Newly introduced findings

List of Findings

Error: CPPCHECK_WARNING (CWE-457): [#def1]
libnbd-1.24.0/common/utils/vector.c:67: error[uninitvar]: Uninitialized variable: reqcap
#   65|      */
#   66|     if (exactly ||
#   67|->       reqcap < v->cap ||
#   68|         ADD_OVERFLOW (v->cap, 1u, &t) ||
#   69|         ADD_OVERFLOW (v->cap, t/2, &newcap) ||

Error: GCC_ANALYZER_WARNING (CWE-401): [#def2]
libnbd-1.24.0/copy/multi-thread-copying.c:551:13: warning[-Wanalyzer-malloc-leak]: leak of ‘<Ua1c8>.user_data’
libnbd-1.24.0/copy/multi-thread-copying.c:503:1: enter_function: entry to ‘finished_read’
libnbd-1.24.0/copy/multi-thread-copying.c:507:6: branch_false: following ‘false’ branch...
libnbd-1.24.0/copy/multi-thread-copying.c:513:3: branch_false: ...to here
libnbd-1.24.0/copy/multi-thread-copying.c:516:6: branch_false: following ‘false’ branch...
libnbd-1.24.0/copy/multi-thread-copying.c:537:14: call_function: inlined call to ‘is_power_of_2’ from ‘finished_read’
libnbd-1.24.0/copy/multi-thread-copying.c:537:14: branch_true: ...to here
libnbd-1.24.0/copy/multi-thread-copying.c:538:10: branch_true: following ‘true’ branch...
libnbd-1.24.0/copy/multi-thread-copying.c:540:20: branch_true: ...to here
libnbd-1.24.0/copy/multi-thread-copying.c:540:10: branch_true: following ‘true’ branch...
libnbd-1.24.0/copy/multi-thread-copying.c:545:12: branch_true: ...to here
libnbd-1.24.0/copy/multi-thread-copying.c:545:12: branch_false: following ‘false’ branch (when ‘last_is_zero == 0’)...
libnbd-1.24.0/copy/multi-thread-copying.c:547:14: branch_false: ...to here
libnbd-1.24.0/copy/multi-thread-copying.c:547:14: branch_true: following ‘true’ branch (when ‘last_offset != i’)...
libnbd-1.24.0/copy/multi-thread-copying.c:549:58: branch_true: ...to here
libnbd-1.24.0/copy/multi-thread-copying.c:548:26: call_function: calling ‘create_subcommand’ from ‘finished_read’
libnbd-1.24.0/copy/multi-thread-copying.c:548:26: return_function: returning to ‘finished_read’ from ‘create_subcommand’
libnbd-1.24.0/copy/multi-thread-copying.c:551:13: throw: if the called function throws an exception...
libnbd-1.24.0/copy/multi-thread-copying.c:551:13: danger: ‘<Ua1c8>.user_data’ leaks here; was allocated at [(23)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/22)
#  549|                                               last_offset, i - last_offset,
#  550|                                               false);
#  551|->             dst->ops->asynch_write (dst, newcommand,
#  552|                                       (nbd_completion_callback) {
#  553|                                         .callback = finished_command,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def3]
libnbd-1.24.0/copy/multi-thread-copying.c:589:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<Ua260>.user_data’
libnbd-1.24.0/copy/multi-thread-copying.c:503:1: enter_function: entry to ‘finished_read’
libnbd-1.24.0/copy/multi-thread-copying.c:507:6: branch_false: following ‘false’ branch...
libnbd-1.24.0/copy/multi-thread-copying.c:513:3: branch_false: ...to here
libnbd-1.24.0/copy/multi-thread-copying.c:516:6: branch_false: following ‘false’ branch...
libnbd-1.24.0/copy/multi-thread-copying.c:537:14: call_function: inlined call to ‘is_power_of_2’ from ‘finished_read’
libnbd-1.24.0/copy/multi-thread-copying.c:537:14: branch_true: ...to here
libnbd-1.24.0/copy/multi-thread-copying.c:584:8: branch_true: following ‘true’ branch (when ‘last_offset != i’)...
