Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!ucsd!ucbvax!agate!darkstar!andrew.cmu.edu From: aw0g+@andrew.cmu.edu (Aaron Wohl) Newsgroups: comp.os.research Subject: Re: System Call Interception Message-ID: <2997@darkstar.ucsc.edu> Date: 1 May 90 18:04:12 GMT Sender: usenet@darkstar.ucsc.edu Lines: 36 Approved: comp-os-research@jupiter.ucsc.edu In tops20 here at cmu (back when we 7 machines) tfork was used mostly for debugging. Mike Fryd wrote an enviornment using tfork for students to take the mastery exams (they had to write a program). The exam enviornment prevented access to files that might be used to cheet. Some tops20 programs had paths compiled into them. Sometimes they didn't give very good error messages. I made up tfork program called nodir that trapped all file accesses and logged them and redirected them to the default directory. It was also usefull to log all file accesses to help figure out build dependancies. Debugging was the most usefull however. It settled arguments between Phil Almquist (the exec (ie shell)) maintainer and me (the monitor maintainer) over who had botched a particular call. System call intercepts are used extensivly in macintosh debugging today. To some extent with TMON, and fequently with 'THE debugger'. Most of the memory blocks allocated by the mac os are relocatable. A call to most system calls can sometimes cause relocation and garbage collection. It is real simple have programs that die when memory is low and a compact happens. To test this typically all the system calls that can ever garbage collect are intercepted and the location of all the relocatable blocks is shifted around. Space is left between blocks and filled with psuedo randum numbers that are later checked. If you get some big pile of junk program and it suddenly stops and says 'system call error' it is real nice to get a backtrace of the recent system calls. On a tops20 all of the tops10 system calls are intercepted. When the first one happens PA1050, a tops10 system call emulator is loaded and started. The compilation/assemble/link process for many many years thought it was on a tops10. Aaron