dav1d-1.5.2-1.fc44

List of Findings

Error: CPPCHECK_WARNING (CWE-476): [#def1]
dav1d-1.5.2/include/common/dump.h:42: warning[nullPointerOutOfResources]: If resource allocation fails, then there is a possible null pointer dereference: f
#   40|       FILE *const f = fopen(file, "ab");
#   41|       while (h--) {
#   42|->         fwrite(buf, w * sizeof(pixel), 1, f);
#   43|           buf += PXSTRIDE(stride);
#   44|       }

Error: CPPCHECK_WARNING (CWE-476): [#def2]
dav1d-1.5.2/include/common/dump.h:45: warning[nullPointerOutOfResources]: If resource allocation fails, then there is a possible null pointer dereference: f
#   43|           buf += PXSTRIDE(stride);
#   44|       }
#   45|->     fclose(f);
#   46|   }
#   47|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def3]
dav1d-1.5.2/src/decode.c:3588:37: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘ref_coded_width[i]’
dav1d-1.5.2/src/decode.c:3333:8: branch_true: following ‘true’ branch...
dav1d-1.5.2/src/decode.c:3334:9: branch_true: ...to here
dav1d-1.5.2/src/decode.c:3445:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/src/decode.c:3492:9: branch_false: ...to here
dav1d-1.5.2/src/decode.c:3522:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/src/decode.c:3524:9: branch_false: ...to here
dav1d-1.5.2/src/decode.c:3574:12: branch_false: following ‘false’ branch...
dav1d-1.5.2/src/decode.c:3578:18: branch_false: ...to here
dav1d-1.5.2/src/decode.c:3585:12: branch_true: following ‘true’ branch...
dav1d-1.5.2/src/decode.c:3585:12: branch_true: ...to here
dav1d-1.5.2/src/decode.c:3586:29: branch_true: following ‘true’ branch (when ‘i != 7’)...
dav1d-1.5.2/src/decode.c:3587:36: branch_true: ...to here
dav1d-1.5.2/src/decode.c:3588:37: danger: use of uninitialized value ‘ref_coded_width[i]’ here
# 3586|               for (int i = 0; i < 7; i++) {
# 3587|                   const int refidx = f->frame_hdr->refidx[i];
# 3588|->                 const int ref_w = ((ref_coded_width[i] + 7) >> 3) << 1;
# 3589|                   const int ref_h = ((f->refp[i].p.p.h + 7) >> 3) << 1;
# 3590|                   if (c->refs[refidx].refmvs != NULL &&

Error: CPPCHECK_WARNING (CWE-119): [#def4]
dav1d-1.5.2/src/decode.c:3600: error[bufferAccessOutOfBounds]: Buffer is accessed out of bounds: c->refs[refidx].refpoc
# 3598|                       f->ref_mvs_ref[i] = NULL;
# 3599|                   }
# 3600|->                 memcpy(f->refrefpoc[i], c->refs[refidx].refpoc,
# 3601|                          sizeof(*f->refrefpoc));
# 3602|               }

Error: GCC_ANALYZER_WARNING (CWE-457): [#def5]
dav1d-1.5.2/src/decode.c:3622:33: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘ref_coded_width[pri_ref]’
dav1d-1.5.2/src/decode.c:3333:8: branch_true: following ‘true’ branch...
dav1d-1.5.2/src/decode.c:3334:9: branch_true: ...to here
dav1d-1.5.2/src/decode.c:3445:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/src/decode.c:3492:9: branch_false: ...to here
dav1d-1.5.2/src/decode.c:3522:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/src/decode.c:3524:9: branch_false: ...to here
dav1d-1.5.2/src/decode.c:3612:8: branch_true: following ‘true’ branch...
dav1d-1.5.2/src/decode.c:3614:9: branch_true: ...to here
dav1d-1.5.2/src/decode.c:3621:13: branch_false: following ‘false’ branch (when ‘pri_ref != 7’)...