libnbd-1.24.0/copy/multi-thread-copying.c:585:10: branch_true: ...to here
libnbd-1.24.0/copy/multi-thread-copying.c:585:10: branch_false: following ‘false’ branch (when ‘last_is_zero == 0’)...
libnbd-1.24.0/copy/multi-thread-copying.c:587:54: branch_false: ...to here
libnbd-1.24.0/copy/multi-thread-copying.c:586:22: call_function: calling ‘create_subcommand’ from ‘finished_read’
libnbd-1.24.0/copy/multi-thread-copying.c:586:22: return_function: returning to ‘finished_read’ from ‘create_subcommand’
libnbd-1.24.0/copy/multi-thread-copying.c:589:9: throw: if the called function throws an exception...
libnbd-1.24.0/copy/multi-thread-copying.c:589:9: danger: ‘<Ua260>.user_data’ leaks here; was allocated at [(19)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/18)
#  587|                                           last_offset, i - last_offset,
#  588|                                           false);
#  589|->         dst->ops->asynch_write (dst, newcommand,
#  590|                                   (nbd_completion_callback) {
#  591|                                     .callback = finished_command,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def4]
libnbd-1.24.0/copy/multi-thread-copying.c:607:7: warning[-Wanalyzer-malloc-leak]: leak of ‘<Ua2f8>.user_data’
libnbd-1.24.0/copy/multi-thread-copying.c:503:1: enter_function: entry to ‘finished_read’
libnbd-1.24.0/copy/multi-thread-copying.c:507:6: branch_false: following ‘false’ branch...
libnbd-1.24.0/copy/multi-thread-copying.c:513:3: branch_false: ...to here
libnbd-1.24.0/copy/multi-thread-copying.c:516:6: branch_false: following ‘false’ branch...
libnbd-1.24.0/copy/multi-thread-copying.c:537:14: call_function: inlined call to ‘is_power_of_2’ from ‘finished_read’
libnbd-1.24.0/copy/multi-thread-copying.c:537:14: branch_true: ...to here
libnbd-1.24.0/copy/multi-thread-copying.c:605:8: branch_true: following ‘true’ branch (when ‘i != end’)...
libnbd-1.24.0/copy/multi-thread-copying.c:606:51: branch_true: ...to here
libnbd-1.24.0/copy/multi-thread-copying.c:606:20: call_function: calling ‘create_subcommand’ from ‘finished_read’
libnbd-1.24.0/copy/multi-thread-copying.c:606:20: return_function: returning to ‘finished_read’ from ‘create_subcommand’
libnbd-1.24.0/copy/multi-thread-copying.c:607:7: throw: if the called function throws an exception...
libnbd-1.24.0/copy/multi-thread-copying.c:607:7: danger: ‘<Ua2f8>.user_data’ leaks here; was allocated at [(17)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/16)
#  605|       if (end - i > 0) {
#  606|         newcommand = create_subcommand (command, i, end - i, false);
#  607|->       dst->ops->asynch_write (dst, newcommand,
#  608|                                 (nbd_completion_callback) {
#  609|                                   .callback = finished_command,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def5]
libnbd-1.24.0/lib/api.c:1419:5: warning[-Wanalyzer-malloc-leak]: leak of 'nbd_internal_printable_string(priority)'
libnbd-1.24.0/lib/api.c:1412:3: branch_true: following 'true' branch...
libnbd-1.24.0/lib/api.c:1413:3: branch_true: ...to here
libnbd-1.24.0/lib/api.c:1416:3: branch_true: following 'true' branch...
libnbd-1.24.0/lib/api.c:1418:9: branch_true: ...to here
libnbd-1.24.0/lib/api.c:1418:9: acquire_memory: allocated here
libnbd-1.24.0/lib/api.c:1419:5: branch_true: following 'true' branch...
libnbd-1.24.0/lib/api.c:1419:5: branch_true: ...to here
libnbd-1.24.0/lib/api.c:1419:5: branch_true: following 'true' branch...
libnbd-1.24.0/lib/api.c:1419:5: branch_true: ...to here
libnbd-1.24.0/lib/api.c:1419:5: throw: if 'nbd_internal_debug' throws an exception...
libnbd-1.24.0/lib/api.c:1419:5: danger: 'nbd_internal_printable_string(priority)' leaks here; was allocated at [(5)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/4)
# 1417|       char *priority_printable =
# 1418|           nbd_internal_printable_string (priority);
# 1419|->     debug (h,
# 1420|              "enter: priority=%s",
# 1421|              priority_printable ? priority_printable : "");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def6]
libnbd-1.24.0/lib/api.c:1470:3: warning[-Wanalyzer-malloc-leak]: leak of 'nbd_unlocked_get_tls_priority(h)'
libnbd-1.24.0/lib/api.c:1459:3: branch_true: following 'true' branch...
libnbd-1.24.0/lib/api.c:1460:3: branch_true: ...to here
libnbd-1.24.0/lib/api.c:1468:9: acquire_memory: allocated here
libnbd-1.24.0/lib/api.c:1470:3: branch_true: following 'true' branch...
libnbd-1.24.0/lib/api.c:1471:8: branch_true: ...to here
libnbd-1.24.0/lib/api.c:1471:8: branch_false: following 'false' branch...
libnbd-1.24.0/lib/api.c:1475:11: branch_false: ...to here
libnbd-1.24.0/lib/api.c:1475:11: throw: if 'nbd_internal_printable_string' throws an exception...
libnbd-1.24.0/lib/api.c:1470:3: danger: 'nbd_unlocked_get_tls_priority(h)' leaks here; was allocated at [(3)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/2)
# 1468|     ret = nbd_unlocked_get_tls_priority (h);
# 1469|   
# 1470|->   if_debug (h) {
# 1471|       if (ret == NULL)
# 1472|         debug (h, "leave: error=\"%s\"", nbd_get_error ());

Error: GCC_ANALYZER_WARNING (CWE-401): [#def7]
libnbd-1.24.0/lib/api.c:1476:7: warning[-Wanalyzer-malloc-leak]: leak of 'nbd_internal_printable_string(nbd_unlocked_get_tls_priority(h))'
libnbd-1.24.0/lib/api.c:1459:3: branch_true: following 'true' branch...
libnbd-1.24.0/lib/api.c:1460:3: branch_true: ...to here
libnbd-1.24.0/lib/api.c:1470:3: branch_true: following 'true' branch...
libnbd-1.24.0/lib/api.c:1471:8: branch_true: ...to here
libnbd-1.24.0/lib/api.c:1471:8: branch_false: following 'false' branch...
libnbd-1.24.0/lib/api.c:1475:11: branch_false: ...to here
libnbd-1.24.0/lib/api.c:1475:11: acquire_memory: allocated here
libnbd-1.24.0/lib/api.c:1476:7: branch_true: following 'true' branch...
libnbd-1.24.0/lib/api.c:1476:7: branch_true: ...to here
libnbd-1.24.0/lib/api.c:1476:7: branch_true: following 'true' branch...
libnbd-1.24.0/lib/api.c:1476:7: branch_true: ...to here
libnbd-1.24.0/lib/api.c:1476:7: throw: if 'nbd_internal_debug' throws an exception...
libnbd-1.24.0/lib/api.c:1476:7: danger: 'nbd_internal_printable_string(nbd_unlocked_get_tls_priority(h))' leaks here; was allocated at [(7)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/6)
# 1474|         char *ret_printable =
# 1475|             nbd_internal_printable_string (ret);
# 1476|->       debug (h, "leave: ret=%s", ret_printable ? ret_printable : "");
# 1477|         free (ret_printable);
# 1478|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def8]
libnbd-1.24.0/ocaml/nbd-c.c:1548:3: warning[-Wanalyzer-malloc-leak]: leak of ‘nbd_get_tls_priority(h)’
libnbd-1.24.0/ocaml/nbd-c.c:1535:3: branch_false: following ‘false’ branch...
