Task #119396 - added.err
back to task #119396download
Error: GCC_ANALYZER_WARNING (CWE-476):
qemu-11.0.0-rc3/backends/igvm.c:813:21: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘ctx.cgsc’
qemu-11.0.0-rc3/backends/igvm.c:900:5: enter_function: entry to ‘qigvm_process_file’
qemu-11.0.0-rc3/backends/igvm.c:909:8: branch_false: following ‘false’ branch...
qemu-11.0.0-rc3/backends/igvm.c:913:5: branch_false: ...to here
qemu-11.0.0-rc3/backends/igvm.c:923:16: branch_false: following ‘false’ branch...
qemu-11.0.0-rc3/backends/igvm.c:923:5: branch_false: ...to here
qemu-11.0.0-rc3/backends/igvm.c:931:9: call_function: calling ‘qigvm_supported_platform_compat_mask’ from ‘qigvm_process_file’
# 811| if ((platform->platform_type == IGVM_PLATFORM_TYPE_SEV_ES) &&
# 812| ctx->machine_state->cgs) {
# 813|-> if (ctx->cgsc->check_support(
# 814| CGS_PLATFORM_SEV_ES, platform->platform_version,
# 815| platform->highest_vtl, platform->shared_gpa_boundary)) {
Error: GCC_ANALYZER_WARNING (CWE-476):
qemu-11.0.0-rc3/backends/igvm.c:820:21: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘ctx.cgsc’
qemu-11.0.0-rc3/backends/igvm.c:900:5: enter_function: entry to ‘qigvm_process_file’
qemu-11.0.0-rc3/backends/igvm.c:909:8: branch_false: following ‘false’ branch...
qemu-11.0.0-rc3/backends/igvm.c:913:5: branch_false: ...to here
qemu-11.0.0-rc3/backends/igvm.c:923:16: branch_false: following ‘false’ branch...
qemu-11.0.0-rc3/backends/igvm.c:923:5: branch_false: ...to here
qemu-11.0.0-rc3/backends/igvm.c:931:9: call_function: calling ‘qigvm_supported_platform_compat_mask’ from ‘qigvm_process_file’
# 818| } else if ((platform->platform_type == IGVM_PLATFORM_TYPE_SEV) &&
# 819| ctx->machine_state->cgs) {
# 820|-> if (ctx->cgsc->check_support(
# 821| CGS_PLATFORM_SEV, platform->platform_version,
# 822| platform->highest_vtl, platform->shared_gpa_boundary)) {
Error: GCC_ANALYZER_WARNING (CWE-476):
qemu-11.0.0-rc3/backends/igvm.c:828:21: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘ctx.cgsc’
qemu-11.0.0-rc3/backends/igvm.c:900:5: enter_function: entry to ‘qigvm_process_file’
qemu-11.0.0-rc3/backends/igvm.c:909:8: branch_false: following ‘false’ branch...
qemu-11.0.0-rc3/backends/igvm.c:913:5: branch_false: ...to here
qemu-11.0.0-rc3/backends/igvm.c:923:16: branch_false: following ‘false’ branch...
qemu-11.0.0-rc3/backends/igvm.c:923:5: branch_false: ...to here
qemu-11.0.0-rc3/backends/igvm.c:931:9: call_function: calling ‘qigvm_supported_platform_compat_mask’ from ‘qigvm_process_file’
# 826| IGVM_PLATFORM_TYPE_SEV_SNP) &&
# 827| ctx->machine_state->cgs) {
# 828|-> if (ctx->cgsc->check_support(
# 829| CGS_PLATFORM_SEV_SNP, platform->platform_version,
# 830| platform->highest_vtl, platform->shared_gpa_boundary)) {
Error: CPPCHECK_WARNING (CWE-562):
qemu-11.0.0-rc3/disas/m68k.c:1904: error[autoVariables]: Address of local auto-variable assigned to a function parameter.