dav1d-1.5.2/src/decode.c:3622:33: branch_false: ...to here
dav1d-1.5.2/src/decode.c:3622:33: danger: use of uninitialized value ‘ref_coded_width[pri_ref]’ here
# 3620|               const int pri_ref = f->frame_hdr->primary_ref_frame;
# 3621|               assert(pri_ref != DAV1D_PRIMARY_REF_NONE);
# 3622|->             const int ref_w = ((ref_coded_width[pri_ref] + 7) >> 3) << 1;
# 3623|               const int ref_h = ((f->refp[pri_ref].p.p.h + 7) >> 3) << 1;
# 3624|               if (ref_w == f->bw && ref_h == f->bh) {

Error: CPPCHECK_WARNING (CWE-457): [#def6]
dav1d-1.5.2/src/ipred_prepare_tmpl.c:142: error[legacyUninitvar]: Uninitialized variable: dst_top
#  140|                   pixel_set(left, left[sz - px_have], sz - px_have);
#  141|           } else {
#  142|->             pixel_set(left, have_top ? *dst_top : ((1 << bitdepth) >> 1) + 1, sz);
#  143|           }
#  144|   

Error: GCC_ANALYZER_WARNING (CWE-404): [#def7]
dav1d-1.5.2/src/log.c:54:5: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
dav1d-1.5.2/src/log.c:47:5: branch_false: following ‘false’ branch (when ‘c’ is non-NULL)...
dav1d-1.5.2/src/log.c:49:10: branch_false: ...to here
dav1d-1.5.2/src/log.c:49:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/src/log.c:53:5: branch_false: ...to here
dav1d-1.5.2/src/log.c:53:5: acquire_resource: ‘va_start’ called here
dav1d-1.5.2/src/log.c:54:5: throw: if the called function throws an exception...
dav1d-1.5.2/src/log.c:54:5: danger: missing call to ‘va_end’ to match ‘va_start’ at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#   52|       va_list ap;
#   53|       va_start(ap, format);
#   54|->     c->logger.callback(c->logger.cookie, format, ap);
#   55|       va_end(ap);
#   56|   }

Error: GCC_ANALYZER_WARNING (CWE-457): [#def8]
dav1d-1.5.2/src/loopfilter_tmpl.c:118:28: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘flat8in’
dav1d-1.5.2/src/loopfilter_tmpl.c:227:13: enter_function: entry to ‘loop_filter_v_sb128uv_c’
dav1d-1.5.2/src/loopfilter_tmpl.c:234:26: branch_true: following ‘true’ branch...
dav1d-1.5.2/src/loopfilter_tmpl.c:235:13: branch_true: ...to here
dav1d-1.5.2/src/loopfilter_tmpl.c:235:12: branch_true: following ‘true’ branch...
dav1d-1.5.2/src/loopfilter_tmpl.c:236:27: branch_true: ...to here
dav1d-1.5.2/src/loopfilter_tmpl.c:237:16: branch_false: following ‘false’ branch (when ‘L != 0’)...
dav1d-1.5.2/src/loopfilter_tmpl.c:238:23: branch_false: ...to here
dav1d-1.5.2/src/loopfilter_tmpl.c:241:13: call_function: calling ‘loop_filter’ from ‘loop_filter_v_sb128uv_c’
#  116|               dst[strideb * +5] = (p0 + q0 + q1 + q2 + q3 + q4 * 2 + q5 * 2 +
#  117|                                    q6 * 2 + q6 + q6 + q6 + q6 + q6 + 8) >> 4;
#  118|->         } else if (wd >= 8 && flat8in) {
#  119|               dst[strideb * -3] = (p3 + p3 + p3 + 2 * p2 + p1 + p0 + q0 + 4) >> 3;
#  120|               dst[strideb * -2] = (p3 + p3 + p2 + 2 * p1 + p0 + q0 + q1 + 4) >> 3;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def9]
dav1d-1.5.2/src/mc_tmpl.c:525:22: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>’
dav1d-1.5.2/src/mc_tmpl.c:508:16: branch_false: following ‘false’ branch (when ‘in_y >= y’)...
dav1d-1.5.2/src/mc_tmpl.c:508:16: branch_false: ...to here
dav1d-1.5.2/src/mc_tmpl.c:524:21: branch_true: following ‘true’ branch (when ‘x < w’)...
dav1d-1.5.2/src/mc_tmpl.c:525:22: branch_true: ...to here
dav1d-1.5.2/src/mc_tmpl.c:525:22: danger: use of uninitialized value ‘*<unknown>’ here
#  523|   
#  524|           for (x = 0; x < w; x++)
#  525|->             dst[x] = FILTER_BILIN_CLIP2(mid1, mid2, x, dmy >> 6,
#  526|                                          4 + intermediate_bits);
#  527|   

Error: GCC_ANALYZER_WARNING (CWE-457): [#def10]
dav1d-1.5.2/src/mc_tmpl.c:621:22: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>’
dav1d-1.5.2/src/mc_tmpl.c:604:16: branch_false: following ‘false’ branch (when ‘in_y >= y’)...
