Error: GCC_ANALYZER_WARNING (CWE-476): [#def1] crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'libcrun_set_sysctl' crun-HEAD/src/libcrun/linux.c:3685:23: warning[-Wanalyzer-null-dereference]: dereference of NULL 'it' # 3683| # 3684| name = xstrdup (def->linux->sysctl->keys[i]); # 3685|-> for (it = name; *it; it++) # 3686| if (*it == '.') # 3687| *it = '/'; Error: GCC_ANALYZER_WARNING (CWE-688): [#def2] crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'join_namespaces' crun-HEAD/src/libcrun/linux.c:4029:17: warning[-Wanalyzer-null-argument]: use of NULL 'cwd' where non-null expected crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'join_namespaces' /usr/include/unistd.h:517:12: note: argument 1 of 'chdir' must be non-null # 4027| if (value == CLONE_NEWNS) # 4028| { # 4029|-> ret = chdir (cwd); # 4030| if (UNLIKELY (ret < 0)) # 4031| return crun_make_error (err, errno, "chdir `%s`", cwd); Error: GCC_ANALYZER_WARNING (CWE-457): [#def3] crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' crun-HEAD/src/libcrun/linux.c:4088:21: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value '*ns.fd_len' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' # 4086| return; # 4087| # 4088|-> for (i = 0; i < ns->fd_len; i++) # 4089| TEMP_FAILURE_RETRY (close (ns->fd[i])); # 4090| } Error: GCC_ANALYZER_WARNING (CWE-1341): [#def4] crun-HEAD/src/libcrun/linux.c:4089:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor '*ns.fd[i]' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' # 4087| # 4088| for (i = 0; i < ns->fd_len; i++) # 4089|-> TEMP_FAILURE_RETRY (close (ns->fd[i])); # 4090| } # 4091| Error: GCC_ANALYZER_WARNING (CWE-775): [#def5] crun-HEAD/src/libcrun/linux.c:4089:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'init_status.fd[0]' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_free_init_statusp.part.0' # 4087| # 4088| for (i = 0; i < ns->fd_len; i++) # 4089|-> TEMP_FAILURE_RETRY (close (ns->fd[i])); # 4090| } # 4091| Error: GCC_ANALYZER_WARNING (CWE-775): [#def6] crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'configure_init_status' crun-HEAD/src/libcrun/linux.c:4139:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open(**_18.path, 524288)' crun-HEAD/src/libcrun/utils.h:57:40: note: in definition of macro 'UNLIKELY' crun-HEAD/src/libcrun/utils.h:57:40: note: in definition of macro 'UNLIKELY' # 4137| # 4138| fd = open (def->linux->namespaces[i]->path, O_RDONLY | O_CLOEXEC); # 4139|-> if (UNLIKELY (fd < 0)) # 4140| return crun_make_error (err, errno, "open `%s`", def->linux->namespaces[i]->path); # 4141| Error: GCC_ANALYZER_WARNING (CWE-476): [#def7] crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'is_bind_mount' crun-HEAD/src/libcrun/linux.c:4216:19: warning[-Wanalyzer-null-dereference]: dereference of NULL '0' # 4214| # 4215| if (src_nofollow == NULL) # 4216|-> *src_nofollow = false; # 4217| # 4218| for (i = 0; i < mnt->options_len; i++) Error: GCC_ANALYZER_WARNING (CWE-465): [#def8] crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'precreate_device' crun-HEAD/src/libcrun/linux.c:4427:6: warning[-Wanalyzer-deref-before-check]: check of '*def.linux' for NULL after already dereferencing it # 4425| return crun_make_error (err, errno, "mknod `%s`", device->path); # 4426| # 4427|-> if (def->linux) # 4428| { # 4429| uid = get_id_in_user_namespace (device->uid, true, def); Error: GCC_ANALYZER_WARNING (CWE-1341): [#def9] crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'receive_mounts' crun-HEAD/src/libcrun/linux.c:4686:29: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor '*fds.fds[<unknown>]' # 4684| # 4685| if (fds->fds[index] >= 0) # 4686|-> TEMP_FAILURE_RETRY (close (fds->fds[index])); # 4687| # 4688| fds->fds[index] = ret; Error: GCC_ANALYZER_WARNING (CWE-1341): [#def10] crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'libcrun_join_process' crun-HEAD/src/libcrun/linux.c:5727:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'sync_socket_fd[0]' # 5725| exit: # 5726| if (sync_socket_fd[0] >= 0) # 5727|-> TEMP_FAILURE_RETRY (close (sync_socket_fd[0])); # 5728| if (sync_socket_fd[1] >= 0) # 5729| TEMP_FAILURE_RETRY (close (sync_socket_fd[1])); Error: GCC_ANALYZER_WARNING (CWE-1341): [#def11] crun-HEAD/src/libcrun/linux.c:5729:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'sync_socket_fd[1]' # 5727| TEMP_FAILURE_RETRY (close (sync_socket_fd[0])); # 5728| if (sync_socket_fd[1] >= 0) # 5729|-> TEMP_FAILURE_RETRY (close (sync_socket_fd[1])); # 5730| return ret; # 5731| } Error: GCC_ANALYZER_WARNING (CWE-457): [#def12] crun-HEAD/src/libcrun/utils.h:92:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'cwd' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'join_namespaces' # 