libnbd-1.24.0/ocaml/nbd-c.c:1535:3: branch_false: ...to here
libnbd-1.24.0/ocaml/nbd-c.c:1539:6: branch_false: following ‘false’ branch (when ‘h’ is non-NULL)...
libnbd-1.24.0/ocaml/nbd-c.c:1546:3: branch_false: ...to here
libnbd-1.24.0/ocaml/nbd-c.c:1547:8: acquire_memory: allocated here
libnbd-1.24.0/ocaml/nbd-c.c:1548:3: throw: if ‘caml_leave_blocking_section’ throws an exception...
libnbd-1.24.0/ocaml/nbd-c.c:1548:3: danger: ‘nbd_get_tls_priority(h)’ leaks here; was allocated at [(5)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/4)
# 1546|     caml_enter_blocking_section ();
# 1547|     r =  nbd_get_tls_priority (h);
# 1548|->   caml_leave_blocking_section ();
# 1549|   
# 1550|     if (r == NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def9]
libnbd-1.24.0/ocaml/nbd-c.c:1553:8: warning[-Wanalyzer-malloc-leak]: leak of ‘nbd_get_tls_priority(h)’
libnbd-1.24.0/ocaml/nbd-c.c:1535:3: branch_false: following ‘false’ branch...
libnbd-1.24.0/ocaml/nbd-c.c:1535:3: branch_false: ...to here
libnbd-1.24.0/ocaml/nbd-c.c:1539:6: branch_false: following ‘false’ branch (when ‘h’ is non-NULL)...
libnbd-1.24.0/ocaml/nbd-c.c:1546:3: branch_false: ...to here
libnbd-1.24.0/ocaml/nbd-c.c:1547:8: acquire_memory: allocated here
libnbd-1.24.0/ocaml/nbd-c.c:1550:6: branch_false: following ‘false’ branch...
libnbd-1.24.0/ocaml/nbd-c.c:1553:8: branch_false: ...to here
libnbd-1.24.0/ocaml/nbd-c.c:1553:8: throw: if ‘caml_copy_string’ throws an exception...
libnbd-1.24.0/ocaml/nbd-c.c:1553:8: danger: ‘nbd_get_tls_priority(h)’ leaks here; was allocated at [(5)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/4)
# 1551|       nbd_internal_ocaml_raise_error ();
# 1552|   
# 1553|->   rv = caml_copy_string (r);
# 1554|     free (r);
# 1555|     CAMLreturn (rv);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def10]
libnbd-1.24.0/python/methods.c:1320:3: warning[-Wanalyzer-malloc-leak]: leak of 'nbd_get_tls_priority(get_handle(py_h))'
libnbd-1.24.0/python/methods.c:1306:1: enter_function: entry to 'nbd_internal_py_get_tls_priority'
libnbd-1.24.0/python/methods.c:1313:6: branch_false: following 'false' branch...
libnbd-1.24.0/python/methods.c:1315:7: branch_false: ...to here
libnbd-1.24.0/python/methods.c:1315:7: call_function: calling 'get_handle' from 'nbd_internal_py_get_tls_priority'
libnbd-1.24.0/python/methods.c:1315:7: return_function: returning to 'nbd_internal_py_get_tls_priority' from 'get_handle'
libnbd-1.24.0/python/methods.c:1316:6: branch_false: following 'false' branch...
libnbd-1.24.0/python/methods.c:1318:3: branch_false: ...to here
libnbd-1.24.0/python/methods.c:1319:9: acquire_memory: allocated here
libnbd-1.24.0/python/methods.c:1320:3: throw: if 'PyEval_RestoreThread' throws an exception...
