xfsprogs-6.14.0-1.fc43

List of Findings

Error: SHELLCHECK_WARNING: [#def1]
/usr/bin/fsck.xfs:37:2: warning[SC2220]: Invalid flags are not handled. Add a *) case.
#   35|   while getopts ":aApyf" c
#   36|   do
#   37|-> 	case $c in
#   38|   	a|A|p)		AUTO=true;;
#   39|   	y)		REPAIR=true;;

Error: SHELLCHECK_WARNING (CWE-569): [#def2]
/usr/bin/fsck.xfs:43:12: warning[SC1083]: This { is literal. Check expression (missing ;/\n?) or quote it.
#   41|   	esac
#   42|   done
#   43|-> eval DEV=\${$#}
#   44|   if [ ! -e $DEV ]; then
#   45|   	echo "$0: $DEV does not exist"

Error: SHELLCHECK_WARNING (CWE-569): [#def3]
/usr/bin/fsck.xfs:43:15: warning[SC1083]: This } is literal. Check expression (missing ;/\n?) or quote it.
#   41|   	esac
#   42|   done
#   43|-> eval DEV=\${$#}
#   44|   if [ ! -e $DEV ]; then
#   45|   	echo "$0: $DEV does not exist"

Error: SHELLCHECK_WARNING (CWE-156): [#def4]
/usr/bin/fsck.xfs:84:8: warning[SC2046]: Quote this to prevent word splitting.
#   82|   		done
#   83|   		test -b "$ROOT" || ROOT=$(blkid -t "$ROOT" -o device)
#   84|-> 		if [ $(basename $DEV) = $(basename $ROOT) ]; then
#   85|   			mount $DEV /tmp/repair_mnt $ROOTFLAGS || exit 1
#   86|   		else

Error: SHELLCHECK_WARNING (CWE-156): [#def5]
/usr/bin/fsck.xfs:84:27: warning[SC2046]: Quote this to prevent word splitting.
#   82|   		done
#   83|   		test -b "$ROOT" || ROOT=$(blkid -t "$ROOT" -o device)
#   84|-> 		if [ $(basename $DEV) = $(basename $ROOT) ]; then
#   85|   			mount $DEV /tmp/repair_mnt $ROOTFLAGS || exit 1
#   86|   		else

Error: SHELLCHECK_WARNING (CWE-149): [#def6]
/usr/bin/xfs_admin:36:34: warning[SC2027]: The surrounding quotes actually unquote this. Remove or escape them.
#   34|   		IO_OPTS=$IO_OPTS" -r -c label"
#   35|   		;;
#   36|-> 	L)	DB_OPTS=$DB_OPTS" -c 'label "$OPTARG"'"
#   37|   		IO_OPTS=$IO_OPTS" -c 'label -s "$OPTARG"'"
#   38|   		;;

Error: SHELLCHECK_WARNING (CWE-149): [#def7]
/usr/bin/xfs_admin:37:35: warning[SC2027]: The surrounding quotes actually unquote this. Remove or escape them.
#   35|   		;;
#   36|   	L)	DB_OPTS=$DB_OPTS" -c 'label "$OPTARG"'"
#   37|-> 		IO_OPTS=$IO_OPTS" -c 'label -s "$OPTARG"'"
#   38|   		;;
#   39|   	O)	REPAIR_OPTS=$REPAIR_OPTS" -c $OPTARG"

Error: SHELLCHECK_WARNING (CWE-149): [#def8]
/usr/bin/xfs_admin:52:33: warning[SC2027]: The surrounding quotes actually unquote this. Remove or escape them.
#   50|   		IO_OPTS=$IO_OPTS" -r -c fsuuid"
#   51|   		;;
#   52|-> 	U)	DB_OPTS=$DB_OPTS" -c 'uuid "$OPTARG"'"
#   53|   		require_offline=1
#   54|   		;;

Error: SHELLCHECK_WARNING (CWE-88): [#def9]
/usr/bin/xfs_admin:64:14: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   62|   	esac
#   63|   done
#   64|-> set -- extra $@
#   65|   shift $OPTIND
#   66|   case $# in

Error: SHELLCHECK_WARNING (CWE-156): [#def10]
/usr/bin/xfs_bmap:29:7: warning[SC2046]: Quote this to prevent word splitting.
#   27|   $VERSION && $DIRNAME/xfs_io -p xfs_bmap -V
#   28|   
#   29|-> shift `expr $OPTIND - 1`
#   30|   
#   31|   while [ "$1" != "" ]

Error: SHELLCHECK_WARNING (CWE-563): [#def11]
/usr/bin/xfs_freeze:6:1: warning[SC2034]: OPTS appears unused. Verify use (or export if used externally).
#    4|   #
#    5|   
#    6|-> OPTS=""
#    7|   USAGE="Usage: xfs_freeze [-V] [-f | -u] <mountpoint>"
#    8|   DIRNAME=`dirname $0`

Error: SHELLCHECK_WARNING (CWE-156): [#def12]
/usr/bin/xfs_freeze:29:7: warning[SC2046]: Quote this to prevent word splitting.
#   27|   fi
#   28|   
#   29|-> shift `expr $OPTIND - 1`
#   30|   if [ "$1" = "" ]; then
#   31|   	echo $USAGE 1>&2

Error: SHELLCHECK_WARNING: [#def13]
/usr/bin/xfs_info:14:2: warning[SC3043]: In POSIX sh, 'local' is undefined.
#   12|   # the last line and return it if it's actually a block device.
#   13|   try_find_loop_dev_for_file() {
#   14|-> 	local x="$(losetup -O NAME -j "$1" 2> /dev/null | tail -n 1)"
#   15|   	test -b "$x" && echo "$x"
#   16|   }

Error: SHELLCHECK_WARNING (CWE-571): [#def14]
/usr/bin/xfs_info:14:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   12|   # the last line and return it if it's actually a block device.
#   13|   try_find_loop_dev_for_file() {
#   14|-> 	local x="$(losetup -O NAME -j "$1" 2> /dev/null | tail -n 1)"
#   15|   	test -b "$x" && echo "$x"
#   16|   }

Error: SHELLCHECK_WARNING (CWE-149): [#def15]
/usr/bin/xfs_metadump:17:20: warning[SC2027]: The surrounding quotes actually unquote this. Remove or escape them.
#   15|   	e)	OPTS=$OPTS"-e ";;
#   16|   	g)	OPTS=$OPTS"-g ";;
#   17|-> 	m)	OPTS=$OPTS"-m "$OPTARG" ";;
#   18|   	o)	OPTS=$OPTS"-o ";;
#   19|   	w)	OPTS=$OPTS"-w ";;

Error: SHELLCHECK_WARNING (CWE-149): [#def16]
/usr/bin/xfs_metadump:21:25: warning[SC2027]: The surrounding quotes actually unquote this. Remove or escape them.
#   19|   	w)	OPTS=$OPTS"-w ";;
#   20|   	f)	DBOPTS=$DBOPTS" -f";;
#   21|-> 	l)	DBOPTS=$DBOPTS" -l "$OPTARG" ";;
#   22|   	F)	DBOPTS=$DBOPTS" -F";;
#   23|   	v)	OPTS=$OPTS"-v "$OPTARG" ";;

Error: SHELLCHECK_WARNING (CWE-149): [#def17]
/usr/bin/xfs_metadump:23:20: warning[SC2027]: The surrounding quotes actually unquote this. Remove or escape them.
#   21|   	l)	DBOPTS=$DBOPTS" -l "$OPTARG" ";;
#   22|   	F)	DBOPTS=$DBOPTS" -F";;
#   23|-> 	v)	OPTS=$OPTS"-v "$OPTARG" ";;
#   24|   	V)	xfs_db -p xfs_metadump -V
#   25|   		status=$?

Error: SHELLCHECK_WARNING (CWE-149): [#def18]
/usr/bin/xfs_metadump:28:24: warning[SC2027]: The surrounding quotes actually unquote this. Remove or escape them.
#   26|   		exit $status
#   27|   		;;
#   28|-> 	r)	DBOPTS=$DBOPTS"-R "$OPTARG" ";;
#   29|   	\?)	echo $USAGE 1>&2
#   30|   		exit 2

Error: SHELLCHECK_WARNING (CWE-88): [#def19]
/usr/bin/xfs_metadump:34:14: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   32|   	esac
#   33|   done
#   34|-> set -- extra $@
#   35|   shift $OPTIND
#   36|   case $# in

Error: SHELLCHECK_WARNING (CWE-563): [#def20]
/usr/bin/xfs_mkfile:6:1: warning[SC2034]: OPTS appears unused. Verify use (or export if used externally).
#    4|   #
#    5|   
#    6|-> OPTS=""
#    7|   NOBYTES=false
#    8|   PREALLOC=false

Error: SHELLCHECK_WARNING (CWE-156): [#def21]
/usr/bin/xfs_mkfile:28:7: warning[SC2046]: Quote this to prevent word splitting.
#   26|   $VERSION && $XFS_IO -V
#   27|   
#   28|-> shift `expr $OPTIND - 1`
#   29|   [ "$1" != "" ] || exit 0
#   30|   SIZE="$1"

Error: SHELLCHECK_WARNING: [#def22]
/usr/bin/xfs_ncheck:14:2: warning[SC2213]: getopts specified -b, but it's not handled by this 'case'.
#   12|   while getopts "b:fi:l:svV" c
#   13|   do
#   14|-> 	case $c in
#   15|   	s)	OPTS=$OPTS"-s ";;
#   16|   	i)	OPTS=$OPTS"-i "$OPTARG" ";;

Error: SHELLCHECK_WARNING (CWE-149): [#def23]
/usr/bin/xfs_ncheck:16:20: warning[SC2027]: The surrounding quotes actually unquote this. Remove or escape them.
#   14|   	case $c in
#   15|   	s)	OPTS=$OPTS"-s ";;
#   16|-> 	i)	OPTS=$OPTS"-i "$OPTARG" ";;
#   17|   	v)	OPTS=$OPTS"-v ";;
#   18|   	f)	DBOPTS=$DBOPTS" -f";;

Error: SHELLCHECK_WARNING (CWE-149): [#def24]
/usr/bin/xfs_ncheck:19:25: warning[SC2027]: The surrounding quotes actually unquote this. Remove or escape them.
#   17|   	v)	OPTS=$OPTS"-v ";;
#   18|   	f)	DBOPTS=$DBOPTS" -f";;
#   19|-> 	l)	DBOPTS=$DBOPTS" -l "$OPTARG" ";;
#   20|   	V)	xfs_db -p xfs_ncheck -V
#   21|   		status=$?

