Bug Summary

File:src/gnu/usr.bin/binutils/gdb/fork-child.c
Warning:line 294, column 23
This function call is prohibited after a successful vfork

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple amd64-unknown-openbsd7.0 -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name fork-child.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 1 -pic-is-pie -mframe-pointer=all -relaxed-aliasing -fno-rounding-math -mconstructor-aliases -munwind-tables -target-cpu x86-64 -target-feature +retpoline-indirect-calls -target-feature +retpoline-indirect-branches -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/usr/src/gnu/usr.bin/binutils/obj/gdb -resource-dir /usr/local/lib/clang/13.0.0 -D PIE_DEFAULT=1 -I . -I /usr/src/gnu/usr.bin/binutils/gdb -I /usr/src/gnu/usr.bin/binutils/gdb/config -D LOCALEDIR="/usr/share/locale" -D HAVE_CONFIG_H -I /usr/src/gnu/usr.bin/binutils/gdb/../include/opcode -I ../bfd -I /usr/src/gnu/usr.bin/binutils/gdb/../bfd -I /usr/src/gnu/usr.bin/binutils/gdb/../include -I ../intl -I /usr/src/gnu/usr.bin/binutils/gdb/../intl -D MI_OUT=1 -D TUI=1 -internal-isystem /usr/local/lib/clang/13.0.0/include -internal-externc-isystem /usr/include -O2 -fdebug-compilation-dir=/usr/src/gnu/usr.bin/binutils/obj/gdb -ferror-limit 19 -fwrapv -D_RET_PROTECTOR -ret-protector -fgnuc-version=4.2.1 -fcommon -vectorize-loops -vectorize-slp -fno-builtin-malloc -fno-builtin-calloc -fno-builtin-realloc -fno-builtin-valloc -fno-builtin-free -fno-builtin-strdup -fno-builtin-strndup -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /home/ben/Projects/vmm/scan-build/2022-01-12-194120-40624-1 -x c /usr/src/gnu/usr.bin/binutils/gdb/fork-child.c
1/* Fork a Unix child process, and set up to debug it, for GDB.
2
3 Copyright 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1998, 1999,
4 2000, 2001, 2004 Free Software Foundation, Inc.
5
6 Contributed by Cygnus Support.
7
8 This file is part of GDB.
9
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 2 of the License, or
13 (at your option) any later version.
14
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with this program; if not, write to the Free Software
22 Foundation, Inc., 59 Temple Place - Suite 330,
23 Boston, MA 02111-1307, USA. */
24
25#include "defs.h"
26#include "gdb_string.h"
27#include "frame.h" /* required by inferior.h */
28#include "inferior.h"
29#include "target.h"
30#include "gdb_wait.h"
31#include "gdb_vfork.h"
32#include "gdbcore.h"
33#include "terminal.h"
34#include "gdbthread.h"
35#include "command.h" /* for dont_repeat () */
36
37#include <signal.h>
38
39/* This just gets used as a default if we can't find SHELL. */
40#ifndef SHELL_FILE"/bin/sh"
41#define SHELL_FILE"/bin/sh" "/bin/sh"
42#endif
43
44extern char **environ;
45
46/* Break up SCRATCH into an argument vector suitable for passing to
47 execvp and store it in ARGV. E.g., on "run a b c d" this routine
48 would get as input the string "a b c d", and as output it would
49 fill in ARGV with the four arguments "a", "b", "c", "d". */
50
51static void
52breakup_args (char *scratch, char **argv)
53{
54 char *cp = scratch;
55
56 for (;;)
57 {
58 /* Scan past leading separators */
59 while (*cp == ' ' || *cp == '\t' || *cp == '\n')
60 cp++;
61
62 /* Break if at end of string. */
63 if (*cp == '\0')
64 break;
65
66 /* Take an arg. */
67 *argv++ = cp;
68
69 /* Scan for next arg separator. */
70 cp = strchr (cp, ' ');
71 if (cp == NULL((void*)0))
72 cp = strchr (cp, '\t');
73 if (cp == NULL((void*)0))
74 cp = strchr (cp, '\n');
75
76 /* No separators => end of string => break. */
77 if (cp == NULL((void*)0))
78 break;
79
80 /* Replace the separator with a terminator. */
