criu-4.1.1-4.fc44

List of Findings

Error: CPPCHECK_WARNING (CWE-476): [#def1]
criu-4.1.1/compel/plugins/std/infect.c:106: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#  104|   	return fini_sigreturn(new_sp);
#  105|   
#  106|-> 	BUG();
#  107|   
#  108|   	return -1;

Error: GCC_ANALYZER_WARNING (CWE-404): [#def2]
criu-4.1.1/compel/plugins/std/string.c:14:9: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
criu-4.1.1/compel/plugins/std/string.c:115:6: enter_function: entry to ‘std_dprintf’
criu-4.1.1/compel/plugins/std/string.c:119:9: acquire_resource: ‘va_start’ called here
criu-4.1.1/compel/plugins/std/string.c:120:9: call_function: calling ‘std_vdprintf’ from ‘std_dprintf’
#   12|   void std_dputc(int fd, char c)
#   13|   {
#   14|-> 	sys_write(fd, &c, 1);
#   15|   }
#   16|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def3]
criu-4.1.1/compel/src/lib/handle-elf-host.c:48:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: call_function: calling ‘test_pointer’ from ‘handle_elf_x86_64’
#   46|   {
#   47|   	if (__ptr_oob((const uintptr_t)ptr, (const uintptr_t)start, size)) {
#   48|-> 		pr_err("Corrupted pointer %p (%s) at %s:%d\n", ptr, name, file, line);
#   49|   		return true;
#   50|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def4]
criu-4.1.1/compel/src/lib/handle-elf-host.c:102:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
#  100|   
#  101|   	if (__ptr_struct_oob(sec_table, sec_table_size, mem, size)) {
#  102|-> 		pr_err("Section table [%#zx, %#zx) is out of [%#zx, %#zx)\n", sec_table, sec_table + sec_table_size,
#  103|   		       mem, mem + size);
#  104|   		return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def5]
criu-4.1.1/compel/src/lib/handle-elf-host.c:113:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
#  111|   	addr = sec_table + ((size_t)hdr->e_shentsize) * hdr->e_shstrndx;
#  112|   	if (__ptr_struct_oob(addr, sizeof(Elf_Shdr), sec_table, sec_table_size)) {
#  113|-> 		pr_err("String section header @%#zx is out of [%#zx, %#zx)\n", addr, sec_table,
#  114|   		       sec_table + sec_table_size);
#  115|   		return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def6]
criu-4.1.1/compel/src/lib/handle-elf-host.c:121:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
#  119|   	addr = mem + secstrings_hdr->sh_offset;
#  120|   	if (__ptr_struct_oob(addr, secstrings_hdr->sh_size, mem, size)) {
#  121|-> 		pr_err("String section @%#zx size %#lx is out of [%#zx, %#zx)\n", addr,
#  122|   		       (unsigned long)secstrings_hdr->sh_size, mem, mem + size);
#  123|   		return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def7]
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/8)
#  172|   		goto err;
#  173|   
#  174|-> 	pr_debug("Sections\n");
#  175|   	pr_debug("------------\n");
#  176|   	for (i = 0; i < hdr->e_shnum; i++) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def8]
criu-4.1.1/compel/src/lib/handle-elf-host.c:175:9: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:175:9: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/8)
#  173|   
#  174|   	pr_debug("Sections\n");
#  175|-> 	pr_debug("------------\n");
#  176|   	for (i = 0; i < hdr->e_shnum; i++) {
#  177|   		Elf_Shdr *sh = mem + hdr->e_shoff + hdr->e_shentsize * i;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def9]
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:20: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/8)
#  182|   
#  183|   		ptr_func_exit(&secstrings[sh->sh_name]);
#  184|-> 		pr_debug("\t index %-2zd type 0x%-2x name %s\n", i, (unsigned)sh->sh_type, &secstrings[sh->sh_name]);
#  185|   
#  186|   		sec_hdrs[i] = sh;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def10]
criu-4.1.1/compel/src/lib/handle-elf-host.c:207:25: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:199:28: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:200:40: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:201:20: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:203:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:206:20: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:207:25: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/8)
#  205|   		}
#  206|   		if (sh->sh_addr && sh->sh_addr != k)
#  207|-> 			pr_info("Overriding unexpected precalculated address of section (section %s addr 0x%lx expected 0x%lx)\n",
#  208|   				&secstrings[sh->sh_name], (unsigned long)sh->sh_addr, (unsigned long)k);
#  209|   		sh->sh_addr = k;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def11]
criu-4.1.1/compel/src/lib/handle-elf-host.c:214:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_true: following ‘true’ branch (when ‘symtab_hdr’ is NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:214:17: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:214:17: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/8)
#  212|   
#  213|   	if (!symtab_hdr) {
#  214|-> 		pr_err("No symbol table present\n");
#  215|   		goto err;
#  216|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def12]
criu-4.1.1/compel/src/lib/handle-elf-host.c:219:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:219:17: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/8)
#  217|   
#  218|   	if (!symtab_hdr->sh_link || symtab_hdr->sh_link >= hdr->e_shnum) {
#  219|-> 		pr_err("Corrupted symtab header\n");
#  220|   		goto err;
#  221|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def13]
criu-4.1.1/compel/src/lib/handle-elf-host.c:223:9: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:223:9: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/8)
#  221|   	}
#  222|   
#  223|-> 	pr_debug("Symbols\n");
#  224|   	pr_debug("------------\n");
#  225|   	strtab_hdr = sec_hdrs[symtab_hdr->sh_link];

Error: GCC_ANALYZER_WARNING (CWE-401): [#def14]
criu-4.1.1/compel/src/lib/handle-elf-host.c:224:9: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:224:9: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/8)
#  222|   
#  223|   	pr_debug("Symbols\n");
#  224|-> 	pr_debug("------------\n");
#  225|   	strtab_hdr = sec_hdrs[symtab_hdr->sh_link];
#  226|   	ptr_func_exit(strtab_hdr);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def15]
criu-4.1.1/compel/src/lib/handle-elf-host.c:234:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:226:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:228:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:229:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:230:28: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:231:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:33: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:12: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:234:17: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:234:17: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/8)
#  232|   
#  233|   	if (sizeof(*symbols) != symtab_hdr->sh_entsize) {
#  234|-> 		pr_err("Symbol table align differ\n");
#  235|   		goto err;
#  236|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def16]
criu-4.1.1/compel/src/lib/handle-elf-host.c:253:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:226:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:228:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:229:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:230:28: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:231:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:33: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:238:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:241:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:242:40: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:246:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:247:36: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:248:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:250:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:250:20: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:253:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:253:17: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/8)
#  251|   			continue;
#  252|   
#  253|-> 		pr_debug("\ttype 0x%-2x bind 0x%-2x shndx 0x%-4x value 0x%-2lx name %s\n",
#  254|   			 (unsigned)ELF_ST_TYPE(sym->st_info), (unsigned)ELF_ST_BIND(sym->st_info),
#  255|   			 (unsigned)sym->st_shndx, (unsigned long)sym->st_value, name);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def17]
criu-4.1.1/compel/src/lib/handle-elf-host.c:282:9: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:226:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:228:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:229:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:230:28: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:231:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:33: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:238:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:282:9: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/8)
#  280|   	pr_out("static __maybe_unused compel_reloc_t %s_relocs[] = {\n", opts.prefix);
#  281|   #ifndef NO_RELOCS
#  282|-> 	pr_debug("Relocations\n");
#  283|   	pr_debug("------------\n");
#  284|   	for (i = 0; i < hdr->e_shnum; i++) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def18]
criu-4.1.1/compel/src/lib/handle-elf-host.c:283:9: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:226:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:228:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:229:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:230:28: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:231:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:33: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:238:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:283:9: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/8)
#  281|   #ifndef NO_RELOCS
#  282|   	pr_debug("Relocations\n");
#  283|-> 	pr_debug("------------\n");
#  284|   	for (i = 0; i < hdr->e_shnum; i++) {
#  285|   		Elf_Shdr *sh = sec_hdrs[i];

Error: GCC_ANALYZER_WARNING (CWE-401): [#def19]
criu-4.1.1/compel/src/lib/handle-elf-host.c:294:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:226:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:228:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:229:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:230:28: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:231:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:33: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:238:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:284:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:285:40: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:288:20: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:291:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:292:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:294:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:294:17: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/8)
#  292|   		ptr_func_exit(sh_rel);
#  293|   
#  294|-> 		pr_debug("\tsection %2zd type 0x%-2x link 0x%-2x info 0x%-2x name %s\n", i, (unsigned)sh->sh_type,
#  295|   			 (unsigned)sh->sh_link, (unsigned)sh->sh_info, &secstrings[sh->sh_name]);
#  296|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def20]
criu-4.1.1/compel/src/lib/handle-elf-host.c:320:25: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:226:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:228:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:229:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:230:28: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:231:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:33: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:238:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:284:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:285:40: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:288:20: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:291:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:292:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:294:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:297:29: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:308:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:309:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:311:40: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:312:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:314:44: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:315:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:317:39: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:318:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:320:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:320:25: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/8)
#  318|   			ptr_func_exit(where);
#  319|   
#  320|-> 			pr_debug("\t\tr_offset 0x%-4lx r_info 0x%-4lx / sym 0x%-2lx type 0x%-2lx symsecoff 0x%-4lx\n",
#  321|   				 (unsigned long)r->rel.r_offset, (unsigned long)r->rel.r_info,
#  322|   				 (unsigned long)ELF_R_SYM(r->rel.r_info), (unsigned long)ELF_R_TYPE(r->rel.r_info),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def21]
criu-4.1.1/compel/src/lib/handle-elf-host.c:337:33: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:226:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:228:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:229:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:230:28: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:231:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:33: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:238:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:284:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:285:40: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:288:20: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:291:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:292:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:294:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:297:29: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:308:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:309:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:311:40: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:312:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:314:44: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:315:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:317:39: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:318:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:320:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:337:33: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/8)
#  335|   				}
#  336|   #else
#  337|-> 				pr_err("Unexpected undefined symbol: `%s'. External symbol in PIE?\n", name);
#  338|   				goto err;
#  339|   #endif

Error: GCC_ANALYZER_WARNING (CWE-401): [#def22]
criu-4.1.1/compel/src/lib/handle-elf-host.c:347:33: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:226:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:228:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:229:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:230:28: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:231:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:33: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:238:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:284:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:285:40: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:288:20: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:291:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:292:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:294:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:297:29: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:308:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:309:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:311:40: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:312:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:314:44: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:315:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:317:39: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:318:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:320:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:325:28: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:340:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:347:33: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/8)
#  345|   				 * For now, we punt.
#  346|   				 */
#  347|-> 				pr_err("Unsupported COMMON symbol: `%s'. Try initializing the variable\n", name);
#  348|   				goto err;
#  349|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def23]
criu-4.1.1/compel/src/lib/handle-elf-host.c:361:25: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:226:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:228:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:229:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:230:28: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:231:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:33: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:238:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:284:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:285:40: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:288:20: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:291:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:292:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:294:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:297:29: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:308:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:309:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:311:40: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:312:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:314:44: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:315:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:317:39: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:318:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:320:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:325:28: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:340:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:340:35: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:351:29: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:361:25: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/8)
#  359|   			place = sh_rel->sh_addr + r->rel.r_offset;
#  360|   
#  361|-> 			pr_debug("\t\t\tvalue 0x%-8lx addend32 %-4d addend64 %-8ld place %-8lx symname %s\n",
#  362|   				 (unsigned long)sym->st_value, addend32, (long)addend64, (long)place, name);
#  363|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def24]
criu-4.1.1/compel/src/lib/handle-elf-host.c:371:41: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:226:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:228:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:229:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:230:28: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:231:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:33: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:238:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:284:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:285:40: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:288:20: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:291:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:292:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:294:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:297:29: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:308:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:309:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:311:40: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:312:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:314:44: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:315:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:317:39: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:318:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:320:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:325:28: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:340:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:340:35: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:351:29: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:371:41: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/8)
#  369|   
#  370|   				if ((unsigned)sym->st_shndx > (unsigned)hdr->e_shnum) {
#  371|-> 					pr_err("Unexpected symbol section index %u/%u\n", (unsigned)sym->st_shndx,
#  372|   					       hdr->e_shnum);
#  373|   					goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def25]
criu-4.1.1/compel/src/lib/handle-elf-host.c:559:33: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:226:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:228:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:229:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:230:28: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:231:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:33: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:238:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:284:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:285:40: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:288:20: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:291:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:292:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:294:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:297:29: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:308:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:309:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:311:40: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:312:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:314:44: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:315:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:317:39: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:318:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:320:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:325:28: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:340:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:340:35: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:351:29: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:559:33: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/8)
#  557|   			case R_X86_64_32:  /* Symbol + Addend (4 bytes) */
#  558|   			case R_X86_64_32S: /* Symbol + Addend (4 bytes) */
#  559|-> 				pr_debug("\t\t\t\tR_X86_64_32       at 0x%-4lx val 0x%x\n", place, value32);
#  560|   				pr_out("	{ .offset = 0x%-8x, .type = COMPEL_TYPE_INT,  "
#  561|   				       ".addend = %-8d, .value = 0x%-16x, }, /* R_X86_64_32 */\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def26]
criu-4.1.1/compel/src/lib/handle-elf-host.c:565:33: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:226:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:228:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:229:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:230:28: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:231:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:33: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:238:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:284:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:285:40: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:288:20: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:291:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:292:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:294:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:297:29: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:308:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:309:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:311:40: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:312:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:314:44: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:315:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:317:39: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:318:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:320:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:325:28: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:340:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:340:35: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:351:29: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:565:33: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/8)
#  563|   				break;
#  564|   			case R_X86_64_64: /* Symbol + Addend (8 bytes) */
#  565|-> 				pr_debug("\t\t\t\tR_X86_64_64       at 0x%-4lx val 0x%lx\n", place, (long)value64);
#  566|   				pr_out("	{ .offset = 0x%-8x, .type = COMPEL_TYPE_LONG, "
#  567|   				       ".addend = %-8ld, .value = 0x%-16lx, }, /* R_X86_64_64 */\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def27]
criu-4.1.1/compel/src/lib/handle-elf-host.c:571:33: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:226:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:228:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:229:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:230:28: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:231:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:33: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:238:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:284:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:285:40: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:288:20: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:291:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:292:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:294:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:297:29: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:308:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:309:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:311:40: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:312:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:314:44: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:315:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:317:39: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:318:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:320:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:325:28: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:340:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:340:35: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:351:29: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:571:33: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/8)
#  569|   				break;
#  570|   			case R_X86_64_PC32: /* Symbol + Addend - Place (4 bytes) */
#  571|-> 				pr_debug("\t\t\t\tR_X86_64_PC32     at 0x%-4lx val 0x%x\n", place,
#  572|   					 value32 + addend32 - (int32_t)place);
#  573|   				/*

Error: GCC_ANALYZER_WARNING (CWE-401): [#def28]
criu-4.1.1/compel/src/lib/handle-elf-host.c:579:33: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:226:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:228:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:229:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:230:28: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:231:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:33: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:238:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:284:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:285:40: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:288:20: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:291:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:292:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:294:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:297:29: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:308:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:309:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:311:40: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:312:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:314:44: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:315:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:317:39: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:318:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:320:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:325:28: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:340:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:340:35: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:351:29: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:579:33: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/8)
#  577|   				break;
#  578|   			case R_X86_64_PLT32: /* ProcLinkage + Addend - Place (4 bytes) */
#  579|-> 				pr_debug("\t\t\t\tR_X86_64_PLT32    at 0x%-4lx val 0x%x\n", place,
#  580|   					 value32 + addend32 - (int32_t)place);
#  581|   				/*

Error: GCC_ANALYZER_WARNING (CWE-401): [#def29]
criu-4.1.1/compel/src/lib/handle-elf-host.c:589:33: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:226:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:228:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:229:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:230:28: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:231:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:33: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:238:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:284:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:285:40: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:288:20: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:291:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:292:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:294:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:297:29: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:308:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:309:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:311:40: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:312:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:314:44: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:315:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:317:39: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:318:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:320:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:325:28: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:340:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:340:35: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:351:29: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:589:33: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/8)
#  587|   			case R_X86_64_REX_GOTPCRELX:
#  588|   			case R_X86_64_GOTPCREL: /* SymbolOffsetInGot + GOT + Addend - Place  (4 bytes) */
#  589|-> 				pr_debug("\t\t\t\tR_X86_64_GOTPCREL at 0x%-4lx val 0x%x\n", place, value32);
#  590|   				pr_out("	{ .offset = 0x%-8x, .type = COMPEL_TYPE_LONG | COMPEL_TYPE_GOTPCREL, "
#  591|   				       ".addend = %-8d, .value = 0x%-16x, }, /* R_X86_64_GOTPCREL */\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def30]
criu-4.1.1/compel/src/lib/handle-elf-host.c:640:33: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:226:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:228:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:229:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:230:28: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:231:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:33: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:238:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:284:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:285:40: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:288:20: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:291:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:292:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:294:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:297:29: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:308:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:309:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:311:40: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:312:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:314:44: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:315:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:317:39: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:318:25: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:320:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:325:28: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:340:35: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:340:35: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:351:29: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:640:33: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/8)
#  638|   #endif
#  639|   			default:
#  640|-> 				pr_err("Unsupported relocation of type %lu\n",
#  641|   				       (unsigned long)ELF_R_TYPE(r->rel.r_info));
#  642|   				goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def31]
criu-4.1.1/compel/src/lib/handle-elf-host.c:660:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sec_hdrs’
criu-4.1.1/compel/src/lib/handle-elf-host.c:135:5: enter_function: entry to ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:158:14: call_function: inlined call to ‘is_header_supported’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:47: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:163:20: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/handle-elf-host.c:164:12: branch_false: following ‘false’ branch (when ‘sec_hdrs’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: call_function: calling ‘get_strings_section’ from ‘handle_elf_x86_64’
criu-4.1.1/compel/src/lib/handle-elf-host.c:170:22: return_function: returning to ‘handle_elf_x86_64’ from ‘get_strings_section’
criu-4.1.1/compel/src/lib/handle-elf-host.c:171:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:174:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:177:38: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:178:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:180:21: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:183:17: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:184:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:176:21: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:213:12: branch_false: following ‘false’ branch (when ‘symtab_hdr’ is non-NULL)...
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:218:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:226:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:228:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:229:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:230:28: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:231:9: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:33: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:238:9: branch_false: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:651:28: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:652:40: branch_true: ...to here
criu-4.1.1/compel/src/lib/handle-elf-host.c:656:20: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/handle-elf-host.c:660:17: danger: ‘sec_hdrs’ leaks here; was allocated at [(9)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/8)
#  658|   
#  659|   		shdata = mem + sh->sh_offset;
#  660|-> 		pr_debug("Copying section '%s'\n"
#  661|   			 "\tstart:0x%lx (gap:0x%lx) size:0x%lx\n",
#  662|   			 &secstrings[sh->sh_name], (unsigned long)sh->sh_addr, (unsigned long)(sh->sh_addr - k),

Error: CPPCHECK_WARNING (CWE-476): [#def32]
criu-4.1.1/compel/src/lib/infect.c:430: error[nullPointer]: Null pointer dereference: (struct sockaddr_un*)0
#  428|   
#  429|   	saddr->sun_family = AF_UNIX;
#  430|-> 	snprintf(saddr->sun_path, UNIX_PATH_MAX, "X/crtools-pr-%d-%s", key, compel_run_id);
#  431|   
#  432|   	sun_len = SUN_LEN(saddr);

Error: CPPCHECK_WARNING (CWE-476): [#def33]
criu-4.1.1/compel/src/lib/infect.c:710: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#  708|   		goto err;
#  709|   
#  710|-> 	futex_wait_while_eq(&args->daemon_connected, 0);
#  711|   	if (futex_get(&args->daemon_connected) != 1) {
#  712|   		errno = -(int)futex_get(&args->daemon_connected);

Error: CPPCHECK_WARNING (CWE-476): [#def34]
criu-4.1.1/compel/src/lib/infect.c:931: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#  929|   			*where = elf_relocs[i].value + elf_relocs[i].addend + (unsigned long)vbase;
#  930|   		} else
#  931|-> 			BUG();
#  932|   	}
#  933|   #endif

Error: GCC_ANALYZER_WARNING (CWE-476): [#def35]
criu-4.1.1/compel/src/lib/infect.c:931:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/compel/src/lib/infect.c:911:28: branch_true: following ‘true’ branch (when ‘i < nr_relocs’)...
criu-4.1.1/compel/src/lib/infect.c:912:31: branch_true: ...to here
criu-4.1.1/compel/src/lib/infect.c:912:20: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:927:28: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:927:27: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:931:25: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:931:25: danger: dereference of NULL ‘0’
#  929|   			*where = elf_relocs[i].value + elf_relocs[i].addend + (unsigned long)vbase;
#  930|   		} else
#  931|-> 			BUG();
#  932|   	}
#  933|   #endif

