Bug Summary

File:obj-scan-build/../ddb/db_command.c
Location:line 271, column 6
Description:Function call argument is an uninitialized value

Annotated Source Code

1/*
2 * Mach Operating System
3 * Copyright (c) 1991 Carnegie Mellon University
4 * All Rights Reserved.
5 *
6 * Permission to use, copy, modify and distribute this software and its
7 * documentation is hereby granted, provided that both the copyright
8 * notice and this permission notice appear in all copies of the
9 * software, derivative works or modified versions, and any portions
10 * thereof, and that both notices appear in supporting documentation.
11 *
12 * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
13 * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
14 * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
15 *
16 * Carnegie Mellon requests users of this software to return to
17 *
18 * Software Distribution Coordinator or Software.Distribution@CS.CMU.EDU
19 * School of Computer Science
20 * Carnegie Mellon University
21 * Pittsburgh PA 15213-3890
22 *
23 * any improvements or extensions that they make and grant Carnegie Mellon
24 * the rights to redistribute these changes.
25 */
26/*
27 * Author: David B. Golub, Carnegie Mellon University
28 * Date: 7/90
29 */
30
31#if MACH_KDB1
32
33/*
34 * Command dispatcher.
35 */
36
37#include <string.h>
38#include <mach/boolean.h>
39#include <machine/db_machdep.h>
40
41#include <ddb/db_lex.h>
42#include <ddb/db_output.h>
43#include <ddb/db_command.h>
44#include <ddb/db_task_thread.h>
45#include <ddb/db_macro.h>
46#include <ddb/db_expr.h>
47#include <ddb/db_examine.h>
48#include <ddb/db_print.h>
49#include <ddb/db_break.h>
50#include <ddb/db_watch.h>
51#include <ddb/db_variables.h>
52#include <ddb/db_write_cmd.h>
53#include <ddb/db_run.h>
54#include <ddb/db_cond.h>
55
56#include <machine/setjmp.h>
57#include <machine/db_interface.h>
58#include <kern/debug.h>
59#include <kern/thread.h>
60#include <ipc/ipc_pset.h> /* 4proto */
61#include <ipc/ipc_port.h> /* 4proto */
62
63#include <vm/vm_print.h>
64#include <ipc/ipc_print.h>
65#include <kern/lock.h>
66
67/*
68 * Exported global variables
69 */
70boolean_t db_cmd_loop_done;
71jmp_buf_t *db_recover = 0;
72db_addr_t db_dot;
73db_addr_t db_last_addr;
74db_addr_t db_prev;
75db_addr_t db_next;
76
77/*
78 * if 'ed' style: 'dot' is set at start of last item printed,
79 * and '+' points to next line.
80 * Otherwise: 'dot' points to next item, '..' points to last.
81 */
82boolean_t db_ed_style = TRUE((boolean_t) 1);
83
84/*
85 * Results of command search.
86 */
87#define CMD_UNIQUE0 0
88#define CMD_FOUND1 1
89#define CMD_NONE2 2
90#define CMD_AMBIGUOUS3 3
91#define CMD_HELP4 4
92
93/*
94 * Search for command prefix.
