Error: GCC_ANALYZER_WARNING (CWE-476): [#def1] mdadm-4.3/Monitor.c:998:33: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘sl’ mdadm-4.3/Monitor.c:949:12: enter_function: entry to ‘add_new_arrays’ mdadm-4.3/Monitor.c:955:28: branch_true: following ‘true’ branch (when ‘mse’ is non-NULL)... mdadm-4.3/Monitor.c:956:21: branch_true: ...to here mdadm-4.3/Monitor.c:956:20: branch_true: following ‘true’ branch... mdadm-4.3/Monitor.c:956:40: branch_true: ...to here mdadm-4.3/Monitor.c:970:28: branch_false: following ‘false’ branch... mdadm-4.3/Monitor.c:971:29: branch_false: ...to here mdadm-4.3/Monitor.c:970:29: branch_false: following ‘false’ branch... mdadm-4.3/Monitor.c:983:25: branch_false: ...to here mdadm-4.3/Monitor.c:990:28: branch_true: following ‘true’ branch... mdadm-4.3/Monitor.c:991:29: branch_true: ...to here mdadm-4.3/Monitor.c:990:29: branch_true: following ‘true’ branch... mdadm-4.3/Monitor.c:993:29: call_function: inlined call to ‘is_subarray’ from ‘add_new_arrays’ mdadm-4.3/Monitor.c:990:29: branch_true: following ‘true’ branch... mdadm-4.3/Monitor.c:995:33: branch_true: ...to here mdadm-4.3/Monitor.c:998:33: danger: dereference of NULL ‘sl’ # 996| "%s", mse->metadata_version + 10); # 997| sl = strchr(st->parent_devnm, '/'); # 998|-> *sl = 0; # 999| } else # 1000| st->parent_devnm[0] = 0; Error: GCC_ANALYZER_WARNING (CWE-775): [#def2] mdadm-4.3/mdadm.c:1060:30: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(optarg, 2)’ mdadm-4.3/mdadm.c:110:12: branch_false: following ‘false’ branch... mdadm-4.3/mdadm.c:115:9: branch_false: ...to here mdadm-4.3/mdadm.c:117:16: branch_true: following ‘true’ branch (when ‘opt != -1’)... mdadm-4.3/mdadm.c:122:17: branch_true: ...to here mdadm-4.3/mdadm.c:261:20: branch_false: following ‘false’ branch... mdadm-4.3/mdadm.c:263:36: branch_false: ...to here mdadm-4.3/mdadm.c:263:27: branch_false: following ‘false’ branch... mdadm-4.3/mdadm.c:274:28: branch_false: ...to here mdadm-4.3/mdadm.c:274:27: branch_true: following ‘true’ branch... mdadm-4.3/mdadm.c:276:29: branch_true: ...to here mdadm-4.3/mdadm.c:276:28: branch_false: following ‘false’ branch... mdadm-4.3/mdadm.c:321:17: branch_false: ...to here mdadm-4.3/mdadm.c:333:20: branch_false: following ‘false’ branch (when ‘opt != 1’)... mdadm-4.3/mdadm.c:368:25: branch_false: ...to here mdadm-4.3/mdadm.c:1049:28: branch_false: following ‘false’ branch... mdadm-4.3/mdadm.c:1053:29: branch_false: ...to here mdadm-4.3/mdadm.c:1053:28: branch_false: following ‘false’ branch (when the strings are non-equal)... mdadm-4.3/mdadm.c:1054:29: branch_false: ...to here mdadm-4.3/mdadm.c:1053:29: branch_false: following ‘false’ branch (when the strings are non-equal)... mdadm-4.3/mdadm.c:1059:37: branch_false: ...to here mdadm-4.3/mdadm.c:1059:37: acquire_resource: opened here mdadm-4.3/mdadm.c:1060:30: danger: ‘open(optarg, 2)’ leaks here; was opened at [(27)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/26) # 1058| } # 1059| bitmap_fd = open(optarg, O_RDWR); # 1060|-> if (!