Error: GCC_ANALYZER_WARNING (CWE-775): [#def36]
criu-4.1.1/compel/src/lib/infect.c:1202:21: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(&aux, "r")’
criu-4.1.1/compel/src/lib/infect.c:1190:13: acquire_resource: opened here
criu-4.1.1/compel/src/lib/infect.c:1191:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1194:16: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/infect.c:1198:25: branch_true: ...to here
criu-4.1.1/compel/src/lib/infect.c:1202:21: danger: ‘fopen(&aux, "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
# 1200|   
# 1201|   		/* f now points at " rwx" (yes, with space) part */
# 1202|-> 		if (f[3] == 'x') {
# 1203|   			BUG_ON(end - start < PARASITE_START_AREA_MIN);
# 1204|   			ret = start;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def37]
criu-4.1.1/compel/src/lib/infect.c:1202:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(&aux, "r")’
criu-4.1.1/compel/src/lib/infect.c:1190:13: acquire_memory: allocated here
criu-4.1.1/compel/src/lib/infect.c:1191:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1194:16: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/infect.c:1198:25: branch_true: ...to here
criu-4.1.1/compel/src/lib/infect.c:1202:21: danger: ‘fopen(&aux, "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
# 1200|   
# 1201|   		/* f now points at " rwx" (yes, with space) part */
# 1202|-> 		if (f[3] == 'x') {
# 1203|   			BUG_ON(end - start < PARASITE_START_AREA_MIN);
# 1204|   			ret = start;

Error: CPPCHECK_WARNING (CWE-476): [#def38]
criu-4.1.1/compel/src/lib/infect.c:1203: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
# 1201|   		/* f now points at " rwx" (yes, with space) part */
# 1202|   		if (f[3] == 'x') {
# 1203|-> 			BUG_ON(end - start < PARASITE_START_AREA_MIN);
# 1204|   			ret = start;
# 1205|   			break;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def39]
criu-4.1.1/compel/src/lib/infect.c:1203:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/compel/src/lib/infect.c:1191:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1194:16: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/infect.c:1198:25: branch_true: ...to here
criu-4.1.1/compel/src/lib/infect.c:1203:25: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/infect.c:1203:25: branch_true: ...to here
criu-4.1.1/compel/src/lib/infect.c:1203:25: danger: dereference of NULL ‘0’
# 1201|   		/* f now points at " rwx" (yes, with space) part */
# 1202|   		if (f[3] == 'x') {
# 1203|-> 			BUG_ON(end - start < PARASITE_START_AREA_MIN);
# 1204|   			ret = start;
# 1205|   			break;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def40]
criu-4.1.1/compel/src/lib/infect.c:1232:15: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(&p, 0)’
criu-4.1.1/compel/src/lib/infect.c:1226:14: acquire_resource: opened here
criu-4.1.1/compel/src/lib/infect.c:1227:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1232:15: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1232:15: danger: ‘open(&p, 0)’ leaks here; was opened at [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0)
# 1230|   	}
# 1231|   
# 1232|-> 	mfd = open("/proc/self/ns/net", O_RDONLY);
# 1233|   	if (mfd < 0) {
# 1234|   		pr_perror("Can't open self netns");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def41]
criu-4.1.1/compel/src/lib/infect.c:1234:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(&p, 0)’
criu-4.1.1/compel/src/lib/infect.c:1226:14: acquire_resource: opened here
criu-4.1.1/compel/src/lib/infect.c:1227:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1232:15: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1233:12: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/infect.c:1234:17: branch_true: ...to here
criu-4.1.1/compel/src/lib/infect.c:1234:17: danger: ‘open(&p, 0)’ leaks here; was opened at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
# 1232|   	mfd = open("/proc/self/ns/net", O_RDONLY);
# 1233|   	if (mfd < 0) {
# 1234|-> 		pr_perror("Can't open self netns");
# 1235|   		goto out_c;
# 1236|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def42]
criu-4.1.1/compel/src/lib/infect.c:1239:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/proc/self/ns/net", 0)’
criu-4.1.1/compel/src/lib/infect.c:1227:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1232:15: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1232:15: acquire_resource: opened here
criu-4.1.1/compel/src/lib/infect.c:1233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1238:13: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1238:12: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/infect.c:1239:17: branch_true: ...to here
criu-4.1.1/compel/src/lib/infect.c:1239:17: danger: ‘open("/proc/self/ns/net", 0)’ leaks here; was opened at [(3)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/2)
# 1237|   
# 1238|   	if (setns(fd, CLONE_NEWNET)) {
# 1239|-> 		pr_perror("Can't setup target netns");
# 1240|   		goto out_cm;
# 1241|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def43]
criu-4.1.1/compel/src/lib/infect.c:1245:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/proc/self/ns/net", 0)’
criu-4.1.1/compel/src/lib/infect.c:1227:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1232:15: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1232:15: acquire_resource: opened here
criu-4.1.1/compel/src/lib/infect.c:1233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1238:13: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1238:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1243:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1244:12: branch_true: following ‘true’ branch (when ‘sk < 0’)...
criu-4.1.1/compel/src/lib/infect.c:1245:17: branch_true: ...to here
criu-4.1.1/compel/src/lib/infect.c:1245:17: danger: ‘open("/proc/self/ns/net", 0)’ leaks here; was opened at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
# 1243|   	sk = socket(PF_UNIX, SOCK_SEQPACKET | SOCK_NONBLOCK, 0);
# 1244|   	if (sk < 0)
# 1245|-> 		pr_perror("Can't create seqsk");
# 1246|   
# 1247|   	ret = setns(mfd, CLONE_NEWNET);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def44]
criu-4.1.1/compel/src/lib/infect.c:1249:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/compel/src/lib/infect.c:1227:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1232:15: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1238:13: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1238:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1243:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1243:14: acquire_resource: socket created here
criu-4.1.1/compel/src/lib/infect.c:1244:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/compel/src/lib/infect.c:1247:15: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1248:12: branch_true: following ‘true’ branch (when ‘ret != 0’)...
criu-4.1.1/compel/src/lib/infect.c:1249:17: branch_true: ...to here
criu-4.1.1/compel/src/lib/infect.c:1249:17: danger: ‘sk’ leaks here
# 1247|   	ret = setns(mfd, CLONE_NEWNET);
# 1248|   	if (ret) {
# 1249|-> 		pr_perror("Can't restore former netns");
# 1250|   		if (sk >= 0)
# 1251|   			close(sk);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def45]
criu-4.1.1/compel/src/lib/infect.c:1251:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/compel/src/lib/infect.c:1227:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1232:15: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1238:13: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1238:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1243:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1243:14: acquire_resource: socket created here
criu-4.1.1/compel/src/lib/infect.c:1244:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/compel/src/lib/infect.c:1247:15: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1248:12: branch_true: following ‘true’ branch (when ‘ret != 0’)...
criu-4.1.1/compel/src/lib/infect.c:1249:17: branch_true: ...to here
criu-4.1.1/compel/src/lib/infect.c:1250:20: branch_true: following ‘true’ branch (when ‘sk >= 0’)...
criu-4.1.1/compel/src/lib/infect.c:1251:25: branch_true: ...to here
criu-4.1.1/compel/src/lib/infect.c:1251:25: danger: ‘sk’ leaks here
# 1249|   		pr_perror("Can't restore former netns");
# 1250|   		if (sk >= 0)
# 1251|-> 			close(sk);
# 1252|   		sk = -1;
# 1253|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def46]
criu-4.1.1/compel/src/lib/infect.c:1255:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/proc/self/ns/net", 0)’
criu-4.1.1/compel/src/lib/infect.c:1227:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1232:15: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1232:15: acquire_resource: opened here
criu-4.1.1/compel/src/lib/infect.c:1233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1238:13: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1238:12: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/infect.c:1239:17: branch_true: ...to here
criu-4.1.1/compel/src/lib/infect.c:1255:9: danger: ‘open("/proc/self/ns/net", 0)’ leaks here; was opened at [(3)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/2)
# 1253|   	}
# 1254|   out_cm:
# 1255|-> 	close(mfd);
# 1256|   out_c:
# 1257|   	close(fd);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def47]
criu-4.1.1/compel/src/lib/infect.c:1255:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/compel/src/lib/infect.c:1227:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1232:15: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1238:13: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1238:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1243:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1243:14: acquire_resource: socket created here
criu-4.1.1/compel/src/lib/infect.c:1244:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/compel/src/lib/infect.c:1247:15: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1248:12: branch_false: following ‘false’ branch (when ‘ret == 0’)...
criu-4.1.1/compel/src/lib/infect.c:1254:1: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1255:9: danger: ‘sk’ leaks here
# 1253|   	}
# 1254|   out_cm:
# 1255|-> 	close(mfd);
# 1256|   out_c:
# 1257|   	close(fd);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def48]
criu-4.1.1/compel/src/lib/infect.c:1257:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(&p, 0)’
criu-4.1.1/compel/src/lib/infect.c:1226:14: acquire_resource: opened here
criu-4.1.1/compel/src/lib/infect.c:1227:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1232:15: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1233:12: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/infect.c:1234:17: branch_true: ...to here
criu-4.1.1/compel/src/lib/infect.c:1257:9: danger: ‘open(&p, 0)’ leaks here; was opened at [(1)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/0)
# 1255|   	close(mfd);
# 1256|   out_c:
# 1257|-> 	close(fd);
# 1258|   out:
# 1259|   	return sk;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def49]
criu-4.1.1/compel/src/lib/infect.c:1257:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/compel/src/lib/infect.c:1227:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1232:15: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1233:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1238:13: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1238:12: branch_false: following ‘false’ branch...
criu-4.1.1/compel/src/lib/infect.c:1243:14: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1243:14: acquire_resource: socket created here
criu-4.1.1/compel/src/lib/infect.c:1244:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/compel/src/lib/infect.c:1247:15: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1248:12: branch_false: following ‘false’ branch (when ‘ret == 0’)...
criu-4.1.1/compel/src/lib/infect.c:1254:1: branch_false: ...to here
criu-4.1.1/compel/src/lib/infect.c:1257:9: danger: ‘sk’ leaks here
# 1255|   	close(mfd);
# 1256|   out_c:
# 1257|-> 	close(fd);
# 1258|   out:
# 1259|   	return sk;

Error: CPPCHECK_WARNING (CWE-476): [#def50]
criu-4.1.1/compel/src/lib/infect.c:1529: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
# 1527|   void *compel_parasite_args_s(struct parasite_ctl *ctl, unsigned long args_size)
# 1528|   {
# 1529|-> 	BUG_ON(args_size > ctl->args_size);
# 1530|   	return compel_parasite_args_p(ctl);
# 1531|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def51]
criu-4.1.1/compel/src/lib/infect.c:1529:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/compel/src/lib/infect.c:1529:9: branch_true: following ‘true’ branch...
criu-4.1.1/compel/src/lib/infect.c:1529:9: branch_true: ...to here
criu-4.1.1/compel/src/lib/infect.c:1529:9: danger: dereference of NULL ‘0’
# 1527|   void *compel_parasite_args_s(struct parasite_ctl *ctl, unsigned long args_size)
# 1528|   {
# 1529|-> 	BUG_ON(args_size > ctl->args_size);
# 1530|   	return compel_parasite_args_p(ctl);
# 1531|   }

Error: GCC_ANALYZER_WARNING (CWE-404): [#def52]
criu-4.1.1/compel/src/lib/log-host.c:32:17: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
criu-4.1.1/compel/src/lib/log-host.c:25:6: enter_function: entry to ‘compel_print_on_level’
criu-4.1.1/compel/src/lib/log-host.c:30:12: branch_true: following ‘true’ branch (when ‘fn’ is non-NULL)...
criu-4.1.1/compel/src/lib/log-host.c:30:28: call_function: inlined call to ‘pr_quelled’ from ‘compel_print_on_level’
criu-4.1.1/compel/src/lib/log-host.c:31:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/log-host.c:31:17: acquire_resource: ‘va_start’ called here
criu-4.1.1/compel/src/lib/log-host.c:32:17: danger: missing call to ‘va_end’ to match ‘va_start’ at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#   30|   	if (fn != NULL && !pr_quelled(loglevel)) {
#   31|   		va_start(params, format);
#   32|-> 		fn(loglevel, format, params);
#   33|   		va_end(params);
#   34|   	}

Error: GCC_ANALYZER_WARNING (CWE-404): [#def53]
criu-4.1.1/compel/src/lib/log.c:32:17: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
criu-4.1.1/compel/src/lib/log.c:25:6: enter_function: entry to ‘compel_print_on_level’
criu-4.1.1/compel/src/lib/log.c:30:12: branch_true: following ‘true’ branch (when ‘fn’ is non-NULL)...
criu-4.1.1/compel/src/lib/log.c:30:28: call_function: inlined call to ‘pr_quelled’ from ‘compel_print_on_level’
criu-4.1.1/compel/src/lib/log.c:31:17: branch_false: ...to here
criu-4.1.1/compel/src/lib/log.c:31:17: acquire_resource: ‘va_start’ called here
criu-4.1.1/compel/src/lib/log.c:32:17: danger: missing call to ‘va_end’ to match ‘va_start’ at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#   30|   	if (fn != NULL && !pr_quelled(loglevel)) {
#   31|   		va_start(params, format);
#   32|-> 		fn(loglevel, format, params);
#   33|   		va_end(params);
#   34|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def54]
criu-4.1.1/compel/src/main-host.c:280:23: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘p’
criu-4.1.1/compel/src/main-host.c:253:12: branch_false: following ‘false’ branch (when ‘len != 0’)...
criu-4.1.1/compel/src/main-host.c:258:18: branch_false: ...to here
criu-4.1.1/compel/src/main-host.c:267:12: branch_true: following ‘true’ branch (when ‘p1’ is NULL)...
 branch_true: ...to here
criu-4.1.1/compel/src/main-host.c:269:12: branch_true: following ‘true’ branch (when ‘p2’ is NULL)...
criu-4.1.1/compel/src/main-host.c:270:17: branch_true: ...to here
criu-4.1.1/compel/src/main-host.c:273:12: branch_false: following ‘false’ branch (when ‘len != 0’)...
criu-4.1.1/compel/src/main-host.c:276:15: branch_false: ...to here
criu-4.1.1/compel/src/main-host.c:276:15: acquire_memory: this call could return NULL
criu-4.1.1/compel/src/main-host.c:280:23: danger: ‘p’ could be NULL: unchecked value from [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
#  278|   	// Now, check if we got a valid C identifier. We don't need to care
#  279|   	// about C reserved keywords, as this is only used as a prefix.
#  280|-> 	for (p = ret; *p != '\0'; p++) {
#  281|   		if (isalpha(*p))
#  282|   			continue;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def55]
criu-4.1.1/criu/action-scripts.c:152:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  150|   		break;
#  151|   	default:
#  152|-> 		BUG();
#  153|   	}
#  154|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def56]
criu-4.1.1/criu/action-scripts.c:173:24: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/action-scripts.c:169:18: acquire_memory: allocated here
criu-4.1.1/criu/action-scripts.c:169:18: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/action-scripts.c:173:24: branch_false: ...to here
criu-4.1.1/criu/action-scripts.c:173:24: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/action-scripts.c:173:24: branch_true: ...to here
criu-4.1.1/criu/action-scripts.c:173:24: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  171|   		return -1;
#  172|   
#  173|-> 	script->path = xstrdup(path);
#  174|   	if (!script->path) {
#  175|   		xfree(script);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def57]
criu-4.1.1/criu/action-scripts.c:195:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
criu-4.1.1/criu/action-scripts.c:187:14: acquire_resource: opened here
criu-4.1.1/criu/action-scripts.c:188:12: branch_false: following ‘false’ branch (when ‘fd >= 0’)...
criu-4.1.1/criu/action-scripts.c:193:9: branch_false: ...to here
criu-4.1.1/criu/action-scripts.c:195:13: danger: ‘fd’ leaks here; was opened at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  193|   	scripts_mode = SCRIPTS_RPC;
#  194|   
#  195|-> 	if (install_service_fd(RPC_SK_OFF, fd) < 0)
#  196|   		return -1;
#  197|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def58]
criu-4.1.1/criu/aio.c:31:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/aio.c:23:21: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/aio.c:23:9: branch_false: ...to here
criu-4.1.1/criu/aio.c:24:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/aio.c:27:14: branch_false: ...to here
criu-4.1.1/criu/aio.c:27:14: acquire_memory: allocated here
criu-4.1.1/criu/aio.c:27:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/aio.c:31:9: branch_false: ...to here
criu-4.1.1/criu/aio.c:31:9: danger: ‘___p’ leaks here; was allocated at [(6)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/5)
#   29|   		return -1;
#   30|   
#   31|-> 	aio_ring_entry__init(re);
#   32|   	re->id = vma->e->start;
#   33|   	re->ring_len = vma->e->end - vma->e->start;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def59]
criu-4.1.1/criu/apparmor.c:572:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(path, 1)’
criu-4.1.1/criu/apparmor.c:623:5: enter_function: entry to ‘suspend_aa’
criu-4.1.1/criu/apparmor.c:626:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/apparmor.c:631:15: branch_false: ...to here
criu-4.1.1/criu/apparmor.c:631:15: call_function: calling ‘do_suspend’ from ‘suspend_aa’
#  570|   
#  571|   		if (suspend) {
#  572|-> 			pr_info("suspending policy %s\n", p->name);
#  573|   			data = get_suspend_policy(p->name, &len);
#  574|   			if (!data) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def60]
criu-4.1.1/criu/apparmor.c:580:21: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(path, 1)’
criu-4.1.1/criu/apparmor.c:638:5: enter_function: entry to ‘unsuspend_aa’
criu-4.1.1/criu/apparmor.c:640:16: call_function: calling ‘do_suspend’ from ‘unsuspend_aa’
#  578|   		}
#  579|   
#  580|-> 		n = write(fd, data, len);
#  581|   		close(fd);
#  582|   		if (suspend && munmap(data, len) < 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def61]
criu-4.1.1/criu/apparmor.c:582:20: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(path, 1)’
criu-4.1.1/criu/apparmor.c:638:5: enter_function: entry to ‘unsuspend_aa’
criu-4.1.1/criu/apparmor.c:640:16: call_function: calling ‘do_suspend’ from ‘unsuspend_aa’
#  580|   		n = write(fd, data, len);
#  581|   		close(fd);
#  582|-> 		if (suspend && munmap(data, len) < 0) {
#  583|   			pr_perror("failed to munmap");
#  584|   			goto fail;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def62]
criu-4.1.1/criu/apparmor.c:654:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/apparmor.c:648:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/apparmor.c:651:14: branch_false: ...to here
criu-4.1.1/criu/apparmor.c:651:14: acquire_memory: allocated here
criu-4.1.1/criu/apparmor.c:651:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/apparmor.c:654:9: branch_false: ...to here
criu-4.1.1/criu/apparmor.c:654:9: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2)
#  652|   	if (!ae)
#  653|   		return -1;
#  654|-> 	apparmor_entry__init(ae);
#  655|   
#  656|   	ae->n_namespaces = n_namespaces;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def63]
criu-4.1.1/criu/arch/x86/cpu.c:245:21: warning[-Wanalyzer-malloc-leak]: leak of ‘img_to_cpuinfo(img_x86_entry)’
criu-4.1.1/criu/arch/x86/cpu.c:398:5: enter_function: entry to ‘cpu_validate_cpuinfo’
criu-4.1.1/criu/arch/x86/cpu.c:407:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:410:13: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:410:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:413:25: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:413:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:420:25: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:421:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:427:20: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:427:20: call_function: calling ‘img_to_cpuinfo’ from ‘cpu_validate_cpuinfo’
criu-4.1.1/criu/arch/x86/cpu.c:427:20: return_function: returning to ‘cpu_validate_cpuinfo’ from ‘img_to_cpuinfo’
criu-4.1.1/criu/arch/x86/cpu.c:428:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:429:23: branch_true: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:429:23: call_function: calling ‘cpu_validate_features’ from ‘cpu_validate_cpuinfo’
#  243|   
#  244|   #define __mismatch_fpu_bit(__bit) (test_bit(__bit, (void *)cpu_info->x86_capability) && !compel_cpu_has_feature(__bit))
#  245|-> 		if (__mismatch_fpu_bit(X86_FEATURE_FPU) || __mismatch_fpu_bit(X86_FEATURE_FXSR) ||
#  246|   		    __mismatch_fpu_bit(X86_FEATURE_OSXSAVE) || __mismatch_fpu_bit(X86_FEATURE_XSAVES)) {
#  247|   			pr_err("FPU feature required by image "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def64]
criu-4.1.1/criu/arch/x86/cpu.c:245:60: warning[-Wanalyzer-malloc-leak]: leak of ‘img_to_cpuinfo(img_x86_entry)’
criu-4.1.1/criu/arch/x86/cpu.c:398:5: enter_function: entry to ‘cpu_validate_cpuinfo’
criu-4.1.1/criu/arch/x86/cpu.c:407:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:410:13: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:410:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:413:25: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:413:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:420:25: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:421:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:427:20: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:427:20: call_function: calling ‘img_to_cpuinfo’ from ‘cpu_validate_cpuinfo’
criu-4.1.1/criu/arch/x86/cpu.c:427:20: return_function: returning to ‘cpu_validate_cpuinfo’ from ‘img_to_cpuinfo’
criu-4.1.1/criu/arch/x86/cpu.c:428:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:429:23: branch_true: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:429:23: call_function: calling ‘cpu_validate_features’ from ‘cpu_validate_cpuinfo’
#  243|   
#  244|   #define __mismatch_fpu_bit(__bit) (test_bit(__bit, (void *)cpu_info->x86_capability) && !compel_cpu_has_feature(__bit))
#  245|-> 		if (__mismatch_fpu_bit(X86_FEATURE_FPU) || __mismatch_fpu_bit(X86_FEATURE_FXSR) ||
#  246|   		    __mismatch_fpu_bit(X86_FEATURE_OSXSAVE) || __mismatch_fpu_bit(X86_FEATURE_XSAVES)) {
#  247|   			pr_err("FPU feature required by image "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def65]
criu-4.1.1/criu/arch/x86/cpu.c:246:21: warning[-Wanalyzer-malloc-leak]: leak of ‘img_to_cpuinfo(img_x86_entry)’
criu-4.1.1/criu/arch/x86/cpu.c:398:5: enter_function: entry to ‘cpu_validate_cpuinfo’
criu-4.1.1/criu/arch/x86/cpu.c:407:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:410:13: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:410:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:413:25: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:413:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:420:25: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:421:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:427:20: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:427:20: call_function: calling ‘img_to_cpuinfo’ from ‘cpu_validate_cpuinfo’
criu-4.1.1/criu/arch/x86/cpu.c:427:20: return_function: returning to ‘cpu_validate_cpuinfo’ from ‘img_to_cpuinfo’
criu-4.1.1/criu/arch/x86/cpu.c:428:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:429:23: branch_true: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:429:23: call_function: calling ‘cpu_validate_features’ from ‘cpu_validate_cpuinfo’
#  244|   #define __mismatch_fpu_bit(__bit) (test_bit(__bit, (void *)cpu_info->x86_capability) && !compel_cpu_has_feature(__bit))
#  245|   		if (__mismatch_fpu_bit(X86_FEATURE_FPU) || __mismatch_fpu_bit(X86_FEATURE_FXSR) ||
#  246|-> 		    __mismatch_fpu_bit(X86_FEATURE_OSXSAVE) || __mismatch_fpu_bit(X86_FEATURE_XSAVES)) {
#  247|   			pr_err("FPU feature required by image "
#  248|   			       "is not supported on host "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def66]
criu-4.1.1/criu/arch/x86/cpu.c:246:64: warning[-Wanalyzer-malloc-leak]: leak of ‘img_to_cpuinfo(img_x86_entry)’
criu-4.1.1/criu/arch/x86/cpu.c:398:5: enter_function: entry to ‘cpu_validate_cpuinfo’
criu-4.1.1/criu/arch/x86/cpu.c:407:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:410:13: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:410:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:413:25: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:413:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:420:25: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:421:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:427:20: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:427:20: call_function: calling ‘img_to_cpuinfo’ from ‘cpu_validate_cpuinfo’
criu-4.1.1/criu/arch/x86/cpu.c:427:20: return_function: returning to ‘cpu_validate_cpuinfo’ from ‘img_to_cpuinfo’
criu-4.1.1/criu/arch/x86/cpu.c:428:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:429:23: branch_true: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:429:23: call_function: calling ‘cpu_validate_features’ from ‘cpu_validate_cpuinfo’
#  244|   #define __mismatch_fpu_bit(__bit) (test_bit(__bit, (void *)cpu_info->x86_capability) && !compel_cpu_has_feature(__bit))
#  245|   		if (__mismatch_fpu_bit(X86_FEATURE_FPU) || __mismatch_fpu_bit(X86_FEATURE_FXSR) ||
#  246|-> 		    __mismatch_fpu_bit(X86_FEATURE_OSXSAVE) || __mismatch_fpu_bit(X86_FEATURE_XSAVES)) {
#  247|   			pr_err("FPU feature required by image "
#  248|   			       "is not supported on host "

