkpoint stage
A '''$pid''' of a process group leader is obtained from the command line.# By using this '''$pid''' the dumper walks though '''/proc/$pid/ status''' and gathers children '''$pids''' recursively. At the end we will have a process tree.# Then it takes every '''$pid''' from a process tree, sends '' SIGSTOP'' to every process found, and performs the following steps on each '''$pid'''.# * Collects VMA areas by parsing '''/proc/$pid/maps'''.# * Seizes a task via relatively new ptrace interface. Seizing a task means to put it into a special state when the task have no idea if it' s being operated by ptrace.# * Core parameters of a task (such as registers and friends) are being dumped via ptrace interface and parsing '''/proc/$pid/stat''' entry.# * The dumper injects a parasite code into a task via ptrace interface. This allows us to dump pages of a task right from within the task's address space. #** An injection procedure is pretty simple - the dumper scans executable VMA areas of a task (which were collected previously) and tests if there a place for <code>syscall </code> call, then (by ptrace as well) it substitutes an original code with <code>syscall </code> instructions and creates a new VMA area inside process address space. #** Finally parasite code get copied into the new VMA and the former code which was modified during parasite bootstrap procedure get restored.# * Then ( by using a parasite code) the dumper flushes contents of a task's pages to the file. And pulls out parasite code block completely, since we don't need it anymore. #* Once parasite removed a task get unseized via ptrace call but it remains stopped still. #* The dumper writes out files and pipes parameter and data.
# The procedure continues for every '''$pid'''.