Error: SHELLCHECK_WARNING (CWE-88): [#def25]
/usr/bin/xfs_ncheck:29:14: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   27|   	esac
#   28|   done
#   29|-> set -- extra $@
#   30|   shift $OPTIND
#   31|   case $# in

Error: SHELLCHECK_WARNING (CWE-563): [#def26]
/usr/bin/xfs_property:8:1: warning[SC2034]: OPTS appears unused. Verify use (or export if used externally).
#    6|   #
#    7|   
#    8|-> OPTS=""
#    9|   USAGE="Usage: xfs_property [-V] [mountpoint|device|file] [list [-v]|get name...|set name=value...|remove name...]"
#   10|   

Error: SHELLCHECK_WARNING (CWE-571): [#def27]
/usr/bin/xfs_property:15:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   13|   # the last line and return it if it's actually a block device.
#   14|   try_find_loop_dev_for_file() {
#   15|-> 	local x="$(losetup -O NAME -j "$1" 2> /dev/null | tail -n 1)"
#   16|   	test -b "${x}" && echo "${x}"
#   17|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def28]
xfsprogs-6.14.0/db/btblock.c:186:22: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
xfsprogs-6.14.0/db/btblock.c:262:9: branch_true: following ‘true’ branch (when ‘startoff == 0’)...
xfsprogs-6.14.0/db/btblock.c:263:9: branch_true: ...to here
xfsprogs-6.14.0/db/btblock.c:263:9: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/db/btblock.c:265:41: branch_true: ...to here
xfsprogs-6.14.0/db/btblock.c:265:19: call_function: inlined call to ‘btblock_maxrecs’ from ‘btblock_ptr_offset’
#  184|   btblock_maxrecs(struct xfs_db_btree *bt, int blocksize)
#  185|   {
#  186|-> 	blocksize -= bt->block_len;
#  187|   
#  188|   	return blocksize / (bt->key_len + bt->ptr_len);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def29]
xfsprogs-6.14.0/db/btblock.c:244:18: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
xfsprogs-6.14.0/db/btblock.c:241:9: branch_true: following ‘true’ branch (when ‘startoff == 0’)...
xfsprogs-6.14.0/db/btblock.c:242:9: branch_true: ...to here
xfsprogs-6.14.0/db/btblock.c:242:9: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/db/btblock.c:244:18: branch_true: ...to here
xfsprogs-6.14.0/db/btblock.c:244:18: danger: dereference of NULL ‘block_to_bt(obj)’
#  242|   	ASSERT(block->bb_level != 0);
#  243|   
#  244|-> 	offset = bt->block_len + (idx - 1) * bt->key_len;
#  245|   	return bitize(offset);
#  246|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def30]
xfsprogs-6.14.0/db/btblock.c:289:18: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
xfsprogs-6.14.0/db/btblock.c:286:9: branch_true: following ‘true’ branch (when ‘startoff == 0’)...
xfsprogs-6.14.0/db/btblock.c:287:9: branch_true: ...to here
xfsprogs-6.14.0/db/btblock.c:287:9: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/db/btblock.c:289:18: branch_true: ...to here
xfsprogs-6.14.0/db/btblock.c:289:18: danger: dereference of NULL ‘block_to_bt(obj)’
#  287|   	ASSERT(block->bb_level == 0);
#  288|   
#  289|-> 	offset = bt->block_len + (idx - 1) * bt->rec_len;
#  290|   	return bitize(offset);
#  291|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def31]
xfsprogs-6.14.0/db/namei.c:69:20: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
xfsprogs-6.14.0/db/namei.c:1118:1: enter_function: entry to ‘link_f’
xfsprogs-6.14.0/db/namei.c:1129:16: branch_true: following ‘true’ branch (when ‘c != -1’)...
xfsprogs-6.14.0/db/namei.c:1130:17: branch_true: ...to here
xfsprogs-6.14.0/db/namei.c:1145:33: call_function: calling ‘path_walk’ from ‘link_f’
#   67|   		new_path = realloc(dirpath->path,
#   68|   				(dirpath->depth + 1) * sizeof(char *));
#   69|-> 		if (!new_path) {
#   70|   			path_free(dirpath);
#   71|   			return NULL;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def32]
xfsprogs-6.14.0/db/namei.c:108:35: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘xname.name’ where non-null expected
xfsprogs-6.14.0/db/namei.c:1118:1: enter_function: entry to ‘link_f’
xfsprogs-6.14.0/db/namei.c:1129:16: branch_true: following ‘true’ branch (when ‘c != -1’)...
xfsprogs-6.14.0/db/namei.c:1130:17: branch_true: ...to here
xfsprogs-6.14.0/db/namei.c:1145:33: call_function: calling ‘path_walk’ from ‘link_f’
#argument 1 of ‘__builtin_strlen’ must be non-null
#  106|   		struct xfs_name	xname = {
#  107|   			.name	= (unsigned char *)dirpath->path[i],
#  108|-> 			.len	= strlen(dirpath->path[i]),
#  109|   		};
#  110|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def33]
xfsprogs-6.14.0/db/write.c:753:48: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘buf’
xfsprogs-6.14.0/db/write.c:738:1: enter_function: entry to ‘write_string’
xfsprogs-6.14.0/db/write.c:746:12: branch_false: following ‘false’ branch (when ‘argc == 1’)...
xfsprogs-6.14.0/db/write.c:751:43: branch_false: ...to here
xfsprogs-6.14.0/db/write.c:751:15: call_function: calling ‘convert_arg’ from ‘write_string’
xfsprogs-6.14.0/db/write.c:751:15: return_function: returning to ‘write_string’ from ‘convert_arg’
xfsprogs-6.14.0/db/write.c:752:21: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/db/write.c:753:26: branch_true: ...to here
xfsprogs-6.14.0/db/write.c:753:48: danger: dereference of NULL ‘buf’
#  751|   	buf = convert_arg(argv[0], (int)((strlen(argv[0])+1)*8));
#  752|   	for (i = 0; i < iocur_top->len; i++) {
#  753|-> 		((char *)iocur_top->data)[i] = *buf;
#  754|   		if (*buf++ == '\0')
#  755|   			break;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def34]
xfsprogs-6.14.0/fsr/xfs_fsr.c:1210:13: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘cur_nextents’
xfsprogs-6.14.0/fsr/xfs_fsr.c:1180:1: enter_function: entry to ‘packfile’
xfsprogs-6.14.0/fsr/xfs_fsr.c:1208:20: call_function: calling ‘read_fd_bmap’ from ‘packfile’
xfsprogs-6.14.0/fsr/xfs_fsr.c:1208:20: return_function: returning to ‘packfile’ from ‘read_fd_bmap’
xfsprogs-6.14.0/fsr/xfs_fsr.c:1210:13: danger: use of uninitialized value ‘cur_nextents’ here
# 1208|   	nextents = read_fd_bmap(file_fd->fd, statp, &cur_nextents);
# 1209|   
# 1210|-> 	if (cur_nextents == 1 || cur_nextents <= nextents) {
# 1211|   		if (vflag)
# 1212|   			fsrprintf(_("%s already fully defragmented.\n"), fname);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def35]
xfsprogs-6.14.0/io/exchrange.c:265:13: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘path’ where non-null expected
xfsprogs-6.14.0/io/exchrange.c:235:12: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/io/exchrange.c:241:30: branch_false: ...to here
xfsprogs-6.14.0/io/exchrange.c:242:12: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
xfsprogs-6.14.0/io/exchrange.c:246:9: branch_false: ...to here
xfsprogs-6.14.0/io/exchrange.c:253:12: branch_false: following ‘false’ branch (when ‘ret == 0’)...
xfsprogs-6.14.0/io/exchrange.c:259:25: branch_false: ...to here
xfsprogs-6.14.0/io/exchrange.c:264:16: acquire_memory: this call could return NULL
xfsprogs-6.14.0/io/exchrange.c:265:13: danger: argument 1 (‘path’) from [(8)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/7) could be NULL where non-null expected
#  263|   	/* Compute path to the directory that the current file is in. */
#  264|   	path = strdup(file->name);
#  265|-> 	d = strrchr(path, '/');
#  266|   	if (!d) {
#  267|   		fprintf(stderr, _("%s: cannot compute dirname?"), path);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def36]
xfsprogs-6.14.0/io/mmap.c:45:30: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘map’
xfsprogs-6.14.0/io/mmap.c:501:1: enter_function: entry to ‘munmap_f’
xfsprogs-6.14.0/io/mmap.c:508:12: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/io/mmap.c:513:21: branch_false: ...to here
xfsprogs-6.14.0/io/mmap.c:523:12: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/io/mmap.c:524:45: branch_true: ...to here
xfsprogs-6.14.0/io/mmap.c:533:9: call_function: calling ‘maplist_f’ from ‘munmap_f’
#   43|   
#   44|   	for (i = 0, p = pflags; p->prot != PROT_NONE; i++, p++)
#   45|-> 		buffer[i] = (map->prot & p->prot) ? p->mode : '-';
#   46|   
#   47|   #ifdef HAVE_MAP_SYNC

Error: GCC_ANALYZER_WARNING (CWE-476): [#def37]
xfsprogs-6.14.0/io/mmap.c:48:14: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘map’
xfsprogs-6.14.0/io/mmap.c:501:1: enter_function: entry to ‘munmap_f’
xfsprogs-6.14.0/io/mmap.c:508:12: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/io/mmap.c:513:21: branch_false: ...to here
xfsprogs-6.14.0/io/mmap.c:523:12: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/io/mmap.c:524:45: branch_true: ...to here
xfsprogs-6.14.0/io/mmap.c:533:9: call_function: calling ‘maplist_f’ from ‘munmap_f’
#   46|   
#   47|   #ifdef HAVE_MAP_SYNC
#   48|-> 	if ((map->flags & (MAP_SYNC | MAP_SHARED_VALIDATE)) ==
#   49|   			  (MAP_SYNC | MAP_SHARED_VALIDATE))
#   50|   		sprintf(&buffer[i], " S");

Error: GCC_ANALYZER_WARNING (CWE-476): [#def38]
xfsprogs-6.14.0/io/scrub.c:494:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
xfsprogs-6.14.0/io/scrub.c:479:1: enter_function: entry to ‘scrubv_fill_group’
xfsprogs-6.14.0/io/scrub.c:489:42: branch_true: following ‘true’ branch (when ‘i != 33’)...
xfsprogs-6.14.0/io/scrub.c:490:21: branch_true: ...to here
xfsprogs-6.14.0/io/scrub.c:490:20: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/io/scrub.c:493:21: call_function: inlined call to ‘xfrog_scrubv_next_vector’ from ‘scrubv_fill_group’
xfsprogs-6.14.0/io/scrub.c:494:17: branch_true: ...to here
xfsprogs-6.14.0/io/scrub.c:494:17: danger: dereference of NULL ‘<unknown>’
#  492|   
#  493|   		v = xfrog_scrubv_next_vector(scrubv);
#  494|-> 		v->sv_type = i;
#  495|   
#  496|   		if (barrier_interval &&