dav1d-1.5.2/src/mc_tmpl.c:604:16: branch_false: ...to here
dav1d-1.5.2/src/mc_tmpl.c:620:21: branch_true: following ‘true’ branch (when ‘x < w’)...
dav1d-1.5.2/src/mc_tmpl.c:621:22: branch_true: ...to here
dav1d-1.5.2/src/mc_tmpl.c:621:22: danger: use of uninitialized value ‘*<unknown>’ here
#  619|   
#  620|           for (x = 0; x < w; x++)
#  621|->             tmp[x] = FILTER_BILIN_RND2(mid1, mid2, x, dmy >> 6, 4) - PREP_BIAS;
#  622|   
#  623|           my += dy;

Error: CPPCHECK_WARNING (CWE-758): [#def11]
dav1d-1.5.2/src/refmvs.c:188: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  186|       // Round and clip according to AV1 spec section 7.9.3
#  187|       return (union mv) { // 0x3fff == (1 << 14) - 1
#  188|->         .y = iclip((y + 8192 + (y >> 31)) >> 14, -0x3fff, 0x3fff),
#  189|           .x = iclip((x + 8192 + (x >> 31)) >> 14, -0x3fff, 0x3fff)
#  190|       };

Error: CPPCHECK_WARNING (CWE-758): [#def12]
dav1d-1.5.2/src/refmvs.c:189: error[shiftTooManyBitsSigned]: Shifting signed 32-bit value by 31 bits is undefined behaviour
#  187|       return (union mv) { // 0x3fff == (1 << 14) - 1
#  188|           .y = iclip((y + 8192 + (y >> 31)) >> 14, -0x3fff, 0x3fff),
#  189|->         .x = iclip((x + 8192 + (x >> 31)) >> 14, -0x3fff, 0x3fff)
#  190|       };
#  191|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def13]
dav1d-1.5.2/tests/libfuzzer/main.c:66:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(filename, "rb")’
dav1d-1.5.2/tests/libfuzzer/main.c:51:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tests/libfuzzer/main.c:55:9: branch_false: ...to here
dav1d-1.5.2/tests/libfuzzer/main.c:55:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tests/libfuzzer/main.c:59:5: branch_false: ...to here
dav1d-1.5.2/tests/libfuzzer/main.c:61:15: acquire_resource: opened here
dav1d-1.5.2/tests/libfuzzer/main.c:61:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tests/libfuzzer/main.c:66:9: branch_false: ...to here
dav1d-1.5.2/tests/libfuzzer/main.c:66:9: throw: if ‘fseeko’ throws an exception...
dav1d-1.5.2/tests/libfuzzer/main.c:66:9: danger: ‘fopen(filename, "rb")’ leaks here; was opened at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#   64|       }
#   65|   
#   66|->     if (fseeko(f, 0, SEEK_END) == -1) {
#   67|           fprintf(stderr, "fseek(%s, 0, SEEK_END) failed: %s\n", filename,
#   68|                   strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def14]
dav1d-1.5.2/tests/libfuzzer/main.c:66:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filename, "rb")’
dav1d-1.5.2/tests/libfuzzer/main.c:51:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tests/libfuzzer/main.c:55:9: branch_false: ...to here
dav1d-1.5.2/tests/libfuzzer/main.c:55:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tests/libfuzzer/main.c:59:5: branch_false: ...to here
dav1d-1.5.2/tests/libfuzzer/main.c:61:15: acquire_memory: allocated here
dav1d-1.5.2/tests/libfuzzer/main.c:61:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tests/libfuzzer/main.c:66:9: branch_false: ...to here
dav1d-1.5.2/tests/libfuzzer/main.c:66:9: throw: if ‘fseeko’ throws an exception...
