Error: SHELLCHECK_WARNING: [#def1] /usr/sbin/fsck.btrfs:25:2: warning[SC2220]: Invalid flags are not handled. Add a *) case. # 23| while getopts ":aApy" c # 24| do # 25|-> case $c in # 26| a|A|p|y) AUTO=true;; # 27| esac Error: SHELLCHECK_WARNING (CWE-569): [#def2] /usr/sbin/fsck.btrfs:30:12: warning[SC1083]: This { is literal. Check expression (missing ;/\n?) or quote it. # 28| done # 29| shift $(($OPTIND - 1)) # 30|-> eval DEV=\${$#} # 31| if [ ! -e $DEV ]; then # 32| echo "$0: $DEV does not exist" Error: SHELLCHECK_WARNING (CWE-569): [#def3] /usr/sbin/fsck.btrfs:30:15: warning[SC1083]: This } is literal. Check expression (missing ;/\n?) or quote it. # 28| done # 29| shift $(($OPTIND - 1)) # 30|-> eval DEV=\${$#} # 31| if [ ! -e $DEV ]; then # 32| echo "$0: $DEV does not exist" Error: GCC_ANALYZER_WARNING (CWE-457): [#def4] btrfs-progs-6.11-build/btrfs-progs-v6.11/check/mode-lowmem.c:599:17: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘key.offset’ btrfs-progs-6.11-build/btrfs-progs-v6.11/check/mode-lowmem.c: scope_hint: In function ‘delete_item.part.0’ # 597| root->objectid, key.objectid, key.type, key.offset); # 598| else # 599|-> printf("Deleted root %llu item[%llu, %u, %llu]\n", # 600| root->objectid, key.objectid, key.type, key.offset); # 601| return ret; Error: GCC_ANALYZER_WARNING (CWE-126): [#def5] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem-du.c: scope_hint: In function ‘du_calc_file_space’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem-du.c:357:50: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem-du.c:18: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem-du.c:357:50: note: read of 8 bytes from after the end of ‘buf’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem-du.c:357:50: note: valid subscripts for ‘buf’ are ‘[0]’ to ‘[16383]’ # 355| } # 356| # 357|-> fiemap->fm_start = (fm_ext[i - 1].fe_logical + # 358| fm_ext[i - 1].fe_length); # 359| } while (!last); Error: GCC_ANALYZER_WARNING (CWE-126): [#def6] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem-du.c:358:50: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem-du.c:358:50: note: read of 8 bytes from after the end of ‘buf’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem-du.c:358:50: note: valid subscripts for ‘buf’ are ‘[0]’ to ‘[16383]’ # 356| # 357| fiemap->fm_start = (fm_ext[i - 1].fe_logical + # 358|-> fm_ext[i - 1].fe_length); # 359| } while (!last); # 360| Error: GCC_ANALYZER_WARNING (CWE-688): [#def7] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem-usage.c: scope_hint: In function ‘load_chunk_info’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem-usage.c:220:9: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:28: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem-usage.c:17: included_from: Included from here. /usr/include/stdlib.h:970:13: note: argument 1 of ‘qsort’ must be non-null # 218| } # 219| # 220|-> qsort(chunkinfos->data, chunkinfos->length, sizeof(struct chunk_info *), # 221| cmp_chunk_info); # 222| Error: GCC_ANALYZER_WARNING (CWE-688): [#def8] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem-usage.c: scope_hint: In function ‘load_device_info’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem-usage.c:836:9: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected /usr/include/stdlib.h:970:13: note: argument 1 of ‘qsort’ must be non-null # 834| } # 835| # 836|-> qsort(devinfos->data, devinfos->length, sizeof(struct device_info *), cmp_device_info); # 837| # 838| return 0; Error: GCC_ANALYZER_WARNING (CWE-401): [#def9] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem.c: scope_hint: In function ‘copy_fs_devices’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem.c:573:28: warning[-Wanalyzer-malloc-leak]: leak of ‘dev_copy’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem.c:37: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem.c:597:9: note: in expansion of macro ‘list_for_each_entry’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem.c:572:9: note: in expansion of macro ‘list_for_each_entry’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem.c:572:9: note: in expansion of macro ‘list_for_each_entry’ # 571| # 572| list_for_each_entry(cur_dev, &src->devices, dev_list) { # 573|-> dev_copy = malloc(sizeof(*dev_copy)); # 574| if (!dev_copy) { # 575| ret = -ENOMEM; Error: GCC_ANALYZER_WARNING (CWE-401): [#def10] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem.c: scope_hint: In function ‘search_umounted_fs_uuids’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem.c:654:25: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem.c:633:9: note: in expansion of macro ‘list_for_each_entry’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem.c:572:9: note: in expansion of macro ‘list_for_each_entry’ # 652| ret = copy_fs_devices(fs_copy, cur_fs); # 653| if (ret) { # 654|-> free(fs_copy); # 655| goto out; # 656| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def11] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/inspect.c: scope_hint: In function ‘cmd_inspect_list_chunks’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/inspect.c:1017:24: warning[-Wanalyzer-malloc-leak]: leak of ‘sortmode’ # 1015| # 1016| if (check_argc_exact(argc - optind, 1)) # 1017|-> return 1; # 1018| # 1019| ctx.stats = calloc(ctx.size, sizeof(ctx.stats[0])); Error: GCC_ANALYZER_WARNING (CWE-401): [#def12] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/inspect.c:1097:41: warning[-Wanalyzer-malloc-leak]: leak of ‘lnumber’ # 1095| goto out; # 1096| } # 1097|-> memcpy(tmp, lnumber, sizeof(u64) * old_size); # 1098| lnumber = tmp; # 1099| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def13] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/inspect.c: scope_hint: In function ‘read_chunk_tree’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/inspect.c:1230:28: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/inspect.c: scope_hint: In function ‘read_chunk_tree’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/inspect.c: scope_hint: In function ‘read_chunk_tree’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/inspect.c: scope_hint: In function ‘read_chunk_tree’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/inspect.c: scope_hint: In function ‘read_chunk_tree’ # 1228| capacity *= 2; # 1229| tmp = realloc(*chunks, capacity * sizeof(**chunks)); # 1230|-> if (!tmp) { # 1231| perror("realloc"); # 1232| return -1; Error: GCC_ANALYZER_WARNING (CWE-688): [#def14] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/property.c: scope_hint: In function ‘parse_prop’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/property.c:276:22: warning[-Wanalyzer-null-argument]: use of NULL ‘arg’ where non-null expected btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:30: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/property.c:17: included_from: Included from here. /usr/include/string.h:156:12: note: argument 2 of ‘strcmp’ must be non-null # 274| # 275| for (; prop->name; prop++) { # 276|-> if (!strcmp(prop->name, arg)) { # 277| *prop_ret = prop; # 278| return 0; Error: GCC_ANALYZER_WARNING (CWE-476): [#def15] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/property.c: scope_hint: In function ‘parse_args’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/property.c:563:23: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘name’ # 561| *object = argv[optind++]; # 562| if (optind < argc) # 563|-> *name = argv[optind++]; # 564| if (optind < argc) # 565| *value = argv[optind++]; Error: GCC_ANALYZER_WARNING (CWE-476): [#def16] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/property.c:565:24: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘value’ # 563| *name = argv[optind++]; # 564| if (optind < argc) # 565|-> *value = argv[optind++]; # 566| # 567| if (!*types) { Error: GCC_ANALYZER_WARNING (CWE-401): [#def17] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/qgroup.c: scope_hint: In function ‘get_or_add_qgroup.part.0’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/qgroup.c:843:40: warning[-Wanalyzer-malloc-leak]: leak of ‘bq’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/qgroup.c:45: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/common/messages.h:97:9: note: in expansion of macro ‘__btrfs_msg’ btrfs-progs-6.11-build/btrfs-progs-v6.11/common/messages.h:109:17: note: in expansion of macro ‘__btrfs_error’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/qgroup.c:841:25: note: in expansion of macro ‘error’ # 841| error("%s", btrfs_util_strerror(uret)); # 842| if (uret == BTRFS_UTIL_ERROR_NO_MEMORY) # 843|-> return ERR_PTR(-ENOMEM); # 844| else # 845| return ERR_PTR(-EIO); Error: GCC_ANALYZER_WARNING (CWE-415): [#def18] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/qgroup.c: scope_hint: In function ‘__free_btrfs_qgroup’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/qgroup.c:970:17: warning[-Wanalyzer-double-free]: double-‘free’ of ‘((const struct list_head *)((char *)bq + 8))[12].next + -16’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/rbtree.h:49:37: note: in expansion of macro ‘container_of’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/qgroup.c:984:25: note: in expansion of macro ‘rb_entry’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/list.h:565:9: note: in expansion of macro ‘container_of’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/qgroup.c:965:24: note: in expansion of macro ‘list_entry’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/list.h:565:9: note: in expansion of macro ‘container_of’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/qgroup.c:965:24: note: in expansion of macro ‘list_entry’ # 968| list_del(&list->next_qgroup); # 969| list_del(&list->next_member); # 970|-> free(list); # 971| } # 972| if (bq->path) Error: GCC_ANALYZER_WARNING (CWE-775): [#def19] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/receive.c: scope_hint: In function ‘process_snapshot’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/receive.c:390:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h: scope_hint: In function ‘process_snapshot’ btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:330:27: note: in definition of macro ‘IS_ERR_VALUE’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/receive.c: scope_hint: In function ‘process_snapshot’ btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:29: included_from: Included from here. # 388| free(parent_subvol); # 389| } # 390|-> return ret; # 391| } # 392| Error: GCC_ANALYZER_WARNING (CWE-401): [#def20] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/reflink.c: scope_hint: In function ‘cmd_reflink_clone’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/reflink.c:128:33: warning[-Wanalyzer-malloc-leak]: leak of ‘range’ # 126| fallthrough; # 127| case 'r': # 128|-> range = malloc(sizeof(struct reflink_range)); # 129| if (!range) { # 130| error("not enough memory"); Error: GCC_ANALYZER_WARNING (CWE-401): [#def21] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/reflink.c:131:40: warning[-Wanalyzer-malloc-leak]: leak of ‘range’ # 129| if (!range) { # 130| error("not enough memory"); # 131|-> return 1; # 132| } # 133| INIT_LIST_HEAD(&range->list); Error: GCC_ANALYZER_WARNING (CWE-415): [#def22] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c:75:17: warning[-Wanalyzer-double-free]: double-‘free’ of ‘*(struct super_block_record *)MEM[(const struct list_head *)recover_10(D) + 8B].next.device_name’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/list.h:82:9: note: in expansion of macro ‘WRITE_ONCE’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c:160:9: note: in expansion of macro ‘list_for_each_entry’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:651:31: note: in expansion of macro ‘le64_to_cpu’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/accessors.h:121:16: note: in expansion of macro ‘get_unaligned_le64’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/accessors.h:929:1: note: in expansion of macro ‘BTRFS_SETGET_STACK_FUNCS’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/disk-io.h:156:24: note: in expansion of macro ‘BTRFS_SB_MIRROR_OFFSET’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ # 73| struct super_block_record, list); # 74| list_del_init(&record->list); # 75|-> free(record->device_name); # 76| free(record); # 77| } Error: GCC_ANALYZER_WARNING (CWE-415): [#def23] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c:83:17: warning[-Wanalyzer-double-free]: double-‘free’ of ‘*(struct super_block_record *)MEM[(const struct list_head *)recover_10(D) + 24B].next.device_name’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/list.h:82:9: note: in expansion of macro ‘WRITE_ONCE’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c:160:9: note: in expansion of macro ‘list_for_each_entry’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:651:31: note: in expansion of macro ‘le64_to_cpu’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/accessors.h:121:16: note: in expansion of macro ‘get_unaligned_le64’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/accessors.h:929:1: note: in expansion of macro ‘BTRFS_SETGET_STACK_FUNCS’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/disk-io.h:156:24: note: in expansion of macro ‘BTRFS_SB_MIRROR_OFFSET’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ # 81| struct super_block_record, list); # 82| list_del_init(&record->list); # 83|-> free(record->device_name); # 84| free(record); # 85| } Error: GCC_ANALYZER_WARNING (CWE-126): [#def24] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/scrub.c: scope_hint: In function ‘scrub_datafile’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/scrub.c:454:9: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/scrub.c:454:9: note: read of 39 bytes from after the end of ‘fsid’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/scrub.c:454:9: note: valid subscripts for ‘fsid’ are ‘[0]’ to ‘[36]’ # 452| # 453| datafile[ret] = '.'; # 454|-> strncpy(datafile + ret + 1, fn_local, end - ret - 1); # 455| ret = strlen(datafile); # 456| Error: COMPILER_WARNING: [#def25] btrfs-progs-6.11-build/btrfs-progs-v6.11/common/help.c:312:46: warning[-Wformat-overflow=]: ‘%s’ directive argument is null # 312 | fprintf(outf, "No usage for '%s'\n", token); # | ^~ # 310| switch (ret) { # 311| case -1: # 312|-> fprintf(outf, "No usage for '%s'\n", token); # 313| break; # 314| case -2: Error: COMPILER_WARNING: [#def26] btrfs-progs-6.11-build/btrfs-progs-v6.11/common/help.c: scope_hint: In function ‘usage’ btrfs-progs-6.11-build/btrfs-progs-v6.11/common/help.c:315:58: warning[-Wformat-overflow=]: ‘%s’ directive argument is null # 315 | fprintf(outf, "No short description for '%s'\n", token); # | ^~ # 313| break; # 314| case -2: # 315|-> fprintf(outf, "No short description for '%s'\n", token); # 316| break; # 317| } Error: GCC_ANALYZER_WARNING (CWE-457): [#def27] btrfs-progs-6.11-build/btrfs-progs-v6.11/check/mode-lowmem.c:37: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/check/mode-lowmem.c: scope_hint: In function ‘delete_item.part.0’ btrfs-progs-6.11-build/btrfs-progs-v6.11/common/messages.h:89:17: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘key.offset’ btrfs-progs-6.11-build/btrfs-progs-v6.11/common/messages.h:97:9: note: in expansion of macro ‘__btrfs_msg’ btrfs-progs-6.11-build/btrfs-progs-v6.11/common/messages.h:109:17: note: in expansion of macro ‘__btrfs_error’ btrfs-progs-6.11-build/btrfs-progs-v6.11/check/mode-lowmem.c:596:17: note: in expansion of macro ‘error’ btrfs-progs-6.11-build/btrfs-progs-v6.11/check/mode-lowmem.c: scope_hint: In function ‘delete_item.part.0’ btrfs-progs-6.11-build/btrfs-progs-v6.11/common/messages.h:97:9: note: in expansion of macro ‘__btrfs_msg’ btrfs-progs-6.11-build/btrfs-progs-v6.11/common/messages.h:109:17: note: in expansion of macro ‘__btrfs_error’ btrfs-progs-6.11-build/btrfs-progs-v6.11/check/mode-lowmem.c:596:17: note: in expansion of macro ‘error’ btrfs-progs-6.11-build/btrfs-progs-v6.11/common/messages.h:97:9: note: in expansion of macro ‘__btrfs_msg’ btrfs-progs-6.11-build/btrfs-progs-v6.11/common/messages.h:109:17: note: in expansion of macro ‘__btrfs_error’ btrfs-progs-6.11-build/btrfs-progs-v6.11/check/mode-lowmem.c:596:17: note: in expansion of macro ‘error’ # 87| do { \ # 88| fputs((prefix), stderr); \ # 89|-> __btrfs_printf((fmt), ##__VA_ARGS__); \ # 90| fputc('\n', stderr); \ # 91| } while (0) Error: GCC_ANALYZER_WARNING (CWE-688): [#def28] btrfs-progs-6.11-build/btrfs-progs-v6.11/common/path-utils.c: scope_hint: In function ‘is_same_blk_file’ btrfs-progs-6.11-build/btrfs-progs-v6.11/common/path-utils.c:206:13: warning[-Wanalyzer-null-argument]: use of NULL ‘a’ where non-null expected btrfs-progs-6.11-build/btrfs-progs-v6.11/common/path-utils.c:29: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/common/path-utils.c:17: included_from: Included from here. /usr/include/sys/stat.h:205:12: note: argument 1 of ‘stat’ must be non-null # 204| return 1; # 205| # 206|-> if (stat(a, &st_buf_a) < 0 || stat(b, &st_buf_b) < 0) { # 207| if (errno == ENOENT) # 208| return 0; Error: GCC_ANALYZER_WARNING (CWE-688): [#def29] btrfs-progs-6.11-build/btrfs-progs-v6.11/common/path-utils.c:206:39: warning[-Wanalyzer-null-argument]: use of NULL ‘b’ where non-null expected /usr/include/sys/stat.h:205:12: note: argument 1 of ‘stat’ must be non-null # 204| return 1; # 205| # 206|-> if (stat(a, &st_buf_a) < 0 || stat(b, &st_buf_b) < 0) { # 207| if (errno == ENOENT) # 208| return 0; Error: GCC_ANALYZER_WARNING (CWE-457): [#def30] btrfs-progs-6.11-build/btrfs-progs-v6.11/image/common.c: scope_hint: In function ‘csum_block’ btrfs-progs-6.11-build/btrfs-progs-v6.11/image/common.c:103:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘__builtin_alloca_with_align((sizetype)btrfs_csum_type_size(0), 8)’ # 101| crc = crc32c(crc, buf + BTRFS_CSUM_SIZE, len - BTRFS_CSUM_SIZE); # 102| put_unaligned_le32(~crc, result); # 103|-> memcpy(buf, result, csum_size); # 104| } # 105| Error: GCC_ANALYZER_WARNING (CWE-775): [#def31] btrfs-progs-6.11-build/btrfs-progs-v6.11/image/image-restore.c: scope_hint: In function ‘restore_metadump’ btrfs-progs-6.11-build/btrfs-progs-v6.11/image/image-restore.c:1783:32: warning[-Wanalyzer-file-leak]: leak of FILE ‘in’ # 1781| if (!in) { # 1782| error("unable to open metadump image: %m"); # 1783|-> return 1; # 1784| } # 1785| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def32] btrfs-progs-6.11-build/btrfs-progs-v6.11/image/image-restore.c:1783:32: warning[-Wanalyzer-malloc-leak]: leak of ‘in’ # 1781| if (!in) { # 1782| error("unable to open metadump image: %m"); # 1783|-> return 1; # 1784| } # 1785| } Error: GCC_ANALYZER_WARNING (CWE-122): [#def33] btrfs-progs-6.11-build/btrfs-progs-v6.11/image/sanitize.c: scope_hint: In function ‘find_collision_calc_suffix’ btrfs-progs-6.11-build/btrfs-progs-v6.11/image/sanitize.c:122:27: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/ctree.h:34: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/image/sanitize.c:24: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/crypto/crc32c.h:27:75: note: in definition of macro ‘crc32c’ # 120| } # 121| for (i = 0; i < 4; i++) # 122|-> suffix[i] = (desired_crc >> i * 8) & 0xFF; # 123| } # 124| Error: GCC_ANALYZER_WARNING (CWE-122): [#def34] btrfs-progs-6.11-build/btrfs-progs-v6.11/image/sanitize.c: scope_hint: In function ‘find_collision_is_suffix_valid’ btrfs-progs-6.11-build/btrfs-progs-v6.11/image/sanitize.c:134:19: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read btrfs-progs-6.11-build/btrfs-progs-v6.11/crypto/crc32c.h:27:75: note: in definition of macro ‘crc32c’ # 132| # 133| for (i = 0; i < 4; i++) { # 134|-> c = suffix[i]; # 135| if (c < ' ' || c > 126 || c == '/') # 136| return false; Error: GCC_ANALYZER_WARNING (CWE-401): [#def35] btrfs-progs-6.11-build/btrfs-progs-v6.11/image/sanitize.c: scope_hint: In function ‘sanitize_dir_item’ btrfs-progs-6.11-build/btrfs-progs-v6.11/image/sanitize.c:354:20: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/accessors.h:566:1: note: in expansion of macro ‘BTRFS_SETGET_FUNCS’ btrfs-progs-6.11-build/btrfs-progs-v6.11/image/sanitize.c: scope_hint: In function ‘sanitize_dir_item’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/accessors.h:566:1: note: in expansion of macro ‘BTRFS_SETGET_FUNCS’ btrfs-progs-6.11-build/btrfs-progs-v6.11/image/sanitize.c: scope_hint: In function ‘sanitize_dir_item’ # 352| garbage = generate_garbage(name_len); # 353| } # 354|-> if (!garbage) { # 355| error_msg(ERROR_MSG_MEMORY, "sanitize name"); # 356| return; Error: GCC_ANALYZER_WARNING (CWE-401): [#def36] btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:388:23: warning[-Wanalyzer-malloc-leak]: leak of ‘new_eb’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2845:26: note: in expansion of macro ‘kmalloc’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2800:9: note: in expansion of macro ‘kfree’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2845:26: note: in expansion of macro ‘kmalloc’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2845:26: note: in expansion of macro ‘kmalloc’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2845:26: note: in expansion of macro ‘kmalloc’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2845:26: note: in expansion of macro ‘kmalloc’ # 386| * kmalloc/kfree # 387| */ # 388|-> #define kmalloc(x, y) malloc(x) # 389| #define kzalloc(x, y) calloc(1, x) # 390| #define kstrdup(x, y) strdup(x) Error: GCC_ANALYZER_WARNING (CWE-401): [#def37] btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:391:18: warning[-Wanalyzer-malloc-leak]: leak of ‘new_eb’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2892:9: note: in expansion of macro ‘kfree’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2800:9: note: in expansion of macro ‘kfree’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2845:26: note: in expansion of macro ‘kmalloc’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2845:26: note: in expansion of macro ‘kmalloc’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2892:9: note: in expansion of macro ‘kfree’ # 389| #define kzalloc(x, y) calloc(1, x) # 390| #define kstrdup(x, y) strdup(x) # 391|-> #define kfree(x) free(x) # 392| #define vmalloc(x) malloc(x) # 393| #define vfree(x) free(x) Error: GCC_ANALYZER_WARNING (CWE-127): [#def38] btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem.c:17: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem.c: scope_hint: In function ‘map_seed_devices’ btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:473:15: warning[-Wanalyzer-out-of-bounds]: stack-based buffer under-read btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/list.h:565:9: note: in expansion of macro ‘container_of’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/list.h:576:9: note: in expansion of macro ‘list_entry’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem.c:680:26: note: in expansion of macro ‘list_first_entry’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/list.h:71:26: note: in definition of macro ‘LIST_HEAD’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem.c:677:9: note: in expansion of macro ‘list_for_each_entry’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/list.h:565:9: note: in expansion of macro ‘container_of’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/list.h:576:9: note: in expansion of macro ‘list_entry’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/filesystem.c:680:26: note: in expansion of macro ‘list_first_entry’ # 471| */ # 472| #define container_of(ptr, type, member) ({ \ # 473|-> void *__mptr = (void *)(ptr); \ # 474| static_assert(__same_type(*(ptr), ((type *)0)->member) || \ # 475| __same_type(*(ptr), void), \ Error: GCC_ANALYZER_WARNING (CWE-476): [#def39] btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:634:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘leaf’ btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:647:31: note: in expansion of macro ‘le32_to_cpu’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/accessors.h:109:16: note: in expansion of macro ‘get_unaligned_le32’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/accessors.h:720:1: note: in expansion of macro ‘BTRFS_SETGET_HEADER_FUNCS’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/ctree.c: scope_hint: In function ‘btrfs_leaf_free_space’ btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:647:31: note: in expansion of macro ‘le32_to_cpu’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/accessors.h:109:16: note: in expansion of macro ‘get_unaligned_le32’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/accessors.h:720:1: note: in expansion of macro ‘BTRFS_SETGET_HEADER_FUNCS’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/ctree.c: scope_hint: In function ‘btrfs_leaf_free_space’ btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:647:31: note: in expansion of macro ‘le32_to_cpu’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/accessors.h:109:16: note: in expansion of macro ‘get_unaligned_le32’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/accessors.h:720:1: note: in expansion of macro ‘BTRFS_SETGET_HEADER_FUNCS’ # 632| #define le64_to_cpu(x) ((__force u64)(__le64)(x)) # 633| #define cpu_to_le32(x) ((__force __le32)(u32)(x)) # 634|-> #define le32_to_cpu(x) ((__force u32)(__le32)(x)) # 635| #define cpu_to_le16(x) ((__force __le16)(u16)(x)) # 636| #define le16_to_cpu(x) ((__force u16)(__le16)(x)) Error: GCC_ANALYZER_WARNING (CWE-476): [#def40] btrfs-progs-6.11-build/btrfs-progs-v6.11/image/image-restore.c:17: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/image/image-restore.c: scope_hint: In function ‘build_chunk_tree’ btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:651:74: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘item’ btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:632:47: note: in definition of macro ‘le64_to_cpu’ btrfs-progs-6.11-build/btrfs-progs-v6.11/common/messages.h:89:41: note: in expansion of macro ‘get_unaligned_le64’ btrfs-progs-6.11-build/btrfs-progs-v6.11/common/messages.h:97:9: note: in expansion of macro ‘__btrfs_msg’ btrfs-progs-6.11-build/btrfs-progs-v6.11/common/messages.h:109:17: note: in expansion of macro ‘__btrfs_error’ btrfs-progs-6.11-build/btrfs-progs-v6.11/image/image-restore.c:1140:17: note: in expansion of macro ‘error’ btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:632:47: note: in definition of macro ‘le64_to_cpu’ btrfs-progs-6.11-build/btrfs-progs-v6.11/image/image-restore.c:1120:13: note: in expansion of macro ‘get_unaligned_le64’ btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:632:47: note: in definition of macro ‘le64_to_cpu’ btrfs-progs-6.11-build/btrfs-progs-v6.11/image/image-restore.c:1121:13: note: in expansion of macro ‘get_unaligned_le64’ btrfs-progs-6.11-build/btrfs-progs-v6.11/image/image-restore.c:43: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/common/messages.h:97:9: note: in expansion of macro ‘__btrfs_msg’ btrfs-progs-6.11-build/btrfs-progs-v6.11/common/messages.h:109:17: note: in expansion of macro ‘__btrfs_error’ btrfs-progs-6.11-build/btrfs-progs-v6.11/image/image-restore.c:1140:17: note: in expansion of macro ‘error’ btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:632:47: note: in definition of macro ‘le64_to_cpu’ btrfs-progs-6.11-build/btrfs-progs-v6.11/common/messages.h:89:41: note: in expansion of macro ‘get_unaligned_le64’ btrfs-progs-6.11-build/btrfs-progs-v6.11/common/messages.h:97:9: note: in expansion of macro ‘__btrfs_msg’ btrfs-progs-6.11-build/btrfs-progs-v6.11/common/messages.h:109:17: note: in expansion of macro ‘__btrfs_error’ btrfs-progs-6.11-build/btrfs-progs-v6.11/image/image-restore.c:1140:17: note: in expansion of macro ‘error’ # 649| #define put_unaligned_le32(val,p) (((struct __una_u32 *)(p))->x = cpu_to_le32(val)) # 650| #define put_unaligned_32(val,p) (((struct __una_u32 *)(p))->x = (val)) # 651|-> #define get_unaligned_le64(p) le64_to_cpu(((const struct __una_u64 *)(p))->x) # 652| #define get_unaligned_64(p) (((const struct __una_u64 *)(p))->x) # 653| #define put_unaligned_le64(val,p) (((struct __una_u64 *)(p))->x = cpu_to_le64(val)) Error: GCC_ANALYZER_WARNING (CWE-401): [#def41] btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:679:13: warning[-Wanalyzer-malloc-leak]: leak of ‘e’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/list.h:120:9: note: in expansion of macro ‘WRITE_ONCE’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/inspect.c: scope_hint: In function ‘add_dev_extent’ btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:651:31: note: in expansion of macro ‘le64_to_cpu’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/accessors.h:121:16: note: in expansion of macro ‘get_unaligned_le64’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/accessors.h:370:1: note: in expansion of macro ‘BTRFS_SETGET_STACK_FUNCS’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/inspect.c: scope_hint: In function ‘add_dev_extent’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/inspect.c:33: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/list.h:120:9: note: in expansion of macro ‘WRITE_ONCE’ # 677| #define WRITE_ONCE(x, val) \ # 678| do { \ # 679|-> (x) = (val); \ # 680| } while (0) # 681| Error: GCC_ANALYZER_WARNING (CWE-476): [#def42] btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/list.h:133:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘*fs_info.fs_devices’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c: scope_hint: In function ‘read_one_chunk’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/ctree.h:31: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c: scope_hint: In function ‘read_one_chunk’ # 131| static inline void list_add(struct list_head *xnew, struct list_head *head) # 132| { # 133|-> __list_add(xnew, head, head->next); # 134| } # 135| Error: GCC_ANALYZER_WARNING (CWE-416): [#def43] btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/list.h:182:9: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘((const struct list_head *)((char *)bq + 8))[11].next’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/qgroup.c: scope_hint: In function ‘__free_btrfs_qgroup’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/qgroup.c:19: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/rbtree.h:49:37: note: in expansion of macro ‘container_of’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/qgroup.c:984:25: note: in expansion of macro ‘rb_entry’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/qgroup.c: scope_hint: In function ‘__free_btrfs_qgroup’ # 180| return; # 181| # 182|-> __list_del(entry->prev, entry->next); # 183| } # 184| Error: GCC_ANALYZER_WARNING (CWE-416): [#def44] btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/list.h:182:9: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘((const struct list_head *)((char *)recover + 8))[1].next’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/list.h:82:9: note: in expansion of macro ‘WRITE_ONCE’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c:160:9: note: in expansion of macro ‘list_for_each_entry’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:651:31: note: in expansion of macro ‘le64_to_cpu’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/accessors.h:121:16: note: in expansion of macro ‘get_unaligned_le64’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/accessors.h:929:1: note: in expansion of macro ‘BTRFS_SETGET_STACK_FUNCS’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/disk-io.h:156:24: note: in expansion of macro ‘BTRFS_SB_MIRROR_OFFSET’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ # 180| return; # 181| # 182|-> __list_del(entry->prev, entry->next); # 