Error: GCC_ANALYZER_WARNING (CWE-476): [#def39]
xfsprogs-6.14.0/io/scrub.c:499:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
xfsprogs-6.14.0/io/scrub.c:479:1: enter_function: entry to ‘scrubv_fill_group’
xfsprogs-6.14.0/io/scrub.c:489:42: branch_true: following ‘true’ branch (when ‘i != 33’)...
xfsprogs-6.14.0/io/scrub.c:490:21: branch_true: ...to here
xfsprogs-6.14.0/io/scrub.c:490:20: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/io/scrub.c:493:21: call_function: inlined call to ‘xfrog_scrubv_next_vector’ from ‘scrubv_fill_group’
xfsprogs-6.14.0/io/scrub.c:496:20: branch_true: following ‘true’ branch (when ‘barrier_interval != 0’)...
xfsprogs-6.14.0/io/scrub.c:497:21: branch_true: ...to here
xfsprogs-6.14.0/io/scrub.c:496:21: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/io/scrub.c:498:29: call_function: inlined call to ‘xfrog_scrubv_next_vector’ from ‘scrubv_fill_group’
xfsprogs-6.14.0/io/scrub.c:499:25: branch_true: ...to here
xfsprogs-6.14.0/io/scrub.c:499:25: danger: dereference of NULL ‘<unknown>’
#  497|   		    scrubv->head.svh_nr % (barrier_interval + 1) == 0) {
#  498|   			v = xfrog_scrubv_next_vector(scrubv);
#  499|-> 			v->sv_flags = barrier_mask;
#  500|   			v->sv_type = XFS_SCRUB_TYPE_BARRIER;
#  501|   		}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def40]
xfsprogs-6.14.0/libfrog/bitmap.c:195:21: warning[-Wanalyzer-null-dereference]: dereference of NULL 'pos'
xfsprogs-6.14.0/libfrog/bitmap.c:187:9: branch_true: following 'true' branch...
xfsprogs-6.14.0/libfrog/bitmap.c:191:9: branch_true: following 'true' branch (when 'pos != l')...
xfsprogs-6.14.0/libfrog/bitmap.c:195:21: branch_true: ...to here
xfsprogs-6.14.0/libfrog/bitmap.c:191:9: branch_false: following 'false' branch (when 'n' is NULL)...
 branch_false: ...to here
xfsprogs-6.14.0/libfrog/bitmap.c:191:9: branch_true: following 'true' branch (when 'pos != l')...
xfsprogs-6.14.0/libfrog/bitmap.c:195:21: branch_true: ...to here
xfsprogs-6.14.0/libfrog/bitmap.c:195:21: danger: dereference of NULL 'pos'
#  193|   
#  194|   		/* Bail if the new extent is contained within an old one. */
#  195|-> 		if (ext->btn_start <= start &&
#  196|   		    ext->btn_start + ext->btn_length >= start + length)
#  197|   			return 0;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def41]
xfsprogs-6.14.0/libfrog/bitmap.c:271:21: warning[-Wanalyzer-null-dereference]: dereference of NULL 'pos'
xfsprogs-6.14.0/libfrog/bitmap.c:264:9: branch_true: following 'true' branch...
xfsprogs-6.14.0/libfrog/bitmap.c:267:9: branch_true: following 'true' branch (when 'pos != l')...
xfsprogs-6.14.0/libfrog/bitmap.c:271:21: branch_true: ...to here
xfsprogs-6.14.0/libfrog/bitmap.c:267:9: branch_true: following 'true' branch (when 'pos != l')...
xfsprogs-6.14.0/libfrog/bitmap.c:271:21: branch_true: ...to here
xfsprogs-6.14.0/libfrog/bitmap.c:271:21: danger: dereference of NULL 'pos'
#  269|   
#  270|   		stat = 0;
#  271|-> 		if (ext->btn_start < start)
#  272|   			stat |= 1;
#  273|   		if (ext->btn_start + ext->btn_length > start + len)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def42]
xfsprogs-6.14.0/libfrog/bitmap.c:304:45: warning[-Wanalyzer-malloc-leak]: leak of 'bitmap_node_init(start + len,  new_length)'
xfsprogs-6.14.0/libfrog/bitmap.c:238:1: enter_function: entry to '__bitmap_clear'
xfsprogs-6.14.0/libfrog/bitmap.c:264:9: branch_true: following 'true' branch...
xfsprogs-6.14.0/libfrog/bitmap.c:267:9: branch_true: following 'true' branch (when 'pos != l')...
xfsprogs-6.14.0/libfrog/bitmap.c:271:21: branch_true: ...to here
xfsprogs-6.14.0/libfrog/bitmap.c:298:31: call_function: calling 'bitmap_node_init' from '__bitmap_clear'
xfsprogs-6.14.0/libfrog/bitmap.c:298:31: return_function: returning to '__bitmap_clear' from 'bitmap_node_init'
xfsprogs-6.14.0/libfrog/bitmap.c:299:28: branch_false: following 'false' branch...
xfsprogs-6.14.0/libfrog/bitmap.c:304:60: branch_false: ...to here
xfsprogs-6.14.0/libfrog/bitmap.c:304:45: danger: 'bitmap_node_init(start + len,  new_length)' leaks here; was allocated at [(10)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/9)
#  302|   			}
#  303|   
#  304|-> 			node = avl64_insert(bmap->bt_tree, &ext->btn_node);
#  305|   			if (node == NULL) {
#  306|   				ret = -EEXIST;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def43]
xfsprogs-6.14.0/libfrog/bitmap.c:383:23: warning[-Wanalyzer-null-dereference]: dereference of NULL 'pos'
xfsprogs-6.14.0/libfrog/bitmap.c:381:9: branch_true: following 'true' branch (when 'pos != l')...
xfsprogs-6.14.0/libfrog/bitmap.c:383:23: branch_true: ...to here
xfsprogs-6.14.0/libfrog/bitmap.c:384:20: branch_false: following 'false' branch...
xfsprogs-6.14.0/libfrog/bitmap.c:381:9: branch_false: ...to here
xfsprogs-6.14.0/libfrog/bitmap.c:381:9: branch_false: following 'false' branch (when 'n' is NULL)...
 branch_false: ...to here
xfsprogs-6.14.0/libfrog/bitmap.c:381:9: branch_true: following 'true' branch (when 'pos != l')...
xfsprogs-6.14.0/libfrog/bitmap.c:383:23: branch_true: ...to here
xfsprogs-6.14.0/libfrog/bitmap.c:383:23: danger: dereference of NULL 'pos'
#  381|   	avl_for_each_range_safe(pos, n, l, firstn, lastn) {
#  382|   		ext = container_of(pos, struct bitmap_node, btn_node);
#  383|-> 		ret = fn(ext->btn_start, ext->btn_length, arg);
#  384|   		if (ret)
#  385|   			break;

Error: GCC_ANALYZER_WARNING (CWE-122): [#def44]
xfsprogs-6.14.0/libfrog/histogram.c:137:9: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
xfsprogs-6.14.0/libfrog/histogram.c:119:9: branch_true: following 'true' branch...
xfsprogs-6.14.0/libfrog/histogram.c:121:15: branch_true: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:122:12: branch_false: following 'false' branch (when 'cdf' is non-NULL)...
xfsprogs-6.14.0/libfrog/histogram.c:124:9: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:126:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libfrog/histogram.c:131:24: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:132:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libfrog/histogram.c:137:34: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:137:9: danger: write of 8 bytes at offset '(long unsigned int)(*hs.nr_buckets + 4294967295) * 32 + 16' exceeds the buffer
#  135|   	}
#  136|   
#  137|-> 	cdf->buckets[i].nr_obs = hs->buckets[i].nr_obs;
#  138|   	cdf->buckets[i].sum = hs->buckets[i].sum;
#  139|   	i--;

Error: GCC_ANALYZER_WARNING (CWE-122): [#def45]
xfsprogs-6.14.0/libfrog/histogram.c:138:9: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
xfsprogs-6.14.0/libfrog/histogram.c:119:9: branch_true: following 'true' branch...
xfsprogs-6.14.0/libfrog/histogram.c:121:15: branch_true: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:122:12: branch_false: following 'false' branch (when 'cdf' is non-NULL)...
xfsprogs-6.14.0/libfrog/histogram.c:124:9: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:126:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libfrog/histogram.c:131:24: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:132:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libfrog/histogram.c:137:34: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:138:9: danger: write of 8 bytes at offset '(long unsigned int)(*hs.nr_buckets + 4294967295) * 32 + 24' exceeds the buffer
#  136|   
#  137|   	cdf->buckets[i].nr_obs = hs->buckets[i].nr_obs;
#  138|-> 	cdf->buckets[i].sum = hs->buckets[i].sum;
#  139|   	i--;
#  140|   

Error: GCC_ANALYZER_WARNING (CWE-122): [#def46]
xfsprogs-6.14.0/libfrog/histogram.c:142:17: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
xfsprogs-6.14.0/libfrog/histogram.c:119:9: branch_true: following 'true' branch...
xfsprogs-6.14.0/libfrog/histogram.c:121:15: branch_true: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:122:12: branch_false: following 'false' branch (when 'cdf' is non-NULL)...
xfsprogs-6.14.0/libfrog/histogram.c:124:9: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:126:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libfrog/histogram.c:131:24: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:132:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libfrog/histogram.c:137:34: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:141:16: branch_true: following 'true' branch (when 'i != -1')...
xfsprogs-6.14.0/libfrog/histogram.c:142:42: branch_true: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:142:17: danger: write of 8 bytes at offset '(long unsigned int)(int)(*hs.nr_buckets + 4294967294) * 32 + 16' exceeds the buffer
#  140|   
#  141|   	while (i >= 0) {
#  142|-> 		cdf->buckets[i].nr_obs = hs->buckets[i].nr_obs +
#  143|   					cdf->buckets[i + 1].nr_obs;
#  144|   