# 1902| }
# 1903|
# 1904|-> info->private_data = (PTR) &priv;
# 1905| /* Tell objdump to use two bytes per chunk
# 1906| and six bytes per line for displaying raw data. */
Error: CPPCHECK_WARNING (CWE-758):
qemu-11.0.0-rc3/disas/sparc.c:2518: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 2516| for (i = 0; i < 32; ++i)
# 2517| {
# 2518|-> unsigned long int x = 1 << i;
# 2519| int x0 = (match0 & x) != 0;
# 2520| int x1 = (match1 & x) != 0;
Error: CPPCHECK_WARNING (CWE-758):
qemu-11.0.0-rc3/disas/sparc.c:2528: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
# 2526| for (i = 0; i < 32; ++i)
# 2527| {
# 2528|-> unsigned long int x = 1 << i;
# 2529| int x0 = (lose0 & x) != 0;
# 2530| int x1 = (lose1 & x) != 0;
Error: CPPCHECK_WARNING (CWE-476):
qemu-11.0.0-rc3/disas/sparc.c:2691: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: sorted_opcodes
# 2689| /* Reset the sorted table so we can resort it. */
# 2690| for (i = 0; i < sparc_num_opcodes; ++i)
# 2691|-> sorted_opcodes[i] = &sparc_opcodes[i];
# 2692| qsort ((char *) sorted_opcodes, sparc_num_opcodes,
# 2693| sizeof (sorted_opcodes[0]), compare_opcodes);
Error: GCC_ANALYZER_WARNING (CWE-688):
qemu-11.0.0-rc3/hw/block/xen-block.c:913:10: warning[-Wanalyzer-null-argument]: use of NULL ‘filename’ where non-null expected
qemu-11.0.0-rc3/hw/block/xen-block.c:870:23: enter_function: entry to ‘xen_block_drive_create’
qemu-11.0.0-rc3/hw/block/xen-block.c:888:8: branch_false: following ‘false’ branch...
qemu-11.0.0-rc3/hw/block/xen-block.c:893:9: branch_false: ...to here
qemu-11.0.0-rc3/hw/block/xen-block.c:894:8: branch_true: following ‘true’ branch...
qemu-11.0.0-rc3/hw/block/xen-block.c:895:20: branch_true: ...to here
qemu-11.0.0-rc3/hw/block/xen-block.c:913:10: danger: argument 1 (‘filename’) NULL where non-null expected
# 911| drive->id = g_strdup(id);
# 912|
# 913|-> rc = stat(filename, &st);
# 914| if (rc) {
# 915| error_setg_errno(errp, errno, "Could not stat file '%s'", filename);
Error: GCC_ANALYZER_WARNING (CWE-457):
qemu-11.0.0-rc3/hw/i3c/core.c:480:5: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*num_read’
qemu-11.0.0-rc3/hw/i3c/core.c:443:5: enter_function: entry to ‘i3c_recv_byte’
qemu-11.0.0-rc3/hw/i3c/core.c:450:12: call_function: calling ‘i3c_recv’ from ‘i3c_recv_byte’
# 478| }
# 479|
# 480|-> trace_i3c_recv(*num_read, num_to_read, ret == 0);
# 481|
# 482| return ret;
Error: GCC_ANALYZER_WARNING (CWE-688):
qemu-11.0.0-rc3/hw/uefi/var-service-pcap.c:28:5: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘fp’ where non-null expected
qemu-11.0.0-rc3/hw/uefi/var-service-pcap.c:54:6: enter_function: entry to ‘uefi_vars_pcap_init’
qemu-11.0.0-rc3/hw/uefi/var-service-pcap.c:58:8: branch_false: following ‘false’ branch...
qemu-11.0.0-rc3/hw/uefi/var-service-pcap.c:62:10: branch_false: ...to here
qemu-11.0.0-rc3/hw/uefi/var-service-pcap.c:65:8: branch_false: following ‘false’ branch...
qemu-11.0.0-rc3/hw/uefi/var-service-pcap.c:69:18: branch_false: ...to here
qemu-11.0.0-rc3/hw/uefi/var-service-pcap.c:69:18: acquire_memory: this call could return NULL
qemu-11.0.0-rc3/hw/uefi/var-service-pcap.c:70:5: call_function: calling ‘uefi_vars_pcap_header’ from ‘uefi_vars_pcap_init’
# 26| };
# 27|
# 28|-> fwrite(&header, sizeof(header), 1, fp);
# 29| fflush(fp);
# 30| }
Error: CPPCHECK_WARNING (CWE-476):
qemu-11.0.0-rc3/include/qemu/bswap.h:142: error[ctunullpointer]: Null pointer dereference: p
# 140| CPU_CONVERT(be, 64, uint64_t)
# 141|
# 142|-> CPU_CONVERT(le, 16, uint16_t)
# 143| CPU_CONVERT(le, 32, uint32_t)
# 144| CPU_CONVERT(le, 64, uint64_t)
Error: CPPCHECK_WARNING (CWE-476):
qemu-11.0.0-rc3/include/qemu/bswap.h:143: error[ctunullpointer]: Null pointer dereference: p
# 141|
# 142| CPU_CONVERT(le, 16, uint16_t)
# 143|-> CPU_CONVERT(le, 32, uint32_t)
# 144| CPU_CONVERT(le, 64, uint64_t)
# 145|
Error: CPPCHECK_WARNING (CWE-476):
qemu-11.0.0-rc3/include/qemu/bswap.h:144: error[ctunullpointer]: Null pointer dereference: p
# 142| CPU_CONVERT(le, 16, uint16_t)
# 143| CPU_CONVERT(le, 32, uint32_t)
# 144|-> CPU_CONVERT(le, 64, uint64_t)
# 145|
# 146| #undef CPU_CONVERT
Error: GCC_ANALYZER_WARNING (CWE-476):
qemu-11.0.0-rc3/monitor/hmp-cmds.c:705:5: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘mr’
qemu-11.0.0-rc3/monitor/hmp-cmds.c:696:19: release_memory: ‘mr’ is NULL
qemu-11.0.0-rc3/monitor/hmp-cmds.c:700:8: branch_false: following ‘false’ branch...
qemu-11.0.0-rc3/monitor/hmp-cmds.c:707:28: branch_false: ...to here
qemu-11.0.0-rc3/monitor/hmp-cmds.c:707:28: release_memory: ‘mr’ is NULL
qemu-11.0.0-rc3/monitor/hmp-cmds.c:705:5: danger: dereference of NULL ‘mr’
# 703| }
# 704|
# 705|-> monitor_printf(mon, "Host virtual address for 0x%" HWADDR_PRIx
# 706| " (%s) is %p\n",
# 707| addr, mr->name, ptr);
Error: GCC_ANALYZER_WARNING (CWE-476):
qemu-11.0.0-rc3/monitor/hmp-cmds.c:785:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘mr’
qemu-11.0.0-rc3/monitor/hmp-cmds.c:767:6: enter_function: entry to ‘hmp_gpa2hpa’
qemu-11.0.0-rc3/monitor/hmp-cmds.c:771:19: release_memory: ‘mr’ is NULL
qemu-11.0.0-rc3/monitor/hmp-cmds.c:776:8: branch_false: following ‘false’ branch...
qemu-11.0.0-rc3/monitor/hmp-cmds.c:781:16: branch_false: ...to here
qemu-11.0.0-rc3/monitor/hmp-cmds.c:781:16: call_function: calling ‘vtop’ from ‘hmp_gpa2hpa’
qemu-11.0.0-rc3/monitor/hmp-cmds.c:781:16: return_function: returning to ‘hmp_gpa2hpa’ from ‘vtop’
qemu-11.0.0-rc3/monitor/hmp-cmds.c:782:8: branch_false: following ‘false’ branch...
qemu-11.0.0-rc3/monitor/hmp-cmds.c:787:32: branch_false: ...to here
qemu-11.0.0-rc3/monitor/hmp-cmds.c:787:32: release_memory: ‘mr’ is NULL
qemu-11.0.0-rc3/monitor/hmp-cmds.c:785:9: danger: dereference of NULL ‘mr’
# 783| error_report_err(local_err);
# 784| } else {
# 785|-> monitor_printf(mon, "Host physical address for 0x%" HWADDR_PRIx
# 786| " (%s) is 0x%" PRIx64 "\n",
# 787| addr, mr->name, (uint64_t) physaddr);
Error: GCC_ANALYZER_WARNING (CWE-401):
qemu-11.0.0-rc3/subprojects/libvduse/libvduse.c:273:12: warning[-Wanalyzer-malloc-leak]: leak of ‘*vq.resubmit_list’
qemu-11.0.0-rc3/subprojects/libvduse/libvduse.c:1001:5: enter_function: entry to ‘vduse_dev_handler’
qemu-11.0.0-rc3/subprojects/libvduse/libvduse.c:1009:8: branch_false: following ‘false’ branch (when ‘ret == 152’)...
qemu-11.0.0-rc3/subprojects/libvduse/libvduse.c:1014:23: branch_false: ...to here
qemu-11.0.0-rc3/subprojects/libvduse/libvduse.c:1023:12: branch_true: following ‘true’ branch...
qemu-11.0.0-rc3/subprojects/libvduse/libvduse.c:1024:13: branch_true: ...to here
qemu-11.0.0-rc3/subprojects/libvduse/libvduse.c:1024:13: call_function: calling ‘vduse_dev_start_dataplane’ from ‘vduse_dev_handler’
# 271| }
# 272|
# 273|-> if (vq->resubmit_num > 1) {
# 274| qsort(vq->resubmit_list, vq->resubmit_num,
# 275| sizeof(VduseVirtqInflightDesc), inflight_desc_compare);