81 *cp++ = '\0';
82 }
83
84 /* Null-terminate the vector. */
85 *argv = NULL((void*)0);
86}
87
88/* When executing a command under the given shell, return non-zero if
89 the '!' character should be escaped when embedded in a quoted
90 command-line argument. */
91
92static int
93escape_bang_in_quoted_argument (const char *shell_file)
94{
95 const int shell_file_len = strlen (shell_file);
96
97 /* Bang should be escaped only in C Shells. For now, simply check
98 that the shell name ends with 'csh', which covers at least csh
99 and tcsh. This should be good enough for now. */
100
101 if (shell_file_len < 3)
102 return 0;
103
104 if (shell_file[shell_file_len - 3] == 'c'
105 && shell_file[shell_file_len - 2] == 's'
106 && shell_file[shell_file_len - 1] == 'h')
107 return 1;
108
109 return 0;
110}
111
112/* Start an inferior Unix child process and sets inferior_ptid to its
113 pid. EXEC_FILE is the file to run. ALLARGS is a string containing
114 the arguments to the program. ENV is the environment vector to
115 pass. SHELL_FILE is the shell file, or NULL if we should pick
116 one. */
117
118/* This function is NOT reentrant. Some of the variables have been
119 made static to ensure that they survive the vfork call. */
120
121void
122fork_inferior (char *exec_file_arg, char *allargs, char **env,
123 void (*traceme_fun) (void), void (*init_trace_fun) (int),
124 void (*pre_trace_fun) (void), char *shell_file_arg)
125{
126 int pid;
127 char *shell_command;
128 static char default_shell_file[] = SHELL_FILE"/bin/sh";
129 int len;
130 /* Set debug_fork then attach to the child while it sleeps, to debug. */
131 static int debug_fork = 0;
132 /* This is set to the result of setpgrp, which if vforked, will be visible
133 to you in the parent process. It's only used by humans for debugging. */
134 static int debug_setpgrp = 657473;
135 static char *shell_file;
136 static char *exec_file;
137 char **save_our_env;
138 int shell = 0;
139 static char **argv;
140
141 /* If no exec file handed to us, get it from the exec-file command
142 -- with a good, common error message if none is specified. */
143 exec_file = exec_file_arg;
144 if (exec_file == 0)
1
Assuming 'exec_file' is not equal to null
2
Taking false branch
145 exec_file = get_exec_file (1);
146
147 /* STARTUP_WITH_SHELL is defined in inferior.h. If 0,e we'll just
148 do a fork/exec, no shell, so don't bother figuring out what
149 shell. */
150 shell_file = shell_file_arg;
151 if (STARTUP_WITH_SHELL1)
3
Taking true branch
152 {
153 /* Figure out what shell to start up the user program under. */
154 if (shell_file == NULL((void*)0))
4
Assuming 'shell_file' is not equal to NULL
5
Taking false branch
155 shell_file = getenv ("SHELL");
156 if (shell_file
5.1
'shell_file' is not equal to NULL
 == NULL((void*)0))
6
Taking false branch
157 shell_file = default_shell_file;
158 shell = 1;
159 }
160
161 /* Multiplying the length of exec_file by 4 is to account for the
162 fact that it may expand when quoted; it is a worst-case number
163 based on every character being '. */
164 len = 5 + 4 * strlen (exec_file) + 1 + strlen (allargs) + 1 + /*slop */ 12;
165 /* If desired, concat something onto the front of ALLARGS.
166 SHELL_COMMAND is the result. */
167#ifdef SHELL_COMMAND_CONCAT
168 shell_command = (char *) alloca (strlen (SHELL_COMMAND_CONCAT) + len)__builtin_alloca(strlen (SHELL_COMMAND_CONCAT) + len);
169 strcpy (shell_command, SHELL_COMMAND_CONCAT);
170#else
171 shell_command = (char *) alloca (len)__builtin_alloca(len);
172 shell_command[0] = '\0';
173#endif
174
175 if (!shell
6.1
'shell' is 1
)
7
Taking false branch
176 {
177 /* We're going to call execvp. Create argument vector.
