Chapter 5

Memory and device management

Memory management, handled by the OS, efficiently allocates RAM to running programs,
tracking usage, preventing conflicts, and using techniques like paging/virtual memory to extend
capacity, while device management controls hardware (disks, printers) via drivers, scheduling
access, and ensuring data flow for all system components, together optimizing performance,
stability, and resource sharing in multitasking environments.

Memory Management

Core Function: The OS manages primary memory (RAM) by keeping track of free/used
locations, allocating space to processes when needed, and reclaiming it when done.

Goals: Maximize CPU utilization, support multitasking, prevent data corruption/leaks (memory
leaks occur when a program allocates memory but fails to release it when it is no longer needed
and data corruption occurs when memory is accessed in an invalid way, such as writing to a
memory location that is not allocated, or reading from memory that has been freed), minimize
fragmentation (fragmentation refers to the situation where memory is divided into small, non-
contiguous blocks of free memory for new processes), and ensure efficient resource use.

Device Management

Core Function: The OS controls hardware devices (storage, I/O) using device drivers to present a
consistent interface, managing requests and data flow.

Goals: Efficient device sharing, data integrity, preventing device conflicts, and optimized I/O
operations.

Memory partitioning

Memory partitioning in an OS divides main memory into sections (partitions) to run multiple
programs, preventing interference, with common types being Fixed Partitioning (predefined,
static sizes, causes internal fragmentation) and Variable/Dynamic Partitioning (sizes adapt to
process needs, reduces internal but creates external fragmentation). For example, in fixed
partitioning, if memory is split into 10MB and 20MB blocks and a 12MB process arrives, it gets
the 20MB block, leaving 8MB unused (internal fragmentation).

Types of Memory Partitioning

 Fixed Partitioning (Static):- Memory is divided into a fixed number of partitions, set at
system boot, which can be of equal or varying sizes (e.g., 10MB, 15MB, 10MB).

Example: A system with partitions A (10MB) and B (20MB). A 7MB process goes into
A (leaving 3MB unused – internal fragmentation); a 15MB process goes into B (leaving
5MB unused).

Pros: Simple to implement, low OS overhead. (OS uses minimal system resources)

Cons: Internal fragmentation (unused space within a partition) and external

fragmentation.

 Variable Partitioning (Dynamic):- Partitions are created dynamically as processes

arrive, sized exactly to the process's needs.

Example: A 12MB process arrives; a 12MB partition is created. A 5MB process arrives;
a 5MB partition is made from remaining memory. When the 5MB process leaves, a 5MB
free block remains.

Pros: Reduces internal fragmentation by allocating exact size.

Cons: Prone to external fragmentation (many small, unusable free blocks between
processes), more complex to manage.

Key Concepts

Internal Fragmentation: Wasted space inside a partition (e.g., a 4MB partition used by a 2MB
process).

External Fragmentation: Wasted space between allocated partitions (e.g., a 10MB free block
stuck between two processes, but too small for a new process).
 Swapping and Paging

Swapping moves entire processes between RAM and disk (swap space) to free memory, while
paging divides processes into fixed-size "pages" (e.g., 4KB) and moves only needed pages,
allowing non-contiguous allocation and virtual memory. Swapping is like moving a whole book
to storage, while paging is like taking specific chapters as needed.

Swapping

 Temporarily moves the entire process (or large segments) from RAM to secondary
storage (swap space) to make room for other processes.

 Fragmentation: Can suffer from external fragmentation (small unusable memory gaps).

Example:- Let’s say we have a system with a main memory of 100 KB, and we have several
processes that require different amounts of memory:

Process A: 30 KB

Process B: 20 KB

Process C: 25 KB

Process D: 15 KB

Process E: 10 KB

Initially, the memory is filled as follows:

[30 KB] A [20 KB] B [25 KB] C [15 KB] D [10 KB] E

Total memory used: 30 + 20 + 25 + 15 + 10 = 100 KB

Now, suppose Process A is swapped out of memory. The memory becomes:

[30 KB] (empty) [20 KB] B [25 KB] C [15 KB] D [10 KB] E

Now, there is a 30 KB gap between Process B and Process C. This is external fragmentation.
Now, suppose Process B is also swapped out. The memory becomes:

[30 KB] (empty) [20 KB] (empty) [25 KB] C [15 KB] D [10 KB] E

Now, there are two gaps: one 30 KB and one 20 KB. The total unused space is 50 KB, but it is
scattered and not contiguous.