Error: GCC_ANALYZER_WARNING (CWE-401): [#def67]
criu-4.1.1/criu/arch/x86/cpu.c:247:25: warning[-Wanalyzer-malloc-leak]: leak of ‘img_to_cpuinfo(img_x86_entry)’
criu-4.1.1/criu/arch/x86/cpu.c:398:5: enter_function: entry to ‘cpu_validate_cpuinfo’
criu-4.1.1/criu/arch/x86/cpu.c:407:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:410:13: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:410:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:413:25: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:413:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:420:25: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:421:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:427:20: branch_false: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:427:20: call_function: calling ‘img_to_cpuinfo’ from ‘cpu_validate_cpuinfo’
criu-4.1.1/criu/arch/x86/cpu.c:427:20: return_function: returning to ‘cpu_validate_cpuinfo’ from ‘img_to_cpuinfo’
criu-4.1.1/criu/arch/x86/cpu.c:428:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/cpu.c:429:23: branch_true: ...to here
criu-4.1.1/criu/arch/x86/cpu.c:429:23: call_function: calling ‘cpu_validate_features’ from ‘cpu_validate_cpuinfo’
#  245|   		if (__mismatch_fpu_bit(X86_FEATURE_FPU) || __mismatch_fpu_bit(X86_FEATURE_FXSR) ||
#  246|   		    __mismatch_fpu_bit(X86_FEATURE_OSXSAVE) || __mismatch_fpu_bit(X86_FEATURE_XSAVES)) {
#  247|-> 			pr_err("FPU feature required by image "
#  248|   			       "is not supported on host "
#  249|   			       "(fpu:%d fxsr:%d osxsave:%d xsaves:%d)\n",