Error: GCC_ANALYZER_WARNING (CWE-122): [#def47]
xfsprogs-6.14.0/libfrog/histogram.c:143:41: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read
xfsprogs-6.14.0/libfrog/histogram.c:119:9: branch_true: following 'true' branch...
xfsprogs-6.14.0/libfrog/histogram.c:121:15: branch_true: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:122:12: branch_false: following 'false' branch (when 'cdf' is non-NULL)...
xfsprogs-6.14.0/libfrog/histogram.c:124:9: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:126:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libfrog/histogram.c:131:24: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:132:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libfrog/histogram.c:137:34: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:141:16: branch_true: following 'true' branch (when 'i != -1')...
xfsprogs-6.14.0/libfrog/histogram.c:142:42: branch_true: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:143:41: danger: read of 8 bytes at offset '(long unsigned int)(int)(*hs.nr_buckets + 4294967294) * 32 + 48' exceeds the buffer
#  141|   	while (i >= 0) {
#  142|   		cdf->buckets[i].nr_obs = hs->buckets[i].nr_obs +
#  143|-> 					cdf->buckets[i + 1].nr_obs;
#  144|   
#  145|   		cdf->buckets[i].sum =    hs->buckets[i].sum +

Error: GCC_ANALYZER_WARNING (CWE-122): [#def48]
xfsprogs-6.14.0/libfrog/histogram.c:145:17: warning[-Wanalyzer-out-of-bounds]: heap-based buffer overflow
xfsprogs-6.14.0/libfrog/histogram.c:119:9: branch_true: following 'true' branch...
xfsprogs-6.14.0/libfrog/histogram.c:121:15: branch_true: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:122:12: branch_false: following 'false' branch (when 'cdf' is non-NULL)...
xfsprogs-6.14.0/libfrog/histogram.c:124:9: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:126:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libfrog/histogram.c:131:24: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:132:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libfrog/histogram.c:137:34: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:141:16: branch_true: following 'true' branch (when 'i != -1')...
xfsprogs-6.14.0/libfrog/histogram.c:142:42: branch_true: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:145:17: danger: write of 8 bytes at offset '(long unsigned int)(int)(*hs.nr_buckets + 4294967294) * 32 + 24' exceeds the buffer
#  143|   					cdf->buckets[i + 1].nr_obs;
#  144|   
#  145|-> 		cdf->buckets[i].sum =    hs->buckets[i].sum +
#  146|   					cdf->buckets[i + 1].sum;
#  147|   		i--;

Error: GCC_ANALYZER_WARNING (CWE-122): [#def49]
xfsprogs-6.14.0/libfrog/histogram.c:146:41: warning[-Wanalyzer-out-of-bounds]: heap-based buffer over-read
xfsprogs-6.14.0/libfrog/histogram.c:119:9: branch_true: following 'true' branch...
xfsprogs-6.14.0/libfrog/histogram.c:121:15: branch_true: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:122:12: branch_false: following 'false' branch (when 'cdf' is non-NULL)...
xfsprogs-6.14.0/libfrog/histogram.c:124:9: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:126:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libfrog/histogram.c:131:24: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:132:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libfrog/histogram.c:137:34: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:141:16: branch_true: following 'true' branch (when 'i != -1')...
xfsprogs-6.14.0/libfrog/histogram.c:142:42: branch_true: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:146:41: danger: read of 8 bytes at offset '(long unsigned int)(int)(*hs.nr_buckets + 4294967294) * 32 + 56' exceeds the buffer
#  144|   
#  145|   		cdf->buckets[i].sum =    hs->buckets[i].sum +
#  146|-> 					cdf->buckets[i + 1].sum;
#  147|   		i--;
#  148|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def50]
xfsprogs-6.14.0/libfrog/histogram.c:216:33: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
xfsprogs-6.14.0/libfrog/histogram.c:164:1: enter_function: entry to 'hist_print'
xfsprogs-6.14.0/libfrog/histogram.c:174:15: call_function: calling 'hist_cdf' from 'hist_print'
xfsprogs-6.14.0/libfrog/histogram.c:174:15: return_function: returning to 'hist_print' from 'hist_cdf'
xfsprogs-6.14.0/libfrog/histogram.c:175:12: branch_false: following 'false' branch...
 branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:180:21: branch_false: following 'false' branch...
xfsprogs-6.14.0/libfrog/histogram.c:199:9: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:205:21: branch_true: following 'true' branch...
xfsprogs-6.14.0/libfrog/histogram.c:206:21: branch_true: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:206:20: branch_false: following 'false' branch...
xfsprogs-6.14.0/libfrog/histogram.c:216:33: branch_false: ...to here
xfsprogs-6.14.0/libfrog/histogram.c:216:33: release_memory: '0' is NULL
xfsprogs-6.14.0/libfrog/histogram.c:216:45: release_memory: '0' is NULL
xfsprogs-6.14.0/libfrog/histogram.c:216:33: danger: dereference of NULL '*<unknown>.buckets + (long unsigned int)i * 32'
#  214|   				hs->buckets[i].sum * 100.0 / hs->tot_sum,
#  215|   				cdf->buckets[i].sum * 100.0 / hs->tot_sum,
#  216|-> 				cdf->buckets[i].nr_obs * 100.0 / hs->tot_obs);
#  217|   	}
#  218|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def51]
xfsprogs-6.14.0/libfrog/list_sort.c:75:17: warning[-Wanalyzer-null-dereference]: dereference of NULL 'list'
xfsprogs-6.14.0/libfrog/list_sort.c:97:6: enter_function: entry to 'list_sort'
xfsprogs-6.14.0/libfrog/list_sort.c:105:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libfrog/list_sort.c:108:9: branch_false: ...to here
xfsprogs-6.14.0/libfrog/list_sort.c:110:9: release_memory: '0' is NULL
xfsprogs-6.14.0/libfrog/list_sort.c:113:16: branch_false: following 'false' branch (when 'list' is NULL)...
 branch_false: ...to here
xfsprogs-6.14.0/libfrog/list_sort.c:131:23: branch_false: following 'false' branch (when 'lev >= max_lev')...
xfsprogs-6.14.0/libfrog/list_sort.c:135:9: branch_false: ...to here
xfsprogs-6.14.0/libfrog/list_sort.c:135:9: release_memory: 'list' is NULL
xfsprogs-6.14.0/libfrog/list_sort.c:135:9: call_function: calling 'merge_and_restore_back_links' from 'list_sort'
#   73|   			(*cmp)(priv, tail->next, tail->next);
#   74|   
#   75|-> 		tail->next->prev = tail;
#   76|   		tail = tail->next;
#   77|   	} while (tail->next);

Error: GCC_ANALYZER_WARNING (CWE-835): [#def52]
xfsprogs-6.14.0/libfrog/radix-tree.c:534:16: warning[-Wanalyzer-infinite-loop]: infinite loop
xfsprogs-6.14.0/libfrog/radix-tree.c:527:1: enter_function: entry to 'radix_tree_gang_lookup'
xfsprogs-6.14.0/libfrog/radix-tree.c:534:16: danger: infinite loop here
xfsprogs-6.14.0/libfrog/radix-tree.c:534:16: branch_true: when 'ret < max_items': always following 'true' branch...
xfsprogs-6.14.0/libfrog/radix-tree.c:538:20: branch_true: ...to here
xfsprogs-6.14.0/libfrog/radix-tree.c:538:20: branch_false: if it ever follows 'false' branch, it will always do so...
xfsprogs-6.14.0/libfrog/radix-tree.c:540:28: branch_false: ...to here
xfsprogs-6.14.0/libfrog/radix-tree.c:543:20: branch_false: if it ever follows 'false' branch, it will always do so...
 branch_false: ...to here
#  532|   	unsigned int ret = 0;
#  533|   
#  534|-> 	while (ret < max_items) {
#  535|   		unsigned int nr_found;
#  536|   		unsigned long next_index;	/* Index of next search */

Error: GCC_ANALYZER_WARNING (CWE-835): [#def53]
xfsprogs-6.14.0/libfrog/radix-tree.c:574:16: warning[-Wanalyzer-infinite-loop]: infinite loop
xfsprogs-6.14.0/libfrog/radix-tree.c:566:1: enter_function: entry to 'radix_tree_gang_lookup_ex'
xfsprogs-6.14.0/libfrog/radix-tree.c:574:16: danger: infinite loop here
xfsprogs-6.14.0/libfrog/radix-tree.c:574:16: branch_true: if it ever follows 'true' branch, it will always do so...
xfsprogs-6.14.0/libfrog/radix-tree.c:578:20: branch_true: ...to here
xfsprogs-6.14.0/libfrog/radix-tree.c:578:20: branch_false: if it ever follows 'false' branch, it will always do so...
xfsprogs-6.14.0/libfrog/radix-tree.c:580:28: branch_false: ...to here
xfsprogs-6.14.0/libfrog/radix-tree.c:583:20: branch_false: if it ever follows 'false' branch, it will always do so...
 branch_false: ...to here
#  572|   	unsigned int ret = 0;
#  573|   
#  574|-> 	while (ret < max_items && cur_index < last_index) {
#  575|   		unsigned int nr_found;
#  576|   		unsigned long next_index;	/* Index of next search */

Error: CPPCHECK_WARNING (CWE-758): [#def54]
xfsprogs-6.14.0/libfrog/util.c:20: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#   18|   
#   19|   	for (rval = 0; rval < NBBY * sizeof(i); rval++) {
#   20|-> 		if ((1 << rval) >= i)
#   21|   			break;
#   22|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def55]
xfsprogs-6.14.0/libxcmd/input.c:108:16: warning[-Wanalyzer-malloc-leak]: leak of 'rval'
xfsprogs-6.14.0/libxcmd/input.c:93:26: acquire_memory: allocated here
xfsprogs-6.14.0/libxcmd/input.c:95:16: branch_true: following 'true' branch...
xfsprogs-6.14.0/libxcmd/input.c:96:20: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxcmd/input.c:98:17: branch_false: ...to here
xfsprogs-6.14.0/libxcmd/input.c:100:20: branch_false: following 'false' branch (when 'rval' is non-NULL)...
xfsprogs-6.14.0/libxcmd/input.c:104:21: branch_false: ...to here
xfsprogs-6.14.0/libxcmd/input.c:95:16: branch_true: following 'true' branch...
xfsprogs-6.14.0/libxcmd/input.c:96:20: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxcmd/input.c:98:17: branch_false: ...to here
xfsprogs-6.14.0/libxcmd/input.c:100:20: branch_true: following 'true' branch (when 'rval' is NULL)...
xfsprogs-6.14.0/libxcmd/input.c:107:9: branch_true: ...to here
xfsprogs-6.14.0/libxcmd/input.c:108:16: danger: 'rval' leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  106|   	}
#  107|   	*count = c;
#  108|-> 	return rval;
#  109|   }
#  110|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def56]
xfsprogs-6.14.0/libxfs/./xfs_inode_fork.h:84:16: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
xfsprogs-6.14.0/libxfs/xfs_bmap.c:6417:1: enter_function: entry to 'xfs_bunmapi_range'
xfsprogs-6.14.0/libxfs/xfs_bmap.c:6429:16: branch_true: following 'true' branch...
xfsprogs-6.14.0/libxfs/xfs_bmap.c:6431:25: branch_true: ...to here
xfsprogs-6.14.0/libxfs/xfs_bmap.c:6431:25: call_function: calling '__xfs_bunmapi' from 'xfs_bunmapi_range'
#   82|   static inline bool xfs_ifork_has_extents(struct xfs_ifork *ifp)
#   83|   {
#   84|-> 	return ifp->if_format == XFS_DINODE_FMT_EXTENTS ||
#   85|   		ifp->if_format == XFS_DINODE_FMT_BTREE;
#   86|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def57]
xfsprogs-6.14.0/libxfs/xfs_ag_resv.c:142:52: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
xfsprogs-6.14.0/libxfs/xfs_ag_resv.c:131:1: enter_function: entry to '__xfs_ag_resv_free'
xfsprogs-6.14.0/libxfs/xfs_ag_resv.c:140:16: call_function: inlined call to 'xfs_perag_resv' from '__xfs_ag_resv_free'
xfsprogs-6.14.0/libxfs/xfs_ag_resv.c:141:13: call_function: inlined call to 'pag_agno' from '__xfs_ag_resv_free'
xfsprogs-6.14.0/libxfs/xfs_ag_resv.c:141:12: branch_true: following 'true' branch...
xfsprogs-6.14.0/libxfs/xfs_ag_resv.c:142:17: call_function: inlined call to 'pag_mount' from '__xfs_ag_resv_free'
xfsprogs-6.14.0/libxfs/xfs_ag_resv.c:142:52: danger: dereference of NULL '<unknown>'
#  140|   	resv = xfs_perag_resv(pag, type);
#  141|   	if (pag_agno(pag) == 0)
#  142|-> 		pag_mount(pag)->m_ag_max_usable += resv->ar_asked;
#  143|   	/*
#  144|   	 * RMAPBT blocks come from the AGFL and AGFL blocks are always