dav1d-1.5.2/tests/libfuzzer/main.c:66:9: danger: ‘fopen(filename, "rb")’ leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#   64|       }
#   65|   
#   66|->     if (fseeko(f, 0, SEEK_END) == -1) {
#   67|           fprintf(stderr, "fseek(%s, 0, SEEK_END) failed: %s\n", filename,
#   68|                   strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def15]
dav1d-1.5.2/tests/libfuzzer/main.c:94:11: warning[-Wanalyzer-malloc-leak]: leak of ‘data’
dav1d-1.5.2/tests/libfuzzer/main.c:51:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tests/libfuzzer/main.c:55:9: branch_false: ...to here
dav1d-1.5.2/tests/libfuzzer/main.c:55:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tests/libfuzzer/main.c:59:5: branch_false: ...to here
dav1d-1.5.2/tests/libfuzzer/main.c:61:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tests/libfuzzer/main.c:66:9: branch_false: ...to here
dav1d-1.5.2/tests/libfuzzer/main.c:66:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tests/libfuzzer/main.c:71:18: branch_false: ...to here
dav1d-1.5.2/tests/libfuzzer/main.c:71:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tests/libfuzzer/main.c:75:5: branch_false: ...to here
dav1d-1.5.2/tests/libfuzzer/main.c:77:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tests/libfuzzer/main.c:83:18: branch_false: ...to here
dav1d-1.5.2/tests/libfuzzer/main.c:83:18: acquire_memory: allocated here
dav1d-1.5.2/tests/libfuzzer/main.c:83:8: branch_false: following ‘false’ branch (when ‘data’ is non-NULL)...
dav1d-1.5.2/tests/libfuzzer/main.c:88:9: branch_false: ...to here
dav1d-1.5.2/tests/libfuzzer/main.c:88:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tests/libfuzzer/main.c:94:11: branch_false: ...to here
dav1d-1.5.2/tests/libfuzzer/main.c:94:11: throw: if ‘LLVMFuzzerTestOneInput’ throws an exception...
dav1d-1.5.2/tests/libfuzzer/main.c:94:11: danger: ‘data’ leaks here; was allocated at [(13)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/12)
#   92|       }
#   93|   
#   94|->     ret = LLVMFuzzerTestOneInput(data, size);
#   95|   
#   96|   error:

Error: GCC_ANALYZER_WARNING (CWE-775): [#def16]
dav1d-1.5.2/tools/dav1d.c:90:5: warning[-Wanalyzer-file-leak]: leak of FILE ‘frametimes’
dav1d-1.5.2/tools/dav1d.c:190:5: enter_function: entry to ‘main’
dav1d-1.5.2/tools/dav1d.c:209:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:219:5: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:262:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:265:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:265:8: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:266:22: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:266:22: acquire_resource: opened here
dav1d-1.5.2/tools/dav1d.c:295:12: branch_false: following ‘false’ branch (when ‘res == 0’)...
dav1d-1.5.2/tools/dav1d.c:297:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:298:12: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:300:17: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:303:20: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:307:20: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:307:12: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:315:16: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:315:16: branch_true: following ‘true’ branch (when ‘n_out == 0’)...
dav1d-1.5.2/tools/dav1d.c:316:28: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:316:20: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:324:24: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:324:16: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:326:13: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:328:17: call_function: calling ‘synchronize’ from ‘main’
#   88|           .tv_nsec = d % 1000000000,
#   89|       };
#   90|->     nanosleep(&ts, NULL);
#   91|   #endif
#   92|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def17]
dav1d-1.5.2/tools/dav1d.c:90:5: warning[-Wanalyzer-malloc-leak]: leak of ‘frametimes’
dav1d-1.5.2/tools/dav1d.c:190:5: enter_function: entry to ‘main’
dav1d-1.5.2/tools/dav1d.c:209:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:219:5: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:262:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:265:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:265:8: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:266:22: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:266:22: acquire_memory: allocated here
dav1d-1.5.2/tools/dav1d.c:295:12: branch_false: following ‘false’ branch (when ‘res == 0’)...
dav1d-1.5.2/tools/dav1d.c:297:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:298:12: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:300:17: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:303:20: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:307:20: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:307:12: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:315:16: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:315:16: branch_true: following ‘true’ branch (when ‘n_out == 0’)...
dav1d-1.5.2/tools/dav1d.c:316:28: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:316:20: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:324:24: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:324:16: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:326:13: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:328:17: call_function: calling ‘synchronize’ from ‘main’
#   88|           .tv_nsec = d % 1000000000,
#   89|       };
#   90|->     nanosleep(&ts, NULL);
#   91|   #endif
#   92|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def18]
dav1d-1.5.2/tools/dav1d.c:113:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘frametimes’
dav1d-1.5.2/tools/dav1d.c:190:5: enter_function: entry to ‘main’
dav1d-1.5.2/tools/dav1d.c:209:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:219:5: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:262:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:265:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:265:8: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:266:22: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:266:22: acquire_resource: opened here
dav1d-1.5.2/tools/dav1d.c:295:12: branch_false: following ‘false’ branch (when ‘res == 0’)...
