XNU sys_fork syscall (0x02). Linux vs XNU
XNU sys_fork syscall (0x02). Linux vs XNU
- Subject: XNU sys_fork syscall (0x02). Linux vs XNU
- From: "Robert Spykerman" <email@hidden>
- Date: Wed, 30 Apr 2008 11:53:15 +1000
Hi All,
I am fairly new to OS X having just got a penryn/leopard. I'm trying to port some IA-32 asm code over to the XNU kernel from linux, and I'm just having a bit of trouble understanding what actually is going on when I call a sys_fork.
on the man 2 pages it gives me this:
pid_t fork (void) where pid_t is an unsigned 32 bit.
Much the same as linux, fine, good. No worries, should be a piece of cake right? I know the different calling conventions.. I've already fixed the bit of code dealing with lseek, I should be grand right? Well...
I load EAX with the syscall no (0x02) and do what's necessary and expected ( as I understand it, BSD likes a 32 word on the stack prior to the syscall via int 0x80, ie this link
http://www.int80h.org/bsdasm/ )
And like the linux fork syscall, I expect either:
EAX < 0 - error
EAX = 0 child process
EAX = unsigned 32 bit (returned PID to the parent process).
The code works fine and dandy on linux (I follow this up with an execve by the way to call the shell to execute an arbitrary command, anything the user would like to do)
BUT, on XNU/OSX, I find fork does indeed create 2 processes but BOTH of them get the PID of the child returned to them in EAX...
So basically my code bugs out there because the child does not know it's a child and so on on...
What gives?
A little bit of exploring - given often EDX sometimes gets paired with EAX - I tried looking at EDX. Surprise. EDX returns either 0 or 1. I do not know where this is documented but a bit of trial and error led me to discover that EDX = 0 is returned to the parent process (LOL) and 1 to the child, which allowed me to do a quick fix.
Basically the code appears to work now with the following naughty fix.
Basically I did the naughty thing of NEGating and NOTing the EDX value so that in EDX, the parent process becomes -1 and the child becomes 0 and ANDing EDX to EAX, which means the parent gets the PID of the child process and the child gets PID AND 0 = 0.
I'm working on the assumption if there is an error in a fork, the parent will get EAX back by this means, and register an error too.
So after this little patch, it seems I have fork behaving 'like' I expect it to be, and it seems fine, I follow with execve , all's A-OK.
This however, is empiric, and I do not know how correct this actually is. But t seems to work...
BUT still I have NO idea what EDX actually represents actually and where I should be expecting to get my error code, ie in EAX or EDX.
When I installed xcode 3.0 all I got was this header file (which helped a lot in porting the program, some syscall no's were different).
file:///Developer/SDKs/MacOSX10.5.sdk/usr/include/sys/_types.h
I could not find the source to syscall fork (0x02) - to find out what the heck all this EDX business is... I mean, from the prototype, one would imagine you'd only get one 32 bit value returned..
**** Can anyone tell me what's going on and where to get the source for this syscall (or all the syscalls for that matter) ?
I admit I don't know where everything actually is or where to get it.
Any bright ideas, warnings etc welcome... Should I be doing anything different? ( apart from recoding this in C, which, really isn't an option ).
Thanks for your patience,
Robert Spykerman
--
chown -R us ./base
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden