Error: GCC_ANALYZER_WARNING (CWE-476): [#def1] crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'libcrun_set_sysctl' crun-HEAD/src/libcrun/linux.c:3680:23: warning[-Wanalyzer-null-dereference]: dereference of NULL 'it' # 3678| # 3679| name = xstrdup (def->linux->sysctl->keys[i]); # 3680|-> for (it = name; *it; it++) # 3681| if (*it == '.') # 3682| *it = '/'; Error: GCC_ANALYZER_WARNING (CWE-688): [#def2] crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'join_namespaces' crun-HEAD/src/libcrun/linux.c:4024:17: warning[-Wanalyzer-null-argument]: use of NULL 'cwd' where non-null expected crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'join_namespaces' /usr/include/unistd.h:517:12: note: argument 1 of 'chdir' must be non-null # 4022| if (value == CLONE_NEWNS) # 4023| { # 4024|-> ret = chdir (cwd); # 4025| if (UNLIKELY (ret < 0)) # 4026| return crun_make_error (err, errno, "chdir `%s`", cwd); Error: GCC_ANALYZER_WARNING (CWE-457): [#def3] crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' crun-HEAD/src/libcrun/linux.c:4083:21: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value '*ns.fd_len' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' # 4081| return; # 4082| # 4083|-> for (i = 0; i < ns->fd_len; i++) # 4084| TEMP_FAILURE_RETRY (close (ns->fd[i])); # 4085| } Error: GCC_ANALYZER_WARNING (CWE-1341): [#def4] crun-HEAD/src/libcrun/linux.c:4084:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor '*ns.fd[i]' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' # 4082| # 4083| for (i = 0; i < ns->fd_len; i++) # 4084|-> TEMP_FAILURE_RETRY (close (ns->fd[i])); # 4085| } # 4086| Error: GCC_ANALYZER_WARNING (CWE-775): [#def5] crun-HEAD/src/libcrun/linux.c:4084:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'init_status.fd[0]' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' # 4082| # 4083| for (i = 0; i < ns->fd_len; i++) # 4084|-> TEMP_FAILURE_RETRY (close (ns->fd[i])); # 4085| } # 4086| Error: GCC_ANALYZER_WARNING (CWE-775): [#def6] crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'configure_init_status' crun-HEAD/src/libcrun/linux.c:4134:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open(**_18.path, 524288)' crun-HEAD/src/libcrun/utils.h:57:40: note: in definition of macro 'UNLIKELY' crun-HEAD/src/libcrun/utils.h:57:40: note: in definition of macro 'UNLIKELY' # 4132| # 4133| fd = open (def->linux->namespaces[i]->path, O_RDONLY | O_CLOEXEC); # 4134|-> if (UNLIKELY (fd < 0)) # 4135| return crun_make_error (err, errno, "open `%s`", def->linux->namespaces[i]->path); # 4136| Error: GCC_ANALYZER_WARNING (CWE-476): [#def7] crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'is_bind_mount' crun-HEAD/src/libcrun/linux.c:4211:19: warning[-Wanalyzer-null-dereference]: dereference of NULL '0' # 4209| # 4210| if (src_nofollow == NULL) # 4211|-> *src_nofollow = false; # 4212| # 4213| for (i = 0; i < mnt->options_len; i++) Error: GCC_ANALYZER_WARNING (CWE-465): [#def8] crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'precreate_device' crun-HEAD/src/libcrun/linux.c:4422:6: warning[-Wanalyzer-deref-before-check]: check of '*def.linux' for NULL after already dereferencing it # 4420| return crun_make_error (err, errno, "mknod `%s`", device->path); # 4421| # 4422|-> if (def->linux) # 4423| { # 4424| uid = get_id_in_user_namespace (device->uid, true, def); Error: GCC_ANALYZER_WARNING (CWE-1341): [#def9] crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'receive_mounts' crun-HEAD/src/libcrun/linux.c:4681:29: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor '*fds.fds[<unknown>]' # 4679| # 4680| if (fds->fds[index] >= 0) # 4681|-> TEMP_FAILURE_RETRY (close (fds->fds[index])); # 4682| # 4683| fds->fds[index] = ret; Error: GCC_ANALYZER_WARNING (CWE-1341): [#def10] crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'libcrun_join_process' crun-HEAD/src/libcrun/linux.c:5722:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'sync_socket_fd[0]' # 5720| exit: # 5721| if (sync_socket_fd[0] >= 0) # 5722|-> TEMP_FAILURE_RETRY (close (sync_socket_fd[0])); # 5723| if (sync_socket_fd[1] >= 0) # 5724| TEMP_FAILURE_RETRY (close (sync_socket_fd[1])); Error: GCC_ANALYZER_WARNING (CWE-1341): [#def11] crun-HEAD/src/libcrun/linux.c:5724:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'sync_socket_fd[1]' # 5722| TEMP_FAILURE_RETRY (close (sync_socket_fd[0])); # 5723| if (sync_socket_fd[1] >= 0) # 5724|-> TEMP_FAILURE_RETRY (close (sync_socket_fd[1])); # 5725| return ret; # 5726| } Error: GCC_ANALYZER_WARNING (CWE-457): [#def12] crun-HEAD/src/libcrun/utils.h:92:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'cwd' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'join_namespaces' # 90| { # 91| void **pp = (void **) p; # 92|-> free (*pp); # 93| } # 94| Error: GCC_ANALYZER_WARNING (CWE-457): [#def13] crun-HEAD/src/libcrun/utils.h:92:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'dup_options' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'maybe_create_userns_for_idmapped_mount' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'maybe_create_userns_for_idmapped_mount' crun-HEAD/src/libcrun/linux.c:572:16: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/linux.c:572:16: note: in expansion of macro 'crun_make_error' # 90| { # 91| void **pp = (void **) p; # 92|-> free (*pp); # 93| } # 94| Error: GCC_ANALYZER_WARNING (CWE-457): [#def14] crun-HEAD/src/libcrun/utils.h:92:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'mappings' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'parse_idmapped_mount_option' /usr/include/features.h:540: included_from: Included from here. /usr/include/bits/libc-header-start.h:33: included_from: Included from here. /usr/include/stdio.h:28: included_from: Included from here. crun-HEAD/src/libcrun/linux.h:21: included_from: Included from here. crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'parse_idmapped_mount_option' crun-HEAD/src/libcrun/linux.c:364:20: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/linux.c:364:20: note: in expansion of macro 'crun_make_error' # 90| { # 91| void **pp = (void **) p; # 92|-> free (*pp); # 93| } # 94| Error: GCC_ANALYZER_WARNING (CWE-457): [#def15] crun-HEAD/src/libcrun/utils.h:92:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'name' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'libcrun_set_sysctl' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'libcrun_set_sysctl' crun-HEAD/src/libcrun/linux.c:3607:20: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/linux.c:3607:20: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/linux.c:3607:20: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'libcrun_set_sysctl' # 90| { # 91| void **pp = (void **) p; # 92|-> free (*pp); # 93| } # 94| Error: GCC_ANALYZER_WARNING (CWE-457): [#def16] crun-HEAD/src/libcrun/utils.h:92:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'reason' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'libcrun_set_sysctl' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'libcrun_set_sysctl' crun-HEAD/src/libcrun/linux.c:3617:16: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/linux.c:3698:18: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/linux.c:3698:18: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/linux.c:3698:18: note: in expansion of macro 'crun_make_error' # 90| { # 91| void **pp = (void **) p; # 92|-> free (*pp); # 93| } # 94| Error: GCC_ANALYZER_WARNING (CWE-457): [#def17] crun-HEAD/src/libcrun/utils.h:92:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'ret' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'format_mount_mappings' crun-HEAD/src/libcrun/linux.c:443:16: note: in expansion of macro 'crun_make_error' # 90| { # 91| void **pp = (void **) p; # 92|-> free (*pp); # 93| } # 94| Error: GCC_ANALYZER_WARNING (CWE-1341): [#def18] crun-HEAD/src/libcrun/utils.h:108:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'client_fd' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_closep.part.0' crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'cleanup_closep.part.0' crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'cleanup_closep.part.0' # 106| int *pp = (int *) p; # 107| if (*pp >= 0) # 108|-> TEMP_FAILURE_RETRY (close (*pp)); # 109| } # 110| Error: GCC_ANALYZER_WARNING (CWE-1341): [#def19] crun-HEAD/src/libcrun/utils.h:108:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'current_mountns' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_closep.part.0' crun-HEAD/src/libcrun/linux.c:4587:13: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_closep.part.0' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_closep.part.0' crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'cleanup_closep.part.0' # 106| int *pp = (int *) p; # 107| if (*pp >= 0) # 108|-> TEMP_FAILURE_RETRY (close (*pp)); # 109| } # 110| Error: GCC_ANALYZER_WARNING (CWE-1341): [#def20] crun-HEAD/src/libcrun/utils.h:108:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'dest_fd' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_closep.part.0' crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'cleanup_closep.part.0' # 106| int *pp = (int *) p; # 107| if (*pp >= 0) # 108|-> TEMP_FAILURE_RETRY (close (*pp)); # 109| } # 110| Error: GCC_ANALYZER_WARNING (CWE-1341): [#def21] crun-HEAD/src/libcrun/utils.h:108:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'map_fd' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_closep.part.0' crun-HEAD/src/libcrun/linux.c:364:20: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'cleanup_closep.part.0' # 106| int *pp = (int *) p; # 107| if (*pp >= 0) # 108|-> TEMP_FAILURE_RETRY (close (*pp)); # 109| } # 110| Error: GCC_ANALYZER_WARNING (CWE-1341): [#def22] crun-HEAD/src/libcrun/utils.h:108:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'netns_fd' crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'cleanup_closep.part.0' # 106| int *pp = (int *) p; # 107| if (*pp >= 0) # 108|-> TEMP_FAILURE_RETRY (close (*pp)); # 109| } # 110| Error: GCC_ANALYZER_WARNING (CWE-1341): [#def23] crun-HEAD/src/libcrun/utils.h:108:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'sockfd' crun-HEAD/src/libcrun/linux.c:5812:16: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'cleanup_closep.part.0' # 106| int *pp = (int *) p; # 107| if (*pp >= 0) # 108|-> TEMP_FAILURE_RETRY (close (*pp)); # 109| } # 110| Error: GCC_ANALYZER_WARNING (CWE-1341): [#def24] crun-HEAD/src/libcrun/utils.h:108:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'sync_fd' crun-HEAD/src/libcrun/linux.c:5299:12: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'cleanup_closep.part.0' # 106| int *pp = (int *) p; # 107| if (*pp >= 0) # 108|-> TEMP_FAILURE_RETRY (close (*pp)); # 109| } # 110| Error: GCC_ANALYZER_WARNING (CWE-401): [#def25] crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'cleanup_close_mapp' crun-HEAD/src/libcrun/utils.h:181:27: warning[-Wanalyzer-malloc-leak]: leak of 'mount_fds' # 179| for (i = 0; i < m->nfds; i++) # 180| if (m->fds[i] >= 0) # 181|-> TEMP_FAILURE_RETRY (close (m->fds[i])); # 182| # 183| free (m); Error: GCC_ANALYZER_WARNING (CWE-1341): [#def26] crun-HEAD/src/libcrun/utils.h:213:33: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'fd' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'close_and_reset.part.0' # 211| if (*fd >= 0) # 212| { # 213|-> ret = TEMP_FAILURE_RETRY (close (*fd)); # 214| if (LIKELY (ret == 0)) # 215| *fd = -1; Error: GCC_ANALYZER_WARNING (CWE-1341): [#def27] crun-HEAD/src/libcrun/utils.h:213:33: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'targetfd' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'close_and_reset.part.0' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'close_and_reset.part.0' # 211| if (*fd >= 0) # 212| { # 213|-> ret = TEMP_FAILURE_RETRY (close (*fd)); # 214| if (LIKELY (ret == 0)) # 215| *fd = -1;
| analyzer-version-clippy | 1.93.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.1 |
| analyzer-version-gcc-analyzer | 16.0.1 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.93.0 |
| diffbase-analyzer-version-cppcheck | 2.19.1 |
| diffbase-analyzer-version-gcc | 16.0.1 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.1 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-68.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20260119.105402.g7a5be1b.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | crun-1.26-1.20260204135510299484.pr1983.57.gc5879bab |
| diffbase-store-results-to | /tmp/tmpdmjnv1yh/crun-1.26-1.20260204135510299484.pr1983.57.gc5879bab.tar.xz |
| diffbase-time-created | 2026-02-04 14:14:41 |
| diffbase-time-finished | 2026-02-04 14:22:54 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'cppcheck,unicontrol,shellcheck,gcc,clippy' '-o' '/tmp/tmpdmjnv1yh/crun-1.26-1.20260204135510299484.pr1983.57.gc5879bab.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '/tmp/tmpdmjnv1yh/crun-1.26-1.20260204135510299484.pr1983.57.gc5879bab.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20260128.181932.g41af877-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-68.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20260119.105402.g7a5be1b.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | crun-1.26-1.20260204063804261337.main.56.gca0756f5 |
| store-results-to | /tmp/tmpwog8xczk/crun-1.26-1.20260204063804261337.main.56.gca0756f5.tar.xz |
| time-created | 2026-02-04 14:03:42 |
| time-finished | 2026-02-04 14:14:16 |
| title | Fixed findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'cppcheck,unicontrol,shellcheck,gcc,clippy' '-o' '/tmp/tmpwog8xczk/crun-1.26-1.20260204063804261337.main.56.gca0756f5.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '/tmp/tmpwog8xczk/crun-1.26-1.20260204063804261337.main.56.gca0756f5.src.rpm' |
| tool-version | csmock-3.8.3.20260128.181932.g41af877-1.el9 |