183| } # 184| Error: GCC_ANALYZER_WARNING (CWE-416): [#def45] btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/list.h:182:9: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘*(const struct list_head *)((char *)recover + 8).next’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/list.h:82:9: note: in expansion of macro ‘WRITE_ONCE’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c:160:9: note: in expansion of macro ‘list_for_each_entry’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:651:31: note: in expansion of macro ‘le64_to_cpu’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/accessors.h:121:16: note: in expansion of macro ‘get_unaligned_le64’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/accessors.h:929:1: note: in expansion of macro ‘BTRFS_SETGET_STACK_FUNCS’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/disk-io.h:156:24: note: in expansion of macro ‘BTRFS_SB_MIRROR_OFFSET’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ btrfs-progs-6.11-build/btrfs-progs-v6.11/cmds/rescue-super-recover.c: scope_hint: In function ‘free_recover_superblock’ # 180| return; # 181| # 182|-> __list_del(entry->prev, entry->next); # 183| } # 184| Error: GCC_ANALYZER_WARNING (CWE-126): [#def46] btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/delayed-ref.c: scope_hint: In function ‘comp_data_refs’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/delayed-ref.c:77:25: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/delayed-ref.c:20: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/delayed-ref.c:632:15: note: in expansion of macro ‘kmalloc’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/delayed-ref.c:487:9: note: in expansion of macro ‘BUG_ON’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/delayed-ref.c: scope_hint: In function ‘comp_data_refs’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/delayed-ref.c: scope_hint: In function ‘comp_data_refs’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/delayed-ref.c:77:25: note: read of 8 bytes from after the end of the region # 75| if (ref1->objectid > ref2->objectid) # 76| return 1; # 77|-> if (ref1->offset < ref2->offset) # 78| return -1; # 79| if (ref1->offset > ref2->offset) Error: GCC_ANALYZER_WARNING (CWE-476): [#def47] btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/disk-io.c: scope_hint: In function ‘__open_ctree_fd’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/disk-io.c:1564:23: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘fs_devices’ btrfs-progs-6.11-build/btrfs-progs-v6.11/include/kerncompat.h:29: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/disk-io.c:19: included_from: Included from here. # 1562| disk_super = fs_info->super_copy; # 1563| if (flags & OPEN_CTREE_RECOVER_SUPER) # 1564|-> ret = btrfs_read_dev_super(fs_devices->latest_bdev, disk_super, # 1565| sb_bytenr, SBREAD_RECOVER); # 1566| else if (flags & OPEN_CTREE_USE_LATEST_BDEV) Error: GCC_ANALYZER_WARNING (CWE-476): [#def48] btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/disk-io.c:1567:23: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘fs_devices’ # 1565| sb_bytenr, SBREAD_RECOVER); # 1566| else if (flags & OPEN_CTREE_USE_LATEST_BDEV) # 1567|-> ret = btrfs_read_dev_super(fs_devices->latest_bdev, disk_super, # 1568| sb_bytenr, sbflags); # 1569| else Error: GCC_ANALYZER_WARNING (CWE-127): [#def49] btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/extent_io.c: scope_hint: In function ‘read_raid56’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/extent_io.c:412:29: warning[-Wanalyzer-out-of-bounds]: heap-based buffer under-read btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/raid56.h:27: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/extent_io.c:26: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/bitops.h:20:22: note: in expansion of macro ‘find_first_bit’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/extent_io.c:399:9: note: in expansion of macro ‘for_each_set_bit’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/bitops.h: scope_hint: In function ‘read_raid56’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/bitops.h:20:22: note: in expansion of macro ‘find_first_bit’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/extent_io.c:399:9: note: in expansion of macro ‘for_each_set_bit’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/extent_io.c: scope_hint: In function ‘read_raid56’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/extent_io.c:399:9: note: in expansion of macro ‘for_each_set_bit’ # 410| # 411| /* Now copy the data back to original buf */ # 412|-> memcpy(buf, pointers[failed_a] + (logical - full_stripe_start) % # 413| BTRFS_STRIPE_LEN, len); # 414| ret = 0; Error: GCC_ANALYZER_WARNING (CWE-476): [#def50] btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c: scope_hint: In function ‘btrfs_rmap_block’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:1933:35: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘buf’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:19: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:1894:9: note: in expansion of macro ‘BUG_ON’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c: scope_hint: In function ‘btrfs_rmap_block’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:1908:15: note: in expansion of macro ‘kzalloc’ # 1931| } # 1932| if (j == nr) # 1933|-> buf[nr++] = bytenr; # 1934| } # 1935| Error: GCC_ANALYZER_WARNING (CWE-476): [#def51] btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c: scope_hint: In function ‘fill_missing_device’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2367:23: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘device’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2366:18: note: in expansion of macro ‘kzalloc’ # 2365| # 2366| device = kzalloc(sizeof(*device), GFP_NOFS); # 2367|-> device->devid = devid; # 2368| memcpy(device->uuid, uuid, BTRFS_UUID_SIZE); # 2369| device->fd = -1; Error: GCC_ANALYZER_WARNING (CWE-457): [#def52] btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c: scope_hint: In function ‘write_raid56_with_parity’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2839:32: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2820:15: note: in expansion of macro ‘kmalloc’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2800:9: note: in expansion of macro ‘kfree’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2845:26: note: in expansion of macro ‘kmalloc’ # 2837| struct extent_buffer *new_eb; # 2838| if (raid_map[i] < BTRFS_RAID5_P_STRIPE) { # 2839|-> if (ebs[i]->start != raid_map[i]) { # 2840| ret = -EINVAL; # 2841| goto out_free_split; Error: GCC_ANALYZER_WARNING (CWE-457): [#def53] btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2887:24: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2820:15: note: in expansion of macro ‘kmalloc’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2800:9: note: in expansion of macro ‘kfree’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-shared/volumes.c:2845:26: note: in expansion of macro ‘kmalloc’ # 2885| out_free_split: # 2886| for (i = 0; i < multi->num_stripes; i++) { # 2887|-> if (ebs[i] != eb) # 2888| kfree(ebs[i]); # 2889| } Error: CPPCHECK_WARNING (CWE-401): [#def54] btrfs-progs-6.11-build/btrfs-progs-v6.11/libbtrfsutil/qgroup.c:64: error[memleakOnRealloc]: Common realloc mistake: 'tmp' nulled but not freed upon failure # 62| struct btrfs_qgroup_inherit *tmp = (struct btrfs_qgroup_inherit *)*inherit; # 63| # 64|-> tmp = realloc(tmp, sizeof(*tmp) + # 65| (tmp->num_qgroups + 1) * sizeof(tmp->qgroups[0])); # 66| if (!tmp) Error: GCC_ANALYZER_WARNING (CWE-415): [#def55] btrfs-progs-6.11-build/btrfs-progs-v6.11/mkfs/rootdir.c: scope_hint: In function ‘rootdir_path_pop’ btrfs-progs-6.11-build/btrfs-progs-v6.11/mkfs/rootdir.c:114:9: warning[-Wanalyzer-double-free]: double-‘free’ of ‘current_path.inode_list.prev + -8’ btrfs-progs-6.11-build/btrfs-progs-v6.11/mkfs/rootdir.c:40: included_from: Included from here. btrfs-progs-6.11-build/btrfs-progs-v6.11/mkfs/rootdir.c:109:9: note: in expansion of macro ‘UASSERT’ btrfs-progs-6.11-build/btrfs-progs-v6.11/mkfs/rootdir.c: scope_hint: In function ‘rootdir_path_pop’ btrfs-progs-6.11-build/btrfs-progs-v6.11/common/messages.h:78:74: note: in definition of macro ‘UASSERT’ btrfs-progs-6.11-build/btrfs-progs-v6.11/mkfs/rootdir.c: scope_hint: In function ‘rootdir_path_pop’ btrfs-progs-6.11-build/btrfs-progs-v6.11/mkfs/rootdir.c:100:9: note: in expansion of macro ‘UASSERT’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/list.h:565:9: note: in expansion of macro ‘container_of’ btrfs-progs-6.11-build/btrfs-progs-v6.11/mkfs/rootdir.c:102:16: note: in expansion of macro ‘list_entry’ btrfs-progs-6.11-build/btrfs-progs-v6.11/mkfs/rootdir.c: scope_hint: In function ‘rootdir_path_pop’ btrfs-progs-6.11-build/btrfs-progs-v6.11/mkfs/rootdir.c:109:9: note: in expansion of macro ‘UASSERT’ btrfs-progs-6.11-build/btrfs-progs-v6.11/mkfs/rootdir.c: scope_hint: In function ‘rootdir_path_pop’ btrfs-progs-6.11-build/btrfs-progs-v6.11/common/messages.h:78:74: note: in definition of macro ‘UASSERT’ btrfs-progs-6.11-build/btrfs-progs-v6.11/mkfs/rootdir.c: scope_hint: In function ‘rootdir_path_pop’ btrfs-progs-6.11-build/btrfs-progs-v6.11/mkfs/rootdir.c:100:9: note: in expansion of macro ‘UASSERT’ btrfs-progs-6.11-build/btrfs-progs-v6.11/kernel-lib/list.h:565:9: note: in expansion of macro ‘container_of’ btrfs-progs-6.11-build/btrfs-progs-v6.11/mkfs/rootdir.c:102:16: note: in expansion of macro ‘list_entry’ btrfs-progs-6.11-build/btrfs-progs-v6.11/mkfs/rootdir.c: scope_hint: In function ‘rootdir_path_pop’ # 112| list_del_init(&last->list); # 113| path->level--; # 114|-> free(last); # 115| } # 116|
| analyzer-version-clippy | 1.82.0 |
| analyzer-version-cppcheck | 2.16.0 |
| analyzer-version-gcc | 14.2.1 |
| analyzer-version-gcc-analyzer | 15.0.0 |
| analyzer-version-shellcheck | 0.10.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-96.us-west-2.compute.internal |
| mock-config | fedora-rawhide-gcc-latest-x86_64 |
| project-name | btrfs-progs-6.11-1.fc42 |
| store-results-to | /tmp/tmp0__rx6ih/btrfs-progs-6.11-1.fc42.tar.xz |
| time-created | 2024-11-12 23:22:12 |
| time-finished | 2024-11-12 23:24:45 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'clippy,cppcheck,gcc,unicontrol,shellcheck' '-o' '/tmp/tmp0__rx6ih/btrfs-progs-6.11-1.fc42.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmp0__rx6ih/btrfs-progs-6.11-1.fc42.src.rpm' |
| tool-version | csmock-3.7.1.20241107.094801.gb3f0f26.pr_192-1.el9 |