178 Calculate an upper bound on the length of the vector by
179 assuming that every other character is a separate
180 argument. */
181 int argc = (strlen (allargs) + 1) / 2 + 2;
182 argv = (char **) xmalloc (argc * sizeof (*argv));
183 argv[0] = exec_file;
184 breakup_args (allargs, &argv[1]);
185 }
186 else
187 {
188 /* We're going to call a shell. */
189
190 /* Now add exec_file, quoting as necessary. */
191
192 char *p;
193 int need_to_quote;
194 const int escape_bang = escape_bang_in_quoted_argument (shell_file);
195
196 strcat (shell_command, "exec ");
197
198 /* Quoting in this style is said to work with all shells. But
199 csh on IRIX 4.0.1 can't deal with it. So we only quote it if
200 we need to. */
201 p = exec_file;
202 while (1)
8
Loop condition is true. Entering loop body
203 {
204 switch (*p)
9
Control jumps to 'case 0:' at line 222
205 {
206 case '\'':
207 case '!':
208 case '"':
209 case '(':
210 case ')':
211 case '$':
212 case '&':
213 case ';':
214 case '<':
215 case '>':
216 case ' ':
217 case '\n':
218 case '\t':
219 need_to_quote = 1;
220 goto end_scan;
221
222 case '\0':
223 need_to_quote = 0;
224 goto end_scan;
10
Control jumps to line 232
225
226 default:
227 break;
228 }
229 ++p;
230 }
231 end_scan:
232 if (need_to_quote
10.1
'need_to_quote' is 0
)
11
Taking false branch
233 {
234 strcat (shell_command, "'");
235 for (p = exec_file; *p != '\0'; ++p)
236 {
237 if (*p == '\'')
238 strcat (shell_command, "'\\''");
239 else if (*p == '!' && escape_bang)
240 strcat (shell_command, "\\!");
241 else
242 strncat (shell_command, p, 1);
243 }
244 strcat (shell_command, "'");
245 }
246 else
247 strcat (shell_command, exec_file);
248
249 strcat (shell_command, " ");
250 strcat (shell_command, allargs);
251 }
252
253 /* On some systems an exec will fail if the executable is open. */
254 close_exec_file ();
255
256 /* Retain a copy of our environment variables, since the child will
257 replace the value of environ and if we're vforked, we have to
258 restore it. */
259 save_our_env = environ;
260
261 /* Tell the terminal handling subsystem what tty we plan to run on;
262 it will just record the information for later. */
263 new_tty_prefork (inferior_io_terminal);
264
265 /* It is generally good practice to flush any possible pending stdio
266 output prior to doing a fork, to avoid the possibility of both
267 the parent and child flushing the same data after the fork. */
268 gdb_flush (gdb_stdout);
269 gdb_flush (gdb_stderr);
270
271 /* If there's any initialization of the target layers that must
272 happen to prepare to handle the child we're about fork, do it
273 now... */
274 if (pre_trace_fun != NULL((void*)0))
12
Assuming 'pre_trace_fun' is equal to NULL
13
Taking false branch
275 (*pre_trace_fun) ();
276
277 /* Create the child process. Note that the apparent call to vfork()
278 below *might* actually be a call to fork() due to the fact that
279 autoconf will ``#define vfork fork'' on certain platforms. */
280 if (debug_fork
13.1
'debug_fork' is 0
)
14
Taking false branch
281 pid = fork ();
282 else
283 pid = vfork ();
284
285 if (pid
14.1
'pid' is >= 0
 < 0)
15
Taking false branch
286 perror_with_name ("vfork");
287
288 if (pid
15.1
'pid' is equal to 0
 == 0)
16
Taking true branch
289 {
290 if (debug_fork
16.1
'debug_fork' is 0
)
17
Taking false branch
291 sleep (debug_fork);
292
293 /* Run inferior in a separate process group. */
294 debug_setpgrp = gdb_setpgid ();
18
This function call is prohibited after a successful vfork
295 if (debug_setpgrp == -1)
296 perror ("setpgrp failed in child");
297
298 /* Ask the tty subsystem to switch to the one we specified
299 earlier (or to share the current terminal, if none was
300 specified). */
301 new_tty ();
302
303 /* Changing the signal handlers for the inferior after
304 a vfork can also change them for the superior, so we don't mess
305 with signals here. See comments in
306 initialize_signals for how we get the right signal handlers
307 for the inferior. */
308
309 /* "Trace me, Dr. Memory!" */
310 (*traceme_fun) ();
311
312 /* The call above set this process (the "child") as debuggable
313 by the original gdb process (the "parent"). Since processes
314 (unlike people) can have only one parent, if you are debugging
315 gdb itself (and your debugger is thus _already_ the
316 controller/parent for this child), code from here on out is
317 undebuggable. Indeed, you probably got an error message
318 saying "not parent". Sorry; you'll have to use print
319 statements! */
320