Error: GCC_ANALYZER_WARNING (CWE-476): [#def68]
criu-4.1.1/criu/arch/x86/crtools.c:107:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/arch/x86/crtools.c:94:12: branch_false: following ‘false’ branch (when ‘fpregs’ is non-NULL)...
criu-4.1.1/criu/arch/x86/crtools.c:97:9: branch_false: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:107:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:107:9: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:107:9: danger: dereference of NULL ‘0’
#  105|   
#  106|   	/* Make sure we have enough space */
#  107|-> 	BUG_ON(core->thread_info->fpregs->n_st_space != ARRAY_SIZE(fpregs->i387.st_space));
#  108|   	BUG_ON(core->thread_info->fpregs->n_xmm_space != ARRAY_SIZE(fpregs->i387.xmm_space));
#  109|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def69]
criu-4.1.1/criu/arch/x86/crtools.c:108:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/arch/x86/crtools.c:94:12: branch_false: following ‘false’ branch (when ‘fpregs’ is non-NULL)...
criu-4.1.1/criu/arch/x86/crtools.c:97:9: branch_false: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:107:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:108:9: branch_false: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:108:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:108:9: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:108:9: danger: dereference of NULL ‘0’
#  106|   	/* Make sure we have enough space */
#  107|   	BUG_ON(core->thread_info->fpregs->n_st_space != ARRAY_SIZE(fpregs->i387.st_space));
#  108|-> 	BUG_ON(core->thread_info->fpregs->n_xmm_space != ARRAY_SIZE(fpregs->i387.xmm_space));
#  109|   
#  110|   	assign_array(core->thread_info->fpregs, fpregs->i387, st_space);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def70]
criu-4.1.1/criu/arch/x86/crtools.c:512:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/arch/x86/crtools.c:436:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:441:14: branch_false: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:441:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:444:9: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:491:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:503:21: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:503:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:512:25: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:512:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:512:25: danger: dereference of NULL ‘0’
#  510|   			 * inside memory layout (xstate_size calculation).
#  511|   			 */
#  512|-> 			assign_xsave(XFEATURE_YMM, xsave, ymmh_space, extended_state_area);
#  513|   			assign_xsave(XFEATURE_BNDREGS, xsave, bndreg_state, extended_state_area);
#  514|   			assign_xsave(XFEATURE_BNDCSR, xsave, bndcsr_state, extended_state_area);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def71]
criu-4.1.1/criu/arch/x86/crtools.c:513:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/arch/x86/crtools.c:436:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:441:14: branch_false: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:441:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:444:9: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:491:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:503:21: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:503:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:512:25: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:513:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:513:25: danger: dereference of NULL ‘0’
#  511|   			 */
#  512|   			assign_xsave(XFEATURE_YMM, xsave, ymmh_space, extended_state_area);
#  513|-> 			assign_xsave(XFEATURE_BNDREGS, xsave, bndreg_state, extended_state_area);
#  514|   			assign_xsave(XFEATURE_BNDCSR, xsave, bndcsr_state, extended_state_area);
#  515|   			assign_xsave(XFEATURE_OPMASK, xsave, opmask_reg, extended_state_area);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def72]
criu-4.1.1/criu/arch/x86/crtools.c:514:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/arch/x86/crtools.c:436:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:441:14: branch_false: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:441:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:444:9: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:491:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:503:21: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:503:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:512:25: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:514:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:514:25: danger: dereference of NULL ‘0’
#  512|   			assign_xsave(XFEATURE_YMM, xsave, ymmh_space, extended_state_area);
#  513|   			assign_xsave(XFEATURE_BNDREGS, xsave, bndreg_state, extended_state_area);
#  514|-> 			assign_xsave(XFEATURE_BNDCSR, xsave, bndcsr_state, extended_state_area);
#  515|   			assign_xsave(XFEATURE_OPMASK, xsave, opmask_reg, extended_state_area);
#  516|   			assign_xsave(XFEATURE_ZMM_Hi256, xsave, zmm_upper, extended_state_area);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def73]
criu-4.1.1/criu/arch/x86/crtools.c:515:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/arch/x86/crtools.c:436:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:441:14: branch_false: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:441:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:444:9: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:491:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:503:21: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:503:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:512:25: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:515:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:515:25: danger: dereference of NULL ‘0’
#  513|   			assign_xsave(XFEATURE_BNDREGS, xsave, bndreg_state, extended_state_area);
#  514|   			assign_xsave(XFEATURE_BNDCSR, xsave, bndcsr_state, extended_state_area);
#  515|-> 			assign_xsave(XFEATURE_OPMASK, xsave, opmask_reg, extended_state_area);
#  516|   			assign_xsave(XFEATURE_ZMM_Hi256, xsave, zmm_upper, extended_state_area);
#  517|   			assign_xsave(XFEATURE_Hi16_ZMM, xsave, hi16_zmm, extended_state_area);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def74]
criu-4.1.1/criu/arch/x86/crtools.c:516:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/arch/x86/crtools.c:436:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:441:14: branch_false: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:441:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:444:9: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:491:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:503:21: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:503:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:512:25: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:516:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:516:25: danger: dereference of NULL ‘0’
#  514|   			assign_xsave(XFEATURE_BNDCSR, xsave, bndcsr_state, extended_state_area);
#  515|   			assign_xsave(XFEATURE_OPMASK, xsave, opmask_reg, extended_state_area);
#  516|-> 			assign_xsave(XFEATURE_ZMM_Hi256, xsave, zmm_upper, extended_state_area);
#  517|   			assign_xsave(XFEATURE_Hi16_ZMM, xsave, hi16_zmm, extended_state_area);
#  518|   			assign_xsave(XFEATURE_PKRU, xsave, pkru, extended_state_area);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def75]
criu-4.1.1/criu/arch/x86/crtools.c:517:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/arch/x86/crtools.c:436:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:441:14: branch_false: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:441:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:444:9: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:491:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:503:21: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:503:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:512:25: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:517:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:517:25: danger: dereference of NULL ‘0’
#  515|   			assign_xsave(XFEATURE_OPMASK, xsave, opmask_reg, extended_state_area);
#  516|   			assign_xsave(XFEATURE_ZMM_Hi256, xsave, zmm_upper, extended_state_area);
#  517|-> 			assign_xsave(XFEATURE_Hi16_ZMM, xsave, hi16_zmm, extended_state_area);
#  518|   			assign_xsave(XFEATURE_PKRU, xsave, pkru, extended_state_area);
#  519|   		}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def76]
criu-4.1.1/criu/arch/x86/crtools.c:518:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/arch/x86/crtools.c:436:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:441:14: branch_false: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:441:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:444:9: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:491:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:503:21: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:503:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:512:25: branch_true: ...to here
criu-4.1.1/criu/arch/x86/crtools.c:518:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/arch/x86/crtools.c:518:25: danger: dereference of NULL ‘0’
#  516|   			assign_xsave(XFEATURE_ZMM_Hi256, xsave, zmm_upper, extended_state_area);
#  517|   			assign_xsave(XFEATURE_Hi16_ZMM, xsave, hi16_zmm, extended_state_area);
#  518|-> 			assign_xsave(XFEATURE_PKRU, xsave, pkru, extended_state_area);
#  519|   		}
#  520|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def77]
criu-4.1.1/criu/arch/x86/shstk.c:108:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/arch/x86/shstk.c:108:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/shstk.c:108:9: branch_false: ...to here
criu-4.1.1/criu/arch/x86/shstk.c:108:9: danger: dereference of NULL ‘0’
#  106|   		return 0;
#  107|   
#  108|-> 	futex_wait_until(&rsti(item)->shstk_enable, 1);
#  109|   
#  110|   	if (ptrace(PTRACE_SEIZE, pid, 0, 0)) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def78]
criu-4.1.1/criu/arch/x86/shstk.c:151:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/arch/x86/shstk.c:145:13: enter_function: entry to ‘shstk_sync_unlock’
criu-4.1.1/criu/arch/x86/shstk.c:148:9: call_function: calling ‘futex_set_and_wake’ from ‘shstk_sync_unlock’
criu-4.1.1/criu/arch/x86/shstk.c:148:9: return_function: returning to ‘shstk_sync_unlock’ from ‘futex_set_and_wake’
criu-4.1.1/criu/arch/x86/shstk.c:151:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/arch/x86/shstk.c:151:9: branch_false: ...to here
criu-4.1.1/criu/arch/x86/shstk.c:151:9: danger: dereference of NULL ‘0’
#  149|   
#  150|   	/* ... and wait until it unlocks its features with ptrace */
#  151|-> 	futex_wait_until(&rsti(item)->shstk_unlock, 1);
#  152|   }
#  153|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def79]
criu-4.1.1/criu/autofs.c:170:22: warning[-Wanalyzer-malloc-leak]: leak of ‘fdopendir(do_open_proc(pgrp, 0, "fd"))’
criu-4.1.1/criu/autofs.c:164:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:164:15: branch_false: ...to here
criu-4.1.1/criu/autofs.c:164:15: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:164:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:168:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:170:22: danger: ‘fdopendir(do_open_proc(pgrp, 0, "fd"))’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  168|   	*read_fd = -1;
#  169|   
#  170|-> 	while ((de = readdir(dir))) {
#  171|   		struct stat buf;
#  172|   		int found, mode, fd;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def80]
criu-4.1.1/criu/autofs.c:341:13: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:336:15: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:336:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:341:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:341:13: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  339|   	}
#  340|   
#  341|-> 	f = fopen_proc(getpid(), "mountinfo");
#  342|   	if (!f)
#  343|   		goto free_str;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def81]
criu-4.1.1/criu/autofs.c:355:39: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:336:15: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:336:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:341:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:341:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:342:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/autofs.c:345:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:346:21: branch_true: ...to here
criu-4.1.1/criu/autofs.c:353:24: branch_true: following ‘true’ branch (when ‘token’ is non-NULL)...
criu-4.1.1/criu/autofs.c:354:29: branch_true: ...to here
criu-4.1.1/criu/autofs.c:354:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:355:39: branch_true: ...to here
criu-4.1.1/criu/autofs.c:355:39: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#  353|   		while ((token = strsep(&str, " ")) != NULL) {
#  354|   			if (mnt_id == -1) {
#  355|-> 				ret = xatoi(token, &mnt_id);
#  356|   				if (ret)
#  357|   					goto close_proc;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def82]
criu-4.1.1/criu/autofs.c:355:39: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/autofs.c:336:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:341:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:341:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:341:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:341:13: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:341:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/autofs.c:342:12: branch_false: ...to here
criu-4.1.1/criu/autofs.c:342:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/autofs.c:345:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:346:21: branch_true: ...to here
criu-4.1.1/criu/autofs.c:353:24: branch_true: following ‘true’ branch (when ‘token’ is non-NULL)...
criu-4.1.1/criu/autofs.c:354:29: branch_true: ...to here
criu-4.1.1/criu/autofs.c:354:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:355:39: branch_true: ...to here
criu-4.1.1/criu/autofs.c:355:39: danger: ‘__f’ leaks here; was allocated at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
#  353|   		while ((token = strsep(&str, " ")) != NULL) {
#  354|   			if (mnt_id == -1) {
#  355|-> 				ret = xatoi(token, &mnt_id);
#  356|   				if (ret)
#  357|   					goto close_proc;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def83]
criu-4.1.1/criu/autofs.c:364:47: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:336:15: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:336:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:341:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:341:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:342:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/autofs.c:345:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:346:21: branch_true: ...to here
criu-4.1.1/criu/autofs.c:354:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:355:39: branch_true: ...to here
criu-4.1.1/criu/autofs.c:356:36: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:358:47: branch_false: ...to here
criu-4.1.1/criu/autofs.c:360:35: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:362:38: branch_true: ...to here
criu-4.1.1/criu/autofs.c:364:47: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/autofs.c:364:47: branch_true: ...to here
criu-4.1.1/criu/autofs.c:364:47: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0)
#  362|   				free(pm->options);
#  363|   
#  364|-> 				pm->options = xstrdup(token);
#  365|   				if (!pm->options)
#  366|   					pr_err("failed to duplicate string\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def84]
criu-4.1.1/criu/autofs.c:364:47: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/autofs.c:336:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:341:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:341:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:341:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:341:13: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:341:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/autofs.c:342:12: branch_false: ...to here
criu-4.1.1/criu/autofs.c:342:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/autofs.c:345:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:346:21: branch_true: ...to here
criu-4.1.1/criu/autofs.c:354:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:355:39: branch_true: ...to here
criu-4.1.1/criu/autofs.c:356:36: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:358:47: branch_false: ...to here
criu-4.1.1/criu/autofs.c:360:35: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:362:38: branch_true: ...to here
criu-4.1.1/criu/autofs.c:364:47: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/autofs.c:364:47: branch_true: ...to here
criu-4.1.1/criu/autofs.c:364:47: danger: ‘__f’ leaks here; was allocated at [(5)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/4)
#  362|   				free(pm->options);
#  363|   
#  364|-> 				pm->options = xstrdup(token);
#  365|   				if (!pm->options)
#  366|   					pr_err("failed to duplicate string\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def85]
criu-4.1.1/criu/autofs.c:366:41: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:336:15: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:336:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:341:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:341:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:342:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/autofs.c:345:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:346:21: branch_true: ...to here
criu-4.1.1/criu/autofs.c:354:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:355:39: branch_true: ...to here
criu-4.1.1/criu/autofs.c:356:36: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:358:47: branch_false: ...to here
criu-4.1.1/criu/autofs.c:360:35: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:362:38: branch_true: ...to here
criu-4.1.1/criu/autofs.c:364:47: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/autofs.c:364:47: branch_true: ...to here
criu-4.1.1/criu/autofs.c:365:36: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/autofs.c:366:41: branch_true: ...to here
criu-4.1.1/criu/autofs.c:366:41: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
#  364|   				pm->options = xstrdup(token);
#  365|   				if (!pm->options)
#  366|-> 					pr_err("failed to duplicate string\n");
#  367|   				else
#  368|   					ret = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def86]
criu-4.1.1/criu/autofs.c:366:41: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/autofs.c:336:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:341:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:341:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:341:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:341:13: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:341:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/autofs.c:342:12: branch_false: ...to here
criu-4.1.1/criu/autofs.c:342:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/autofs.c:345:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:346:21: branch_true: ...to here
criu-4.1.1/criu/autofs.c:354:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:355:39: branch_true: ...to here
criu-4.1.1/criu/autofs.c:356:36: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:358:47: branch_false: ...to here
criu-4.1.1/criu/autofs.c:360:35: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:362:38: branch_true: ...to here
criu-4.1.1/criu/autofs.c:364:47: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/autofs.c:364:47: branch_true: ...to here
criu-4.1.1/criu/autofs.c:365:36: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/autofs.c:366:41: branch_true: ...to here
criu-4.1.1/criu/autofs.c:366:41: danger: ‘__f’ leaks here; was allocated at [(5)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/4)
#  364|   				pm->options = xstrdup(token);
#  365|   				if (!pm->options)
#  366|-> 					pr_err("failed to duplicate string\n");
#  367|   				else
#  368|   					ret = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def87]
criu-4.1.1/criu/autofs.c:374:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:336:15: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:336:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:341:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:341:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:342:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/autofs.c:374:9: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/0)
#  372|   	}
#  373|   
#  374|-> 	pr_err("failed to find autofs mount with mnt_id %d\n", pm->mnt_id);
#  375|   	ret = -ENOENT;
#  376|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def88]
criu-4.1.1/criu/autofs.c:374:9: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/autofs.c:336:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:341:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:341:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:341:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:341:13: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:341:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/autofs.c:342:12: branch_false: ...to here
criu-4.1.1/criu/autofs.c:342:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/autofs.c:374:9: danger: ‘__f’ leaks here; was allocated at [(5)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/4)
#  372|   	}
#  373|   
#  374|-> 	pr_err("failed to find autofs mount with mnt_id %d\n", pm->mnt_id);
#  375|   	ret = -ENOENT;
#  376|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def89]
criu-4.1.1/criu/autofs.c:556:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:553:17: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:553:17: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:556:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:556:9: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
#  554|   	if (!entry)
#  555|   		return -1;
#  556|-> 	autofs_entry__init(entry);
#  557|   
#  558|   	err = autofs_create_entry(pm, entry);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def90]
criu-4.1.1/criu/autofs.c:631:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1059:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1063:74: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1063:15: call_function: calling ‘autofs_post_mount’ from ‘autofs_mount’
#  629|   	err = ioctl(fd, cmd, param);
#  630|   	if (err)
#  631|-> 		pr_perror("%s ioctl failed", path);
#  632|   
#  633|   	return err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def91]
criu-4.1.1/criu/autofs.c:631:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1059:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1063:74: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1063:15: call_function: calling ‘autofs_post_mount’ from ‘autofs_mount’
#  629|   	err = ioctl(fd, cmd, param);
#  630|   	if (err)
#  631|-> 		pr_perror("%s ioctl failed", path);
#  632|   
#  633|   	return err;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def92]
criu-4.1.1/criu/autofs.c:641:14: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1059:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1063:74: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1063:15: call_function: calling ‘autofs_post_mount’ from ‘autofs_mount’
#  639|   	int fd, err;
#  640|   
#  641|-> 	fd = open(path, O_RDONLY);
#  642|   	if (fd == -1) {
#  643|   		pr_perror("failed to open %s", path);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def93]
criu-4.1.1/criu/autofs.c:641:14: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:694:12: enter_function: entry to ‘autofs_mnt_open’
criu-4.1.1/criu/autofs.c:703:17: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:703:17: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:707:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:712:15: call_function: calling ‘autofs_dev_ioctl’ from ‘autofs_mnt_open’
#  639|   	int fd, err;
#  640|   
#  641|-> 	fd = open(path, O_RDONLY);
#  642|   	if (fd == -1) {
#  643|   		pr_perror("failed to open %s", path);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def94]
criu-4.1.1/criu/autofs.c:643:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1059:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1063:74: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1063:15: call_function: calling ‘autofs_post_mount’ from ‘autofs_mount’
#  641|   	fd = open(path, O_RDONLY);
#  642|   	if (fd == -1) {
#  643|-> 		pr_perror("failed to open %s", path);
#  644|   		return -1;
#  645|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def95]
criu-4.1.1/criu/autofs.c:643:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1059:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1063:74: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1063:15: call_function: calling ‘autofs_post_mount’ from ‘autofs_mount’
#  641|   	fd = open(path, O_RDONLY);
#  642|   	if (fd == -1) {
#  643|-> 		pr_perror("failed to open %s", path);
#  644|   		return -1;
#  645|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def96]
criu-4.1.1/criu/autofs.c:649:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1059:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1063:74: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1063:15: call_function: calling ‘autofs_post_mount’ from ‘autofs_mount’
#  647|   	err = autofs_ioctl(path, fd, cmd, param);
#  648|   
#  649|-> 	close(fd);
#  650|   	return err;
#  651|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def97]
criu-4.1.1/criu/autofs.c:649:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1059:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1063:74: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1063:15: call_function: calling ‘autofs_post_mount’ from ‘autofs_mount’
#  647|   	err = autofs_ioctl(path, fd, cmd, param);
#  648|   
#  649|-> 	close(fd);
#  650|   	return err;
#  651|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def98]
criu-4.1.1/criu/autofs.c:700:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1059:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1063:74: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1063:15: call_function: calling ‘autofs_post_mount’ from ‘autofs_mount’
#  698|   	size_t size, fd;
#  699|   
#  700|-> 	pr_info("%s: open mount %s\n", __func__, mnt_path);
#  701|   
#  702|   	size = sizeof(*param) + strlen(mnt_path) + 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def99]
criu-4.1.1/criu/autofs.c:700:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1059:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1063:74: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1063:15: call_function: calling ‘autofs_post_mount’ from ‘autofs_mount’
#  698|   	size_t size, fd;
#  699|   
#  700|-> 	pr_info("%s: open mount %s\n", __func__, mnt_path);
#  701|   
#  702|   	size = sizeof(*param) + strlen(mnt_path) + 1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def100]
criu-4.1.1/criu/autofs.c:703:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1059:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1063:74: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1063:15: call_function: calling ‘autofs_post_mount’ from ‘autofs_mount’
#  701|   
#  702|   	size = sizeof(*param) + strlen(mnt_path) + 1;
#  703|-> 	param = xmalloc(size);
#  704|   	if (!param)
#  705|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def101]
criu-4.1.1/criu/autofs.c:703:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1059:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1063:74: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1063:15: call_function: calling ‘autofs_post_mount’ from ‘autofs_mount’
#  701|   
#  702|   	size = sizeof(*param) + strlen(mnt_path) + 1;
#  703|-> 	param = xmalloc(size);
#  704|   	if (!param)
#  705|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def102]
criu-4.1.1/criu/autofs.c:729:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1058:15: call_function: calling ‘autofs_populate_mount’ from ‘autofs_mount’
#  727|   		char *path, *rel_path;
#  728|   
#  729|-> 		rel_path = get_relative_path(c->ns_mountpoint, mi->ns_mountpoint);
#  730|   		if (!rel_path) {
#  731|   			pr_err("Can't get path %s relative to %s\n", c->ns_mountpoint, mi->ns_mountpoint);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def103]
criu-4.1.1/criu/autofs.c:729:28: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1058:15: call_function: calling ‘autofs_populate_mount’ from ‘autofs_mount’
#  727|   		char *path, *rel_path;
#  728|   
#  729|-> 		rel_path = get_relative_path(c->ns_mountpoint, mi->ns_mountpoint);
#  730|   		if (!rel_path) {
#  731|   			pr_err("Can't get path %s relative to %s\n", c->ns_mountpoint, mi->ns_mountpoint);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def104]
criu-4.1.1/criu/autofs.c:731:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1058:15: call_function: calling ‘autofs_populate_mount’ from ‘autofs_mount’
#  729|   		rel_path = get_relative_path(c->ns_mountpoint, mi->ns_mountpoint);
#  730|   		if (!rel_path) {
#  731|-> 			pr_err("Can't get path %s relative to %s\n", c->ns_mountpoint, mi->ns_mountpoint);
#  732|   			return -1;
#  733|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def105]
criu-4.1.1/criu/autofs.c:731:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1058:15: call_function: calling ‘autofs_populate_mount’ from ‘autofs_mount’
#  729|   		rel_path = get_relative_path(c->ns_mountpoint, mi->ns_mountpoint);
#  730|   		if (!rel_path) {
#  731|-> 			pr_err("Can't get path %s relative to %s\n", c->ns_mountpoint, mi->ns_mountpoint);
#  732|   			return -1;
#  733|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def106]
criu-4.1.1/criu/autofs.c:739:24: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1058:15: call_function: calling ‘autofs_populate_mount’ from ‘autofs_mount’
#  737|   			continue;
#  738|   
#  739|-> 		path = xsprintf("%s/%s", mnt_path, rel_path);
#  740|   		if (!path)
#  741|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def107]
criu-4.1.1/criu/autofs.c:739:24: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1058:15: call_function: calling ‘autofs_populate_mount’ from ‘autofs_mount’
#  737|   			continue;
#  738|   
#  739|-> 		path = xsprintf("%s/%s", mnt_path, rel_path);
#  740|   		if (!path)
#  741|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def108]
criu-4.1.1/criu/autofs.c:743:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1058:15: call_function: calling ‘autofs_populate_mount’ from ‘autofs_mount’
#  741|   			return -1;
#  742|   		if (mkdir(path, 0555) < 0) {
#  743|-> 			pr_perror("Failed to create autofs dentry %s", path);
#  744|   			free(path);
#  745|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def109]
criu-4.1.1/criu/autofs.c:743:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1058:15: call_function: calling ‘autofs_populate_mount’ from ‘autofs_mount’
#  741|   			return -1;
#  742|   		if (mkdir(path, 0555) < 0) {
#  743|-> 			pr_perror("Failed to create autofs dentry %s", path);
#  744|   			free(path);
#  745|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def110]
criu-4.1.1/criu/autofs.c:757:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1058:15: call_function: calling ‘autofs_populate_mount’ from ‘autofs_mount’
#  755|   		return 0;
#  756|   
#  757|-> 	return autofs_create_dentries(mi, service_mountpoint(mi));
#  758|   }
#  759|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def111]
criu-4.1.1/criu/autofs.c:757:16: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1058:15: call_function: calling ‘autofs_populate_mount’ from ‘autofs_mount’
#  755|   		return 0;
#  756|   
#  757|-> 	return autofs_create_dentries(mi, service_mountpoint(mi));
#  758|   }
#  759|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def112]
criu-4.1.1/criu/autofs.c:764:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1059:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1063:74: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1063:15: call_function: calling ‘autofs_post_mount’ from ‘autofs_mount’
#  762|   	int mnt_fd;
#  763|   
#  764|-> 	pr_info("%s: set timeout for %s and make it catatonic\n", __func__, mnt_path);
#  765|   
#  766|   	mnt_fd = autofs_mnt_open(mnt_path, mnt_dev);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def113]
criu-4.1.1/criu/autofs.c:764:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:1000:5: enter_function: entry to ‘autofs_mount’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1059:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1063:74: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1063:15: call_function: calling ‘autofs_post_mount’ from ‘autofs_mount’
#  762|   	int mnt_fd;
#  763|   
#  764|-> 	pr_info("%s: set timeout for %s and make it catatonic\n", __func__, mnt_path);
#  765|   
#  766|   	mnt_fd = autofs_mnt_open(mnt_path, mnt_dev);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def114]
criu-4.1.1/criu/autofs.c:949:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/autofs.c:949:9: branch_true: following ‘true’ branch (when ‘master’ is NULL)...
criu-4.1.1/criu/autofs.c:949:9: branch_true: ...to here
criu-4.1.1/criu/autofs.c:949:9: danger: dereference of NULL ‘0’
#  947|   	else
#  948|   		master = pstree_item_by_virt(entry->pgrp);
#  949|-> 	BUG_ON(!master);
#  950|   
#  951|   	ple = autofs_pipe_le(master, entry);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def115]
criu-4.1.1/criu/autofs.c:1022:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1022:16: danger: ‘control_pipe[0]’ leaks here
# 1020|   		mode = "offset";
# 1021|   
# 1022|-> 	opts = xsprintf("fd=%d,pgrp=%d,minproto=%d,maxproto=%d,%s", control_pipe[1], getpgrp(), entry->minproto,
# 1023|   			entry->maxproto, mode);
# 1024|   	if (opts && entry->has_uid)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def116]
criu-4.1.1/criu/autofs.c:1022:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[1]’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1022:16: danger: ‘control_pipe[1]’ leaks here
# 1020|   		mode = "offset";
# 1021|   
# 1022|-> 	opts = xsprintf("fd=%d,pgrp=%d,minproto=%d,maxproto=%d,%s", control_pipe[1], getpgrp(), entry->minproto,
# 1023|   			entry->maxproto, mode);
# 1024|   	if (opts && entry->has_uid)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def117]
criu-4.1.1/criu/autofs.c:1025:24: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1025:24: danger: ‘control_pipe[0]’ leaks here
# 1023|   			entry->maxproto, mode);
# 1024|   	if (opts && entry->has_uid)
# 1025|-> 		opts = xstrcat(opts, ",uid=%d", entry->uid);
# 1026|   	if (opts && entry->has_gid)
# 1027|   		opts = xstrcat(opts, ",gid=%d", entry->gid);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def118]
criu-4.1.1/criu/autofs.c:1027:24: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1027:24: danger: ‘control_pipe[0]’ leaks here
# 1025|   		opts = xstrcat(opts, ",uid=%d", entry->uid);
# 1026|   	if (opts && entry->has_gid)
# 1027|-> 		opts = xstrcat(opts, ",gid=%d", entry->gid);
# 1028|   	if (!opts) {
# 1029|   		pr_err("Failed to create options string\n");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def119]
criu-4.1.1/criu/autofs.c:1029:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_true: following ‘true’ branch (when ‘opts’ is NULL)...
criu-4.1.1/criu/autofs.c:1029:17: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1029:17: danger: ‘control_pipe[0]’ leaks here
# 1027|   		opts = xstrcat(opts, ",gid=%d", entry->gid);
# 1028|   	if (!opts) {
# 1029|-> 		pr_err("Failed to create options string\n");
# 1030|   		goto close_pipe;
# 1031|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def120]
criu-4.1.1/criu/autofs.c:1033:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1033:9: danger: ‘control_pipe[0]’ leaks here
# 1031|   	}
# 1032|   
# 1033|-> 	pr_info("autofs: mounting to %s with options: \"%s\"\n", service_mountpoint(mi), opts);
# 1034|   
# 1035|   	if (mount(source, service_mountpoint(mi), filesystemtype, mountflags, opts) < 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def121]
criu-4.1.1/criu/autofs.c:1035:27: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:27: danger: ‘control_pipe[0]’ leaks here
# 1033|   	pr_info("autofs: mounting to %s with options: \"%s\"\n", service_mountpoint(mi), opts);
# 1034|   
# 1035|-> 	if (mount(source, service_mountpoint(mi), filesystemtype, mountflags, opts) < 0) {
# 1036|   		pr_perror("Failed to mount autofs to %s", service_mountpoint(mi));
# 1037|   		goto free_opts;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def122]
criu-4.1.1/criu/autofs.c:1036:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1036:17: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1036:17: danger: ‘control_pipe[0]’ leaks here
# 1034|   
# 1035|   	if (mount(source, service_mountpoint(mi), filesystemtype, mountflags, opts) < 0) {
# 1036|-> 		pr_perror("Failed to mount autofs to %s", service_mountpoint(mi));
# 1037|   		goto free_opts;
# 1038|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def123]
criu-4.1.1/criu/autofs.c:1040:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/autofs.c:1040:16: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1040:16: danger: ‘control_pipe[0]’ leaks here
# 1038|   	}
# 1039|   
# 1040|-> 	info = xmalloc(sizeof(*info));
# 1041|   	if (!info)
# 1042|   		goto umount;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def124]
criu-4.1.1/criu/autofs.c:1051:18: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:18: danger: ‘control_pipe[0]’ leaks here
# 1049|   	 * shared data in autofs_add_mount_info().
# 1050|   	 */
# 1051|-> 	if (stat(service_mountpoint(mi), &buf) < 0) {
# 1052|   		pr_perror("Failed to stat %s", service_mountpoint(mi));
# 1053|   		goto free_info;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def125]
criu-4.1.1/criu/autofs.c:1051:18: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:18: danger: ‘___p’ leaks here; was allocated at [(14)](sarif:/runs/0/results/52/codeFlows/0/threadFlows/0/locations/13)
# 1049|   	 * shared data in autofs_add_mount_info().
# 1050|   	 */
# 1051|-> 	if (stat(service_mountpoint(mi), &buf) < 0) {
# 1052|   		pr_perror("Failed to stat %s", service_mountpoint(mi));
# 1053|   		goto free_info;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def126]
criu-4.1.1/criu/autofs.c:1052:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1052:17: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1052:17: danger: ‘control_pipe[0]’ leaks here
# 1050|   	 */
# 1051|   	if (stat(service_mountpoint(mi), &buf) < 0) {
# 1052|-> 		pr_perror("Failed to stat %s", service_mountpoint(mi));
# 1053|   		goto free_info;
# 1054|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def127]
criu-4.1.1/criu/autofs.c:1052:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1052:17: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1052:17: danger: ‘___p’ leaks here; was allocated at [(14)](sarif:/runs/0/results/54/codeFlows/0/threadFlows/0/locations/13)
# 1050|   	 */
# 1051|   	if (stat(service_mountpoint(mi), &buf) < 0) {
# 1052|-> 		pr_perror("Failed to stat %s", service_mountpoint(mi));
# 1053|   		goto free_info;
# 1054|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def128]
criu-4.1.1/criu/autofs.c:1063:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1059:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1063:74: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1063:33: danger: ‘control_pipe[0]’ leaks here
# 1061|   
# 1062|   	/* In case of catatonic mounts all we need as the function call below */
# 1063|-> 	ret = autofs_post_mount(service_mountpoint(mi), buf.st_dev, entry->timeout);
# 1064|   	if (ret < 0)
# 1065|   		goto free_info;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def129]
criu-4.1.1/criu/autofs.c:1063:33: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1040:16: acquire_memory: allocated here
criu-4.1.1/criu/autofs.c:1040:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1051:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1055:25: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1059:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1063:74: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1063:33: danger: ‘___p’ leaks here; was allocated at [(14)](sarif:/runs/0/results/58/codeFlows/0/threadFlows/0/locations/13)
# 1061|   
# 1062|   	/* In case of catatonic mounts all we need as the function call below */
# 1063|-> 	ret = autofs_post_mount(service_mountpoint(mi), buf.st_dev, entry->timeout);
# 1064|   	if (ret < 0)
# 1065|   		goto free_info;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def130]
criu-4.1.1/criu/autofs.c:1079:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_true: following ‘true’ branch (when ‘opts’ is NULL)...
criu-4.1.1/criu/autofs.c:1029:17: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1079:9: danger: ‘control_pipe[0]’ leaks here
# 1077|   	free(opts);
# 1078|   close_pipe:
# 1079|-> 	close(control_pipe[1]);
# 1080|   	close(control_pipe[0]);
# 1081|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def131]
criu-4.1.1/criu/autofs.c:1080:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_true: following ‘true’ branch (when ‘opts’ is NULL)...
criu-4.1.1/criu/autofs.c:1029:17: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1080:9: danger: ‘control_pipe[0]’ leaks here
# 1078|   close_pipe:
# 1079|   	close(control_pipe[1]);
# 1080|-> 	close(control_pipe[0]);
# 1081|   	return ret;
# 1082|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def132]
criu-4.1.1/criu/autofs.c:1086:20: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1086:20: danger: ‘control_pipe[0]’ leaks here
# 1084|   	free(info);
# 1085|   umount:
# 1086|-> 	if (umount(service_mountpoint(mi)) < 0)
# 1087|   		pr_perror("Failed to umount %s", service_mountpoint(mi));
# 1088|   	goto close_pipe;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def133]
criu-4.1.1/criu/autofs.c:1087:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘control_pipe[0]’
criu-4.1.1/criu/autofs.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1011:13: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1011:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1017:18: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1024:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1024:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1026:12: branch_true: following ‘true’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1026:26: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1028:12: branch_false: following ‘false’ branch (when ‘opts’ is non-NULL)...
criu-4.1.1/criu/autofs.c:1033:9: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1035:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/autofs.c:1040:16: branch_false: ...to here
criu-4.1.1/criu/autofs.c:1086:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/autofs.c:1087:17: branch_true: ...to here
criu-4.1.1/criu/autofs.c:1087:17: danger: ‘control_pipe[0]’ leaks here
# 1085|   umount:
# 1086|   	if (umount(service_mountpoint(mi)) < 0)
# 1087|-> 		pr_perror("Failed to umount %s", service_mountpoint(mi));
# 1088|   	goto close_pipe;
# 1089|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def134]
criu-4.1.1/criu/bfd.c:330:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/bfd.c:310:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/bfd.c:313:16: branch_true: following ‘true’ branch (when ‘more == 1’)...
criu-4.1.1/criu/bfd.c:316:17: branch_true: ...to here
criu-4.1.1/criu/bfd.c:330:25: branch_true: following ‘true’ branch (when ‘filled > size’)...
criu-4.1.1/criu/bfd.c:330:25: branch_true: ...to here
criu-4.1.1/criu/bfd.c:330:25: danger: dereference of NULL ‘0’
#  328|   			more = brefill(bfd);
#  329|   		else {
#  330|-> 			BUG_ON(filled > size);
#  331|   			more = 0;
#  332|   		}

Error: CPPCHECK_WARNING (CWE-476): [#def135]
criu-4.1.1/criu/cgroup-props.c:129: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#  127|   			break;
#  128|   		} else
#  129|-> 			BUG();
#  130|   	}
#  131|   