Now, suppose we want to load a new process that requires 40 KB of memory. There is no
contiguous block of 40 KB available, even though the total unused space is 50 KB. This is a
problem because the system cannot allocate the memory for the new process.

This is the effect of external fragmentation caused by swapping.

Non-contiguous memory is not allocated during swapping because it is not a single, continuous
block. Swapping typically involves moving contiguous blocks of memory, and non-contiguous
memory is split into multiple segments or pages, which are not swapped as a single unit.

Paging

 Divides a process into fixed-size blocks (pages) and loads only required pages into RAM
(frames), using page tables to map them.

 Eliminates external fragmentation; may cause internal fragmentation (unused space

within the last page).

Example:- Suppose the system uses 4 KB pages and the total memory is 100 KB, which is 25
pages.

Now, suppose we have the following processes:

Process A: 30 KB → 8 pages (32 KB)

Process B: 20 KB → 5 pages (20 KB)

Process C: 25 KB → 7 pages (28 KB)

Process D: 15 KB → 4 pages (16 KB)

Process E: 10 KB → 3 pages (12 KB)

Now, the system can allocate memory in 4 KB blocks, and the memory is filled as follows:

[4 KB] A [4 KB] A [4 KB] A [4 KB] A [4 KB] A [4 KB] A [4 KB] A [4 KB] A

[4 KB] B [4 KB] B [4 KB] B [4 KB] B [4 KB] B

[4 KB] C [4 KB] C [4 KB] C [4 KB] C [4 KB] C [4 KB] C [4 KB] C

[4 KB] D [4 KB] D [4 KB] D [4 KB] D

[4 KB] E [4 KB] E [4 KB] E

Now, even if some pages are not fully used (e.g., Process A uses 8 pages but only needs 30 KB),
the system can still allocate memory in fixed-size blocks, and the unused space is internal to the
page, not external.

Key Differences

What Moves: Swapping moves the whole process, Paging moves pages.

Memory Allocation: Paging allows non-contiguous allocation, Swapping often requires

contiguous space.

Virtual Memory: Paging is fundamental to virtual memory; Swapping is a simpler mechanism

for memory overflow.

Segmentation

Segmentation is a memory management technique that divides a program into logical, variable-
sized chunks called segments (like code, data, stack, functions), allowing for better organization
and protection, where a memory address is specified by a segment number (identifies the
segment in the segment table) and an offset (specifies the location within the segment) within it,
unlike fixed-size paging. The segment number and offset work together to determine the physical
address in a segmented memory system, enabling efficient and flexible memory management.
An example is a program being split into a code segment, a data segment for global variables,
and a stack segment for function calls, with the OS using a segment table to map these logical
parts to physical memory. Each segment gets memory based on its actual size, not a fixed block
size. A table stores each segment's base address (where it starts in physical memory) and its limit
(length). A memory request uses a two-part address: (segment_number, offset). The OS checks if
offset < limit. If valid, it adds the offset to the segment's base address to find the physical
memory location. (The actual position in RAM where data is stored and retrieved. It is absolute
address that the CPU uses to access memory directly). Physical Address Calculated as (Segment
Number × 16) + Offset. Physical Address is the actual address in RAM. Used by the CPU to
access memory. Logical Address is virtual address used by the program. It is translated into a
physical address by the MMU. The computer’s memory management unit (MMU) uses this
physical address to retrieve or store data from or to the physical memory.

Example

Suppose a program wants to store a value at memory location 0x10200:

This is a physical memory location.

The CPU uses this address to access the actual memory byte at that position.

Example

Suppose:

A segment has a base address of 0x1000

The offset within the segment is 0x200

Then the physical address is: 0x1000+0x200=0x1200

🧩 Why is the Base Address Important?

It defines the starting point of the segment in physical memory.

It is used by the memory management unit (MMU) to translate a logical address (segment +
offset) into a physical address.

It helps the CPU locate the correct memory location.

Example: A C Program
When you compile a C program:

Code Segment: Contains your actual functions (like main(), printf()).

Data Segment: Holds global and static variables (e.g., int global_counter;).

Stack Segment: Manages local variables and function calls for each execution.

Heap Segment: For dynamic memory allocation (e.g., malloc()).

The OS loads these logical segments into non-contiguous physical memory, ensuring printf in
the code segment can access data in the data segment using its segment number and offset.