Error: GCC_ANALYZER_WARNING (CWE-476): [#def58]
xfsprogs-6.14.0/libxfs/xfs_ag_resv.c:151:17: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
xfsprogs-6.14.0/libxfs/xfs_ag_resv.c:131:1: enter_function: entry to '__xfs_ag_resv_free'
xfsprogs-6.14.0/libxfs/xfs_ag_resv.c:140:16: call_function: inlined call to 'xfs_perag_resv' from '__xfs_ag_resv_free'
xfsprogs-6.14.0/libxfs/xfs_ag_resv.c:141:13: call_function: inlined call to 'pag_agno' from '__xfs_ag_resv_free'
xfsprogs-6.14.0/libxfs/xfs_ag_resv.c:141:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_ag_resv.c:148:12: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_ag_resv.c:148:12: branch_false: following 'false' branch (when 'type != 3')...
xfsprogs-6.14.0/libxfs/xfs_ag_resv.c:151:17: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_ag_resv.c:151:17: danger: dereference of NULL '<unknown>'
#  149|   		oldresv = resv->ar_orig_reserved;
#  150|   	else
#  151|-> 		oldresv = resv->ar_reserved;
#  152|   	xfs_add_fdblocks(pag_mount(pag), oldresv);
#  153|   	resv->ar_reserved = 0;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def59]
xfsprogs-6.14.0/libxfs/xfs_alloc.c:2945:25: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'bno'
xfsprogs-6.14.0/libxfs/xfs_alloc.c:3940:1: enter_function: entry to 'xfs_free_extent_fix_freelist'
xfsprogs-6.14.0/libxfs/xfs_alloc.c:3958:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_alloc.c:3961:17: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_alloc.c:3961:17: call_function: calling 'libxfs_alloc_fix_freelist' from 'xfs_free_extent_fix_freelist'
# 2943|   		 * freeing the block.
# 2944|   		 */
# 2945|-> 		error = xfs_free_extent_later(tp, xfs_agbno_to_fsb(pag, bno),
# 2946|   				1, &targs.oinfo, XFS_AG_RESV_AGFL, 0);
# 2947|   		if (error)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def60]
xfsprogs-6.14.0/libxfs/xfs_alloc.c:4004:9: warning[-Wanalyzer-null-dereference]: dereference of NULL 'agbp'
xfsprogs-6.14.0/libxfs/xfs_alloc.c:3975:1: enter_function: entry to '__xfs_free_extent'
xfsprogs-6.14.0/libxfs/xfs_alloc.c:3997:17: call_function: calling 'xfs_free_extent_fix_freelist' from '__xfs_free_extent'
xfsprogs-6.14.0/libxfs/xfs_alloc.c:3997:17: return_function: returning to '__xfs_free_extent' from 'xfs_free_extent_fix_freelist'
xfsprogs-6.14.0/libxfs/xfs_alloc.c:3998:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_alloc.c:4004:19: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_alloc.c:4004:19: release_memory: 'agbp' is NULL
xfsprogs-6.14.0/libxfs/xfs_alloc.c:4004:9: danger: dereference of NULL 'agbp'
# 4002|   	}
# 4003|   
# 4004|-> 	agf = agbp->b_addr;
# 4005|   
# 4006|   	if (XFS_IS_CORRUPT(mp, agbno >= mp->m_sb.sb_agblocks)) {

Error: GCC_ANALYZER_WARNING (CWE-126): [#def61]
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:431:34: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:416:16: branch_true: following 'true' branch...
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:417:17: branch_true: ...to here
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:421:20: branch_false: following 'false' branch...
 branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:425:29: branch_true: following 'true' branch...
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:431:34: branch_true: ...to here
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:437:28: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:440:33: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:443:28: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:447:35: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:425:29: branch_true: following 'true' branch...
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:431:34: danger: out-of-bounds read from byte 40 till byte 47 but 'map' ends at byte 32
#  429|   			ASSERT((map[i].br_startblock != DELAYSTARTBLOCK) &&
#  430|   			       (map[i].br_startblock != HOLESTARTBLOCK));
#  431|-> 			dblkno = XFS_FSB_TO_DADDR(mp, map[i].br_startblock);
#  432|   			dblkcnt = XFS_FSB_TO_BB(mp, map[i].br_blockcount);
#  433|   			error = xfs_buf_read(mp->m_ddev_targp, dblkno, dblkcnt,

Error: GCC_ANALYZER_WARNING (CWE-126): [#def62]
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:432:35: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:416:16: branch_true: following 'true' branch...
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:417:17: branch_true: ...to here
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:421:20: branch_false: following 'false' branch...
 branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:425:29: branch_true: following 'true' branch...
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:431:34: branch_true: ...to here
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:437:28: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:440:33: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:443:28: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:447:35: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:425:29: branch_true: following 'true' branch...
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:432:35: danger: out-of-bounds read from byte 48 till byte 55 but 'map' ends at byte 32
#  430|   			       (map[i].br_startblock != HOLESTARTBLOCK));
#  431|   			dblkno = XFS_FSB_TO_DADDR(mp, map[i].br_startblock);
#  432|-> 			dblkcnt = XFS_FSB_TO_BB(mp, map[i].br_blockcount);
#  433|   			error = xfs_buf_read(mp->m_ddev_targp, dblkno, dblkcnt,
#  434|   					0, &bp, &xfs_attr3_rmt_buf_ops);

Error: GCC_ANALYZER_WARNING (CWE-126): [#def63]
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:447:35: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:416:16: branch_true: following 'true' branch...
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:417:17: branch_true: ...to here
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:421:20: branch_false: following 'false' branch...
 branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:425:29: branch_true: following 'true' branch...
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:431:34: branch_true: ...to here
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:437:28: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:440:33: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:443:28: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:447:35: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:425:29: branch_true: following 'true' branch...
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:437:28: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:440:33: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:443:28: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:447:35: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_attr_remote.c:447:35: danger: out-of-bounds read from byte 48 till byte 55 but 'map' ends at byte 32
#  445|   
#  446|   			/* roll attribute extent map forwards */
#  447|-> 			lblkno += map[i].br_blockcount;
#  448|   			blkcnt -= map[i].br_blockcount;
#  449|   		}

Error: GCC_ANALYZER_WARNING (CWE-457): [#def64]
xfsprogs-6.14.0/libxfs/xfs_bmap.h:152:16: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'irec1.br_startblock'
xfsprogs-6.14.0/libxfs/xfs_exchmaps.c:1030:1: enter_function: entry to 'xfs_exchmaps_estimate'
xfsprogs-6.14.0/libxfs/xfs_exchmaps.c:1044:15: call_function: calling 'xfs_exchmaps_init_intent' from 'xfs_exchmaps_estimate'
xfsprogs-6.14.0/libxfs/xfs_exchmaps.c:1044:15: return_function: returning to 'xfs_exchmaps_estimate' from 'xfs_exchmaps_init_intent'
xfsprogs-6.14.0/libxfs/xfs_exchmaps.c:1055:16: branch_true: following 'true' branch...
xfsprogs-6.14.0/libxfs/xfs_exchmaps.c:1062:25: branch_true: ...to here
xfsprogs-6.14.0/libxfs/xfs_exchmaps.c:1062:25: call_function: calling 'xfs_exchmaps_find_mappings' from 'xfs_exchmaps_estimate'
xfsprogs-6.14.0/libxfs/xfs_exchmaps.c:1062:25: return_function: returning to 'xfs_exchmaps_estimate' from 'xfs_exchmaps_find_mappings'
xfsprogs-6.14.0/libxfs/xfs_exchmaps.c:1063:20: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_exchmaps.c:1065:22: call_function: inlined call to 'xmi_has_more_exchange_work' from 'xfs_exchmaps_estimate'
xfsprogs-6.14.0/libxfs/xfs_exchmaps.c:1065:20: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_exchmaps.c:1069:21: call_function: inlined call to 'xfs_bmap_is_real_extent' from 'xfs_exchmaps_estimate'
#  150|   static inline bool xfs_bmap_is_real_extent(const struct xfs_bmbt_irec *irec)
#  151|   {
#  152|-> 	return irec->br_startblock != HOLESTARTBLOCK &&
#  153|   		irec->br_startblock != DELAYSTARTBLOCK &&
#  154|   		!isnullstartblock(irec->br_startblock);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def65]
xfsprogs-6.14.0/libxfs/xfs_bmap_btree.c:561:44: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
#  559|   	struct xfs_btree_block	*broot;
#  560|   	unsigned int		new_size;
#  561|-> 	unsigned int		old_size = ifp->if_broot_bytes;
#  562|   
#  563|   	/*