95 */
96int
97db_cmd_search(name, table, cmdp)
98 const char * name;
99 const struct db_command *table;
100 const struct db_command **cmdp; /* out */
101{
102 const struct db_command *cmd;
103 int result = CMD_NONE2;
104
105 for (cmd = table; cmd->name != 0; cmd++) {
106 const char *lp;
107 char *rp;
108 int c;
109
110 lp = name;
111 rp = cmd->name;
112 while ((c = *lp) == *rp) {
113 if (c == 0) {
114 /* complete match */
115 *cmdp = cmd;
116 return (CMD_UNIQUE0);
117 }
118 lp++;
119 rp++;
120 }
121 if (c == 0) {
122 /* end of name, not end of command -
123 partial match */
124 if (result == CMD_FOUND1) {
125 result = CMD_AMBIGUOUS3;
126 /* but keep looking for a full match -
127 this lets us match single letters */
128 }
129 else {
130 *cmdp = cmd;
131 result = CMD_FOUND1;
132 }
133 }
134 }
135 if (result == CMD_NONE2) {
136 /* check for 'help' */
137 if (!strncmp(name, "help", strlen(name)))
138 result = CMD_HELP4;
139 }
140 return (result);
141}
142
143void
144db_cmd_list(table)
145 const struct db_command *table;
146{
147 const struct db_command *cmd;
148
149 for (cmd = table; cmd->name != 0; cmd++) {
150 db_printf("%-12s", cmd->name);
151 db_end_line();
152 }
153}
154
155void
156db_command(
157 struct db_command **last_cmdp, /* IN_OUT */
158 struct db_command *cmd_table)
159{
160 struct db_command *cmd;
161 int t;
162 char modif[TOK_STRING_SIZE64];
163 db_expr_t addr, count;
5
Variable 'addr' declared without an initial value
164 boolean_t have_addr = FALSE((boolean_t) 0);
165 int result;
166
167 t = db_read_token();
168 if (t == tEOL1 || t == tSEMI_COLON21) {
6
Assuming 't' is not equal to 1
7
Assuming 't' is not equal to 21
8
Taking false branch
169 /* empty line repeats last command, at 'next' */
170 cmd = *last_cmdp;
171 addr = (db_expr_t)db_next;
172 have_addr = FALSE((boolean_t) 0);
173 count = 1;
174 modif[0] = '\0';
175 if (t == tSEMI_COLON21)
176 db_unread_token(t);
177 }
178 else if (t == tEXCL17) {
9
Assuming 't' is not equal to 17
10
Taking false branch
179 db_fncall();
180 return;
181 }
182 else if (t != tIDENT3) {
11
Assuming 't' is equal to 3
12
Taking false branch
183 db_printf("?\n");
184 db_flush_lex();
185 return;
186 }
187 else {
188 /*
189 * Search for command
190 */
191 while (cmd_table) {
13
Loop condition is true. Entering loop body
17
Loop condition is false. Execution continues on line 223
192 result = db_cmd_search(db_tok_string,
193 cmd_table,
194 &cmd);
195 switch (result) {
14
Control jumps to the 'default' case at line 210
196 case CMD_NONE2:
197 if (db_exec_macro(db_tok_string) == 0)
198 return;
199 db_printf("No such command \"%s\"\n", db_tok_string);
200 db_flush_lex();
201 return;
202 case CMD_AMBIGUOUS3:
203 db_printf("Ambiguous\n");
204 db_flush_lex();
205 return;
206 case CMD_HELP4:
207 db_cmd_list(cmd_table);
208 db_flush_lex();
209 return;
210 default:
211 break;
15
 Execution continues on line 213
212 }
213 if ((cmd_table = cmd->more) != 0) {
16
Taking false branch
214 t = db_read_token();
215 if (t != tIDENT3) {
216 db_cmd_list(cmd_table);
217 db_flush_lex();
218 return;
219 }
220 }
221 }
222
223 if ((cmd->flag & CS_OWN0x1) == 0) {
18
Taking false branch
224 /*
225 * Standard syntax:
226 * command [/modifier] [addr] [,count]
227 */
228 t = db_read_token();
229 if (t == tSLASH8) {
230 t = db_read_token();
231 if (t != tIDENT3) {
232 db_printf("Bad modifier \"/%s\"\n", db_tok_string);
233 db_flush_lex();
234 return;
235 }
236 db_strcpy(modif, db_tok_string);
237 }
238 else {
239 db_unread_token(t);
240 modif[0] = '\0';
241 }
242
243 if (db_expression(&addr)) {
244 db_dot = (db_addr_t) addr;
245 db_last_addr = db_dot;
246 have_addr = TRUE((boolean_t) 1);
247 }
248 else {
249 addr = (db_expr_t) db_dot;
250 have_addr = FALSE((boolean_t) 0);
251 }
252 t = db_read_token();
253 if (t == tCOMMA14) {
254 if (!db_expression(&count)) {
255 db_printf("Count missing after ','\n");
256 db_flush_lex();
257 return;
258 }
259 }
260 else {
261 db_unread_token(t);
262 count = -1;
263 }
264 }
265 }
266 *last_cmdp = cmd;
267 if (cmd != 0) {
19
Taking true branch
268 /*
269 * Execute the command.
270 */
271 (*cmd->fcn)(addr, have_addr, count, modif);
20
Function call argument is an uninitialized value
272
273 if (cmd->flag & CS_SET_DOT0x100) {
274 /*
275 * If command changes dot, set dot to
276 * previous address displayed (if 'ed' style).
277 */
278 if (db_ed_style) {
279 db_dot = db_prev;
280 }
281 else {
282 db_dot = db_next;
283 }
284 }
285 else {
286 /*
287 * If command does not change dot,
288 * set 'next' location to be the same.