dav1d-1.5.2/tools/dav1d.c:297:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:298:12: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:300:17: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:303:20: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:307:20: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:307:12: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:315:16: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:315:16: branch_true: following ‘true’ branch (when ‘n_out == 0’)...
dav1d-1.5.2/tools/dav1d.c:316:28: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:316:20: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:324:24: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:324:16: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:326:13: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:328:17: call_function: calling ‘synchronize’ from ‘main’
#  111|           const uint64_t frametime = *elapsed - last;
#  112|           fprintf(frametimes, "%" PRIu64 "\n", frametime);
#  113|->         fflush(frametimes);
#  114|       }
#  115|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def19]
dav1d-1.5.2/tools/dav1d.c:113:9: warning[-Wanalyzer-malloc-leak]: leak of ‘frametimes’
dav1d-1.5.2/tools/dav1d.c:190:5: enter_function: entry to ‘main’
dav1d-1.5.2/tools/dav1d.c:209:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:219:5: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:262:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:265:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:265:8: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:266:22: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:266:22: acquire_memory: allocated here
dav1d-1.5.2/tools/dav1d.c:295:12: branch_false: following ‘false’ branch (when ‘res == 0’)...
dav1d-1.5.2/tools/dav1d.c:297:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:298:12: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:300:17: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:303:20: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:307:20: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:307:12: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:315:16: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:315:16: branch_true: following ‘true’ branch (when ‘n_out == 0’)...
dav1d-1.5.2/tools/dav1d.c:316:28: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:316:20: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:324:24: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:324:16: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:326:13: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:328:17: call_function: calling ‘synchronize’ from ‘main’
#  111|           const uint64_t frametime = *elapsed - last;
#  112|           fprintf(frametimes, "%" PRIu64 "\n", frametime);
#  113|->         fflush(frametimes);
#  114|       }
#  115|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def20]
dav1d-1.5.2/tools/dav1d.c:298:20: warning[-Wanalyzer-file-leak]: leak of FILE ‘frametimes’
dav1d-1.5.2/tools/dav1d.c:209:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:219:5: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:262:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:265:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:265:8: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:266:22: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:266:22: acquire_resource: opened here
dav1d-1.5.2/tools/dav1d.c:295:12: branch_false: following ‘false’ branch (when ‘res == 0’)...
dav1d-1.5.2/tools/dav1d.c:297:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:298:20: throw: if ‘dav1d_send_data’ throws an exception...
dav1d-1.5.2/tools/dav1d.c:298:20: danger: ‘frametimes’ leaks here; was opened at [(10)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/9)
#  296|   
#  297|           memset(&p, 0, sizeof(p));
#  298|->         if ((res = dav1d_send_data(c, &data)) < 0) {
#  299|               if (res != DAV1D_ERR(EAGAIN)) {
#  300|                   dav1d_data_unref(&data);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def21]
dav1d-1.5.2/tools/dav1d.c:298:20: warning[-Wanalyzer-malloc-leak]: leak of ‘frametimes’
dav1d-1.5.2/tools/dav1d.c:209:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:219:5: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:262:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:265:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:265:8: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:266:22: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:266:22: acquire_memory: allocated here
dav1d-1.5.2/tools/dav1d.c:295:12: branch_false: following ‘false’ branch (when ‘res == 0’)...
dav1d-1.5.2/tools/dav1d.c:297:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:298:20: throw: if ‘dav1d_send_data’ throws an exception...
dav1d-1.5.2/tools/dav1d.c:298:20: danger: ‘frametimes’ leaks here; was allocated at [(10)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/9)
#  296|   
#  297|           memset(&p, 0, sizeof(p));
#  298|->         if ((res = dav1d_send_data(c, &data)) < 0) {
#  299|               if (res != DAV1D_ERR(EAGAIN)) {
#  300|                   dav1d_data_unref(&data);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def22]
dav1d-1.5.2/tools/dav1d.c:300:17: warning[-Wanalyzer-file-leak]: leak of FILE ‘frametimes’
dav1d-1.5.2/tools/dav1d.c:209:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:219:5: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:262:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:265:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:265:8: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:266:22: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:266:22: acquire_resource: opened here
dav1d-1.5.2/tools/dav1d.c:295:12: branch_false: following ‘false’ branch (when ‘res == 0’)...
dav1d-1.5.2/tools/dav1d.c:297:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:298:12: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:300:17: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:300:17: throw: if ‘dav1d_data_unref’ throws an exception...