Error: GCC_ANALYZER_WARNING (CWE-476): [#def66]
xfsprogs-6.14.0/libxfs/xfs_bmap_btree.c:695:35: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
xfsprogs-6.14.0/libxfs/xfs_bmap_btree.c:692:12: branch_true: following 'true' branch (when 'whichfork != -1')...
xfsprogs-6.14.0/libxfs/xfs_bmap_btree.c:693:48: branch_true: ...to here
xfsprogs-6.14.0/libxfs/xfs_bmap_btree.c:695:35: danger: dereference of NULL 'xfs_ifork_ptr(ip,  whichfork)'
#  693|   		struct xfs_ifork	*ifp = xfs_ifork_ptr(ip, whichfork);
#  694|   
#  695|-> 		cur->bc_nlevels = be16_to_cpu(ifp->if_broot->bb_level) + 1;
#  696|   		cur->bc_ino.forksize = xfs_inode_fork_size(ip, whichfork);
#  697|   	}

Error: GCC_ANALYZER_WARNING (CWE-688): [#def67]
xfsprogs-6.14.0/libxfs/xfs_bmap_btree.c:738:9: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
#argument 1 of '__builtin_memcpy' must be non-null
#  736|   	ifp = xfs_ifork_ptr(cur->bc_ino.ip, whichfork);
#  737|   	xfs_idestroy_fork(ifp);
#  738|-> 	memcpy(ifp, ifake->if_fork, sizeof(struct xfs_ifork));
#  739|   
#  740|   	switch (ifp->if_format) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def68]
xfsprogs-6.14.0/libxfs/xfs_btree.c:834:16: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
xfsprogs-6.14.0/libxfs/xfs_btree.c:842:1: enter_function: entry to 'libxfs_btree_get_block'
xfsprogs-6.14.0/libxfs/xfs_btree.c:849:24: call_function: inlined call to 'xfs_btree_get_iroot' from 'libxfs_btree_get_block'
xfsprogs-6.14.0/libxfs/xfs_btree.c:849:24: call_function: inlined call to 'xfs_btree_get_iroot' from 'libxfs_btree_get_block'
#  832|   	struct xfs_ifork	*ifp = xfs_btree_ifork_ptr(cur);
#  833|   
#  834|-> 	return (struct xfs_btree_block *)ifp->if_broot;
#  835|   }
#  836|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def69]
xfsprogs-6.14.0/libxfs/xfs_btree.h:430:16: warning[-Wanalyzer-null-dereference]: dereference of NULL 'block'
xfsprogs-6.14.0/libxfs/xfs_btree.c:5561:1: enter_function: entry to 'libxfs_btree_goto_left_edge'
xfsprogs-6.14.0/libxfs/xfs_btree.c:5568:17: call_function: calling 'libxfs_btree_lookup' from 'libxfs_btree_goto_left_edge'
#  428|   static inline int xfs_btree_get_numrecs(const struct xfs_btree_block *block)
#  429|   {
#  430|-> 	return be16_to_cpu(block->bb_numrecs);
#  431|   }
#  432|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def70]
xfsprogs-6.14.0/libxfs/xfs_dir2_block.c:1242:32: warning[-Wanalyzer-null-dereference]: dereference of NULL 'sfep'
xfsprogs-6.14.0/libxfs/xfs_dir2_block.c:1127:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_dir2_block.c:1132:17: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_dir2_block.c:1133:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_dir2_block.c:1135:9: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_dir2_block.c:1151:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_dir2_block.c:1157:15: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_dir2_block.c:1168:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_dir2_block.c:1174:17: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_dir2_block.c:1205:12: branch_true: following 'true' branch...
 branch_true: ...to here
xfsprogs-6.14.0/libxfs/xfs_dir2_block.c:1214:16: branch_true: following 'true' branch...
xfsprogs-6.14.0/libxfs/xfs_dir2_block.c:1218:20: branch_true: ...to here
xfsprogs-6.14.0/libxfs/xfs_dir2_block.c:1218:20: branch_true: following 'true' branch (when 'sfep' is NULL)...
xfsprogs-6.14.0/libxfs/xfs_dir2_block.c:1225:21: branch_true: ...to here
xfsprogs-6.14.0/libxfs/xfs_dir2_block.c:1225:20: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_dir2_block.c:1240:25: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_dir2_block.c:1242:32: danger: dereference of NULL 'sfep'
# 1240|   		dep = bp->b_addr + newoffset;
# 1241|   		dep->inumber = cpu_to_be64(xfs_dir2_sf_get_ino(mp, sfp, sfep));
# 1242|-> 		dep->namelen = sfep->namelen;
# 1243|   		xfs_dir2_data_put_ftype(mp, dep,
# 1244|   				xfs_dir2_sf_get_ftype(mp, sfep));

Error: GCC_ANALYZER_WARNING (CWE-476): [#def71]
xfsprogs-6.14.0/libxfs/xfs_exchmaps.c:878:13: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
xfsprogs-6.14.0/libxfs/xfs_exchmaps.c:859:1: enter_function: entry to 'xmi_ensure_delta_nextents'
xfsprogs-6.14.0/libxfs/xfs_exchmaps.c:866:40: call_function: calling 'xfs_ifork_ptr' from 'xmi_ensure_delta_nextents'
xfsprogs-6.14.0/libxfs/xfs_exchmaps.c:866:40: return_function: returning to 'xmi_ensure_delta_nextents' from 'xfs_ifork_ptr'
xfsprogs-6.14.0/libxfs/xfs_exchmaps.c:870:12: branch_false: following 'false' branch (when 'delta >= 0')...
xfsprogs-6.14.0/libxfs/xfs_exchmaps.c:878:13: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_exchmaps.c:878:13: danger: dereference of NULL 'xfs_ifork_ptr(ip,  <unknown>)'
#  876|   	 * coded into the overflow check.
#  877|   	 */
#  878|-> 	if (check_add_overflow(ifp->if_nextents, (uint64_t)delta,
#  879|   				&new_nextents))
#  880|   		return -EFBIG;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def72]
xfsprogs-6.14.0/libxfs/xfs_inode_fork.c:62:17: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
xfsprogs-6.14.0/libxfs/xfs_inode_fork.c:54:12: branch_true: following 'true' branch (when 'size != 0')...
xfsprogs-6.14.0/libxfs/xfs_inode_fork.c:55:34: branch_true: ...to here
xfsprogs-6.14.0/libxfs/xfs_inode_fork.c:59:20: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_inode_fork.c:62:17: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_inode_fork.c:62:17: danger: dereference of NULL 'xfs_ifork_ptr(ip,  whichfork)'
#   60|   			new_data[size] = '\0';
#   61|   
#   62|-> 		ifp->if_data = new_data;
#   63|   	} else {
#   64|   		ifp->if_data = NULL;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def73]
xfsprogs-6.14.0/libxfs/xfs_inode_fork.c:64:17: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
xfsprogs-6.14.0/libxfs/xfs_inode_fork.c:54:12: branch_false: following 'false' branch (when 'size == 0')...
xfsprogs-6.14.0/libxfs/xfs_inode_fork.c:64:17: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_inode_fork.c:64:17: danger: dereference of NULL 'xfs_ifork_ptr(ip,  whichfork)'
#   62|   		ifp->if_data = new_data;
#   63|   	} else {
#   64|-> 		ifp->if_data = NULL;
#   65|   	}
#   66|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def74]
xfsprogs-6.14.0/libxfs/xfs_inode_fork.c:135:9: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
xfsprogs-6.14.0/libxfs/xfs_inode_fork.c:125:12: branch_false: following 'false' branch...
xfsprogs-6.14.0/libxfs/xfs_inode_fork.c:135:9: danger: dereference of NULL 'xfs_ifork_ptr(ip,  whichfork)'
#  133|   	}
#  134|   
#  135|-> 	ifp->if_bytes = 0;
#  136|   	ifp->if_data = NULL;
#  137|   	ifp->if_height = 0;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def75]
xfsprogs-6.14.0/libxfs/xfs_inode_fork.c:199:13: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
#  197|   	 * blocks.
#  198|   	 */
#  199|-> 	if (unlikely(ifp->if_nextents <= XFS_IFORK_MAXEXT(ip, whichfork) ||
#  200|   		     nrecs == 0 ||
#  201|   		     xfs_bmdr_space_calc(nrecs) >

Error: GCC_ANALYZER_WARNING (CWE-476): [#def76]
xfsprogs-6.14.0/libxfs/xfs_inode_fork.c:457:44: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
#  455|   {
#  456|   	struct xfs_ifork	*ifp = xfs_ifork_ptr(ip, whichfork);
#  457|-> 	int64_t			new_size = ifp->if_bytes + byte_diff;
#  458|   
#  459|   	ASSERT(new_size >= 0);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def77]
xfsprogs-6.14.0/libxfs/xfs_inode_fork.c:753:19: warning[-Wanalyzer-null-dereference]: dereference of NULL '0'
xfsprogs-6.14.0/libxfs/xfs_inode_fork.c:749:12: branch_false: following 'false' branch (when 'whichfork != 2')...
xfsprogs-6.14.0/libxfs/xfs_inode_fork.c:753:19: branch_false: ...to here
xfsprogs-6.14.0/libxfs/xfs_inode_fork.c:753:19: danger: dereference of NULL 'xfs_ifork_ptr(ip,  whichfork)'
#  751|   
#  752|   	/* no point in upgrading if if_nextents overflows */
#  753|-> 	nr_exts = ifp->if_nextents + nr_to_add;
#  754|   	if (nr_exts < ifp->if_nextents)
#  755|   		return -EFBIG;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def78]
xfsprogs-6.14.0/logprint/log_misc.c:1419:17: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘len’
xfsprogs-6.14.0/logprint/log_misc.c:1337:6: enter_function: entry to ‘xfs_log_print’
xfsprogs-6.14.0/logprint/log_misc.c:1360:8: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/logprint/log_misc.c:1364:8: branch_false: ...to here
xfsprogs-6.14.0/logprint/log_misc.c:1368:5: call_function: calling ‘xlog_print_lseek’ from ‘xfs_log_print’
xfsprogs-6.14.0/logprint/log_misc.c:1368:5: return_function: returning to ‘xfs_log_print’ from ‘xlog_print_lseek’
xfsprogs-6.14.0/logprint/log_misc.c:1372:12: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/logprint/log_misc.c:1377:13: branch_false: ...to here
xfsprogs-6.14.0/logprint/log_misc.c:1386:12: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/logprint/log_misc.c:1396:13: branch_false: ...to here
xfsprogs-6.14.0/logprint/log_misc.c:1418:12: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/logprint/log_misc.c:1419:17: branch_true: ...to here
xfsprogs-6.14.0/logprint/log_misc.c:1419:17: danger: use of uninitialized value ‘len’ here
# 1417|   
# 1418|   	if (be32_to_cpu(hdr->h_version) == 2) {
# 1419|-> 	    if (xlog_print_extended_headers(fd, len, &blkno, hdr, &num_hdrs, &xhdrs) != 0)
# 1420|   		break;
# 1421|   	}