321 /* There is no execlpe call, so we have to set the environment
322 for our child in the global variable. If we've vforked, this
323 clobbers the parent, but environ is restored a few lines down
324 in the parent. By the way, yes we do need to look down the
325 path to find $SHELL. Rich Pixley says so, and I agree. */
326 environ = env;
327
328 /* If we decided above to start up with a shell, we exec the
329 shell, "-c" says to interpret the next arg as a shell command
330 to execute, and this command is "exec <target-program>
331 <args>". "-f" means "fast startup" to the c-shell, which
332 means don't do .cshrc file. Doing .cshrc may cause fork/exec
333 events which will confuse debugger start-up code. */
334 if (shell)
335 {
336 execlp (shell_file, shell_file, "-c", shell_command, (char *) 0);
337
338 /* If we get here, it's an error. */
339 fprintf_unfiltered (gdb_stderr, "Cannot exec %s: %s.\n", shell_file,
340 safe_strerror (errno(*__errno())));
341 gdb_flush (gdb_stderr);
342 _exit (0177);
343 }
344 else
345 {
346 /* Otherwise, we directly exec the target program with
347 execvp. */
348 int i;
349 char *errstring;
350
351 execvp (exec_file, argv);
352
353 /* If we get here, it's an error. */
354 errstring = safe_strerror (errno(*__errno()));
355 fprintf_unfiltered (gdb_stderr, "Cannot exec %s ", exec_file);
356
357 i = 1;
358 while (argv[i] != NULL((void*)0))
359 {
360 if (i != 1)
361 fprintf_unfiltered (gdb_stderr, " ");
362 fprintf_unfiltered (gdb_stderr, "%s", argv[i]);
363 i++;
364 }
365 fprintf_unfiltered (gdb_stderr, ".\n");
366#if 0
367 /* This extra info seems to be useless. */
368 fprintf_unfiltered (gdb_stderr, "Got error %s.\n", errstring);
369#endif
370 gdb_flush (gdb_stderr);
371 _exit (0177);
372 }
373 }
374
375 /* Restore our environment in case a vforked child clob'd it. */
376 environ = save_our_env;
377
378 init_thread_list ();
379
380 /* Needed for wait_for_inferior stuff below. */
381 inferior_ptid = pid_to_ptid (pid);
382
383 /* Now that we have a child process, make it our target, and
384 initialize anything target-vector-specific that needs
385 initializing. */
386 (*init_trace_fun) (pid);
387
388 /* We are now in the child process of interest, having exec'd the
389 correct program, and are poised at the first instruction of the
390 new program. */
391
392 /* Allow target dependent code to play with the new process. This
393 might be used to have target-specific code initialize a variable
394 in the new process prior to executing the first instruction. */
395 TARGET_CREATE_INFERIOR_HOOK (pid);
396
397#ifdef SOLIB_CREATE_INFERIOR_HOOK
398 SOLIB_CREATE_INFERIOR_HOOK (pid)solib_create_inferior_hook();
399#endif
400}
401
402/* Accept NTRAPS traps from the inferior. */
403
404void
405startup_inferior (int ntraps)
406{
407 int pending_execs = ntraps;
408 int terminal_initted = 0;
409
410 /* The process was started by the fork that created it, but it will
411 have stopped one instruction after execing the shell. Here we
412 must get it up to actual execution of the real program. */
413
414 clear_proceed_status ();
415
416 init_wait_for_inferior ();
417
418 if (STARTUP_WITH_SHELL1)
419 inferior_ignoring_startup_exec_events = ntraps;
420 else
421 inferior_ignoring_startup_exec_events = 0;
422 inferior_ignoring_leading_exec_events =
423 target_reported_exec_events_per_exec_call ()(*current_target.to_reported_exec_events_per_exec_call) () - 1;
424
425 while (1)
426 {
427 /* Make wait_for_inferior be quiet. */
428 stop_soon = STOP_QUIETLY;
429 wait_for_inferior ();
430 if (stop_signal != TARGET_SIGNAL_TRAP)
431 {
432 /* Let shell child handle its own signals in its own way.
433 FIXME: what if child has exited? Must exit loop
434 somehow. */
435 resume (0, stop_signal);
436 }
437 else
438 {
439 /* We handle SIGTRAP, however; it means child did an exec. */
440 if (!terminal_initted)
441 {
442 /* Now that the child has exec'd we know it has already
443 set its process group. On POSIX systems, tcsetpgrp
444 will fail with EPERM if we try it before the child's
445 setpgid. */
446
447 /* Set up the "saved terminal modes" of the inferior
448 based on what modes we are starting it with. */
449 target_terminal_init ()(*current_target.to_terminal_init) ();
450
451 /* Install inferior's terminal modes. */
452 target_terminal_inferior ()(*current_target.to_terminal_inferior) ();
453
454 terminal_initted = 1;
455 }
456
457 if (--pending_execs == 0)
458 break;
459
460 resume (0, TARGET_SIGNAL_0); /* Just make it go on. */
461 }
462 }
463 stop_soon = NO_STOP_QUIETLY;
464}