dav1d-1.5.2/tools/dav1d.c:300:17: danger: ‘frametimes’ leaks here; was opened at [(10)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/9)
#  298|           if ((res = dav1d_send_data(c, &data)) < 0) {
#  299|               if (res != DAV1D_ERR(EAGAIN)) {
#  300|->                 dav1d_data_unref(&data);
#  301|                   fprintf(stderr, "Error decoding frame: %s\n",
#  302|                           strerror(DAV1D_ERR(res)));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def23]
dav1d-1.5.2/tools/dav1d.c:300:17: warning[-Wanalyzer-malloc-leak]: leak of ‘frametimes’
dav1d-1.5.2/tools/dav1d.c:209:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:219:5: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:262:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:265:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:265:8: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:266:22: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:266:22: acquire_memory: allocated here
dav1d-1.5.2/tools/dav1d.c:295:12: branch_false: following ‘false’ branch (when ‘res == 0’)...
dav1d-1.5.2/tools/dav1d.c:297:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:298:12: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:300:17: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:300:17: throw: if ‘dav1d_data_unref’ throws an exception...
dav1d-1.5.2/tools/dav1d.c:300:17: danger: ‘frametimes’ leaks here; was allocated at [(10)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/9)
#  298|           if ((res = dav1d_send_data(c, &data)) < 0) {
#  299|               if (res != DAV1D_ERR(EAGAIN)) {
#  300|->                 dav1d_data_unref(&data);
#  301|                   fprintf(stderr, "Error decoding frame: %s\n",
#  302|                           strerror(DAV1D_ERR(res)));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def24]
dav1d-1.5.2/tools/dav1d.c:307:20: warning[-Wanalyzer-file-leak]: leak of FILE ‘frametimes’
dav1d-1.5.2/tools/dav1d.c:209:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:219:5: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:262:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:265:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:265:8: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:266:22: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:266:22: acquire_resource: opened here
dav1d-1.5.2/tools/dav1d.c:295:12: branch_false: following ‘false’ branch (when ‘res == 0’)...
dav1d-1.5.2/tools/dav1d.c:297:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:298:12: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:300:17: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:303:20: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:307:20: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:307:20: throw: if ‘dav1d_get_picture’ throws an exception...
dav1d-1.5.2/tools/dav1d.c:307:20: danger: ‘frametimes’ leaks here; was opened at [(10)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/9)
#  305|           }
#  306|   
#  307|->         if ((res = dav1d_get_picture(c, &p)) < 0) {
#  308|               if (res != DAV1D_ERR(EAGAIN)) {
#  309|                   fprintf(stderr, "Error decoding frame: %s\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def25]
dav1d-1.5.2/tools/dav1d.c:307:20: warning[-Wanalyzer-malloc-leak]: leak of ‘frametimes’
dav1d-1.5.2/tools/dav1d.c:209:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:219:5: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:262:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:265:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:265:8: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:266:22: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:266:22: acquire_memory: allocated here
dav1d-1.5.2/tools/dav1d.c:295:12: branch_false: following ‘false’ branch (when ‘res == 0’)...
dav1d-1.5.2/tools/dav1d.c:297:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:298:12: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:300:17: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:303:20: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:307:20: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:307:20: throw: if ‘dav1d_get_picture’ throws an exception...
dav1d-1.5.2/tools/dav1d.c:307:20: danger: ‘frametimes’ leaks here; was allocated at [(10)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/9)
#  305|           }
#  306|   
#  307|->         if ((res = dav1d_get_picture(c, &p)) < 0) {
#  308|               if (res != DAV1D_ERR(EAGAIN)) {
#  309|                   fprintf(stderr, "Error decoding frame: %s\n",

Error: GCC_ANALYZER_WARNING (CWE-775): [#def26]
dav1d-1.5.2/tools/dav1d.c:316:28: warning[-Wanalyzer-file-leak]: leak of FILE ‘frametimes’
dav1d-1.5.2/tools/dav1d.c:209:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:219:5: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:262:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:265:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:265:8: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:266:22: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:266:22: acquire_resource: opened here
dav1d-1.5.2/tools/dav1d.c:295:12: branch_false: following ‘false’ branch (when ‘res == 0’)...
dav1d-1.5.2/tools/dav1d.c:297:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:298:12: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:300:17: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:303:20: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:307:20: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:307:12: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:315:16: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:315:16: branch_true: following ‘true’ branch (when ‘n_out == 0’)...
dav1d-1.5.2/tools/dav1d.c:316:28: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:316:28: throw: if ‘output_open’ throws an exception...