Error: CPPCHECK_WARNING (CWE-682): [#def136]
criu-4.1.1/criu/cgroup-props.c:206: error[nullPointerArithmetic]: Pointer addition with NULL pointer.
#  204|   {
#  205|   	char *p = skip_ws ? skip_spaces(stream, len) : (stream ? *stream : NULL);
#  206|-> 	char *from = p + 1;
#  207|   	char *dst;
#  208|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def137]
criu-4.1.1/criu/cgroup-props.c:263:17: warning[-Wanalyzer-malloc-leak]: leak of ‘get_quoted(&stream, & len, 0)’
criu-4.1.1/criu/cgroup-props.c:498:5: enter_function: entry to ‘cgp_init’
criu-4.1.1/criu/cgroup-props.c:502:15: call_function: inlined call to ‘cgp_parse_builtins’ from ‘cgp_init’
#  261|   		}
#  262|   
#  263|-> 		pr_info("Parsing controller \"%s\"\n", p);
#  264|   
#  265|   		cgp_entry = xzalloc(sizeof(*cgp_entry));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def138]
criu-4.1.1/criu/cgroup-props.c:276:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/cgroup-props.c:498:5: enter_function: entry to ‘cgp_init’
criu-4.1.1/criu/cgroup-props.c:502:15: call_function: inlined call to ‘cgp_parse_builtins’ from ‘cgp_init’
#  274|   
#  275|   		if (!eat_symbols(&stream, &len, ":\n - ", 5, true)) {
#  276|-> 			pr_err("Expected \':\\n - \' sequence controller's %s stream\n", cgp_entry->cgp.name);
#  277|   			goto err_parse;
#  278|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def139]
criu-4.1.1/criu/cgroup.c:1906:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(cg_yard, 65536)’
criu-4.1.1/criu/cgroup.c:1870:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cgroup.c:1873:9: branch_false: ...to here
criu-4.1.1/criu/cgroup.c:1878:27: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cgroup.c:1878:17: branch_false: ...to here
criu-4.1.1/criu/cgroup.c:1879:20: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cgroup.c:1898:9: branch_false: ...to here
criu-4.1.1/criu/cgroup.c:1899:13: acquire_resource: opened here
criu-4.1.1/criu/cgroup.c:1900:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cgroup.c:1905:15: branch_false: ...to here
criu-4.1.1/criu/cgroup.c:1906:12: danger: ‘open(cg_yard, 65536)’ leaks here; was opened at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
# 1904|   
# 1905|   	ret = install_service_fd(CGROUP_YARD, i);
# 1906|-> 	if (ret < 0)
# 1907|   		return -1;
# 1908|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def140]
criu-4.1.1/criu/cgroup.c:2152:44: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/cgroup.c:2109:12: enter_function: entry to ‘rewrite_cgsets’
criu-4.1.1/criu/cgroup.c:2134:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cgroup.c:2135:35: branch_true: ...to here
criu-4.1.1/criu/cgroup.c:2137:29: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cgroup.c:2138:45: branch_true: ...to here
criu-4.1.1/criu/cgroup.c:2145:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cgroup.c:2146:45: branch_true: ...to here
criu-4.1.1/criu/cgroup.c:2145:29: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cgroup.c:2149:29: branch_true: ...to here
criu-4.1.1/criu/cgroup.c:2175:36: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cgroup.c:2180:33: branch_false: ...to here
criu-4.1.1/criu/cgroup.c:2181:36: branch_true: following ‘true’ branch (when ‘dirnew’ is NULL)...
criu-4.1.1/criu/cgroup.c:2182:50: branch_true: ...to here
criu-4.1.1/criu/cgroup.c:2182:50: acquire_memory: allocated here
criu-4.1.1/criu/cgroup.c:2182:50: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cgroup.c:2137:46: branch_false: ...to here
criu-4.1.1/criu/cgroup.c:2137:29: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cgroup.c:2138:45: branch_true: ...to here
criu-4.1.1/criu/cgroup.c:2145:31: call_function: calling ‘cgroup_contains’ from ‘rewrite_cgsets’
criu-4.1.1/criu/cgroup.c:2145:31: return_function: returning to ‘rewrite_cgsets’ from ‘cgroup_contains’
criu-4.1.1/criu/cgroup.c:2145:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cgroup.c:2146:45: branch_true: ...to here
criu-4.1.1/criu/cgroup.c:2145:29: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cgroup.c:2149:29: branch_true: ...to here
criu-4.1.1/criu/cgroup.c:2149:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cgroup.c:2152:44: danger: ‘___p’ leaks here; was allocated at [(14)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/13)
# 2150|   				char *prev = cg->path;
# 2151|   
# 2152|-> 				cg->path = xsprintf("%s%s", newroot, cg->path + cg->cgns_prefix);
# 2153|   				if (!cg->path) {
# 2154|   					cg->path = prev;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def141]
criu-4.1.1/criu/cgroup.c:2174:44: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/cgroup.c:2109:12: enter_function: entry to ‘rewrite_cgsets’
criu-4.1.1/criu/cgroup.c:2134:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cgroup.c:2135:35: branch_true: ...to here
criu-4.1.1/criu/cgroup.c:2137:29: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cgroup.c:2138:45: branch_true: ...to here
criu-4.1.1/criu/cgroup.c:2145:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cgroup.c:2146:45: branch_true: ...to here
criu-4.1.1/criu/cgroup.c:2145:29: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cgroup.c:2149:29: branch_true: ...to here
criu-4.1.1/criu/cgroup.c:2175:36: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cgroup.c:2180:33: branch_false: ...to here
criu-4.1.1/criu/cgroup.c:2181:36: branch_true: following ‘true’ branch (when ‘dirnew’ is NULL)...
criu-4.1.1/criu/cgroup.c:2182:50: branch_true: ...to here
criu-4.1.1/criu/cgroup.c:2182:50: acquire_memory: allocated here
criu-4.1.1/criu/cgroup.c:2182:50: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cgroup.c:2137:46: branch_false: ...to here
criu-4.1.1/criu/cgroup.c:2137:29: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cgroup.c:2138:45: branch_true: ...to here
criu-4.1.1/criu/cgroup.c:2145:31: call_function: calling ‘cgroup_contains’ from ‘rewrite_cgsets’
criu-4.1.1/criu/cgroup.c:2145:31: return_function: returning to ‘rewrite_cgsets’ from ‘cgroup_contains’
criu-4.1.1/criu/cgroup.c:2145:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cgroup.c:2146:45: branch_true: ...to here
criu-4.1.1/criu/cgroup.c:2145:29: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cgroup.c:2149:29: branch_true: ...to here
criu-4.1.1/criu/cgroup.c:2174:44: danger: ‘___p’ leaks here; was allocated at [(14)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/13)
# 2172|   				 * untouched.
# 2173|   				 */
# 2174|-> 				cg->path = xsprintf("%s%s", newroot, cg->path + dirlen + 1);
# 2175|   				if (!cg->path) {
# 2176|   					cg->path = prev;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def142]
criu-4.1.1/criu/cgroup.c:2293:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/cgroup.c:2284:12: branch_false: following ‘false’ branch (when ‘controller’ is non-NULL)...
criu-4.1.1/criu/cgroup.c:2289:13: branch_false: ...to here
criu-4.1.1/criu/cgroup.c:2289:13: acquire_memory: allocated here
criu-4.1.1/criu/cgroup.c:2289:13: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cgroup.c:2293:25: branch_false: ...to here
criu-4.1.1/criu/cgroup.c:2293:25: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/cgroup.c:2293:25: branch_true: ...to here
criu-4.1.1/criu/cgroup.c:2293:25: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
# 2291|   		return -1;
# 2292|   
# 2293|-> 	o->controller = xstrdup(controller);
# 2294|   	if (!o->controller)
# 2295|   		goto err_ctrl;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def143]
criu-4.1.1/criu/cgroup.c:2296:22: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/cgroup.c:2284:12: branch_false: following ‘false’ branch (when ‘controller’ is non-NULL)...
criu-4.1.1/criu/cgroup.c:2289:13: branch_false: ...to here
criu-4.1.1/criu/cgroup.c:2289:13: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cgroup.c:2293:25: branch_false: ...to here
criu-4.1.1/criu/cgroup.c:2293:25: acquire_memory: allocated here
criu-4.1.1/criu/cgroup.c:2293:25: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cgroup.c:2293:9: branch_false: ...to here
criu-4.1.1/criu/cgroup.c:2294:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cgroup.c:2296:22: branch_false: ...to here
criu-4.1.1/criu/cgroup.c:2296:22: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/cgroup.c:2296:22: branch_true: ...to here
criu-4.1.1/criu/cgroup.c:2296:22: danger: ‘___p’ leaks here; was allocated at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
# 2294|   	if (!o->controller)
# 2295|   		goto err_ctrl;
# 2296|-> 	o->newroot = xstrdup(newroot);
# 2297|   	if (!o->newroot)
# 2298|   		goto err_newroot;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def144]
criu-4.1.1/criu/clone-noasan.c:41:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/clone-noasan.c:41:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/clone-noasan.c:41:9: danger: dereference of NULL ‘0’
#   39|   	void *stack_ptr = (void *)round_down((unsigned long)&stack_ptr - 1024, 16);
#   40|   
#   41|-> 	BUG_ON((flags & CLONE_VM) && !(flags & CLONE_VFORK));
#   42|   	/*
#   43|   	 * Reserve some bytes for clone() internal needs

Error: GCC_ANALYZER_WARNING (CWE-476): [#def145]
criu-4.1.1/criu/clone-noasan.c:53:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/clone-noasan.c:53:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/clone-noasan.c:53:9: branch_true: ...to here
criu-4.1.1/criu/clone-noasan.c:53:9: danger: dereference of NULL ‘0’
#   51|   	struct _clone_args c_args = {};
#   52|   
#   53|-> 	BUG_ON(flags & CLONE_VM);
#   54|   
#   55|   	/*

Error: GCC_ANALYZER_WARNING (CWE-476): [#def146]
criu-4.1.1/criu/clone-noasan.c:59:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/clone-noasan.c:53:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/clone-noasan.c:59:9: branch_false: ...to here
criu-4.1.1/criu/clone-noasan.c:59:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/clone-noasan.c:59:9: branch_true: ...to here
criu-4.1.1/criu/clone-noasan.c:59:9: danger: dereference of NULL ‘0’
#   57|   	 * exit_signal for that.
#   58|   	 */
#   59|-> 	BUG_ON(flags & 0xff);
#   60|   
#   61|   	pr_debug("Creating process using clone3()\n");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def147]
criu-4.1.1/criu/config.c:266:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(filepath, "r")’
criu-4.1.1/criu/config.c:603:5: enter_function: entry to ‘parse_options’
criu-4.1.1/criu/config.c:716:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/config.c:722:20: branch_true: following ‘true’ branch (when ‘opt == -1’)...
criu-4.1.1/criu/config.c:724:28: branch_true: ...to here
criu-4.1.1/criu/config.c:735:33: call_function: calling ‘next_config’ from ‘parse_options’
#  264|   		return NULL;
#  265|   
#  266|-> 	pr_debug("Parsing config file %s\n", filepath);
#  267|   
#  268|   	configuration = xmalloc(config_size * sizeof(char *));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def148]
criu-4.1.1/criu/config.c:266:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filepath, "r")’
criu-4.1.1/criu/config.c:603:5: enter_function: entry to ‘parse_options’
criu-4.1.1/criu/config.c:716:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/config.c:722:20: branch_true: following ‘true’ branch (when ‘opt == -1’)...
criu-4.1.1/criu/config.c:724:28: branch_true: ...to here
criu-4.1.1/criu/config.c:735:33: call_function: calling ‘next_config’ from ‘parse_options’
#  264|   		return NULL;
#  265|   
#  266|-> 	pr_debug("Parsing config file %s\n", filepath);
#  267|   
#  268|   	configuration = xmalloc(config_size * sizeof(char *));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def149]
criu-4.1.1/criu/config.c:268:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(filepath, "r")’
criu-4.1.1/criu/config.c:603:5: enter_function: entry to ‘parse_options’
criu-4.1.1/criu/config.c:716:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/config.c:722:20: branch_true: following ‘true’ branch (when ‘opt == -1’)...
criu-4.1.1/criu/config.c:724:28: branch_true: ...to here
criu-4.1.1/criu/config.c:735:33: call_function: calling ‘next_config’ from ‘parse_options’
#  266|   	pr_debug("Parsing config file %s\n", filepath);
#  267|   
#  268|-> 	configuration = xmalloc(config_size * sizeof(char *));
#  269|   	if (configuration == NULL) {
#  270|   		fclose(configfile);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def150]
criu-4.1.1/criu/config.c:268:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(filepath, "r")’
criu-4.1.1/criu/config.c:603:5: enter_function: entry to ‘parse_options’
criu-4.1.1/criu/config.c:716:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/config.c:722:20: branch_true: following ‘true’ branch (when ‘opt == -1’)...
criu-4.1.1/criu/config.c:724:28: branch_true: ...to here
criu-4.1.1/criu/config.c:735:33: call_function: calling ‘next_config’ from ‘parse_options’
#  266|   	pr_debug("Parsing config file %s\n", filepath);
#  267|   
#  268|-> 	configuration = xmalloc(config_size * sizeof(char *));
#  269|   	if (configuration == NULL) {
#  270|   		fclose(configfile);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def151]
criu-4.1.1/criu/config.c:295:41: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/config.c:603:5: enter_function: entry to ‘parse_options’
criu-4.1.1/criu/config.c:716:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/config.c:722:20: branch_true: following ‘true’ branch (when ‘opt == -1’)...
criu-4.1.1/criu/config.c:724:28: branch_true: ...to here
criu-4.1.1/criu/config.c:735:33: call_function: calling ‘next_config’ from ‘parse_options’
#  293|   		if (i + spaces >= config_size - 1) {
#  294|   			config_size += spaces;
#  295|-> 			configuration = xrealloc(configuration, config_size * sizeof(char *));
#  296|   			if (configuration == NULL) {
#  297|   				fclose(configfile);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def152]
criu-4.1.1/criu/cr-check.c:97:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘slave’
criu-4.1.1/criu/cr-check.c:79:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:84:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:84:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:89:21: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:90:17: acquire_resource: opened here
criu-4.1.1/criu/cr-check.c:91:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:97:17: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:97:17: danger: ‘slave’ leaks here; was opened at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#   95|   		}
#   96|   	} else {
#   97|-> 		pr_err("Managed to open locked pty.\n");
#   98|   		goto out;
#   99|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def153]
criu-4.1.1/criu/cr-check.c:103:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘slave’
criu-4.1.1/criu/cr-check.c:79:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:84:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:84:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:89:21: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:90:17: acquire_resource: opened here
criu-4.1.1/criu/cr-check.c:91:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:97:17: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:103:9: danger: ‘slave’ leaks here; was opened at [(5)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/4)
#  101|   	ret = 0;
#  102|   out:
#  103|-> 	close_safe(&master);
#  104|   	close_safe(&slave);
#  105|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def154]
criu-4.1.1/criu/cr-check.c:104:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘slave’
criu-4.1.1/criu/cr-check.c:79:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:84:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:84:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:89:21: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:90:17: acquire_resource: opened here
criu-4.1.1/criu/cr-check.c:91:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:97:17: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:104:9: danger: ‘slave’ leaks here; was opened at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4)
#  102|   out:
#  103|   	close_safe(&master);
#  104|-> 	close_safe(&slave);
#  105|   	return ret;
#  106|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def155]
criu-4.1.1/criu/cr-check.c:141:15: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘ns.<Uf280>.net.nlsk’
criu-4.1.1/criu/cr-check.c:135:23: acquire_resource: socket created here
criu-4.1.1/criu/cr-check.c:136:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:141:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:141:15: danger: ‘ns.<Uf280>.net.nlsk’ leaks here
#  139|   	}
#  140|   
#  141|-> 	ret = collect_sockets(&ns);
#  142|   	if (!ret)
#  143|   		return 0;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def156]
criu-4.1.1/criu/cr-check.c:373:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/cr-check.c:366:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:371:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:372:12: branch_true: following ‘true’ branch (when ‘efd < 0’)...
criu-4.1.1/criu/cr-check.c:373:17: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:373:17: danger: ‘pfd[0]’ leaks here
#  371|   	efd = epoll_create(1);
#  372|   	if (efd < 0) {
#  373|-> 		pr_perror("Can't make epoll fd");
#  374|   		goto pipe_err;
#  375|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def157]
criu-4.1.1/criu/cr-check.c:373:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/cr-check.c:366:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:371:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:372:12: branch_true: following ‘true’ branch (when ‘efd < 0’)...
criu-4.1.1/criu/cr-check.c:373:17: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:373:17: danger: ‘pfd[1]’ leaks here
#  371|   	efd = epoll_create(1);
#  372|   	if (efd < 0) {
#  373|-> 		pr_perror("Can't make epoll fd");
#  374|   		goto pipe_err;
#  375|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def158]
criu-4.1.1/criu/cr-check.c:381:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/cr-check.c:366:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:371:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:372:12: branch_false: following ‘false’ branch (when ‘efd >= 0’)...
criu-4.1.1/criu/cr-check.c:377:9: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:380:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-check.c:381:17: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:381:17: danger: ‘pfd[1]’ leaks here
#  379|   
#  380|   	if (epoll_ctl(efd, EPOLL_CTL_ADD, pfd[0], &ev)) {
#  381|-> 		pr_perror("Can't add epoll tfd");
#  382|   		goto epoll_err;
#  383|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def159]
criu-4.1.1/criu/cr-check.c:385:15: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/cr-check.c:366:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:371:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:372:12: branch_false: following ‘false’ branch (when ‘efd >= 0’)...
criu-4.1.1/criu/cr-check.c:377:9: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:380:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:385:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:385:15: danger: ‘pfd[1]’ leaks here
#  383|   	}
#  384|   
#  385|-> 	ret = parse_fdinfo(efd, FD_TYPES__EVENTPOLL, &efe);
#  386|   	if (ret) {
#  387|   		pr_err("Error parsing proc fdinfo\n");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def160]
criu-4.1.1/criu/cr-check.c:387:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/cr-check.c:366:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:371:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:372:12: branch_false: following ‘false’ branch (when ‘efd >= 0’)...
criu-4.1.1/criu/cr-check.c:377:9: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:380:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:385:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:386:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-check.c:387:17: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:387:17: danger: ‘pfd[1]’ leaks here
#  385|   	ret = parse_fdinfo(efd, FD_TYPES__EVENTPOLL, &efe);
#  386|   	if (ret) {
#  387|-> 		pr_err("Error parsing proc fdinfo\n");
#  388|   		goto epoll_err;
#  389|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def161]
criu-4.1.1/criu/cr-check.c:392:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/cr-check.c:366:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:371:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:372:12: branch_false: following ‘false’ branch (when ‘efd >= 0’)...
criu-4.1.1/criu/cr-check.c:377:9: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:380:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:385:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:386:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:391:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:392:17: danger: ‘pfd[1]’ leaks here
#  390|   
#  391|   	if (efe.n_tfd != 1 || efe.tfd[0]->tfd != pfd[0]) {
#  392|-> 		pr_err("TFD mismatch (or not met)\n");
#  393|   		ret = -1;
#  394|   		goto epoll_err;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def162]
criu-4.1.1/criu/cr-check.c:397:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/cr-check.c:366:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:371:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:372:12: branch_false: following ‘false’ branch (when ‘efd >= 0’)...
criu-4.1.1/criu/cr-check.c:377:9: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:380:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:385:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:386:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:391:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:391:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:397:9: danger: ‘pfd[1]’ leaks here
#  395|   	}
#  396|   
#  397|-> 	pr_info("Epoll fdinfo works OK\n");
#  398|   
#  399|   epoll_err:

Error: GCC_ANALYZER_WARNING (CWE-775): [#def163]
criu-4.1.1/criu/cr-check.c:400:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/cr-check.c:366:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:371:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:372:12: branch_false: following ‘false’ branch (when ‘efd >= 0’)...
criu-4.1.1/criu/cr-check.c:377:9: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:380:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-check.c:381:17: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:400:9: danger: ‘pfd[1]’ leaks here
#  398|   
#  399|   epoll_err:
#  400|-> 	close(efd);
#  401|   pipe_err:
#  402|   	close(pfd[0]);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def164]
criu-4.1.1/criu/cr-check.c:402:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/cr-check.c:366:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:371:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:372:12: branch_true: following ‘true’ branch (when ‘efd < 0’)...
criu-4.1.1/criu/cr-check.c:373:17: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:402:9: danger: ‘pfd[0]’ leaks here
#  400|   	close(efd);
#  401|   pipe_err:
#  402|-> 	close(pfd[0]);
#  403|   	close(pfd[1]);
#  404|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def165]
criu-4.1.1/criu/cr-check.c:402:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/cr-check.c:366:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:371:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:372:12: branch_true: following ‘true’ branch (when ‘efd < 0’)...
criu-4.1.1/criu/cr-check.c:373:17: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:402:9: danger: ‘pfd[1]’ leaks here
#  400|   	close(efd);
#  401|   pipe_err:
#  402|-> 	close(pfd[0]);
#  403|   	close(pfd[1]);
#  404|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def166]
criu-4.1.1/criu/cr-check.c:403:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/cr-check.c:366:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:371:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:372:12: branch_true: following ‘true’ branch (when ‘efd < 0’)...
criu-4.1.1/criu/cr-check.c:373:17: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:403:9: danger: ‘pfd[1]’ leaks here
#  401|   pipe_err:
#  402|   	close(pfd[0]);
#  403|-> 	close(pfd[1]);
#  404|   
#  405|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def167]
criu-4.1.1/criu/cr-check.c:468:15: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘p[0]’
criu-4.1.1/criu/cr-check.c:462:12: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/cr-check.c:466:9: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:468:15: danger: ‘p[0]’ leaks here
#  466|   	iov.iov_base = &buf;
#  467|   	iov.iov_len = sizeof(buf);
#  468|-> 	ret = vmsplice(p[1], &iov, 1, SPLICE_F_GIFT | SPLICE_F_NONBLOCK);
#  469|   	if (ret < 0) {
#  470|   		pr_perror("Unaligned vmsplice doesn't work");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def168]
criu-4.1.1/criu/cr-check.c:468:15: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘p[1]’
criu-4.1.1/criu/cr-check.c:462:12: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/cr-check.c:466:9: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:468:15: danger: ‘p[1]’ leaks here
#  466|   	iov.iov_base = &buf;
#  467|   	iov.iov_len = sizeof(buf);
#  468|-> 	ret = vmsplice(p[1], &iov, 1, SPLICE_F_GIFT | SPLICE_F_NONBLOCK);
#  469|   	if (ret < 0) {
#  470|   		pr_perror("Unaligned vmsplice doesn't work");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def169]
criu-4.1.1/criu/cr-check.c:470:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘p[0]’
criu-4.1.1/criu/cr-check.c:462:12: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/cr-check.c:466:9: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:469:12: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/cr-check.c:470:17: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:470:17: danger: ‘p[0]’ leaks here
#  468|   	ret = vmsplice(p[1], &iov, 1, SPLICE_F_GIFT | SPLICE_F_NONBLOCK);
#  469|   	if (ret < 0) {
#  470|-> 		pr_perror("Unaligned vmsplice doesn't work");
#  471|   		goto err;
#  472|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def170]
criu-4.1.1/criu/cr-check.c:474:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘p[0]’
criu-4.1.1/criu/cr-check.c:462:12: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/cr-check.c:466:9: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:469:12: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/cr-check.c:474:9: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:474:9: danger: ‘p[0]’ leaks here
#  472|   	}
#  473|   
#  474|-> 	pr_info("Unaligned vmsplice works OK\n");
#  475|   	ret = 0;
#  476|   err:

Error: GCC_ANALYZER_WARNING (CWE-775): [#def171]
criu-4.1.1/criu/cr-check.c:477:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘p[0]’
criu-4.1.1/criu/cr-check.c:462:12: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/cr-check.c:466:9: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:469:12: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/cr-check.c:470:17: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:477:9: danger: ‘p[0]’ leaks here
#  475|   	ret = 0;
#  476|   err:
#  477|-> 	close(p[0]);
#  478|   	close(p[1]);
#  479|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def172]
criu-4.1.1/criu/cr-check.c:477:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘p[ret]’
criu-4.1.1/criu/cr-check.c:462:12: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/cr-check.c:466:9: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:469:12: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/cr-check.c:474:9: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:477:9: danger: ‘p[ret]’ leaks here
#  475|   	ret = 0;
#  476|   err:
#  477|-> 	close(p[0]);
#  478|   	close(p[1]);
#  479|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def173]
criu-4.1.1/criu/cr-check.c:613:33: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/cr-check.c:593:16: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:593:16: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:593:16: acquire_memory: allocated here
criu-4.1.1/criu/cr-check.c:593:16: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/cr-check.c:594:12: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:594:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/cr-check.c:597:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-check.c:602:21: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:603:20: branch_false: following ‘false’ branch (when ‘r == 2’)...
 branch_false: ...to here
criu-4.1.1/criu/cr-check.c:613:33: danger: ‘__f’ leaks here; was allocated at [(3)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/2)
#  611|   				continue;
#  612|   			if (vmas[i].addr != MAP_FAILED) {
#  613|-> 				pr_err("Special mapping meet twice: %s\n", vmas[i].name);
#  614|   				ret = -1;
#  615|   				goto out;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def174]
criu-4.1.1/criu/cr-check.c:958:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/cr-check.c:978:12: enter_function: entry to ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: call_function: calling ‘check_autofs_pipe_ino’ from ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: return_function: returning to ‘check_autofs’ from ‘check_autofs_pipe_ino’
criu-4.1.1/criu/cr-check.c:984:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:987:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:987:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:994:19: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:995:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:1000:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1001:12: branch_false: following ‘false’ branch (when ‘dir’ is non-NULL)...
criu-4.1.1/criu/cr-check.c:1006:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1006:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:1011:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1011:15: call_function: calling ‘check_autofs_pipe_ino’ from ‘check_autofs’
#  956|   	int ret = -ENOENT;
#  957|   
#  958|-> 	f = fopen_proc(PROC_SELF, "mountinfo");
#  959|   	if (!f)
#  960|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def175]
criu-4.1.1/criu/cr-check.c:967:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/cr-check.c:978:12: enter_function: entry to ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: call_function: calling ‘check_autofs_pipe_ino’ from ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: return_function: returning to ‘check_autofs’ from ‘check_autofs_pipe_ino’
criu-4.1.1/criu/cr-check.c:984:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:987:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:987:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:994:19: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:995:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:1000:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1001:12: branch_false: following ‘false’ branch (when ‘dir’ is non-NULL)...
criu-4.1.1/criu/cr-check.c:1006:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1006:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:1011:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1011:15: call_function: calling ‘check_autofs_pipe_ino’ from ‘check_autofs’
#  965|   				ret = 0;
#  966|   			else {
#  967|-> 				pr_err("autofs not supported.\n");
#  968|   				ret = -ENOTSUP;
#  969|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def176]
criu-4.1.1/criu/cr-check.c:967:33: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/cr-check.c:958:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:958:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:958:13: acquire_memory: allocated here
criu-4.1.1/criu/cr-check.c:958:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/cr-check.c:959:12: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:959:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/cr-check.c:962:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-check.c:963:21: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:963:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-check.c:964:29: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:964:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:967:33: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:967:33: danger: ‘__f’ leaks here; was allocated at [(3)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/2)
#  965|   				ret = 0;
#  966|   			else {
#  967|-> 				pr_err("autofs not supported.\n");
#  968|   				ret = -ENOTSUP;
#  969|   			}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def177]
criu-4.1.1/criu/cr-check.c:994:19: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/cr-check.c:978:12: enter_function: entry to ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: call_function: calling ‘check_autofs_pipe_ino’ from ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: return_function: returning to ‘check_autofs’ from ‘check_autofs_pipe_ino’
criu-4.1.1/criu/cr-check.c:984:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:987:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:987:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:994:19: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:994:19: danger: ‘pfd[0]’ leaks here
#  992|   	ret = -1;
#  993|   
#  994|-> 	options = xsprintf("fd=%d,pgrp=%d,minproto=5,maxproto=5,direct", pfd[1], getpgrp());
#  995|   	if (!options) {
#  996|   		pr_err("failed to allocate autofs options\n");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def178]
criu-4.1.1/criu/cr-check.c:994:19: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/cr-check.c:978:12: enter_function: entry to ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: call_function: calling ‘check_autofs_pipe_ino’ from ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: return_function: returning to ‘check_autofs’ from ‘check_autofs_pipe_ino’
criu-4.1.1/criu/cr-check.c:984:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:987:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:987:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:994:19: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:994:19: danger: ‘pfd[1]’ leaks here
#  992|   	ret = -1;
#  993|   
#  994|-> 	options = xsprintf("fd=%d,pgrp=%d,minproto=5,maxproto=5,direct", pfd[1], getpgrp());
#  995|   	if (!options) {
#  996|   		pr_err("failed to allocate autofs options\n");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def179]
criu-4.1.1/criu/cr-check.c:996:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/cr-check.c:978:12: enter_function: entry to ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: call_function: calling ‘check_autofs_pipe_ino’ from ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: return_function: returning to ‘check_autofs’ from ‘check_autofs_pipe_ino’
criu-4.1.1/criu/cr-check.c:984:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:987:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:987:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:994:19: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:995:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-check.c:996:17: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:996:17: danger: ‘pfd[0]’ leaks here
#  994|   	options = xsprintf("fd=%d,pgrp=%d,minproto=5,maxproto=5,direct", pfd[1], getpgrp());
#  995|   	if (!options) {
#  996|-> 		pr_err("failed to allocate autofs options\n");
#  997|   		goto close_pipe;
#  998|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def180]
criu-4.1.1/criu/cr-check.c:1002:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/cr-check.c:978:12: enter_function: entry to ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: call_function: calling ‘check_autofs_pipe_ino’ from ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: return_function: returning to ‘check_autofs’ from ‘check_autofs_pipe_ino’
criu-4.1.1/criu/cr-check.c:984:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:987:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:987:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:994:19: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:995:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:1000:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1001:12: branch_true: following ‘true’ branch (when ‘dir’ is NULL)...
criu-4.1.1/criu/cr-check.c:1002:17: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:1002:17: danger: ‘pfd[0]’ leaks here
# 1000|   	dir = mkdtemp(template);
# 1001|   	if (!dir) {
# 1002|-> 		pr_perror("failed to construct temporary name");
# 1003|   		goto free_options;
# 1004|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def181]
criu-4.1.1/criu/cr-check.c:1007:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/cr-check.c:978:12: enter_function: entry to ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: call_function: calling ‘check_autofs_pipe_ino’ from ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: return_function: returning to ‘check_autofs’ from ‘check_autofs_pipe_ino’
criu-4.1.1/criu/cr-check.c:984:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:987:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:987:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:994:19: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:995:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:1000:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1001:12: branch_false: following ‘false’ branch (when ‘dir’ is non-NULL)...
criu-4.1.1/criu/cr-check.c:1006:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1006:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-check.c:1007:17: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:1007:17: danger: ‘pfd[0]’ leaks here
# 1005|   
# 1006|   	if (mount("criu", dir, "autofs", 0, options) < 0) {
# 1007|-> 		pr_perror("failed to mount autofs");
# 1008|   		goto unlink_dir;
# 1009|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def182]
criu-4.1.1/criu/cr-check.c:1014:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/cr-check.c:978:12: enter_function: entry to ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: call_function: calling ‘check_autofs_pipe_ino’ from ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: return_function: returning to ‘check_autofs’ from ‘check_autofs_pipe_ino’
criu-4.1.1/criu/cr-check.c:984:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:987:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:987:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:994:19: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:995:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:1000:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1001:12: branch_false: following ‘false’ branch (when ‘dir’ is non-NULL)...
criu-4.1.1/criu/cr-check.c:1006:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1006:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:1011:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1013:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-check.c:1014:17: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:1014:17: danger: ‘pfd[0]’ leaks here
# 1012|   
# 1013|   	if (umount(dir))
# 1014|-> 		pr_perror("failed to umount %s", dir);
# 1015|   
# 1016|   unlink_dir:

Error: GCC_ANALYZER_WARNING (CWE-775): [#def183]
criu-4.1.1/criu/cr-check.c:1018:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/cr-check.c:978:12: enter_function: entry to ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: call_function: calling ‘check_autofs_pipe_ino’ from ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: return_function: returning to ‘check_autofs’ from ‘check_autofs_pipe_ino’
criu-4.1.1/criu/cr-check.c:984:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:987:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:987:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:994:19: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:995:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:1000:15: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1001:12: branch_false: following ‘false’ branch (when ‘dir’ is non-NULL)...
criu-4.1.1/criu/cr-check.c:1006:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1017:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-check.c:1018:17: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:1018:17: danger: ‘pfd[0]’ leaks here
# 1016|   unlink_dir:
# 1017|   	if (rmdir(dir))
# 1018|-> 		pr_perror("failed to unlink %s", dir);
# 1019|   free_options:
# 1020|   	free(options);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def184]
criu-4.1.1/criu/cr-check.c:1022:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/cr-check.c:978:12: enter_function: entry to ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: call_function: calling ‘check_autofs_pipe_ino’ from ‘check_autofs’
criu-4.1.1/criu/cr-check.c:983:15: return_function: returning to ‘check_autofs’ from ‘check_autofs_pipe_ino’
criu-4.1.1/criu/cr-check.c:984:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:987:13: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:987:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:994:19: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1022:9: danger: ‘pfd[0]’ leaks here
# 1020|   	free(options);
# 1021|   close_pipe:
# 1022|-> 	close(pfd[0]);
# 1023|   	close(pfd[1]);
# 1024|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def185]
criu-4.1.1/criu/cr-check.c:1060:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/cr-check.c:1040:12: enter_function: entry to ‘check_tcp’
criu-4.1.1/criu/cr-check.c:1046:14: acquire_resource: stream socket created here
criu-4.1.1/criu/cr-check.c:1047:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/cr-check.c:1052:9: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1053:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:1053:35: call_function: inlined call to ‘has_cap_net_admin’ from ‘check_tcp’
criu-4.1.1/criu/cr-check.c:1053:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:1060:17: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1060:17: danger: ‘sk’ leaks here
# 1058|   		}
# 1059|   	} else {
# 1060|-> 		pr_info("Not checking for TCP repair mode. Please set CAP_NET_ADMIN\n");
# 1061|   	}
# 1062|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def186]
criu-4.1.1/criu/cr-check.c:1413:16: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen("/proc/self/maps", "r")’
criu-4.1.1/criu/cr-check.c:1407:16: acquire_resource: opened here
criu-4.1.1/criu/cr-check.c:1408:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1413:16: danger: ‘fopen("/proc/self/maps", "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/37/codeFlows/0/threadFlows/0/locations/0)
# 1411|   	}
# 1412|   
# 1413|-> 	while (fgets(buf, sizeof(buf), mapf)) {
# 1414|   		unsigned long start, end;
# 1415|   		uint32_t maj, min;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def187]
criu-4.1.1/criu/cr-check.c:1413:16: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen("/proc/self/maps", "r")’
criu-4.1.1/criu/cr-check.c:1407:16: acquire_memory: allocated here
criu-4.1.1/criu/cr-check.c:1408:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1413:16: danger: ‘fopen("/proc/self/maps", "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/0)
# 1411|   	}
# 1412|   
# 1413|-> 	while (fgets(buf, sizeof(buf), mapf)) {
# 1414|   		unsigned long start, end;
# 1415|   		uint32_t maj, min;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def188]
criu-4.1.1/criu/cr-check.c:1418:20: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen("/proc/self/maps", "r")’
criu-4.1.1/criu/cr-check.c:1407:16: acquire_resource: opened here
criu-4.1.1/criu/cr-check.c:1408:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1413:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-check.c:1418:21: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:1418:20: danger: ‘fopen("/proc/self/maps", "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/39/codeFlows/0/threadFlows/0/locations/0)
# 1416|   		__u64 ino;
# 1417|   
# 1418|-> 		if (sscanf(buf, "%lx-%lx %*s %*s %x:%x %llu",
# 1419|   			   &start, &end, &maj, &min, &ino) != 5) {
# 1420|   			pr_perror("Unable to parse: %s", buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def189]
criu-4.1.1/criu/cr-check.c:1418:20: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen("/proc/self/maps", "r")’
criu-4.1.1/criu/cr-check.c:1407:16: acquire_memory: allocated here
criu-4.1.1/criu/cr-check.c:1408:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1413:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-check.c:1418:21: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:1418:20: danger: ‘fopen("/proc/self/maps", "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/40/codeFlows/0/threadFlows/0/locations/0)
# 1416|   		__u64 ino;
# 1417|   
# 1418|-> 		if (sscanf(buf, "%lx-%lx %*s %*s %x:%x %llu",
# 1419|   			   &start, &end, &maj, &min, &ino) != 5) {
# 1420|   			pr_perror("Unable to parse: %s", buf);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def190]
criu-4.1.1/criu/cr-check.c:1423:21: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen("/proc/self/maps", "r")’
criu-4.1.1/criu/cr-check.c:1407:16: acquire_resource: opened here
criu-4.1.1/criu/cr-check.c:1408:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1413:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-check.c:1418:21: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:1418:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:1423:21: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1423:21: danger: ‘fopen("/proc/self/maps", "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/41/codeFlows/0/threadFlows/0/locations/0)
# 1421|   			return -1;
# 1422|   		}
# 1423|-> 		if (start == (unsigned long)addr) {
# 1424|   			stx->stx_dev_major = maj;
# 1425|   			stx->stx_dev_minor = min;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def191]
criu-4.1.1/criu/cr-check.c:1423:21: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen("/proc/self/maps", "r")’
criu-4.1.1/criu/cr-check.c:1407:16: acquire_memory: allocated here
criu-4.1.1/criu/cr-check.c:1408:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1413:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-check.c:1418:21: branch_true: ...to here
criu-4.1.1/criu/cr-check.c:1418:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:1423:21: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1423:21: danger: ‘fopen("/proc/self/maps", "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/42/codeFlows/0/threadFlows/0/locations/0)
# 1421|   			return -1;
# 1422|   		}
# 1423|-> 		if (start == (unsigned long)addr) {
# 1424|   			stx->stx_dev_major = maj;
# 1425|   			stx->stx_dev_minor = min;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def192]
criu-4.1.1/criu/cr-dedup.c:29:23: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir("parent")’
criu-4.1.1/criu/cr-dedup.c:20:16: acquire_memory: allocated here
criu-4.1.1/criu/cr-dedup.c:21:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/cr-dedup.c:29:23: danger: ‘opendir("parent")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   27|   	while (1) {
#   28|   		errno = 0;
#   29|-> 		ent = readdir(dirp);
#   30|   		if (ent == NULL) {
#   31|   			if (errno) {

Error: GCC_ANALYZER_WARNING (CWE-126): [#def193]
criu-4.1.1/criu/cr-dump.c:113:22: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
criu-4.1.1/criu/cr-dump.c:1539:12: enter_function: entry to ‘dump_one_task’
criu-4.1.1/criu/cr-dump.c:1557:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-dump.c:1563:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:1565:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-dump.c:1566:17: branch_true: ...to here
criu-4.1.1/criu/cr-dump.c:1771:9: call_function: calling ‘free_mappings’ from ‘dump_one_task’
#  111|   
#  112|   	list_for_each_entry_safe(vma_area, p, &vma_area_list->h, list) {
#  113|-> 		if (!vma_area->file_borrowed)
#  114|   			free(vma_area->vmst);
#  115|   		free(vma_area);

Error: GCC_ANALYZER_WARNING (CWE-126): [#def194]
criu-4.1.1/criu/cr-dump.c:114:30: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read
criu-4.1.1/criu/cr-dump.c:1539:12: enter_function: entry to ‘dump_one_task’
criu-4.1.1/criu/cr-dump.c:1557:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-dump.c:1563:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:1565:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-dump.c:1566:17: branch_true: ...to here
criu-4.1.1/criu/cr-dump.c:1771:9: call_function: calling ‘free_mappings’ from ‘dump_one_task’
#  112|   	list_for_each_entry_safe(vma_area, p, &vma_area_list->h, list) {
#  113|   		if (!vma_area->file_borrowed)
#  114|-> 			free(vma_area->vmst);
#  115|   		free(vma_area);
#  116|   	}