Buffering strategies

Buffering strategies in an OS use temporary memory areas (buffers) to smooth speed differences
between fast and slow devices, handle different data sizes, and improve I/O efficiency, with
examples like single buffering (keyboard to app), double buffering (overlapped I/O for
gaming/video), and buffer pools (efficient disk access) for tasks like printing, streaming, and file
transfers, allowing devices to work concurrently.

Key Buffering Strategies & Examples:

 Single Buffering (Block/Line Buffering):- One buffer holds data from input until full
(or a line is typed), then moves to output; input waits if the buffer is busy.

Example: A text editor storing keystrokes in a buffer before writing to disk; a modem receiving
data that waits in a buffer before being written to the slow hard drive in one go.

 Double Buffering (Overlapped I/O):- Uses two buffers, allowing input to fill one while
the CPU processes the other, eliminating waits.

Example: Video streaming or gaming; one buffer holds data for immediate display while the next
chunk downloads into the second buffer.

 Buffer Pools:-A collection of pre-allocated buffers managed by the OS for reuse,

reducing allocation overhead.
Example: Database systems use buffer pools to cache disk blocks, speeding up repeated reads.

Direct Memory Access

Direct Memory Access (DMA) in an OS lets peripherals (like disks, network cards) transfer data
directly to/from RAM without the CPU's constant help, boosting efficiency for large transfers by
freeing the CPU. An example is a hard drive saving a large file: the CPU tells the DMA
Controller (DMAC) where to save (RAM address) and what to save (from disk); the DMAC
takes the system bus, manages the transfer word-by-word or block-by-block, and interrupts the
CPU only when done, significantly speeding up the process.

Example: Network Card Streaming Video

Scenario: A computer receives a high-bandwidth video stream over the network.

Without DMA: The network card interrupts the CPU for every incoming packet, forcing the
CPU to fetch the packet, move it to RAM, then handle the next, creating high CPU load and
potential buffering issues.

With DMA: The CPU configures the network card and DMA Controller to move data directly to
a specific video buffer in RAM.

As video data arrives, the network card signals the DMAC.

The DMAC grabs the bus, moves large chunks of video data straight into the RAM buffer.

The CPU is only interrupted when the buffer is nearly full or completely filled, allowing
uninterrupted playback and high performance.

Key Benefits

Frees CPU: CPU isn't bogged down moving data.

Faster Transfers: Direct device-to-memory path is quicker.

Improved Performance: System handles more tasks concurrently.

 Recovery from failure

OS failure recovery involves methods like checkpoints (backward/forward recovery), replication,

log-based updates, and failover to restore system state and data, preventing total loss after
crashes, with a common example being a database using undo/redo logs to fix transactions, or a
web server using failover to a redundant server when one fails.

Key Recovery Techniques

Check pointing (Backward Recovery): Periodically saves the system's state (checkpoint). Upon
failure, the system rolls back to the last good checkpoint, discarding recent changes but ensuring
consistency.

Example: A running application periodically saves its progress to disk. If it crashes, it restarts
from the last saved point, losing only the work done since that checkpoint.

Log-Based Recovery (Undo/Redo): Uses transaction logs to record changes.

Undo: Reverses uncommitted changes (e.g., partial database writes) after a crash.

Redo: Re-applies committed changes that might not have fully written to disk.

Example (DBMS): A bank transaction partially debits one account but crashes before crediting
another. The log allows the system to "undo" the debit, preventing money loss.

Replication & Failover: Maintains duplicate systems or data. If the primary fails, a secondary
takes over (failover).

Example: A highly available web server cluster. If one server crashes, a load balancer redirects
all user traffic to the remaining healthy servers, offering continuous service.

Forward Recovery: Attempts to bring the system from an error state to a correct state, rather than
rolling back, often using anticipated error correction.

System/Process Isolation: Isolating components (like micro services) so a failure in one doesn't
crash the whole OS, using techniques like watchdog timers to restart faulty processes.
Example: A failed video decoding process in a media server can be automatically killed and
restarted by the OS without affecting the main application.

Example Scenario: Database Failure

Failure: A database server running a critical e-commerce transaction (e.g., placing an order)
crashes due to a kernel panic (OS failure).

Detection: A watchdog timer or cluster manager detects the server is unresponsive.

Recovery (Log-Based):

The database restarts, reads its transaction log.