dav1d-1.5.2/tools/dav1d.c:316:28: danger: ‘frametimes’ leaks here; was opened at [(10)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/9)
#  314|           } else {
#  315|               if (!n_out) {
#  316|->                 if ((res = output_open(&out, cli_settings.muxer,
#  317|                                          cli_settings.outputfile,
#  318|                                          &p.p, fps)) < 0)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def27]
dav1d-1.5.2/tools/dav1d.c:316:28: warning[-Wanalyzer-malloc-leak]: leak of ‘frametimes’
dav1d-1.5.2/tools/dav1d.c:209:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:219:5: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:262:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:265:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:265:8: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:266:22: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:266:22: acquire_memory: allocated here
dav1d-1.5.2/tools/dav1d.c:295:12: branch_false: following ‘false’ branch (when ‘res == 0’)...
dav1d-1.5.2/tools/dav1d.c:297:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:298:12: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:300:17: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:303:20: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:307:20: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:307:12: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:315:16: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:315:16: branch_true: following ‘true’ branch (when ‘n_out == 0’)...
dav1d-1.5.2/tools/dav1d.c:316:28: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:316:28: throw: if ‘output_open’ throws an exception...
dav1d-1.5.2/tools/dav1d.c:316:28: danger: ‘frametimes’ leaks here; was allocated at [(10)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/9)
#  314|           } else {
#  315|               if (!n_out) {
#  316|->                 if ((res = output_open(&out, cli_settings.muxer,
#  317|                                          cli_settings.outputfile,
#  318|                                          &p.p, fps)) < 0)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def28]
dav1d-1.5.2/tools/dav1d.c:324:24: warning[-Wanalyzer-file-leak]: leak of FILE ‘frametimes’
dav1d-1.5.2/tools/dav1d.c:209:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:219:5: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:262:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:265:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:265:8: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:266:22: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:266:22: acquire_resource: opened here
dav1d-1.5.2/tools/dav1d.c:295:12: branch_false: following ‘false’ branch (when ‘res == 0’)...
dav1d-1.5.2/tools/dav1d.c:297:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:298:12: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:300:17: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:303:20: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:307:20: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:307:12: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:315:16: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:315:16: branch_true: following ‘true’ branch (when ‘n_out == 0’)...
dav1d-1.5.2/tools/dav1d.c:316:28: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:316:20: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:324:24: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:324:24: throw: if ‘output_write’ throws an exception...
dav1d-1.5.2/tools/dav1d.c:324:24: danger: ‘frametimes’ leaks here; was opened at [(10)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/9)
#  322|                   }
#  323|               }
#  324|->             if ((res = output_write(out, &p)) < 0)
#  325|                   break;
#  326|               n_out++;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def29]
dav1d-1.5.2/tools/dav1d.c:324:24: warning[-Wanalyzer-malloc-leak]: leak of ‘frametimes’
dav1d-1.5.2/tools/dav1d.c:209:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:219:5: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:225:8: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:262:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:265:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:265:8: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:266:22: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:266:22: acquire_memory: allocated here
dav1d-1.5.2/tools/dav1d.c:295:12: branch_false: following ‘false’ branch (when ‘res == 0’)...
dav1d-1.5.2/tools/dav1d.c:297:9: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:298:12: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:299:16: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/dav1d.c:300:17: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:303:20: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:307:20: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:307:12: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:315:16: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:315:16: branch_true: following ‘true’ branch (when ‘n_out == 0’)...
dav1d-1.5.2/tools/dav1d.c:316:28: branch_true: ...to here
dav1d-1.5.2/tools/dav1d.c:316:20: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/dav1d.c:324:24: branch_false: ...to here
dav1d-1.5.2/tools/dav1d.c:324:24: throw: if ‘output_write’ throws an exception...
dav1d-1.5.2/tools/dav1d.c:324:24: danger: ‘frametimes’ leaks here; was allocated at [(10)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/9)
#  322|                   }
#  323|               }
#  324|->             if ((res = output_write(out, &p)) < 0)
#  325|                   break;
#  326|               n_out++;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def30]
dav1d-1.5.2/tools/input/input.c:100:17: warning[-Wanalyzer-malloc-leak]: leak of ‘probe_data’
dav1d-1.5.2/tools/input/input.c:65:8: branch_false: following ‘false’ branch (when ‘name’ is NULL)...
dav1d-1.5.2/tools/input/input.c:65:8: branch_false: ...to here
dav1d-1.5.2/tools/input/input.c:78:21: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/input/input.c:79:24: branch_true: ...to here
dav1d-1.5.2/tools/input/input.c:80:37: acquire_memory: allocated here
dav1d-1.5.2/tools/input/input.c:81:12: branch_false: following ‘false’ branch (when ‘probe_data’ is non-NULL)...
