Broken exect() libc call

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Broken exect() libc call

Ali Mashtizadeh
Hello Everyone,

I noticed exect() is an old BSD specific libc function that is supposed to
enable tracing on the child process.  In all modern platforms it has a
faulty implementation dating back to the CSRG source code.  FreeBSD lacks
the code for several platforms and it appears that there are no users. Even
gdb in the CSRG repository used the ptrace(PT_TRACE_ME, ...) function that
is portable.

Originally, on the VAX exect() sets the trap flag (PSL_T) which does not
trigger a trap until the new executable image is loaded.  This is because a
trace fault is raised when the PSL_TP flag is set.  exect() code would set
PSL_T which during the execution of an instruction the processor copies the
value of PSL_T to PSL_TP at the end of its cycle.  The instruction that
sets the trap flag does not set PSL_TP and the system call instruction
copies PSL_T to PSL_TP.  The the first instruction in the executable image
will trigger a trace fault.  See E.5.3 in [1] below and CSRG source [2].

Other platforms either called execve (when the processor does not allow
user space to directly control tracing) or provided the same faulty
implementation (present in the i386 version).  If you search the CSRG
repository this system call was only used by adb/sdb which at the time
contained ptrace(PT_TRACE_ME,....) call as well.

Older versions of Mac OS X contained the documentation for the call, but it
has since been removed.  NetBSD/OpenBSD contains a deprecated function that
calls to execve written in C that warns you when you link against it.

If there's no objects I've copied the NetBSD file, removed any MD
assemblies still present, and amended the man page.

Alternative solutions:
1) Provide C code to call ptrace(PT_TRACE_ME, ...) + execve.  This more
closely emulates exect().
2) Remove the call entirely


Ali Mashtizadeh
[hidden email] mailing list
To unsubscribe, send any mail to "[hidden email]"