Error: GCC_ANALYZER_WARNING (CWE-457): [#def79]
xfsprogs-6.14.0/logprint/log_misc.c:1423:17: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘len’
xfsprogs-6.14.0/logprint/log_misc.c:1337:6: enter_function: entry to ‘xfs_log_print’
xfsprogs-6.14.0/logprint/log_misc.c:1360:8: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/logprint/log_misc.c:1364:8: branch_false: ...to here
xfsprogs-6.14.0/logprint/log_misc.c:1368:5: call_function: calling ‘xlog_print_lseek’ from ‘xfs_log_print’
xfsprogs-6.14.0/logprint/log_misc.c:1368:5: return_function: returning to ‘xfs_log_print’ from ‘xlog_print_lseek’
xfsprogs-6.14.0/logprint/log_misc.c:1372:12: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/logprint/log_misc.c:1377:13: branch_false: ...to here
xfsprogs-6.14.0/logprint/log_misc.c:1386:12: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/logprint/log_misc.c:1396:13: branch_false: ...to here
xfsprogs-6.14.0/logprint/log_misc.c:1418:12: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/logprint/log_misc.c:1423:17: branch_false: ...to here
xfsprogs-6.14.0/logprint/log_misc.c:1423:17: danger: use of uninitialized value ‘len’ here
# 1421|   	}
# 1422|   
# 1423|-> 	error =	xlog_print_record(log, fd, num_ops, len, &read_type, &partial_buf,
# 1424|   				  hdr, xhdrs, first_hdr_found);
# 1425|   	first_hdr_found++;

Error: GCC_ANALYZER_WARNING (CWE-617): [#def80]
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:52:9: warning[-Wanalyzer-tainted-assertion]: use of attacked-controlled value in condition for assertion
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:396:1: enter_function: entry to ‘restore_v2’
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:412:12: branch_false: following ‘false’ branch (when ‘block_buffer’ is non-NULL)...
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:415:13: branch_false: ...to here
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:415:12: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:418:13: branch_false: ...to here
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:421:17: call_function: calling ‘fatal’ from ‘restore_v2’
#   50|   	fprintf(stderr, "%s: ", progname);
#   51|   	vfprintf(stderr, msg, args);
#   52|-> 	exit(1);
#   53|   }
#   54|   

Error: GCC_ANALYZER_WARNING (CWE-688): [#def81]
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:132:13: warning[-Wanalyzer-null-argument]: use of NULL ‘path’ where non-null expected
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:514:1: enter_function: entry to ‘main’
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:559:12: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:563:14: branch_false: ...to here
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:578:20: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:582:13: branch_false: ...to here
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:582:12: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:585:17: branch_false: ...to here
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:603:12: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:610:9: branch_false: ...to here
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:613:9: call_function: calling ‘open_device’ from ‘main’
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:613:9: return_function: returning to ‘main’ from ‘open_device’
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:616:12: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:617:17: branch_true: ...to here
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:617:17: call_function: calling ‘open_device’ from ‘main’
#  130|   	dev->is_file = false;
#  131|   
#  132|-> 	if (stat(path, &statbuf) < 0)  {
#  133|   		/* ok, assume it's a file and create it */
#  134|   		open_flags |= O_CREAT;

Error: GCC_ANALYZER_WARNING (CWE-617): [#def82]
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:421:17: warning[-Wanalyzer-tainted-assertion]: use of attacked-controlled value in condition for assertion
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:412:12: branch_false: following ‘false’ branch (when ‘block_buffer’ is non-NULL)...
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:415:13: branch_false: ...to here
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:415:12: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:418:13: branch_false: ...to here
xfsprogs-6.14.0/mdrestore/xfs_mdrestore.c:421:17: danger: treating ‘fatal’ as an assertion failure handler due to ‘__attribute__((__noreturn__))’
#  419|   	    (be64_to_cpu(xme.xme_addr) & XME_ADDR_DEVICE_MASK) !=
#  420|   			XME_ADDR_DATA_DEVICE)
#  421|-> 		fatal("Invalid superblock disk address/length\n");
#  422|   
#  423|   	len = BBTOB(be32_to_cpu(xme.xme_len));

Error: GCC_ANALYZER_WARNING (CWE-688): [#def83]
xfsprogs-6.14.0/mkfs/proto.c:49:13: warning[-Wanalyzer-null-argument]: use of NULL ‘str’ where non-null expected
xfsprogs-6.14.0/mkfs/proto.c:933:1: enter_function: entry to ‘parse_proto’
xfsprogs-6.14.0/mkfs/proto.c:940:9: call_function: calling ‘parseproto’ from ‘parse_proto’
#   47|   		return cvtnum(blksize, sectsize, str);
#   48|   
#   49|-> 	i = strtoll(str, &sp, 0);
#   50|   	if (i == 0 && sp == str)
#   51|   		return -1LL;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def84]
xfsprogs-6.14.0/mkfs/proto.c:695:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘fname’
xfsprogs-6.14.0/mkfs/proto.c:933:1: enter_function: entry to ‘parse_proto’
xfsprogs-6.14.0/mkfs/proto.c:940:9: call_function: calling ‘parseproto’ from ‘parse_proto’
#  693|   	memset(&creds, 0, sizeof(creds));
#  694|   	mstr = getstr(pp);
#  695|-> 	switch (mstr[0]) {
#  696|   	case '-':
#  697|   		fmt = IF_REGULAR;

Error: GCC_ANALYZER_WARNING (CWE-126): [#def85]
xfsprogs-6.14.0/quota/edit.c:342:25: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
xfsprogs-6.14.0/quota/edit.c:336:16: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/quota/edit.c:337:21: branch_true: ...to here
xfsprogs-6.14.0/quota/edit.c:337:20: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/quota/edit.c:342:25: branch_true: ...to here
xfsprogs-6.14.0/quota/edit.c:342:25: danger: out-of-bounds read from byte 512 till byte 515 but ‘buffer’ ends at byte 512
#  340|   			 * newline, and move on to the next line.
#  341|   			 */
#  342|-> 			strncpy(dev, buffer + 5, sizeof(dev) - 1);
#  343|   			dev[strlen(dev) - 1] = '\0';
#  344|   			continue;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def86]
xfsprogs-6.14.0/repair/agbtree.c:416:37: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
xfsprogs-6.14.0/repair/agbtree.c:395:1: enter_function: entry to ‘get_inobt_records’
xfsprogs-6.14.0/repair/agbtree.c:406:16: branch_true: following ‘true’ branch (when ‘loaded < nr_wanted’)...
xfsprogs-6.14.0/repair/agbtree.c:413:42: branch_true: ...to here
xfsprogs-6.14.0/repair/agbtree.c:413:42: call_function: calling ‘get_ino_rec’ from ‘get_inobt_records’
xfsprogs-6.14.0/repair/agbtree.c:413:42: return_function: returning to ‘get_inobt_records’ from ‘get_ino_rec’
xfsprogs-6.14.0/repair/agbtree.c:413:17: release_memory: ‘0’ is NULL
xfsprogs-6.14.0/repair/agbtree.c:416:37: danger: dereference of NULL ‘get_ino_rec(cur, *(struct bt_rebuild *)priv.<U1000>.<Ubf00>.ino_rec)’
#  414|   
#  415|   		/* Transform the incore record into an on-disk record. */
#  416|-> 		irec->ir_startino = ino_rec->ino_startnum;
#  417|   		irec->ir_free = ino_rec->ir_free;
#  418|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def87]
xfsprogs-6.14.0/repair/attr_repair.c:70:21: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘map’
xfsprogs-6.14.0/repair/attr_repair.c:1316:1: enter_function: entry to ‘process_attributes’
xfsprogs-6.14.0/repair/attr_repair.c:1329:12: branch_false: following ‘false’ branch (when ‘aformat != 1’)...
xfsprogs-6.14.0/repair/attr_repair.c:1333:20: branch_false: ...to here
xfsprogs-6.14.0/repair/attr_repair.c:1333:19: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/repair/attr_repair.c:1335:31: branch_true: ...to here
xfsprogs-6.14.0/repair/attr_repair.c:1335:31: call_function: calling ‘process_longform_attr’ from ‘process_attributes’
#   68|   
#   69|   	for (i = start; i < stop; i ++)  {
#   70|-> 		if (map[i / NBBY] & (mask << i % NBBY))  {
#   71|   			do_warn(_("multiply claimed byte %d in da block\n"), i);
#   72|   			return(1);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def88]
xfsprogs-6.14.0/repair/incore.h:335:44: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
xfsprogs-6.14.0/repair/rmap.c:1531:1: enter_function: entry to ‘record_inode_reflink_flag’
xfsprogs-6.14.0/repair/rmap.c:1541:9: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/repair/rmap.c:1542:15: branch_true: ...to here
xfsprogs-6.14.0/repair/rmap.c:1542:12: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/repair/rmap.c:1544:16: branch_false: ...to here
xfsprogs-6.14.0/repair/rmap.c:1544:16: call_function: calling ‘find_inode_rec’ from ‘record_inode_reflink_flag’
xfsprogs-6.14.0/repair/rmap.c:1544:16: return_function: returning to ‘record_inode_reflink_flag’ from ‘find_inode_rec’
xfsprogs-6.14.0/repair/rmap.c:1545:15: call_function: inlined call to ‘get_inode_offset’ from ‘record_inode_reflink_flag’
#  333|   get_inode_offset(struct xfs_mount *mp, xfs_ino_t ino, ino_tree_node_t *irec)
#  334|   {
#  335|-> 	return XFS_INO_TO_AGINO(mp, ino) - irec->ino_startnum;
#  336|   }
#  337|   static inline ino_tree_node_t *

Error: GCC_ANALYZER_WARNING (CWE-401): [#def89]
xfsprogs-6.14.0/repair/incore_ext.c:276:9: warning[-Wanalyzer-malloc-leak]: leak of ‘mk_extent_tree_nodes(startblock,  blockcount, 2)’
xfsprogs-6.14.0/repair/incore_ext.c:263:1: enter_function: entry to ‘add_bcnt_extent’
xfsprogs-6.14.0/repair/incore_ext.c:271:9: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/repair/incore_ext.c:272:9: branch_true: ...to here
xfsprogs-6.14.0/repair/incore_ext.c:272:9: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/repair/incore_ext.c:274:15: branch_true: ...to here
xfsprogs-6.14.0/repair/incore_ext.c:274:15: call_function: calling ‘mk_extent_tree_nodes’ from ‘add_bcnt_extent’
xfsprogs-6.14.0/repair/incore_ext.c:274:15: return_function: returning to ‘add_bcnt_extent’ from ‘mk_extent_tree_nodes’
xfsprogs-6.14.0/repair/incore_ext.c:276:9: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/repair/incore_ext.c:282:47: branch_true: ...to here
xfsprogs-6.14.0/repair/incore_ext.c:282:12: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/repair/incore_ext.c:295:17: branch_true: ...to here
xfsprogs-6.14.0/repair/incore_ext.c:276:9: danger: ‘mk_extent_tree_nodes(startblock,  blockcount, 2)’ leaks here; was allocated at [(8)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/7)
#  274|   	ext = mk_extent_tree_nodes(startblock, blockcount, XR_E_FREE);
#  275|   
#  276|-> 	ASSERT(ext->next == NULL);
#  277|   
#  278|   #ifdef XR_BCNT_TRACE