dav1d-1.5.2/tools/input/input.c:85:19: branch_false: ...to here
dav1d-1.5.2/tools/input/input.c:86:12: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/input/input.c:91:17: branch_false: ...to here
dav1d-1.5.2/tools/input/input.c:93:12: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/input/input.c:93:12: branch_false: ...to here
dav1d-1.5.2/tools/input/input.c:99:21: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/input/input.c:100:17: branch_true: ...to here
dav1d-1.5.2/tools/input/input.c:100:17: throw: if the called function throws an exception...
dav1d-1.5.2/tools/input/input.c:100:17: danger: ‘probe_data’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#   98|   
#   99|           for (i = 0; demuxers[i]; i++) {
#  100|->             if (demuxers[i]->probe(probe_data)) {
#  101|                   impl = demuxers[i];
#  102|                   break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def31]
dav1d-1.5.2/tools/input/input.c:120:16: warning[-Wanalyzer-malloc-leak]: leak of ‘c’
dav1d-1.5.2/tools/input/input.c:66:21: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/input/input.c:67:25: branch_true: ...to here
dav1d-1.5.2/tools/input/input.c:72:12: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/input/input.c:114:63: branch_false: ...to here
dav1d-1.5.2/tools/input/input.c:114:15: acquire_memory: allocated here
dav1d-1.5.2/tools/input/input.c:114:8: branch_false: following ‘false’ branch (when ‘c’ is non-NULL)...
dav1d-1.5.2/tools/input/input.c:118:5: branch_false: ...to here
dav1d-1.5.2/tools/input/input.c:120:16: throw: if the called function throws an exception...
dav1d-1.5.2/tools/input/input.c:120:16: danger: ‘c’ leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  118|       c->impl = impl;
#  119|       c->data = (DemuxerPriv *) c->priv_data;
#  120|->     if ((res = impl->open(c->data, filename, fps, num_frames, timebase)) < 0) {
#  121|           free(c);
#  122|           return res;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def32]
dav1d-1.5.2/tools/output/xxhash.c:62:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
dav1d-1.5.2/tools/output/xxhash.c:45:12: enter_function: entry to ‘xxh3_open’
dav1d-1.5.2/tools/output/xxhash.c:50:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/output/xxhash.c:51:25: call_function: inlined call to ‘XXH_INLINE_XXH3_128bits_reset’ from ‘xxh3_open’
dav1d-1.5.2/tools/output/xxhash.c:52:8: branch_false: following ‘false’ branch...
dav1d-1.5.2/tools/output/xxhash.c:58:10: branch_false: ...to here
dav1d-1.5.2/tools/output/xxhash.c:58:8: branch_false: following ‘false’ branch (when the strings are non-equal)...
dav1d-1.5.2/tools/output/xxhash.c:60:28: branch_false: ...to here
dav1d-1.5.2/tools/output/xxhash.c:60:15: branch_true: following ‘true’ branch...
dav1d-1.5.2/tools/output/xxhash.c:61:9: branch_true: ...to here
dav1d-1.5.2/tools/output/xxhash.c:62:9: danger: ‘<unknown>’ leaks here
#   60|       } else if (!(xxh3->f = fopen(file, "wb"))) {
#   61|           XXH3_freeState(xxh3->state);
#   62|->         xxh3->state = NULL;
#   63|           fprintf(stderr, "Failed to open %s: %s\n", file, strerror(errno));
#   64|           return -1;
Scan Properties

analyzer-version-clippy	1.92.0
analyzer-version-cppcheck	2.19.1
analyzer-version-gcc	16.0.0
analyzer-version-gcc-analyzer	16.0.0
analyzer-version-shellcheck	0.11.0
analyzer-version-unicontrol	0.0.2
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-225.us-west-2.compute.internal
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch
mock-config	fedora-rawhide-x86_64
project-name	dav1d-1.5.2-1.fc44
store-results-to	/tmp/tmp91mrq4c_/dav1d-1.5.2-1.fc44.tar.xz
time-created	2026-01-08 16:02:18
time-finished	2026-01-08 16:04:43
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmp91mrq4c_/dav1d-1.5.2-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp91mrq4c_/dav1d-1.5.2-1.fc44.src.rpm'
tool-version	csmock-3.8.3.20251215.161544.g62de9a5-1.el9