process: add execve

[ShogunPanda]

This PR adds a new process.execve method (absolutely willing to change the name if you want), which is a wrapper for the execve UNIX function.

The function will never return and will swap the current process with a new one.
All memory and system resources are automatically collected from execve, except for std{in,out,err}.

The primary use of this function is in shell scripts to allow to setup proper logics and then spawn another command.

[nodejs-github-bot]

Review requested:

• @nodejs/startup

[nodejs-github-bot]

CI: https://ci.nodejs.org/job/node-test-pull-request/64381/

[ljharb]

What does it do on non-Unix systems?

[ShogunPanda]

@ljharb By non Unix we only mean Windows, isn't it? If that's the case, Windows also supports execve via _execve (doc here) so we should be good to go.

Once the CI ends I'll see which platform needs special assistance.

[codecov]

Codecov Report

Attention: Patch coverage is 84.03361% with 19 lines in your changes missing coverage. Please review.

Project coverage is 90.22%. Comparing base (fbe37d5) to head (61e2dfe).
Report is 98 commits behind head on main.

Files with missing lines	Patch %	Lines
src/node_process_methods.cc	67.24%	16 Missing and 3 partials ⚠️

Additional details and impacted files

@@           Coverage Diff           @@
##             main   #56496   +/-   ##
=======================================
  Coverage   90.21%   90.22%           
=======================================
  Files         630      629    -1     
  Lines      185213   185253   +40     
  Branches    36240    36230   -10     
=======================================
+ Hits       167096   167143   +47     
- Misses      11057    11068   +11     
+ Partials     7060     7042   -18     

Files with missing lines	Coverage Δ
lib/internal/bootstrap/node.js	99.57% <100.00%> (+<0.01%)	⬆️
lib/internal/process/per_thread.js	99.45% <100.00%> (+0.06%)	⬆️
src/node_errors.h	87.50% <ø> (ø)
src/node_process_methods.cc	87.80% <67.24%> (+1.54%)	⬆️

... and 39 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[targos]

On Windows:

D:\a\node\node\src\node_process_methods.cc(544,26): error C2065: 'F_GETFD': undeclared identifier [D:\a\node\node\libnode.vcxproj]
  (compiling source file '/src/node_process_methods.cc')
  
D:\a\node\node\src\node_process_methods.cc(544,17): error C3861: 'fcntl': identifier not found [D:\a\node\node\libnode.vcxproj]
  (compiling source file '/src/node_process_methods.cc')
  
D:\a\node\node\src\node_process_methods.cc(546,17): error C2065: 'FD_CLOEXEC': undeclared identifier [D:\a\node\node\libnode.vcxproj]
  (compiling source file '/src/node_process_methods.cc')
  
D:\a\node\node\src\node_process_methods.cc(547,16): error C2065: 'F_SETFD': undeclared identifier [D:\a\node\node\libnode.vcxproj]
  (compiling source file '/src/node_process_methods.cc')
  
D:\a\node\node\src\node_process_methods.cc(547,7): error C3861: 'fcntl': identifier not found [D:\a\node\node\libnode.vcxproj]
  (compiling source file '/src/node_process_methods.cc')

[targos]

To fix https://ci.nodejs.org/job/node-test-commit-custom-suites-freestyle/40120/

[mcollina]

lgtm

[ShogunPanda]

@ljharb I was totally wrong. Despite of naming and similar signatures, the function _execve only creates a new process without replacing the old one.

I'll disable this function on Windows.

[nodejs-github-bot]

CI: https://ci.nodejs.org/job/node-test-pull-request/64387/

[addaleax]

If this is to be added, I'd absolutely recommend referring to it by a standard name such as execve(), or otherwise something that makes it clear that it spawns a new process.

This requires integration with the permissions API or is otherwise an immediate security hole.

Overall I'd recommend not adding this though, unless there's a concrete reason to believe that it fills a significant gap that the existing child_process API doesn't cover.

[ljharb]

Why would we want to add a function that can't work on all tier 1 platforms?

[jasnell]

Why would we want to add a function that can't work on all tier 1 platforms?