Error: GCC_ANALYZER_WARNING (CWE-590): [#def195]
criu-4.1.1/criu/cr-dump.c:115:17: warning[-Wanalyzer-free-of-non-heap]: ‘free’ of ‘vma_area’ which points to memory on the stack
criu-4.1.1/criu/cr-dump.c:1539:12: enter_function: entry to ‘dump_one_task’
criu-4.1.1/criu/cr-dump.c:1557:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-dump.c:1563:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:1565:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-dump.c:1566:17: branch_true: ...to here
criu-4.1.1/criu/cr-dump.c:1771:9: call_function: calling ‘free_mappings’ from ‘dump_one_task’
#  113|   		if (!vma_area->file_borrowed)
#  114|   			free(vma_area->vmst);
#  115|-> 		free(vma_area);
#  116|   	}
#  117|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def196]
criu-4.1.1/criu/cr-dump.c:235:22: warning[-Wanalyzer-malloc-leak]: leak of ‘fdopendir(do_open_proc(pid, 0, "fd"))’
criu-4.1.1/criu/cr-dump.c:230:18: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-dump.c:230:18: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:230:18: acquire_memory: allocated here
criu-4.1.1/criu/cr-dump.c:230:18: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-dump.c:231:12: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:231:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:235:22: danger: ‘fdopendir(do_open_proc(pid, 0, "fd"))’ leaks here; was allocated at [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2)
#  233|   
#  234|   	n = 0;
#  235|-> 	while ((de = readdir(fd_dir))) {
#  236|   		if (dir_dots(de))
#  237|   			continue;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def197]
criu-4.1.1/criu/cr-dump.c:424:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/cr-dump.c:424:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-dump.c:424:9: branch_true: ...to here
criu-4.1.1/criu/cr-dump.c:424:9: danger: dereference of NULL ‘0’
#  422|   	u32 id;
#  423|   
#  424|-> 	BUG_ON(!vma_area->vmst);
#  425|   	p.stat = *vma_area->vmst;
#  426|   	p.mnt_id = vma_area->mnt_id;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def198]
criu-4.1.1/criu/cr-dump.c:460:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/cr-dump.c:492:12: enter_function: entry to ‘dump_task_mm’
criu-4.1.1/criu/cr-dump.c:504:20: acquire_memory: allocated here
criu-4.1.1/criu/cr-dump.c:504:20: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:504:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:505:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:508:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:508:9: branch_true: following ‘true’ branch (when ‘vma_area != vma_area_list’)...
criu-4.1.1/criu/cr-dump.c:509:27: branch_true: ...to here
criu-4.1.1/criu/cr-dump.c:513:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-dump.c:515:26: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:515:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-dump.c:516:31: branch_true: ...to here
criu-4.1.1/criu/cr-dump.c:516:31: call_function: calling ‘check_sysvipc_map_dump’ from ‘dump_task_mm’
#  458|   		return 0;
#  459|   
#  460|-> 	pr_err("Task %d with SysVIPC shmem map @%" PRIx64 " doesn't live in IPC ns\n", pid, vma->start);
#  461|   	return -1;
#  462|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def199]
criu-4.1.1/criu/cr-dump.c:469:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/cr-dump.c:492:12: enter_function: entry to ‘dump_task_mm’
criu-4.1.1/criu/cr-dump.c:504:20: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:504:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:505:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:508:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:508:9: branch_true: following ‘true’ branch (when ‘vma_area != vma_area_list’)...
criu-4.1.1/criu/cr-dump.c:509:27: branch_true: ...to here
criu-4.1.1/criu/cr-dump.c:526:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-dump.c:527:31: branch_true: ...to here
criu-4.1.1/criu/cr-dump.c:528:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-dump.c:508:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:554:29: acquire_memory: allocated here
criu-4.1.1/criu/cr-dump.c:554:29: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:554:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:555:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:558:13: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:558:13: call_function: calling ‘get_task_auxv’ from ‘dump_task_mm’
#  467|   	int fd, i, ret;
#  468|   
#  469|-> 	pr_info("Obtaining task auvx ...\n");
#  470|   
#  471|   	fd = open_proc(pid, "auxv");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def200]
criu-4.1.1/criu/cr-dump.c:511:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/cr-dump.c:504:20: acquire_memory: allocated here
criu-4.1.1/criu/cr-dump.c:504:20: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:504:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:505:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:508:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:508:9: branch_true: following ‘true’ branch (when ‘vma_area != vma_area_list’)...
criu-4.1.1/criu/cr-dump.c:509:27: branch_true: ...to here
criu-4.1.1/criu/cr-dump.c:511:17: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
#  509|   		VmaEntry *vma = vma_area->e;
#  510|   
#  511|-> 		pr_info_vma(vma_area);
#  512|   
#  513|   		if (!vma_entry_is(vma, VMA_AREA_REGULAR))

Error: GCC_ANALYZER_WARNING (CWE-401): [#def201]
criu-4.1.1/criu/cr-dump.c:518:31: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/cr-dump.c:504:20: acquire_memory: allocated here
criu-4.1.1/criu/cr-dump.c:504:20: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:504:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:505:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:508:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:508:9: branch_true: following ‘true’ branch (when ‘vma_area != vma_area_list’)...
criu-4.1.1/criu/cr-dump.c:509:27: branch_true: ...to here
criu-4.1.1/criu/cr-dump.c:513:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-dump.c:515:26: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:515:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-dump.c:517:26: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:517:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-dump.c:518:31: branch_true: ...to here
criu-4.1.1/criu/cr-dump.c:518:31: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/0)
#  516|   			ret = check_sysvipc_map_dump(pid, vma);
#  517|   		else if (vma_entry_is(vma, VMA_AREA_SOCKET))
#  518|-> 			ret = dump_socket_map(vma_area);
#  519|   		else
#  520|   			ret = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def202]
criu-4.1.1/criu/cr-dump.c:527:31: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/cr-dump.c:504:20: acquire_memory: allocated here
criu-4.1.1/criu/cr-dump.c:504:20: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:504:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:505:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:508:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:508:9: branch_true: following ‘true’ branch (when ‘vma_area != vma_area_list’)...
criu-4.1.1/criu/cr-dump.c:509:27: branch_true: ...to here
criu-4.1.1/criu/cr-dump.c:526:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-dump.c:527:31: branch_true: ...to here
criu-4.1.1/criu/cr-dump.c:527:31: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/0)
#  525|   
#  526|   		if (vma_entry_is(vma, VMA_AREA_AIORING)) {
#  527|-> 			ret = dump_aio_ring(&mme, vma_area);
#  528|   			if (ret)
#  529|   				goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def203]
criu-4.1.1/criu/cr-dump.c:554:29: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/cr-dump.c:504:20: acquire_memory: allocated here
criu-4.1.1/criu/cr-dump.c:504:20: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:504:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:505:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:508:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:554:29: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/cr-dump.c:554:29: branch_true: ...to here
criu-4.1.1/criu/cr-dump.c:554:29: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/0)
#  552|   
#  553|   	mme.n_mm_saved_auxv = AT_VECTOR_SIZE;
#  554|-> 	mme.mm_saved_auxv = xmalloc(pb_repeated_size(&mme, mm_saved_auxv));
#  555|   	if (!mme.mm_saved_auxv)
#  556|   		goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def204]
criu-4.1.1/criu/cr-dump.c:1043:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/cr-dump.c:1039:17: acquire_memory: allocated here
criu-4.1.1/criu/cr-dump.c:1039:17: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:1043:9: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
# 1041|   		return -1;
# 1042|   
# 1043|-> 	signal_queue_entry__init(queue);
# 1044|   
# 1045|   	while (1) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def205]
criu-4.1.1/criu/cr-dump.c:1089:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/cr-dump.c:1039:17: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:1043:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:1049:22: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:1055:28: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:1056:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/cr-dump.c:1061:20: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:1061:20: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/cr-dump.c:1072:17: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:1073:34: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:1073:17: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:1074:20: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:1080:31: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:1080:54: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-dump.c:1083:30: branch_true: ...to here
criu-4.1.1/criu/cr-dump.c:1083:30: acquire_memory: allocated here
criu-4.1.1/criu/cr-dump.c:1083:30: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:1089:25: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:1089:25: danger: ‘___p’ leaks here; was allocated at [(16)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/15)
# 1087|   			}
# 1088|   
# 1089|-> 			siginfo_entry__init(se);
# 1090|   			se->siginfo.len = sizeof(siginfo_t);
# 1091|   			se->siginfo.data = (void *)si++; /* XXX we don't free cores, but when

Error: GCC_ANALYZER_WARNING (CWE-401): [#def206]
criu-4.1.1/criu/cr-dump.c:1213:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/cr-dump.c:1191:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-dump.c:1194:15: branch_true: ...to here
criu-4.1.1/criu/cr-dump.c:1195:12: branch_false: following ‘false’ branch (when ‘ret == 24’)...
criu-4.1.1/criu/cr-dump.c:1200:13: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:1200:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-dump.c:1206:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:1209:17: acquire_memory: allocated here
criu-4.1.1/criu/cr-dump.c:1209:17: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:1213:9: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:1213:9: danger: ‘___p’ leaks here; was allocated at [(7)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/6)
# 1211|   		return -1;
# 1212|   
# 1213|-> 	rseq_entry__init(rseqe);
# 1214|   
# 1215|   	rseqe->rseq_abi_pointer = rseqc.rseq_abi_pointer;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def207]
criu-4.1.1/criu/cr-dump.c:1399:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/cr-dump.c:1355:12: enter_function: entry to ‘dump_zombies’
criu-4.1.1/criu/cr-dump.c:1378:9: branch_true: following ‘true’ branch (when ‘item’ is non-NULL)...
criu-4.1.1/criu/cr-dump.c:1379:21: branch_true: ...to here
criu-4.1.1/criu/cr-dump.c:1379:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-dump.c:1382:21: call_function: inlined call to ‘vpid’ from ‘dump_zombies’
criu-4.1.1/criu/cr-dump.c:1393:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-dump.c:1396:29: branch_false: ...to here
criu-4.1.1/criu/cr-dump.c:1399:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-dump.c:1399:17: branch_true: ...to here
criu-4.1.1/criu/cr-dump.c:1399:17: danger: dereference of NULL ‘0’
# 1397|   		item->pgid = pps_buf.pgid;
# 1398|   
# 1399|-> 		BUG_ON(!list_empty(&item->children));
# 1400|   
# 1401|   		if (!item->sid) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def208]
criu-4.1.1/criu/cr-dump.c:1798:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 1796|   	}
# 1797|   	pr_err("FATAL: Unable to interrupt the current operation\n");
# 1798|-> 	BUG();
# 1799|   }
# 1800|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def209]
criu-4.1.1/criu/cr-restore.c:153:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  151|   	}
#  152|   
#  153|-> 	BUG();
#  154|   	return -1;
#  155|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def210]
criu-4.1.1/criu/cr-restore.c:508:15: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/cr-restore.c:628:12: enter_function: entry to ‘restore_one_alive_task’
criu-4.1.1/criu/cr-restore.c:638:12: branch_false: following ‘false’ branch (when ‘ta’ is non-NULL)...
criu-4.1.1/criu/cr-restore.c:641:9: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:643:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-restore.c:646:13: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:646:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-restore.c:649:13: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:649:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-restore.c:652:13: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:652:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-restore.c:655:13: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:655:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-restore.c:658:13: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:658:13: call_function: calling ‘open_cores’ from ‘restore_one_alive_task’
#  506|   	struct cr_img *img;
#  507|   
#  508|-> 	img = open_image(CR_FD_CORE, O_RSTR, pid);
#  509|   	if (!img) {
#  510|   		pr_err("Can't open core data for %d\n", pid);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def211]
criu-4.1.1/criu/cr-restore.c:510:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/cr-restore.c:628:12: enter_function: entry to ‘restore_one_alive_task’
criu-4.1.1/criu/cr-restore.c:638:12: branch_false: following ‘false’ branch (when ‘ta’ is non-NULL)...
criu-4.1.1/criu/cr-restore.c:641:9: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:643:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-restore.c:646:13: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:646:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-restore.c:649:13: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:649:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-restore.c:652:13: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:652:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-restore.c:655:13: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:655:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-restore.c:658:13: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:658:13: call_function: calling ‘open_cores’ from ‘restore_one_alive_task’
#  508|   	img = open_image(CR_FD_CORE, O_RSTR, pid);
#  509|   	if (!img) {
#  510|-> 		pr_err("Can't open core data for %d\n", pid);
#  511|   		return -1;
#  512|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def212]
criu-4.1.1/criu/cr-restore.c:514:15: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/cr-restore.c:628:12: enter_function: entry to ‘restore_one_alive_task’
criu-4.1.1/criu/cr-restore.c:638:12: branch_false: following ‘false’ branch (when ‘ta’ is non-NULL)...
criu-4.1.1/criu/cr-restore.c:641:9: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:643:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-restore.c:646:13: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:646:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-restore.c:649:13: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:649:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-restore.c:652:13: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:652:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-restore.c:655:13: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:655:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-restore.c:658:13: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:658:13: call_function: calling ‘open_cores’ from ‘restore_one_alive_task’
#  512|   	}
#  513|   
#  514|-> 	ret = pb_read_one(img, pcore, PB_CORE);
#  515|   	close_image(img);
#  516|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def213]
criu-4.1.1/criu/cr-restore.c:1174:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/cr-restore.c:1090:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-restore.c:1136:38: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:1174:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-restore.c:1174:9: branch_true: ...to here
criu-4.1.1/criu/cr-restore.c:1174:9: danger: dereference of NULL ‘0’
# 1172|   	ca.clone_flags = rsti(item)->clone_flags;
# 1173|   
# 1174|-> 	BUG_ON(ca.clone_flags & CLONE_VM);
# 1175|   
# 1176|   	pr_info("Forking task with %d pid (flags 0x%lx)\n", pid, ca.clone_flags);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def214]
criu-4.1.1/criu/cr-restore.c:1412:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/cr-restore.c:1381:13: enter_function: entry to ‘restore_pgid’
criu-4.1.1/criu/cr-restore.c:1398:12: branch_false: following ‘false’ branch (when ‘my_pgid != pgid’)...
criu-4.1.1/criu/cr-restore.c:1401:24: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:1401:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-restore.c:1410:17: branch_true: ...to here
criu-4.1.1/criu/cr-restore.c:1411:20: branch_true: following ‘true’ branch (when ‘leader’ is non-NULL)...
criu-4.1.1/criu/cr-restore.c:1412:25: call_function: inlined call to ‘vpid’ from ‘restore_pgid’
criu-4.1.1/criu/cr-restore.c:1412:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-restore.c:1412:25: branch_true: ...to here
criu-4.1.1/criu/cr-restore.c:1412:25: danger: dereference of NULL ‘0’
# 1410|   		leader = rsti(current)->pgrp_leader;
# 1411|   		if (leader) {
# 1412|-> 			BUG_ON(my_pgid != vpid(leader));
# 1413|   			futex_wait_until(&rsti(leader)->pgrp_set, 1);
# 1414|   		}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def215]
criu-4.1.1/criu/cr-restore.c:1413:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/cr-restore.c:1381:13: enter_function: entry to ‘restore_pgid’
criu-4.1.1/criu/cr-restore.c:1398:12: branch_false: following ‘false’ branch (when ‘my_pgid != pgid’)...
criu-4.1.1/criu/cr-restore.c:1401:24: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:1401:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-restore.c:1410:17: branch_true: ...to here
criu-4.1.1/criu/cr-restore.c:1411:20: branch_true: following ‘true’ branch (when ‘leader’ is non-NULL)...
criu-4.1.1/criu/cr-restore.c:1412:25: call_function: inlined call to ‘vpid’ from ‘restore_pgid’
criu-4.1.1/criu/cr-restore.c:1412:25: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:1413:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-restore.c:1413:25: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:1413:25: danger: dereference of NULL ‘0’
# 1411|   		if (leader) {
# 1412|   			BUG_ON(my_pgid != vpid(leader));
# 1413|-> 			futex_wait_until(&rsti(leader)->pgrp_set, 1);
# 1414|   		}
# 1415|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def216]
criu-4.1.1/criu/cr-restore.c:1463:23: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
criu-4.1.1/criu/cr-restore.c:1453:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-restore.c:1454:28: branch_true: ...to here
criu-4.1.1/criu/cr-restore.c:1454:28: acquire_resource: opened here
criu-4.1.1/criu/cr-restore.c:1462:12: branch_true: following ‘true’ branch (when ‘fd >= 0’)...
criu-4.1.1/criu/cr-restore.c:1463:23: branch_true: ...to here
criu-4.1.1/criu/cr-restore.c:1463:23: danger: ‘fd’ leaks here; was opened at [(3)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/2)
# 1461|   
# 1462|   	if (fd >= 0) {
# 1463|-> 		ret = set_proc_fd(fd);
# 1464|   		close(fd);
# 1465|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def217]
criu-4.1.1/criu/cr-restore.c:1486:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/cr-restore.c:1482:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-restore.c:1483:22: branch_true: ...to here
criu-4.1.1/criu/cr-restore.c:1486:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-restore.c:1486:17: danger: dereference of NULL ‘0’
# 1484|   			continue;
# 1485|   
# 1486|-> 		BUG_ON(child->born_sid != -1 && getsid(0) != child->born_sid);
# 1487|   
# 1488|   		ret = fork_with_pid(child);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def218]
criu-4.1.1/criu/cr-restore.c:2016:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/proc", 65536)’
criu-4.1.1/criu/cr-restore.c:2004:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-restore.c:2009:14: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:2009:14: acquire_resource: opened here
criu-4.1.1/criu/cr-restore.c:2010:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-restore.c:2015:15: branch_false: ...to here
criu-4.1.1/criu/cr-restore.c:2016:12: danger: ‘open("/proc", 65536)’ leaks here; was opened at [(3)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/2)
# 2014|   
# 2015|   	ret = install_service_fd(CR_PROC_FD_OFF, fd);
# 2016|-> 	if (ret < 0)
# 2017|   		return -1;
# 2018|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def219]
criu-4.1.1/criu/cr-service.c:71:15: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
criu-4.1.1/criu/cr-service.c:1308:5: enter_function: entry to ‘cr_service_work’
criu-4.1.1/criu/cr-service.c:1324:13: call_function: calling ‘recv_criu_msg’ from ‘cr_service_work’
#   69|   	}
#   70|   
#   71|-> 	len = recv(socket_fd, buf, len, MSG_TRUNC);
#   72|   	if (len == -1) {
#   73|   		pr_perror("Can't read request");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def220]
criu-4.1.1/criu/cr-service.c:110:13: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
criu-4.1.1/criu/cr-service.c:1118:12: enter_function: entry to ‘handle_version’
criu-4.1.1/criu/cr-service.c:1144:16: call_function: inlined call to ‘send_criu_msg’ from ‘handle_version’
#  108|   	}
#  109|   
#  110|-> 	if (criu_resp__pack(msg, buf) != len) {
#  111|   		pr_perror("Failed packing response");
#  112|   		goto err;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def221]
criu-4.1.1/criu/cr-service.c:303:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘start_pipe[1]’
criu-4.1.1/criu/cr-service.c:999:12: enter_function: entry to ‘start_page_server_req’
criu-4.1.1/criu/cr-service.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1013:15: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1014:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/cr-service.c:1015:17: branch_true: ...to here
criu-4.1.1/criu/cr-service.c:1018:21: call_function: calling ‘setup_opts_from_req’ from ‘start_page_server_req’
#  301|   
#  302|   	if (getsockopt(sk, SOL_SOCKET, SO_PEERCRED, &ids, &ids_len)) {
#  303|-> 		pr_perror("Can't get socket options");
#  304|   		goto err;
#  305|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def222]
criu-4.1.1/criu/cr-service.c:308:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘start_pipe[1]’
criu-4.1.1/criu/cr-service.c:999:12: enter_function: entry to ‘start_page_server_req’
criu-4.1.1/criu/cr-service.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1013:15: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1014:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/cr-service.c:1015:17: branch_true: ...to here
criu-4.1.1/criu/cr-service.c:1018:21: call_function: calling ‘setup_opts_from_req’ from ‘start_page_server_req’
#  306|   
#  307|   	if (fstat(sk, &st)) {
#  308|-> 		pr_perror("Can't get socket stat");
#  309|   		goto err;
#  310|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def223]
criu-4.1.1/criu/cr-service.c:312:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘start_pipe[1]’
criu-4.1.1/criu/cr-service.c:999:12: enter_function: entry to ‘start_page_server_req’
criu-4.1.1/criu/cr-service.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1013:15: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1014:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/cr-service.c:1015:17: branch_true: ...to here
criu-4.1.1/criu/cr-service.c:1018:21: call_function: calling ‘setup_opts_from_req’ from ‘start_page_server_req’
#  310|   	}
#  311|   
#  312|-> 	BUG_ON(st.st_ino == -1);
#  313|   	service_sk_ino = st.st_ino;
#  314|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def224]
criu-4.1.1/criu/cr-service.c:312:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/cr-service.c:1249:12: enter_function: entry to ‘handle_cpuinfo’
criu-4.1.1/criu/cr-service.c:1256:12: branch_false: following ‘false’ branch (when ‘pid >= 0’)...
criu-4.1.1/criu/cr-service.c:1261:12: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1261:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/cr-service.c:1264:17: branch_true: ...to here
criu-4.1.1/criu/cr-service.c:1265:21: call_function: calling ‘setup_opts_from_req’ from ‘handle_cpuinfo’
#  310|   	}
#  311|   
#  312|-> 	BUG_ON(st.st_ino == -1);
#  313|   	service_sk_ino = st.st_ino;
#  314|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def225]
criu-4.1.1/criu/cr-service.c:332:21: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘start_pipe[1]’
criu-4.1.1/criu/cr-service.c:999:12: enter_function: entry to ‘start_page_server_req’
criu-4.1.1/criu/cr-service.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1013:15: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1014:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/cr-service.c:1015:17: branch_true: ...to here
criu-4.1.1/criu/cr-service.c:1018:21: call_function: calling ‘setup_opts_from_req’ from ‘start_page_server_req’
#  330|   
#  331|   		rpc_cfg_file = req->config_file;
#  332|-> 		i = parse_options(0, NULL, &dummy, &dummy, PARSING_RPC_CONF);
#  333|   		if (i) {
#  334|   			xfree(tmp_output);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def226]
criu-4.1.1/criu/cr-service.c:390:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘start_pipe[1]’
criu-4.1.1/criu/cr-service.c:999:12: enter_function: entry to ‘start_page_server_req’
criu-4.1.1/criu/cr-service.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1013:15: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1014:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/cr-service.c:1015:17: branch_true: ...to here
criu-4.1.1/criu/cr-service.c:1018:21: call_function: calling ‘setup_opts_from_req’ from ‘start_page_server_req’
#  388|   		strncpy(images_dir_path, req->images_dir, PATH_MAX - 1);
#  389|   	else {
#  390|-> 		pr_err("Neither images_dir_fd nor images_dir was passed by RPC client.\n");
#  391|   		goto err;
#  392|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def227]
criu-4.1.1/criu/cr-service.c:1015:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘start_pipe[(int)ps.has_port]’
criu-4.1.1/criu/cr-service.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1013:15: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1014:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/cr-service.c:1015:17: branch_true: ...to here
criu-4.1.1/criu/cr-service.c:1015:17: danger: ‘start_pipe[(int)ps.has_port]’ leaks here
# 1013|   	pid = fork();
# 1014|   	if (pid == 0) {
# 1015|-> 		close(start_pipe[0]);
# 1016|   
# 1017|   		opts.mode = CR_PAGE_SERVER;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def228]
criu-4.1.1/criu/cr-service.c:1015:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘start_pipe[1]’
criu-4.1.1/criu/cr-service.c:1008:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1013:15: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1014:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/cr-service.c:1015:17: branch_true: ...to here
criu-4.1.1/criu/cr-service.c:1015:17: danger: ‘start_pipe[1]’ leaks here
# 1013|   	pid = fork();
# 1014|   	if (pid == 0) {
# 1015|-> 		close(start_pipe[0]);
# 1016|   
# 1017|   		opts.mode = CR_PAGE_SERVER;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def229]
criu-4.1.1/criu/cr-service.c:1421:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘server_fd’
criu-4.1.1/criu/cr-service.c:1445:5: enter_function: entry to ‘cr_service’
criu-4.1.1/criu/cr-service.c:1457:29: acquire_resource: socket created here
criu-4.1.1/criu/cr-service.c:1458:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1463:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1479:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1484:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1487:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1492:21: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1492:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1498:12: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1498:12: branch_false: following ‘false’ branch (when ‘daemon_mode == 0’)...
criu-4.1.1/criu/cr-service.c:1505:13: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1505:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1512:13: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1512:13: call_function: calling ‘setup_sigchld_handler’ from ‘cr_service’
# 1419|   
# 1420|   	if (sigaction(SIGCHLD, &action, NULL)) {
# 1421|-> 		pr_perror("Can't setup SIGCHLD handler");
# 1422|   		return -1;
# 1423|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def230]
criu-4.1.1/criu/cr-service.c:1468:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘server_fd’
criu-4.1.1/criu/cr-service.c:1457:29: acquire_resource: socket created here
criu-4.1.1/criu/cr-service.c:1458:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1463:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1467:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-service.c:1468:25: branch_true: ...to here
criu-4.1.1/criu/cr-service.c:1468:25: danger: ‘server_fd’ leaks here
# 1466|   
# 1467|   		if (opts.addr == NULL) {
# 1468|-> 			pr_warn("Binding to local dir address!\n");
# 1469|   			SET_CHAR_OPTS(addr, CR_DEFAULT_SERVICE_ADDRESS);
# 1470|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def231]
criu-4.1.1/criu/cr-service.c:1469:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘server_fd’
criu-4.1.1/criu/cr-service.c:1457:29: acquire_resource: socket created here
criu-4.1.1/criu/cr-service.c:1458:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1463:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1467:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-service.c:1468:25: branch_true: ...to here
criu-4.1.1/criu/cr-service.c:1469:25: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/cr-service.c:1469:25: branch_true: ...to here
criu-4.1.1/criu/cr-service.c:1469:25: danger: ‘server_fd’ leaks here
# 1467|   		if (opts.addr == NULL) {
# 1468|   			pr_warn("Binding to local dir address!\n");
# 1469|-> 			SET_CHAR_OPTS(addr, CR_DEFAULT_SERVICE_ADDRESS);
# 1470|   		}
# 1471|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def232]
criu-4.1.1/criu/cr-service.c:1493:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘server_fd’
criu-4.1.1/criu/cr-service.c:1457:29: acquire_resource: socket created here
criu-4.1.1/criu/cr-service.c:1458:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1463:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1479:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1484:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1487:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1492:21: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1492:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-service.c:1493:25: branch_true: ...to here
criu-4.1.1/criu/cr-service.c:1493:25: danger: ‘server_fd’ leaks here
# 1491|   
# 1492|   		if (listen(server_fd, 16) == -1) {
# 1493|-> 			pr_perror("Can't listen for socket connections");
# 1494|   			goto err;
# 1495|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def233]
criu-4.1.1/criu/cr-service.c:1500:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘server_fd’
criu-4.1.1/criu/cr-service.c:1457:29: acquire_resource: socket created here
criu-4.1.1/criu/cr-service.c:1458:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1463:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1479:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1484:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1487:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1492:21: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1492:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1498:12: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1498:12: branch_true: following ‘true’ branch (when ‘daemon_mode != 0’)...
criu-4.1.1/criu/cr-service.c:1499:21: branch_true: ...to here
criu-4.1.1/criu/cr-service.c:1499:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-service.c:1500:25: branch_true: ...to here
criu-4.1.1/criu/cr-service.c:1500:25: danger: ‘server_fd’ leaks here
# 1498|   	if (daemon_mode) {
# 1499|   		if (daemon(1, 0) == -1) {
# 1500|-> 			pr_perror("Can't run service server in the background");
# 1501|   			goto err;
# 1502|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def234]
criu-4.1.1/criu/cr-service.c:1506:21: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘server_fd’
criu-4.1.1/criu/cr-service.c:1457:29: acquire_resource: socket created here
criu-4.1.1/criu/cr-service.c:1458:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1463:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1479:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1484:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1487:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1492:21: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1492:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1498:12: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1505:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-service.c:1506:35: branch_true: ...to here
criu-4.1.1/criu/cr-service.c:1506:21: danger: ‘server_fd’ leaks here
# 1504|   
# 1505|   	if (opts.pidfile) {
# 1506|-> 		if (write_pidfile(getpid()) == -1) {
# 1507|   			pr_perror("Can't write pidfile");
# 1508|   			goto err;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def235]
criu-4.1.1/criu/cr-service.c:1507:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘server_fd’
criu-4.1.1/criu/cr-service.c:1457:29: acquire_resource: socket created here
criu-4.1.1/criu/cr-service.c:1458:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1463:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1479:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1484:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1487:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1492:21: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1492:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1498:12: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1505:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-service.c:1506:35: branch_true: ...to here
criu-4.1.1/criu/cr-service.c:1506:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-service.c:1507:25: branch_true: ...to here
criu-4.1.1/criu/cr-service.c:1507:25: danger: ‘server_fd’ leaks here
# 1505|   	if (opts.pidfile) {
# 1506|   		if (write_pidfile(getpid()) == -1) {
# 1507|-> 			pr_perror("Can't write pidfile");
# 1508|   			goto err;
# 1509|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def236]
criu-4.1.1/criu/cr-service.c:1515:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘server_fd’
criu-4.1.1/criu/cr-service.c:1445:5: enter_function: entry to ‘cr_service’
criu-4.1.1/criu/cr-service.c:1457:29: acquire_resource: socket created here
criu-4.1.1/criu/cr-service.c:1458:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1463:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1479:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1484:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1487:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1492:21: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1492:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1498:12: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1512:13: call_function: calling ‘setup_sigchld_handler’ from ‘cr_service’
criu-4.1.1/criu/cr-service.c:1512:13: return_function: returning to ‘cr_service’ from ‘setup_sigchld_handler’
criu-4.1.1/criu/cr-service.c:1512:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1515:13: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1515:13: danger: ‘server_fd’ leaks here
# 1513|   		goto err;
# 1514|   
# 1515|-> 	if (status_ready())
# 1516|   		goto err;
# 1517|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def237]
criu-4.1.1/criu/cr-service.c:1521:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘server_fd’
criu-4.1.1/criu/cr-service.c:1445:5: enter_function: entry to ‘cr_service’
criu-4.1.1/criu/cr-service.c:1457:29: acquire_resource: socket created here
criu-4.1.1/criu/cr-service.c:1458:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1463:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1479:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1484:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1487:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1492:21: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1492:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1498:12: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1512:13: call_function: calling ‘setup_sigchld_handler’ from ‘cr_service’
criu-4.1.1/criu/cr-service.c:1512:13: return_function: returning to ‘cr_service’ from ‘setup_sigchld_handler’
criu-4.1.1/criu/cr-service.c:1512:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1515:13: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1515:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1521:17: danger: ‘server_fd’ leaks here
# 1519|   		int sk;
# 1520|   
# 1521|-> 		pr_info("Waiting for connection...\n");
# 1522|   
# 1523|   		sk = accept(server_fd, (struct sockaddr *)&client_addr, &client_addr_len);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def238]
criu-4.1.1/criu/cr-service.c:1523:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘server_fd’
criu-4.1.1/criu/cr-service.c:1445:5: enter_function: entry to ‘cr_service’
criu-4.1.1/criu/cr-service.c:1457:29: acquire_resource: socket created here
criu-4.1.1/criu/cr-service.c:1458:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1463:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1479:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1484:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1487:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1492:21: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1492:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1498:12: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1512:13: call_function: calling ‘setup_sigchld_handler’ from ‘cr_service’
criu-4.1.1/criu/cr-service.c:1512:13: return_function: returning to ‘cr_service’ from ‘setup_sigchld_handler’
criu-4.1.1/criu/cr-service.c:1512:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1515:13: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1515:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1523:22: danger: ‘server_fd’ leaks here
# 1521|   		pr_info("Waiting for connection...\n");
# 1522|   
# 1523|-> 		sk = accept(server_fd, (struct sockaddr *)&client_addr, &client_addr_len);
# 1524|   		if (sk == -1) {
# 1525|   			pr_perror("Can't accept connection");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def239]
criu-4.1.1/criu/cr-service.c:1551:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘server_fd’
criu-4.1.1/criu/cr-service.c:1457:29: acquire_resource: socket created here
criu-4.1.1/criu/cr-service.c:1458:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1463:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1479:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1484:17: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1487:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-service.c:1492:21: branch_false: ...to here
criu-4.1.1/criu/cr-service.c:1492:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/cr-service.c:1493:25: branch_true: ...to here
criu-4.1.1/criu/cr-service.c:1551:9: danger: ‘server_fd’ leaks here
# 1549|   
# 1550|   err:
# 1551|-> 	close_safe(&server_fd);
# 1552|   
# 1553|   	return 1;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def240]
criu-4.1.1/criu/crtools.c:122:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/crtools.c:122:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/crtools.c:122:9: branch_true: ...to here
criu-4.1.1/criu/crtools.c:122:9: danger: dereference of NULL ‘0’
#  120|   	BUILD_BUG_ON(__CTL_STR != SYSCTL_TYPE__CTL_STR);
#  121|   	/* We use it for fd overlap handling in clone_service_fd() */
#  122|-> 	BUG_ON(get_service_fd(SERVICE_FD_MIN + 1) < get_service_fd(SERVICE_FD_MAX - 1));
#  123|   
#  124|   	if (fault_injection_init()) {