It finds the "place order" transaction was committed (all steps logged) but never fully written to
disk. It uses the redo function to complete the order.

If the transaction was only started (e.g., user clicked "checkout" but payment wasn't processed),
it uses the undo function to remove any partial records.

Recovery (Failover): A standby database server seamlessly takes over the live connections,
allowing users to continue browsing without interruption (if replication was set up).
 Chapter 6

Security and protection

System security protects information systems (hardware, software, data) from unauthorized
access, damage, or disruption by ensuring Confidentiality, Integrity, and Availability through
controls like authentication, authorization, encryption, and policies, defending against threats like
malware, attacks, and insider risks to maintain intended system behavior. It covers everything
from boot-up to software, focusing on preventing unauthorized use and ensuring reliable
operation.

Core Principles

Confidentiality: Keeping data secret from unauthorized users (e.g., passwords, encryption).

Integrity: Ensuring data isn't altered or destroyed improperly (e.g., access controls, file
permissions).

Availability: Making sure systems and data are accessible to authorized users when needed (e.g.,
backups, preventing DoS).

Key Components & Measures

Authentication: Verifying user identity (passwords, biometrics, MFA).

Authorization: Granting specific permissions after authentication (access controls, least

privilege).

Encryption: Scrambling data to protect confidentiality.

Firewalls: Filtering network traffic based on security rules.

Access Controls: Managing who can use what resources.

Software/Patch Management: Keeping systems updated to fix vulnerabilities.

 Common Threats & Attacks

Malware: Viruses, worms, Trojans.

Denial of Service (DoS): Overwhelming systems to make them unavailable.

Injection Attacks: Inserting malicious code (e.g., SQL injection).

Unauthorized Access: Gaining entry without permission (hacking, spoofing).

Data Breaches: Unauthorized disclosure of sensitive information.

How It Works

System security is a layered approach, combining technical controls (software, firewalls) with
administrative policies (rules, procedures) to protect resources like CPU, memory, disks, and
stored data from internal and external threats, ensuring systems operate as intended.

Policies and mechanism of system security

System security involves high-level Policies (rules like "only managers can access financial
data") enforced by technical Mechanisms (like Access Control Lists/ACLs or Firewalls) to
protect data's Confidentiality, Integrity, and Availability (CIA Triad), with examples including
Password Policies enforced by MFA, Network Policies by Intrusion Detection Systems, and Data
Policies by Encryption.

Security Policies (The "What" & "Why")

These are formal documents outlining an organization's security goals and rules, often
categorized by scope.

Program Policies (High-Level): Set overall security tone (e.g., "All data must be protected").

Issue-Specific Policies: Address particular areas (e.g., Email Usage, Remote Access).

System-Specific Policies: Define rules for individual systems (e.g., a server).

Examples:

Password Policy: Requires complex, regularly changed passwords.

Data Classification Policy: Defines data sensitivity (Public, Internal, Confidential).

Network Security Policy: Dictates firewall rules and VPN usage.

Security Mechanisms (The "How")

These are the tools, processes, and technologies that implement and enforce security policies.

Examples:

Access Control:

Policy: Only authorized users can print checks.

Mechanism: ACLs (Access Control Lists) or Role-Based Access Control (RBAC) in the system.

Authentication & Authorization:

Policy: Verify user identity before access.

Mechanism: Multi-Factor Authentication (MFA), Biometrics, Single Sign-On (SSO).

Data Protection:

Policy: Encrypt sensitive data at rest and in transit.

Mechanism: Encryption (e.g., AES), Data Loss Prevention (DLP) tools.

Malware Protection:

Policy: Prevent unauthorized software execution.

Mechanism: Antivirus/Anti-malware software, Endpoint Detection & Response (EDR).

System Hardening:

Policy: Keep systems updated and configured securely.

Mechanism: Patch management, Security Configuration Baselines.

Key Principle: CIA Triad (Confidentiality, Integrity, Availability)

Confidentiality: Preventing unauthorized disclosure (e.g., encryption, strong passwords).

Integrity: Preventing unauthorized modification (e.g., hashing, digital signatures, access

controls).

Availability: Ensuring timely, reliable access (e.g., backups, redundancy, DDoS protection).

System protection and authentication

System protection secures resources (memory, CPU, files) using authentication (verifying
identity) and authorization (granting access), with examples like passwords, biometrics
(fingerprints, face ID), MFA (password + SMS code), tokens (physical keys, digital codes), SSO
(Google/Facebook login), and OS controls (file permissions, encryption). These methods ensure
only verified users access specific system functions or data, balancing security with user
experience.