*optarg || bitmap_fd < 0) { # 1061| pr_err("cannot open bitmap file %s: %s\n", optarg, strerror(errno)); # 1062| exit(2); Error: GCC_ANALYZER_WARNING (CWE-476): [#def3] mdadm-4.3/mdadm.h:247:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ mdadm-4.3/super-intel.c:5389:12: enter_function: entry to ‘load_super_imsm’ mdadm-4.3/super-intel.c:5401:17: call_function: calling ‘alloc_super’ from ‘load_super_imsm’ mdadm-4.3/super-intel.c:5401:17: return_function: returning to ‘load_super_imsm’ from ‘alloc_super’ mdadm-4.3/super-intel.c:5402:12: branch_false: following ‘false’ branch... mdadm-4.3/super-intel.c:5405:14: branch_false: ...to here mdadm-4.3/super-intel.c:5405:12: branch_false: following ‘false’ branch... mdadm-4.3/super-intel.c:5413:14: branch_false: ...to here mdadm-4.3/super-intel.c:5415:12: branch_false: following ‘false’ branch... mdadm-4.3/super-intel.c:5421:14: branch_false: ...to here mdadm-4.3/super-intel.c:5421:14: call_function: calling ‘load_and_parse_mpb’ from ‘load_super_imsm’ # 245| { # 246| struct __una_u32 *ptr = (struct __una_u32 *)p; # 247|-> ptr->x = val; # 248| } # 249| Error: COMPILER_WARNING: [#def4] mdadm-4.3/platform-intel.c:20: included_from: Included from here. mdadm-4.3/platform-intel.c: scope_hint: In function ‘imsm_platform_test’ mdadm-4.3/platform-intel.h:28:37: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (5 chars into 4 available) # 28 | #define IMSM_OROM_SIGNATURE "$VER" # | ^~~~~~ mdadm-4.3/platform-intel.c:447:30: note: in expansion of macro ‘IMSM_OROM_SIGNATURE’ # 447 | .signature = IMSM_OROM_SIGNATURE, # | ^~~~~~~~~~~~~~~~~~~ # 26| struct imsm_orom { # 27| __u8 signature[4]; # 28|-> #define IMSM_OROM_SIGNATURE "$VER" # 29| #define IMSM_NVME_OROM_COMPAT_SIGNATURE "$NVM" # 30| #define IMSM_VMD_OROM_COMPAT_SIGNATURE "$VMD" Error: COMPILER_WARNING: [#def5] mdadm-4.3/platform-intel.c: scope_hint: In function ‘find_imsm_nvme’ mdadm-4.3/platform-intel.h:29:49: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (5 chars into 4 available) # 29 | #define IMSM_NVME_OROM_COMPAT_SIGNATURE "$NVM" # | ^~~~~~ mdadm-4.3/platform-intel.c:683:38: note: in expansion of macro ‘IMSM_NVME_OROM_COMPAT_SIGNATURE’ # 683 | .signature = IMSM_NVME_OROM_COMPAT_SIGNATURE, # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 27| __u8 signature[4]; # 28| #define IMSM_OROM_SIGNATURE "$VER" # 29|-> #define IMSM_NVME_OROM_COMPAT_SIGNATURE "$NVM" # 30| #define IMSM_VMD_OROM_COMPAT_SIGNATURE "$VMD" # 31| __u8 table_ver_major; /* Currently 2 (can change with future revs) */ Error: COMPILER_WARNING: [#def6] mdadm-4.3/platform-intel.c: scope_hint: In function ‘add_vmd_orom’ mdadm-4.3/platform-intel.h:30:48: warning[-Wunterminated-string-initialization]: initializer-string for array of ‘unsigned char’ truncates NUL terminator but destination lacks ‘nonstring’ attribute (5 chars into 4 available) # 30 | #define IMSM_VMD_OROM_COMPAT_SIGNATURE "$VMD" # | ^~~~~~ mdadm-4.3/platform-intel.c:751:30: note: in expansion of macro ‘IMSM_VMD_OROM_COMPAT_SIGNATURE’ # 751 | .signature = IMSM_VMD_OROM_COMPAT_SIGNATURE, # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # 28| #define IMSM_OROM_SIGNATURE "$VER" # 29| #define IMSM_NVME_OROM_COMPAT_SIGNATURE "$NVM" # 30|-> #define IMSM_VMD_OROM_COMPAT_SIGNATURE "$VMD" # 31| __u8 table_ver_major; /* Currently 2 (can change with future revs) */ # 32| __u8 table_ver_minor; /* Currently 2 (can change with future revs) */ Error: GCC_ANALYZER_WARNING (CWE-476): [#def7] mdadm-4.3/super-intel.c:3022:26: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘map’ mdadm-4.3/super-intel.c:3109:14: enter_function: entry to ‘blocks_per_migr_unit’ mdadm-4.3/super-intel.c:3127:40: call_function: inlined call to ‘get_imsm_map’ from ‘blocks_per_migr_unit’ mdadm-4.3/super-intel.c:3141:36: call_function: calling ‘num_stripes_per_unit_resync’ from ‘blocks_per_migr_unit’ # 3020| struct imsm_map *hi = get_imsm_map(dev, MAP_1); # 3021| __u32 lo_chunk = __le32_to_cpu(lo->blocks_per_strip); # 3022|-> __u32 hi_chunk = __le32_to_cpu(hi->blocks_per_strip); # 3023| # 3024| return max((__u32) 1, hi_chunk / lo_chunk); Error: GCC_ANALYZER_WARNING (CWE-476): [#def8] mdadm-4.3/super-intel.c:3035:24: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘map’ mdadm-4.3/super-intel.c:3109:14: enter_function: entry to ‘blocks_per_migr_unit’ mdadm-4.3/super-intel.c:3156:36: call_function: calling ‘num_stripes_per_unit_rebuild’ from ‘blocks_per_migr_unit’ # 3033| struct imsm_map *hi = get_imsm_map(dev, MAP_1); # 3034| # 3035|-> return hi->num_domains; # 3036| } else # 3037| return num_stripes_per_unit_resync(dev); Error: GCC_ANALYZER_WARNING (CWE-415): [#def9] mdadm-4.3/super-intel.c:4697:17: warning[-Wanalyzer-double-free]: double-‘free’ of ‘*super.<U83c0>.buf’ mdadm-4.3/super-intel.c:5750:12: enter_function: entry to ‘init_super_imsm’ mdadm-4.3/super-intel.c:5782:17: call_function: calling ‘alloc_super’ from ‘init_super_imsm’ mdadm-4.3/super-intel.c:5782:17: return_function: returning to ‘init_super_imsm’ from ‘alloc_super’ mdadm-4.3/super-intel.c:5783:12: branch_true: following ‘true’ branch... mdadm-4.3/super-intel.c:5784:13: branch_true: ...to here mdadm-4.3/super-intel.c:5784:13: branch_true: following ‘true’ branch... mdadm-4.3/super-intel.c:5784:13: branch_true: ...to here mdadm-4.3/super-intel.c:5792:13: branch_false: following ‘false’ branch... mdadm-4.3/super-intel.c:5794:17: branch_false: ...to here mdadm-4.3/super-intel.c:5795:17: release_memory: first ‘free’ here mdadm-4.3/super-intel.c:5796:17: call_function: calling ‘free_imsm’ from ‘init_super_imsm’ # 4695| # 4696| if (super->buf) { # 4697|-> free(super->buf); # 4698| super->buf = NULL; # 4699| } Error: GCC_ANALYZER_WARNING (CWE-688): [#def10] mdadm-4.3/super-intel.c:7137:9: warning[-Wanalyzer-null-argument]: use of NULL ‘opendir("/sys/dev/block")’ where non-null expected mdadm-4.3/super-intel.c:7370:12: enter_function: entry to ‘count_volumes’ mdadm-4.3/super-intel.c:7378:50: branch_true: following ‘true’ branch (when ‘dev’ is non-NULL)... mdadm-4.3/super-intel.c:7379:29: branch_true: ...to here mdadm-4.3/super-intel.c:7379:28: branch_true: following ‘true’ branch... mdadm-4.3/super-intel.c:7380:42: branch_true: ...to here mdadm-4.3/super-intel.c:7380:42: call_function: calling ‘__count_volumes’ from ‘count_volumes’ # 7135| } # 7136| } # 7137|-> closedir(dir); # 7138| return devlist; # 7139| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def11] mdadm-4.3/util.c:2211:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor # 2209| # 2210| close(0); # 2211|-> open("/dev/null", O_RDWR); # 2212| # 2213| #ifndef DEBUG Error: GCC_ANALYZER_WARNING (CWE-910): [#def12] mdadm-4.3/util.c:2214:9: warning[-Wanalyzer-fd-use-after-close]: ‘dup2’ on closed file descriptor ‘0’ mdadm-4.3/util.c:2210:9: release_resource: closed here mdadm-4.3/util.c:2214:9: danger: ‘dup2’ on closed file descriptor ‘0’; ‘close’ was at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0) # 2212| # 2213| #ifndef DEBUG # 2214|-> dup2(0, 1); # 2215| dup2(0, 2); # 2216| #endif Error: GCC_ANALYZER_WARNING (CWE-910): [#def13] mdadm-4.3/util.c:2215:9: warning[-Wanalyzer-fd-use-after-close]: ‘dup2’ on closed file descriptor ‘0’ mdadm-4.3/util.c:2210:9: release_resource: closed here mdadm-4.3/util.c:2215:9: danger: ‘dup2’ on closed file descriptor ‘0’; ‘close’ was at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0) # 2213| #ifndef DEBUG # 2214| dup2(0, 1); # 2215|-> dup2(0, 2); # 2216| #endif # 2217| Error: GCC_ANALYZER_WARNING: [#def14] mdadm-4.3/util.c:2289:17: warning[-Wanalyzer-fd-use-without-check]: ‘dup2’ on possibly invalid file descriptor ‘mdfd’ mdadm-4.3/util.c:2278:6: enter_function: entry to ‘reopen_mddev’ mdadm-4.3/util.c:2286:9: release_resource: closed here mdadm-4.3/util.c:2287:14: call_function: inlined call to ‘open_dev’ from ‘reopen_mddev’ mdadm-4.3/util.c:2287:14: call_function: inlined call to ‘open_dev’ from ‘reopen_mddev’ mdadm-4.3/util.c:2288:12: branch_true: following ‘true’ branch... mdadm-4.3/util.c:2289:17: branch_true: ...to here mdadm-4.3/util.c:2289:17: danger: ‘mdfd’ could be invalid # 2287| fd = open_dev(devnm); # 2288| if (fd >= 0 && fd != mdfd) # 2289|-> dup2(fd, mdfd); # 2290| } # 2291|
| analyzer-version-clippy | 1.95.0 |
| analyzer-version-cppcheck | 2.20.0 |
| analyzer-version-gcc | 16.1.1 |
| analyzer-version-gcc-analyzer | 16.1.1 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.95.0 |
| diffbase-analyzer-version-cppcheck | 2.20.0 |
| diffbase-analyzer-version-gcc | 16.1.1 |
| diffbase-analyzer-version-gcc-analyzer | 16.1.1 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-187.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20260524.213755.g3c6d0be.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | mdadm-4.6-1.fc45 |
| diffbase-store-results-to | /tmp/tmpi3a2ot13/mdadm-4.6-1.fc45.tar.xz |
| diffbase-time-created | 2026-06-01 15:07:50 |
| diffbase-time-finished | 2026-06-01 15:09:30 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'shellcheck,cppcheck,clippy,unicontrol,gcc' '-o' '/tmp/tmpi3a2ot13/mdadm-4.6-1.fc45.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpi3a2ot13/mdadm-4.6-1.fc45.src.rpm' |
| diffbase-tool-version | csmock-3.8.5.20260529.133039.g6f3b5c6-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-187.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20260524.213755.g3c6d0be.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | mdadm-4.3-11.fc44 |
| store-results-to | /tmp/tmp_a2oxir3/mdadm-4.3-11.fc44.tar.xz |
| time-created | 2026-06-01 15:05:26 |
| time-finished | 2026-06-01 15:07:31 |
| title | Fixed findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'shellcheck,cppcheck,clippy,unicontrol,gcc' '-o' '/tmp/tmp_a2oxir3/mdadm-4.3-11.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp_a2oxir3/mdadm-4.3-11.fc44.src.rpm' |
| tool-version | csmock-3.8.5.20260529.133039.g6f3b5c6-1.el9 |