90| { # 91| void **pp = (void **) p; # 92|-> free (*pp); # 93| } # 94| Error: GCC_ANALYZER_WARNING (CWE-457): [#def13] crun-HEAD/src/libcrun/utils.h:92:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'dup_options' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'maybe_create_userns_for_idmapped_mount' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'maybe_create_userns_for_idmapped_mount' crun-HEAD/src/libcrun/linux.c:572:16: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/linux.c:572:16: note: in expansion of macro 'crun_make_error' # 90| { # 91| void **pp = (void **) p; # 92|-> free (*pp); # 93| } # 94| Error: GCC_ANALYZER_WARNING (CWE-457): [#def14] crun-HEAD/src/libcrun/utils.h:92:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'mappings' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'parse_idmapped_mount_option' /usr/include/features.h:540: included_from: Included from here. /usr/include/bits/libc-header-start.h:33: included_from: Included from here. /usr/include/stdio.h:28: included_from: Included from here. crun-HEAD/src/libcrun/linux.h:21: included_from: Included from here. crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'parse_idmapped_mount_option' crun-HEAD/src/libcrun/linux.c:364:20: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/linux.c:364:20: note: in expansion of macro 'crun_make_error' # 90| { # 91| void **pp = (void **) p; # 92|-> free (*pp); # 93| } # 94| Error: GCC_ANALYZER_WARNING (CWE-457): [#def15] crun-HEAD/src/libcrun/utils.h:92:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'name' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'libcrun_set_sysctl' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'libcrun_set_sysctl' crun-HEAD/src/libcrun/linux.c:3612:20: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/linux.c:3612:20: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/linux.c:3612:20: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'libcrun_set_sysctl' # 90| { # 91| void **pp = (void **) p; # 92|-> free (*pp); # 93| } # 94| Error: GCC_ANALYZER_WARNING (CWE-457): [#def16] crun-HEAD/src/libcrun/utils.h:92:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'reason' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'libcrun_set_sysctl' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'libcrun_set_sysctl' crun-HEAD/src/libcrun/linux.c:3622:16: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/linux.c:3703:18: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/linux.c:3703:18: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/linux.c:3703:18: note: in expansion of macro 'crun_make_error' # 90| { # 91| void **pp = (void **) p; # 92|-> free (*pp); # 93| } # 94| Error: GCC_ANALYZER_WARNING (CWE-457): [#def17] crun-HEAD/src/libcrun/utils.h:92:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'ret' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'format_mount_mappings' crun-HEAD/src/libcrun/linux.c:443:16: note: in expansion of macro 'crun_make_error' # 90| { # 91| void **pp = (void **) p; # 92|-> free (*pp); # 93| } # 94| Error: GCC_ANALYZER_WARNING (CWE-1341): [#def18] crun-HEAD/src/libcrun/utils.h:108:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'client_fd' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_closep.part.0' crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'cleanup_closep.part.0' crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'cleanup_closep.part.0' # 106| int *pp = (int *) p; # 107| if (*pp >= 0) # 108|-> TEMP_FAILURE_RETRY (close (*pp)); # 109| } # 110| Error: GCC_ANALYZER_WARNING (CWE-1341): [#def19] crun-HEAD/src/libcrun/utils.h:108:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'current_mountns' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_closep.part.0' crun-HEAD/src/libcrun/linux.c:4592:13: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_closep.part.0' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_closep.part.0' crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'cleanup_closep.part.0' # 106| int *pp = (int *) p; # 107| if (*pp >= 0) # 108|-> TEMP_FAILURE_RETRY (close (*pp)); # 109| } # 110| Error: GCC_ANALYZER_WARNING (CWE-1341): [#def20] crun-HEAD/src/libcrun/utils.h:108:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'dest_fd' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_closep.part.0' crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'cleanup_closep.part.0' # 106| int *pp = (int *) p; # 107| if (*pp >= 0) # 108|-> TEMP_FAILURE_RETRY (close (*pp)); # 109| } # 110| Error: GCC_ANALYZER_WARNING (CWE-1341): [#def21] crun-HEAD/src/libcrun/utils.h:108:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'map_fd' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'cleanup_closep.part.0' crun-HEAD/src/libcrun/linux.c:364:20: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'cleanup_closep.part.0' # 106| int *pp = (int *) p; # 107| if (*pp >= 0) # 108|-> TEMP_FAILURE_RETRY (close (*pp)); # 109| } # 110| Error: GCC_ANALYZER_WARNING (CWE-1341): [#def22] crun-HEAD/src/libcrun/utils.h:108:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'netns_fd' crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'cleanup_closep.part.0' # 106| int *pp = (int *) p; # 107| if (*pp >= 0) # 108|-> TEMP_FAILURE_RETRY (close (*pp)); # 109| } # 110| Error: GCC_ANALYZER_WARNING (CWE-1341): [#def23] crun-HEAD/src/libcrun/utils.h:108:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'sockfd' crun-HEAD/src/libcrun/linux.c:5817:16: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'cleanup_closep.part.0' # 106| int *pp = (int *) p; # 107| if (*pp >= 0) # 108|-> TEMP_FAILURE_RETRY (close (*pp)); # 109| } # 110| Error: GCC_ANALYZER_WARNING (CWE-1341): [#def24] crun-HEAD/src/libcrun/utils.h:108:25: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'sync_fd' crun-HEAD/src/libcrun/linux.c:5304:12: note: in expansion of macro 'crun_make_error' crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'cleanup_closep.part.0' # 106| int *pp = (int *) p; # 107| if (*pp >= 0) # 108|-> TEMP_FAILURE_RETRY (close (*pp)); # 109| } # 110| Error: GCC_ANALYZER_WARNING (CWE-401): [#def25] crun-HEAD/src/libcrun/utils.h: scope_hint: In function 'cleanup_close_mapp' crun-HEAD/src/libcrun/utils.h:181:27: warning[-Wanalyzer-malloc-leak]: leak of 'mount_fds' # 179| for (i = 0; i < m->nfds; i++) # 180| if (m->fds[i] >= 0) # 181|-> TEMP_FAILURE_RETRY (close (m->fds[i])); # 182| # 183| free (m); Error: GCC_ANALYZER_WARNING (CWE-1341): [#def26] crun-HEAD/src/libcrun/utils.h:213:33: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'fd' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'close_and_reset.part.0' # 211| if (*fd >= 0) # 212| { # 213|-> ret = TEMP_FAILURE_RETRY (close (*fd)); # 214| if (LIKELY (ret == 0)) # 215| *fd = -1; Error: GCC_ANALYZER_WARNING (CWE-1341): [#def27] crun-HEAD/src/libcrun/utils.h:213:33: warning[-Wanalyzer-fd-double-close]: double 'close' of file descriptor 'targetfd' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'close_and_reset.part.0' crun-HEAD/src/libcrun/linux.c: scope_hint: In function 'close_and_reset.part.0' # 211| if (*fd >= 0) # 212| { # 213|-> ret = TEMP_FAILURE_RETRY (close (*fd)); # 214| if (LIKELY (ret == 0)) # 215| *fd = -1;
| analyzer-version-clippy | 1.93.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.1 |
| analyzer-version-gcc-analyzer | 16.0.1 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.93.0 |
| diffbase-analyzer-version-cppcheck | 2.19.1 |
| diffbase-analyzer-version-gcc | 16.0.1 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.1 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-207.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20260119.105402.g7a5be1b.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | crun-1.26-1.20260207005505838380.main.66.gd0c1224f |
| diffbase-store-results-to | /tmp/tmp1crkqat5/crun-1.26-1.20260207005505838380.main.66.gd0c1224f.tar.xz |
| diffbase-time-created | 2026-02-07 09:21:20 |
| diffbase-time-finished | 2026-02-07 09:32:11 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'cppcheck,unicontrol,shellcheck,gcc,clippy' '-o' '/tmp/tmp1crkqat5/crun-1.26-1.20260207005505838380.main.66.gd0c1224f.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '/tmp/tmp1crkqat5/crun-1.26-1.20260207005505838380.main.66.gd0c1224f.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20260128.181932.g41af877-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-207.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20260119.105402.g7a5be1b.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | crun-1.26-1.20260207091127321854.pr1989.67.gdb91ab8c |
| store-results-to | /tmp/tmpgm01z4eq/crun-1.26-1.20260207091127321854.pr1989.67.gdb91ab8c.tar.xz |
| time-created | 2026-02-07 09:32:44 |
| time-finished | 2026-02-07 09:41:34 |
| title | Newly introduced findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'cppcheck,unicontrol,shellcheck,gcc,clippy' '-o' '/tmp/tmpgm01z4eq/crun-1.26-1.20260207091127321854.pr1989.67.gdb91ab8c.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '/tmp/tmpgm01z4eq/crun-1.26-1.20260207091127321854.pr1989.67.gdb91ab8c.src.rpm' |
| tool-version | csmock-3.8.3.20260128.181932.g41af877-1.el9 |