System Protection Mechanisms

These are broader OS-level defenses:

Memory Protection: Isolates processes so one can't access another's memory.

CPU Protection: Prevents runaway processes from monopolizing the CPU.

File Permissions: chmod in Linux controls read/write/execute access for users/groups.

Encryption: Scrambles data (like BitLocker) to protect it if stolen.

Access Control Lists (ACLs): Define who can do what to specific resources.

Authentication Methods (Verifying "Who You Are")

Models of protection
Operating system protection models define how resources are accessed, using mechanisms like
Access Control Lists (ACLs), Capabilities, and Domains, enforcing rules (e.g.,
read/write/execute) to isolate processes, protect memory (base/bounds registers), and secure
files, with examples like Unix file permissions (chmod) or memory protection preventing one
app from crashing the system. Key models include Access Matrix, Least Privilege, and
specialized ones like Bell-LaPadula for confidentiality, ensuring only authorized actions occur.

Key Protection Models & Concepts

Access Matrix Model: A fundamental concept where rows are subjects (users/processes) and
columns are objects (files/devices); cells define allowed rights (read, write, execute).

Example: A file permissions table in Linux showing User (U), Group (G), Others (O) can Read
(r), Write (w), Execute (x).

Access Control Lists (ACLs): Lists attached to objects (files) specifying who can access them
and how.

Example: Windows ACLs granting specific users or groups Read, Modify, or Full Control
permissions on a folder.

Capability-Based Security: Subjects (processes) hold "capabilities" (tokens) granting specific

rights to objects, rather than having rights assigned to them.

Example: A process receives a token allowing it to write to one specific log file, but nothing else.

Principle of Least Privilege: Subjects should only have the minimum permissions needed to
perform their tasks, reducing potential damage.

Example: A web server process running with limited rights, not as root, so a compromise doesn't
affect the whole system.

Domain of Protection: Defines a set of resources a subject can access, linking subjects
(processes) to objects (files, memory).

Example: A user's login session forms a domain, giving access to their files but not others'.

Protection Mechanisms & Examples

Memory Protection: Prevents processes from interfering with each other's memory.
Example: Base/Bounds registers define a process's legal memory range; segmentation/paging
isolates address spaces.

File Protection: Controls access to stored data.

Example: chmod command in Linux; Access Control Lists (ACLs) in Windows.

CPU Protection: Ensures fair CPU access, prevents infinite loops.

Example: Timer interrupts force context switches, preventing a single process from
monopolizing the CPU.

I/O Protection: Protects hardware devices.

Example: OS kernel controls direct hardware access; user programs request I/O through system
calls.

Authentication & Authorization: Verifies identity and grants rights.

Example: Passwords/biometrics (authentication) followed by checking permissions

(authorization).

Encryption: Protects data confidentiality.

Example: Encrypting files at rest or network traffic (HTTPS) so only authorized parties can read
them.

Memory protection
Memory protection in an OS prevents processes from accessing each other's memory or the OS's
kernel, using hardware-assisted techniques like paging (fixed-size blocks with permissions) and
segmentation (variable-sized logical blocks) to enforce boundaries, ensuring stability and
security by isolating processes, with examples including read-only code segments or stack
canaries (random values detecting corruption) in modern systems like Windows/Linux,
triggering faults on violations.
 Key Mechanisms & Examples

Paging: Divides memory into fixed-size "pages" (e.g., 4KB) managed by the OS via page tables,
allowing fine-grained control.

Example: Marking a process's code pages as read-only (RX), preventing malicious code
injection, while data pages are read-write (RW). A "page fault" (segmentation fault) occurs if a
process tries to write to a read-only page, stopping the error.

Segmentation: Divides memory into variable-sized logical units (segments) for code, data, stack,
etc., with specific permissions.

Example: The x86 architecture uses segments; a code segment can be read-only, protecting the
program's own instructions from accidental changes.

Dual-Mode Operation (Kernel/User Mode): Hardware enforces two modes; user programs run in
"user mode" with restricted memory access, while the OS runs in "kernel mode," having full
access, with hardware preventing user programs from modifying critical OS structures like page
tables.

Process Isolation: Each process gets its own private virtual address space, creating a logical
boundary that prevents one process from directly seeing or corrupting another's memory.