289 */
290 db_next = db_dot;
291 }
292 }
293}
294
295void
296db_command_list(
297 struct db_command **last_cmdp, /* IN_OUT */
298 struct db_command *cmd_table)
299{
300 do {
301 db_command(last_cmdp, cmd_table);
4
Calling 'db_command'
302 db_skip_to_eol();
303 } while (db_read_token() == tSEMI_COLON21 && db_cmd_loop_done == FALSE((boolean_t) 0));
304}
305
306struct db_command db_show_all_cmds[] = {
307 { "threads", db_show_all_threads, 0, 0 },
308 { "slocks", db_show_all_slocks, 0, 0 },
309 { (char *)0 }
310};
311
312struct db_command db_show_cmds[] = {
313 { "all", 0, 0, db_show_all_cmds },
314 { "registers", db_show_regs, 0, 0 },
315 { "breaks", db_listbreak_cmd, 0, 0 },
316 { "watches", db_listwatch_cmd, 0, 0 },
317 { "thread", db_show_one_thread, 0, 0 },
318 { "task", db_show_one_task, 0, 0 },
319 { "macro", db_show_macro, CS_OWN0x1, 0 },
320 { "map", vm_map_print, 0, 0 },
321 { "object", vm_object_print, 0, 0 },
322 { "page", vm_page_print, 0, 0 },
323 { "copy", vm_map_copy_print, 0, 0 },
324 { "port", ipc_port_print, 0, 0 },
325 { "pset", ipc_pset_print, 0, 0 },
326 { "kmsg", ipc_kmsg_print, 0, 0 },
327 { "msg", ipc_msg_print, 0, 0 },
328 { "ipc_port", db_show_port_id, 0, 0 },
329 { (char *)0, }
330};
331
332struct db_command db_command_table[] = {
333#ifdef DB_MACHINE_COMMANDS
334 /* this must be the first entry, if it exists */
335 { "machine", 0, 0, 0},
336#endif
337 { "print", db_print_cmd, CS_OWN0x1, 0 },
338 { "examine", db_examine_cmd, CS_MORE0x2|CS_SET_DOT0x100, 0 },
339 { "x", db_examine_cmd, CS_MORE0x2|CS_SET_DOT0x100, 0 },
340 { "xf", db_examine_forward, CS_SET_DOT0x100, 0 },
341 { "xb", db_examine_backward, CS_SET_DOT0x100, 0 },
342 { "search", db_search_cmd, CS_OWN0x1|CS_SET_DOT0x100, 0 },
343 { "set", db_set_cmd, CS_OWN0x1, 0 },
344 { "write", db_write_cmd, CS_MORE0x2|CS_SET_DOT0x100, 0 },
345 { "w", db_write_cmd, CS_MORE0x2|CS_SET_DOT0x100, 0 },
346 { "delete", db_delete_cmd, CS_OWN0x1, 0 },
347 { "d", db_delete_cmd, CS_OWN0x1, 0 },
348 { "break", db_breakpoint_cmd, CS_MORE0x2, 0 },
349 { "dwatch", db_deletewatch_cmd, CS_MORE0x2, 0 },
350 { "watch", db_watchpoint_cmd, CS_MORE0x2, 0 },
351 { "step", db_single_step_cmd, 0, 0 },
352 { "s", db_single_step_cmd, 0, 0 },
353 { "continue", db_continue_cmd, 0, 0 },
354 { "c", db_continue_cmd, 0, 0 },
355 { "until", db_trace_until_call_cmd,0, 0 },
356 { "next", db_trace_until_matching_cmd,0, 0 },
357 { "match", db_trace_until_matching_cmd,0, 0 },
358 { "trace", db_stack_trace_cmd, 0, 0 },
359 { "cond", db_cond_cmd, CS_OWN0x1, 0 },
360 { "call", db_fncall, CS_OWN0x1, 0 },
361 { "macro", db_def_macro_cmd, CS_OWN0x1, 0 },
362 { "dmacro", db_del_macro_cmd, CS_OWN0x1, 0 },
363 { "show", 0, 0, db_show_cmds },
364 { "reset", db_reset_cpu, 0, 0 },
365 { "reboot", db_reset_cpu, 0, 0 },
366 { "halt", db_halt_cpu, 0, 0 },
367 { (char *)0, }
368};
369
370#ifdef DB_MACHINE_COMMANDS
371
372/* this function should be called to install the machine dependent
373 commands. It should be called before the debugger is enabled */
374void db_machine_commands_install(struct db_command *ptr)
375{
376 db_command_table[0].more = ptr;
377 return;
378}
379
380#endif /* DB_MACHINE_COMMANDS */
381
382
383struct db_command *db_last_command = 0;
384
385void
386db_help_cmd(void)
387{
388 struct db_command *cmd = db_command_table;
389
390 while (cmd->name != 0) {
391 db_printf("%-12s", cmd->name);
392 db_end_line();
393 cmd++;
394 }
395}
396
397void
398db_command_loop(void)
399{
400 jmp_buf_t db_jmpbuf;
401 jmp_buf_t *prev = db_recover;
402 extern int db_output_line;
403 extern int db_macro_level;
404
405 /*
406 * Initialize 'prev' and 'next' to dot.