libnbd-1.24.0/python/methods.c:1320:3: danger: 'nbd_get_tls_priority(get_handle(py_h))' leaks here; was allocated at [(13)](sarif:/runs/0/results/115/codeFlows/0/threadFlows/0/locations/12)
# 1318|     Py_BEGIN_ALLOW_THREADS;
# 1319|     ret = nbd_get_tls_priority (h);
# 1320|->   Py_END_ALLOW_THREADS;
# 1321|     if (ret == NULL) {
# 1322|       raise_exception ();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def11]
libnbd-1.24.0/python/methods.c:1325:12: warning[-Wanalyzer-malloc-leak]: leak of 'nbd_get_tls_priority(get_handle(py_h))'
libnbd-1.24.0/python/methods.c:1306:1: enter_function: entry to 'nbd_internal_py_get_tls_priority'
libnbd-1.24.0/python/methods.c:1313:6: branch_false: following 'false' branch...
libnbd-1.24.0/python/methods.c:1315:7: branch_false: ...to here
libnbd-1.24.0/python/methods.c:1315:7: call_function: calling 'get_handle' from 'nbd_internal_py_get_tls_priority'
libnbd-1.24.0/python/methods.c:1315:7: return_function: returning to 'nbd_internal_py_get_tls_priority' from 'get_handle'
libnbd-1.24.0/python/methods.c:1316:6: branch_false: following 'false' branch...
libnbd-1.24.0/python/methods.c:1318:3: branch_false: ...to here
libnbd-1.24.0/python/methods.c:1319:9: acquire_memory: allocated here
libnbd-1.24.0/python/methods.c:1321:6: branch_false: following 'false' branch...
libnbd-1.24.0/python/methods.c:1325:12: branch_false: ...to here
libnbd-1.24.0/python/methods.c:1325:12: throw: if 'PyUnicode_FromString' throws an exception...
libnbd-1.24.0/python/methods.c:1325:12: danger: 'nbd_get_tls_priority(get_handle(py_h))' leaks here; was allocated at [(13)](sarif:/runs/0/results/116/codeFlows/0/threadFlows/0/locations/12)
# 1323|       goto out;
# 1324|     }
# 1325|->   py_ret = PyUnicode_FromString (ret);
# 1326|     free (ret);
# 1327|

Scan Properties

analyzer-version-clippy	1.92.0
analyzer-version-cppcheck	2.19.1
analyzer-version-gcc	16.0.0
analyzer-version-gcc-analyzer	16.0.0
analyzer-version-shellcheck	0.11.0
analyzer-version-unicontrol	0.0.2
diffbase-analyzer-version-clippy	1.92.0
diffbase-analyzer-version-cppcheck	2.19.1
diffbase-analyzer-version-gcc	16.0.0
diffbase-analyzer-version-gcc-analyzer	16.0.0
diffbase-analyzer-version-shellcheck	0.11.0
diffbase-analyzer-version-unicontrol	0.0.2
diffbase-enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
diffbase-exit-code	0
diffbase-host	ip-172-16-1-108.us-west-2.compute.internal
diffbase-known-false-positives	/usr/share/csmock/known-false-positives.js
diffbase-known-false-positives-rpm	known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch
diffbase-mock-config	fedora-rawhide-x86_64
diffbase-project-name	libnbd-1.23.8-2.fc43
diffbase-store-results-to	/tmp/tmpm_a45c9b/libnbd-1.23.8-2.fc43.tar.xz
diffbase-time-created	2026-01-08 18:57:46
diffbase-time-finished	2026-01-08 19:00:58
diffbase-tool	csmock
diffbase-tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpm_a45c9b/libnbd-1.23.8-2.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpm_a45c9b/libnbd-1.23.8-2.fc43.src.rpm'
diffbase-tool-version	csmock-3.8.3.20251215.161544.g62de9a5-1.el9
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-108.us-west-2.compute.internal
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch
mock-config	fedora-rawhide-x86_64
project-name	libnbd-1.24.0-1.fc44
store-results-to	/tmp/tmpollf1uda/libnbd-1.24.0-1.fc44.tar.xz
time-created	2026-01-08 19:01:31
time-finished	2026-01-08 19:04:12
title	Newly introduced findings
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpollf1uda/libnbd-1.24.0-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpollf1uda/libnbd-1.24.0-1.fc44.src.rpm'
tool-version	csmock-3.8.3.20251215.161544.g62de9a5-1.el9