Stack Canaries (Windows/Linux): A compiler-inserted random value (canary) is placed on the

stack before the return address; if a buffer overflow overwrites the canary, the program detects
the corruption and terminates, preventing exploits.

How it Works

Hardware (MMU): The Memory Management Unit translates virtual addresses used by programs
into physical memory addresses, checking protection bits/keys on every access.

Operating System: The OS sets up page tables and permissions, deciding what each process can
do.

Violation: An attempt to violate these rules (e.g., writing to read-only memory) triggers a
hardware exception (fault/trap) handled by the OS, usually crashing the offending process.
 Encryption
Encryption in an OS scrambles data (files, passwords, network traffic) into unreadable code
(ciphertext) using algorithms (like AES/RSA) and keys, protecting it at rest (stored) and in
transit (moving). Examples include BitLocker/FileVault for full-disk encryption (data at rest) and
HTTPS (TLS) securing web browsing, ensuring privacy and security for users and systems.

Types of Encryption Used in OS

Symmetric (Secret Key): Same key for encryption & decryption (e.g., AES).

Asymmetric (Public Key): Public key encrypts, private key decrypts (e.g., RSA, ECC).

Hashing: One-way function (e.g., for passwords).

OS Encryption Examples

 Full Disk Encryption (Data at Rest):

BitLocker (Windows): Encrypts entire hard drives, protecting data if a device is lost/stolen, uses
AES.

FileVault (macOS): Encrypts the startup disk, securing user data.

Encrypted Disk Images: macOS Disk Utility creates password-protected, encrypted container
files.

 Data in Transit:

HTTPS (TLS/SSL): Secures web traffic (shopping, banking) via padlock icon; uses asymmetric
(setup) and symmetric (session) keys.

IPsec: Protects data in VPNs and network communications.

SSH (Secure Shell): Encrypts remote logins and command execution.

File/Application Level:

PGP/S/MIME: Encrypts emails and messages for privacy.

Internal APIs/Microservices: Encryption protects data moving between internal services.

How It Works

Plaintext (Original Data) + Key + Algorithm = Ciphertext (Scrambled Data).

Ciphertext + Key + Algorithm = Plaintext (Original Data).

Example (Caesar Cipher): Shift letters by a key (e.g., 'A' becomes 'D' with key 3). Modern
systems use complex mathematical algorithms like AES for much stronger security.

Recovery management
Recovery management in an operating system (OS) involves techniques used to restore the
system to a consistent and operational state after a failure, which may range from software
crashes to hardware issues or deadlocks. Key areas of recovery management include general
system recovery (often via rebooting) and specific mechanisms for deadlock recovery and
database consistency.

General System Recovery

The most common and basic method for general OS failures (like system crashes) is simply to
reboot the system.

Example: System Reboot

When a personal computer or server crashes unexpectedly, the typical recovery mechanism is to
restart it. The OS is designed to run its boot sequence, perform file system checks, and resume
operations in a clean state. This simple process helps recover from complex, transient software
bugs (sometimes called "Mandelbugs") that are difficult to diagnose in real-time.

Deadlock Recovery

If an OS detects a deadlock (a state where two or more processes are blocked indefinitely,
waiting for resources held by each other), it initiates a recovery scheme to break the cycle and
allow the system to proceed.

Techniques include:
Process Termination: The OS can break the deadlock by terminating one or more processes
involved.

Example: Terminating a "Victim" Process

In a multi-user system, if a deadlock is detected, the OS might select a non-critical or low-

priority process to terminate (a "victim"). This frees the resources held by that process, allowing
the remaining processes in the deadlock cycle to continue their execution. The terminated
process can be restarted later.

Resource Preemption: Resources are forcibly taken away from one process and given to another
to break the deadlock.

Example: Preempting Memory

A printer resource, for instance, might be preempted from a process that has held it for a long
time without making progress, and assigned to another process that can use it to complete its
task, thus breaking the deadlock condition.

Rollback: The state of an affected process is reverted to a previous safe state (checkpoint) before
the deadlock occurred.

Example: Transaction Checkpoints in a Database (managed by the OS/DBMS)

In critical systems like banking, regular checkpoints of process states are saved. If a deadlock
occurs, the OS can roll back processes to their last checkpoint, effectively undoing actions up to
that point. The processes can then be restarted from that safe state, avoiding the deadlock
scenario.