407 */
408 db_prev = db_dot;
409 db_next = db_dot;
410
411 db_cmd_loop_done = FALSE((boolean_t) 0);
412 while (!db_cmd_loop_done) {
413 (void) _setjmp(db_recover = &db_jmpbuf);
414 db_macro_level = 0;
415 if (db_print_position() != 0)
416 db_printf("\n");
417 db_output_line = 0;
418 db_printf("db%s", (db_default_thread)? "t": "");
419#if NCPUS1 > 1
420 db_printf("{%d}", cpu_number()(0));
421#endif
422 db_printf("> ");
423
424 (void) db_read_line("!!");
425 db_command_list(&db_last_command, db_command_table);
426 }
427
428 db_recover = prev;
429}
430
431boolean_t
432db_exec_cmd_nest(
433 char *cmd,
434 int size)
435{
436 struct db_lex_context lex_context;
437
438 db_cmd_loop_done = FALSE((boolean_t) 0);
439 if (cmd) {
1
Assuming 'cmd' is null
2
Taking false branch
440 db_save_lex_context(&lex_context);
441 db_switch_input(cmd, size /**OLD, &lex_context OLD**/);
442 }
443 db_command_list(&db_last_command, db_command_table);
3
Calling 'db_command_list'
444 if (cmd)
445 db_restore_lex_context(&lex_context);
446 return(db_cmd_loop_done == FALSE((boolean_t) 0));
447}
448
449void db_error(s)
450 const char *s;
451{
452 extern int db_macro_level;
453
454 db_macro_level = 0;
455 if (db_recover) {
456 if (s)
457 db_printf(s);
458 db_flush_lex();
459 _longjmp(db_recover, 1);
460 }
461 else
462 {
463 if (s)
464 db_printf(s);
465 panic("db_error");
466 }
467}
468
469/*
470 * Call random function:
471 * !expr(arg,arg,arg)
472 */
473void
474db_fncall(void)
475{
476 db_expr_t fn_addr;
477#define MAXARGS11 11
478 db_expr_t args[MAXARGS11];
479 int nargs = 0;
480 db_expr_t retval;
481 db_expr_t (*func)();
482 int t;
483
484 if (!db_expression(&fn_addr)) {
485 db_printf("Bad function \"%s\"\n", db_tok_string);
486 db_flush_lex();
487 return;
488 }
489 func = (db_expr_t (*) ()) fn_addr;
490
491 t = db_read_token();
492 if (t == tLPAREN10) {
493 if (db_expression(&args[0])) {
494 nargs++;
495 while ((t = db_read_token()) == tCOMMA14) {
496 if (nargs == MAXARGS11) {
497 db_printf("Too many arguments\n");
498 db_flush_lex();
499 return;
500 }
501 if (!db_expression(&args[nargs])) {
502 db_printf("Argument missing\n");
503 db_flush_lex();
504 return;
505 }
506 nargs++;
507 }
508 db_unread_token(t);
509 }
510 if (db_read_token() != tRPAREN11) {
511 db_printf("?\n");
512 db_flush_lex();
513 return;
514 }
515 }
516 while (nargs < MAXARGS11) {
517 args[nargs++] = 0;
518 }
519
520 retval = (*func)(args[0], args[1], args[2], args[3], args[4],
521 args[5], args[6], args[7], args[8], args[9] );
522 db_printf(" %#N\n", retval);
523}
524
525boolean_t __attribute__ ((pure))
526db_option(modif, option)
527 const char *modif;
528 int option;
529{
530 const char *p;
531
532 for (p = modif; *p; p++)
533 if (*p == option)
534 return(TRUE((boolean_t) 1));
535 return(FALSE((boolean_t) 0));
536}
537
538#endif /* MACH_KDB */