Well, we already have a number of such apis... process.getegid() for instance. There are actually quite a few already on process.

[ljharb]

Gotcha, i wasn't aware of that.

[jasnell]

I don't consider it to be ideal. I would have preferred a pattern like process.posix.getegid() similar to what we have with path.posix but these predate my involvement so they are what they are.

[jasnell]

+1 on @addaleax's alternative name suggestion. I'm fine with adding this so long as the cleanup logic/expectations are clearly documented.

[nodejs-github-bot]

CI: https://ci.nodejs.org/job/node-test-pull-request/65697/

[nodejs-github-bot]

CI: https://ci.nodejs.org/job/node-test-pull-request/65700/

[nodejs-github-bot]

CI: https://ci.nodejs.org/job/node-test-pull-request/65720/

[jasnell]

Nit... not in this PR but as a separate follow on we should likely align this with the fs module handling of paths so that file can be represented using a Buffer or URL also.

[nodejs-github-bot]

Commit Queue failed

- Loading data for nodejs/node/pull/56496
✔  Done loading data for nodejs/node/pull/56496
----------------------------------- PR info ------------------------------------
Title      process: add execve (#56496)
Author     Paolo Insogna <[email protected]> (@ShogunPanda)
Branch     ShogunPanda:replace-process -> nodejs:main
Labels     c++, semver-minor, process, lib / src, tsc-agenda, needs-ci, commit-queue-squash
Commits    4
 - process: add execve
 - process: improvements
 - process: emit experimental warning when using execve
 - process: add execve to diagnostic_channel
Committers 1
 - Paolo Insogna <[email protected]>
PR-URL: https://github.com/nodejs/node/pull/56496
Reviewed-By: Matteo Collina <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Bryan English <[email protected]>
Reviewed-By: James M Snell <[email protected]>
------------------------------ Generated metadata ------------------------------
PR-URL: https://github.com/nodejs/node/pull/56496
Reviewed-By: Matteo Collina <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Bryan English <[email protected]>
Reviewed-By: James M Snell <[email protected]>
--------------------------------------------------------------------------------
   ℹ  This PR was created on Tue, 07 Jan 2025 06:26:52 GMT
   ✘  Requested Changes: 1
   ✘  - Anna Henningsen (@addaleax): https://github.com/nodejs/node/pull/56496#pullrequestreview-2534964391
   ✔  Approvals: 4
   ✔  - Matteo Collina (@mcollina) (TSC): https://github.com/nodejs/node/pull/56496#pullrequestreview-2533907058
   ✔  - Rafael Gonzaga (@RafaelGSS) (TSC): https://github.com/nodejs/node/pull/56496#pullrequestreview-2679123979
   ✔  - Bryan English (@bengl): https://github.com/nodejs/node/pull/56496#pullrequestreview-2703937360
   ✔  - James M Snell (@jasnell) (TSC): https://github.com/nodejs/node/pull/56496#pullrequestreview-2703982184
   ✔  Last GitHub CI successful
   ℹ  Last Full PR CI on 2025-03-13T15:48:57Z: https://ci.nodejs.org/job/node-test-pull-request/65720/
- Querying data for job/node-test-pull-request/65720/
   ✔  Last Jenkins CI successful
--------------------------------------------------------------------------------
   ✔  Aborted `git node land` session in /home/runner/work/node/node/.ncu

https://github.com/nodejs/node/actions/runs/14000138702

[ShogunPanda]

Landed in 13a9d4c

[ShogunPanda]

@addaleax The TSC has voted passed a motion to dismiss your objection after waiting for a reply for two weeks. Thanks for your feedback anyway. ❤️

See: nodejs/TSC#1705.

[aduh95]

@ShogunPanda thats not a vote, it’s a motion. You should have dismissed the objection using GH UI and land the PR using the CQ (or manually, but only after the objection was dismissed).

[ShogunPanda]

Thanks @aduh95, I keep forgetting about the difference. :)
I amended the comment above.
I tried via the UI but couldn't find how to do that. Can you help me on that?