Error: GCC_ANALYZER_WARNING (CWE-476): [#def90]
xfsprogs-6.14.0/repair/slab.c:229:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘qs’
xfsprogs-6.14.0/repair/slab.c:215:12: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/repair/slab.c:225:38: branch_false: ...to here
xfsprogs-6.14.0/repair/slab.c:227:16: branch_true: following ‘true’ branch (when ‘hdr’ is non-NULL)...
xfsprogs-6.14.0/repair/slab.c:228:22: branch_true: ...to here
xfsprogs-6.14.0/repair/slab.c:228:22: acquire_memory: this call could return NULL
xfsprogs-6.14.0/repair/slab.c:229:17: danger: ‘qs’ could be NULL: unchecked value from [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  227|   	while (hdr) {
#  228|   		qs = malloc(sizeof(struct qsort_slab));
#  229|-> 		qs->slab = slab;
#  230|   		qs->hdr = hdr;
#  231|   		qs->compare_fn = compare_fn;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def91]
xfsprogs-6.14.0/repair/xfs_repair.c:609:17: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘sb.sb_unit’
xfsprogs-6.14.0/repair/xfs_repair.c:699:1: enter_function: entry to ‘calc_mkfs’
xfsprogs-6.14.0/repair/xfs_repair.c:713:12: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/repair/xfs_repair.c:717:17: call_function: calling ‘guess_correct_sunit’ from ‘calc_mkfs’
#  607|   		do_warn(_("AG %u superblock contains plausible sb_unit value\n"),
#  608|   				agno);
#  609|-> 		new_sunit = sb.sb_unit;
#  610|   		goto fix;
#  611|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def92]
xfsprogs-6.14.0/scrub/inodes.c:475:34: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘arg’
xfsprogs-6.14.0/scrub/inodes.c:559:1: enter_function: entry to ‘scan_ag_inumbers’
xfsprogs-6.14.0/scrub/inodes.c:564:34: release_memory: ‘ichunk’ is NULL
xfsprogs-6.14.0/scrub/inodes.c:574:17: call_function: calling ‘alloc_ichunk’ from ‘scan_ag_inumbers’
xfsprogs-6.14.0/scrub/inodes.c:574:17: return_function: returning to ‘scan_ag_inumbers’ from ‘alloc_ichunk’
xfsprogs-6.14.0/scrub/inodes.c:575:12: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/scrub/inodes.c:577:16: branch_false: ...to here
xfsprogs-6.14.0/scrub/inodes.c:577:16: release_memory: ‘ichunk’ is NULL
xfsprogs-6.14.0/scrub/inodes.c:581:16: branch_true: following ‘true’ branch (when ‘error == 0’)...
xfsprogs-6.14.0/scrub/inodes.c:581:27: branch_true: ...to here
xfsprogs-6.14.0/scrub/inodes.c:581:16: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/scrub/inodes.c:581:42: branch_false: ...to here
xfsprogs-6.14.0/scrub/inodes.c:581:16: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/scrub/inodes.c:586:31: branch_true: ...to here
xfsprogs-6.14.0/scrub/inodes.c:586:20: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/scrub/inodes.c:595:17: branch_false: ...to here
xfsprogs-6.14.0/scrub/inodes.c:597:20: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/scrub/inodes.c:604:28: branch_false: ...to here
xfsprogs-6.14.0/scrub/inodes.c:604:27: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/scrub/inodes.c:620:25: branch_false: ...to here
xfsprogs-6.14.0/scrub/inodes.c:620:25: release_memory: ‘ichunk’ is NULL
xfsprogs-6.14.0/scrub/inodes.c:620:25: call_function: calling ‘scan_ag_bulkstat’ from ‘scan_ag_inumbers’
#  473|   	struct xfs_inumbers_req	*ireq = ichunk_to_inumbers(ichunk);
#  474|   	struct xfs_bulkstat_req	*breq = ichunk_to_bulkstat(ichunk);
#  475|-> 	struct scan_inodes	*si = ichunk->si;
#  476|   	struct xfs_bulkstat	*bs = &breq->bulkstat[0];
#  477|   	struct xfs_inumbers	*inumbers = &ireq->inumbers[0];

Error: GCC_ANALYZER_WARNING (CWE-457): [#def93]
xfsprogs-6.14.0/scrub/inodes.c:545:12: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘error’
xfsprogs-6.14.0/scrub/inodes.c:559:1: enter_function: entry to ‘scan_ag_inumbers’
xfsprogs-6.14.0/scrub/inodes.c:574:17: call_function: calling ‘alloc_ichunk’ from ‘scan_ag_inumbers’
xfsprogs-6.14.0/scrub/inodes.c:574:17: return_function: returning to ‘scan_ag_inumbers’ from ‘alloc_ichunk’
xfsprogs-6.14.0/scrub/inodes.c:575:12: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/scrub/inodes.c:577:16: branch_false: ...to here
xfsprogs-6.14.0/scrub/inodes.c:581:16: branch_true: following ‘true’ branch (when ‘error == 0’)...
xfsprogs-6.14.0/scrub/inodes.c:581:27: branch_true: ...to here
xfsprogs-6.14.0/scrub/inodes.c:581:16: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/scrub/inodes.c:581:42: branch_false: ...to here
xfsprogs-6.14.0/scrub/inodes.c:581:16: branch_true: following ‘true’ branch...
xfsprogs-6.14.0/scrub/inodes.c:586:31: branch_true: ...to here
xfsprogs-6.14.0/scrub/inodes.c:586:20: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/scrub/inodes.c:595:17: branch_false: ...to here
xfsprogs-6.14.0/scrub/inodes.c:597:20: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/scrub/inodes.c:604:28: branch_false: ...to here
xfsprogs-6.14.0/scrub/inodes.c:604:27: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/scrub/inodes.c:620:25: branch_false: ...to here
xfsprogs-6.14.0/scrub/inodes.c:620:25: call_function: calling ‘scan_ag_bulkstat’ from ‘scan_ag_inumbers’
#  543|   
#  544|   err:
#  545|-> 	if (error) {
#  546|   		str_liberror(ctx, error, descr_render(&dsc_bulkstat));
#  547|   		si->aborted = true;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def94]
xfsprogs-6.14.0/scrub/scrub.c:305:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
xfsprogs-6.14.0/scrub/scrub.c:328:1: enter_function: entry to ‘scrub_call_kernel’
xfsprogs-6.14.0/scrub/scrub.c:341:9: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/scrub/scrub.c:343:9: branch_false: ...to here
xfsprogs-6.14.0/scrub/scrub.c:346:9: branch_true: following ‘true’ branch (when ‘scrub_type != 33’)...
xfsprogs-6.14.0/scrub/scrub.c:347:23: branch_true: ...to here
xfsprogs-6.14.0/scrub/scrub.c:347:20: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/scrub/scrub.c:350:20: branch_false: ...to here
xfsprogs-6.14.0/scrub/scrub.c:350:20: branch_false: following ‘false’ branch (when ‘need_barrier == 0’)...
xfsprogs-6.14.0/scrub/scrub.c:355:17: branch_false: ...to here
xfsprogs-6.14.0/scrub/scrub.c:355:17: call_function: calling ‘xfrog_scrubv_add_item’ from ‘scrub_call_kernel’
#  303|   
#  304|   	v = xfrog_scrubv_next_vector(scrubv);
#  305|-> 	v->sv_type = scrub_type;
#  306|   	if (want_repair)
#  307|   		v->sv_flags |= XFS_SCRUB_IFLAG_REPAIR;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def95]
xfsprogs-6.14.0/scrub/scrub.c:321:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
xfsprogs-6.14.0/scrub/scrub.c:341:9: branch_false: following ‘false’ branch...
xfsprogs-6.14.0/scrub/scrub.c:343:9: branch_false: ...to here
xfsprogs-6.14.0/scrub/scrub.c:346:9: branch_true: following ‘true’ branch (when ‘scrub_type != 33’)...
xfsprogs-6.14.0/scrub/scrub.c:347:23: branch_true: ...to here
xfsprogs-6.14.0/scrub/scrub.c:346:9: branch_true: following ‘true’ branch (when ‘scrub_type != 33’)...
xfsprogs-6.14.0/scrub/scrub.c:347:23: branch_true: ...to here
xfsprogs-6.14.0/scrub/scrub.c:351:25: call_function: inlined call to ‘xfrog_scrubv_add_barrier’ from ‘scrub_call_kernel’
#  319|   	v = xfrog_scrubv_next_vector(scrubv);
#  320|   
#  321|-> 	v->sv_type = XFS_SCRUB_TYPE_BARRIER;
#  322|   	v->sv_flags = XFS_SCRUB_OFLAG_CORRUPT | XFS_SCRUB_OFLAG_XFAIL |
#  323|   		      XFS_SCRUB_OFLAG_XCORRUPT | XFS_SCRUB_OFLAG_INCOMPLETE;
Scan Properties

analyzer-version-clippy	1.86.0
analyzer-version-cppcheck	2.17.1
analyzer-version-gcc	15.0.1
analyzer-version-gcc-analyzer	15.0.1
analyzer-version-shellcheck	0.10.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-96.us-west-2.compute.internal
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-0.0.0.20250425.124705.g1c7c448.main-1.el9.noarch
mock-config	fedora-rawhide-x86_64
project-name	xfsprogs-6.14.0-1.fc43
store-results-to	/tmp/tmpoque1cx9/xfsprogs-6.14.0-1.fc43.tar.xz
time-created	2025-04-25 16:10:26
time-finished	2025-04-25 16:13:54
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'unicontrol,cppcheck,gcc,clippy,shellcheck' '-o' '/tmp/tmpoque1cx9/xfsprogs-6.14.0-1.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpoque1cx9/xfsprogs-6.14.0-1.fc43.src.rpm'
tool-version	csmock-3.8.1.20250422.172604.g26bc3d6-1.el9