Error: GCC_ANALYZER_WARNING (CWE-416): [#def241]
criu-4.1.1/criu/eventpoll.c:112:25: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘((struct eventpoll_dinfo)*((struct list_head *)dinfo)).e’
criu-4.1.1/criu/eventpoll.c:125:5: enter_function: entry to ‘flush_eventpoll_dinfo_queue’
criu-4.1.1/criu/eventpoll.c:130:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/eventpoll.c:131:37: branch_true: ...to here
criu-4.1.1/criu/eventpoll.c:166:21: call_function: calling ‘img_from_set’ from ‘flush_eventpoll_dinfo_queue’
criu-4.1.1/criu/eventpoll.c:166:21: return_function: returning to ‘flush_eventpoll_dinfo_queue’ from ‘img_from_set’
criu-4.1.1/criu/eventpoll.c:166:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/eventpoll.c:172:17: call_function: calling ‘dequeue_dinfo’ from ‘flush_eventpoll_dinfo_queue’
criu-4.1.1/criu/eventpoll.c:172:17: return_function: returning to ‘flush_eventpoll_dinfo_queue’ from ‘dequeue_dinfo’
criu-4.1.1/criu/eventpoll.c:130:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/eventpoll.c:131:37: branch_true: ...to here
criu-4.1.1/criu/eventpoll.c:178:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/eventpoll.c:179:17: branch_true: ...to here
criu-4.1.1/criu/eventpoll.c:179:17: call_function: calling ‘dequeue_dinfo’ from ‘flush_eventpoll_dinfo_queue’
#  110|   	ssize_t i;
#  111|   
#  112|-> 	for (i = 0; i < dinfo->e->n_tfd; i++)
#  113|   		eventpoll_tfd_entry__free_unpacked(dinfo->e->tfd[i], NULL);
#  114|   

Error: GCC_ANALYZER_WARNING (CWE-416): [#def242]
criu-4.1.1/criu/eventpoll.c:112:25: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘dinfo’
criu-4.1.1/criu/eventpoll.c:125:5: enter_function: entry to ‘flush_eventpoll_dinfo_queue’
criu-4.1.1/criu/eventpoll.c:130:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/eventpoll.c:131:37: branch_true: ...to here
criu-4.1.1/criu/eventpoll.c:166:21: call_function: calling ‘img_from_set’ from ‘flush_eventpoll_dinfo_queue’
criu-4.1.1/criu/eventpoll.c:166:21: return_function: returning to ‘flush_eventpoll_dinfo_queue’ from ‘img_from_set’
criu-4.1.1/criu/eventpoll.c:166:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/eventpoll.c:172:17: call_function: calling ‘dequeue_dinfo’ from ‘flush_eventpoll_dinfo_queue’
criu-4.1.1/criu/eventpoll.c:172:17: return_function: returning to ‘flush_eventpoll_dinfo_queue’ from ‘dequeue_dinfo’
criu-4.1.1/criu/eventpoll.c:130:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/eventpoll.c:131:37: branch_true: ...to here
criu-4.1.1/criu/eventpoll.c:178:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/eventpoll.c:179:17: branch_true: ...to here
criu-4.1.1/criu/eventpoll.c:179:17: call_function: calling ‘dequeue_dinfo’ from ‘flush_eventpoll_dinfo_queue’
#  110|   	ssize_t i;
#  111|   
#  112|-> 	for (i = 0; i < dinfo->e->n_tfd; i++)
#  113|   		eventpoll_tfd_entry__free_unpacked(dinfo->e->tfd[i], NULL);
#  114|   

Error: GCC_ANALYZER_WARNING (CWE-415): [#def243]
criu-4.1.1/criu/eventpoll.c:115:9: warning[-Wanalyzer-double-free]: double-‘free’ of ‘((struct eventpoll_dinfo)*((struct list_head *)dinfo)).fe’
criu-4.1.1/criu/eventpoll.c:125:5: enter_function: entry to ‘flush_eventpoll_dinfo_queue’
criu-4.1.1/criu/eventpoll.c:130:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/eventpoll.c:131:37: branch_true: ...to here
criu-4.1.1/criu/eventpoll.c:166:21: call_function: calling ‘img_from_set’ from ‘flush_eventpoll_dinfo_queue’
criu-4.1.1/criu/eventpoll.c:166:21: return_function: returning to ‘flush_eventpoll_dinfo_queue’ from ‘img_from_set’
criu-4.1.1/criu/eventpoll.c:166:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/eventpoll.c:172:17: call_function: calling ‘dequeue_dinfo’ from ‘flush_eventpoll_dinfo_queue’
criu-4.1.1/criu/eventpoll.c:172:17: return_function: returning to ‘flush_eventpoll_dinfo_queue’ from ‘dequeue_dinfo’
criu-4.1.1/criu/eventpoll.c:130:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/eventpoll.c:131:37: branch_true: ...to here
criu-4.1.1/criu/eventpoll.c:178:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/eventpoll.c:179:17: branch_true: ...to here
criu-4.1.1/criu/eventpoll.c:179:17: call_function: calling ‘dequeue_dinfo’ from ‘flush_eventpoll_dinfo_queue’
#  113|   		eventpoll_tfd_entry__free_unpacked(dinfo->e->tfd[i], NULL);
#  114|   
#  115|-> 	xfree(dinfo->fe);
#  116|   	xfree(dinfo->e->tfd);
#  117|   	xfree(dinfo->e);

Error: GCC_ANALYZER_WARNING (CWE-415): [#def244]
criu-4.1.1/criu/eventpoll.c:116:9: warning[-Wanalyzer-double-free]: double-‘free’ of ‘*((struct eventpoll_dinfo)*((struct list_head *)dinfo)).e.tfd’
criu-4.1.1/criu/eventpoll.c:125:5: enter_function: entry to ‘flush_eventpoll_dinfo_queue’
criu-4.1.1/criu/eventpoll.c:130:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/eventpoll.c:131:37: branch_true: ...to here
criu-4.1.1/criu/eventpoll.c:166:21: call_function: calling ‘img_from_set’ from ‘flush_eventpoll_dinfo_queue’
criu-4.1.1/criu/eventpoll.c:166:21: return_function: returning to ‘flush_eventpoll_dinfo_queue’ from ‘img_from_set’
criu-4.1.1/criu/eventpoll.c:166:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/eventpoll.c:172:17: call_function: calling ‘dequeue_dinfo’ from ‘flush_eventpoll_dinfo_queue’
criu-4.1.1/criu/eventpoll.c:172:17: return_function: returning to ‘flush_eventpoll_dinfo_queue’ from ‘dequeue_dinfo’
criu-4.1.1/criu/eventpoll.c:130:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/eventpoll.c:131:37: branch_true: ...to here
criu-4.1.1/criu/eventpoll.c:178:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/eventpoll.c:179:17: branch_true: ...to here
criu-4.1.1/criu/eventpoll.c:179:17: call_function: calling ‘dequeue_dinfo’ from ‘flush_eventpoll_dinfo_queue’
#  114|   
#  115|   	xfree(dinfo->fe);
#  116|-> 	xfree(dinfo->e->tfd);
#  117|   	xfree(dinfo->e);
#  118|   	xfree(dinfo->toff);

Error: GCC_ANALYZER_WARNING (CWE-415): [#def245]
criu-4.1.1/criu/eventpoll.c:118:9: warning[-Wanalyzer-double-free]: double-‘free’ of ‘((struct eventpoll_dinfo)*((struct list_head *)dinfo)).toff’
criu-4.1.1/criu/eventpoll.c:125:5: enter_function: entry to ‘flush_eventpoll_dinfo_queue’
criu-4.1.1/criu/eventpoll.c:130:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/eventpoll.c:131:37: branch_true: ...to here
criu-4.1.1/criu/eventpoll.c:166:21: call_function: calling ‘img_from_set’ from ‘flush_eventpoll_dinfo_queue’
criu-4.1.1/criu/eventpoll.c:166:21: return_function: returning to ‘flush_eventpoll_dinfo_queue’ from ‘img_from_set’
criu-4.1.1/criu/eventpoll.c:166:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/eventpoll.c:172:17: call_function: calling ‘dequeue_dinfo’ from ‘flush_eventpoll_dinfo_queue’
criu-4.1.1/criu/eventpoll.c:172:17: return_function: returning to ‘flush_eventpoll_dinfo_queue’ from ‘dequeue_dinfo’
criu-4.1.1/criu/eventpoll.c:130:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/eventpoll.c:131:37: branch_true: ...to here
criu-4.1.1/criu/eventpoll.c:178:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/eventpoll.c:179:17: branch_true: ...to here
criu-4.1.1/criu/eventpoll.c:179:17: call_function: calling ‘dequeue_dinfo’ from ‘flush_eventpoll_dinfo_queue’
#  116|   	xfree(dinfo->e->tfd);
#  117|   	xfree(dinfo->e);
#  118|-> 	xfree(dinfo->toff);
#  119|   
#  120|   	list_del(&dinfo->list);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def246]
criu-4.1.1/criu/eventpoll.c:264:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/eventpoll.c:261:13: acquire_memory: allocated here
criu-4.1.1/criu/eventpoll.c:261:13: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/eventpoll.c:261:9: branch_false: ...to here
criu-4.1.1/criu/eventpoll.c:262:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/eventpoll.c:264:9: branch_false: ...to here
criu-4.1.1/criu/eventpoll.c:264:9: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0)
#  262|   	if (!e)
#  263|   		goto out;
#  264|-> 	eventpoll_file_entry__init(e);
#  265|   
#  266|   	fe = xmalloc(sizeof(*fe));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def247]
criu-4.1.1/criu/eventpoll.c:269:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/eventpoll.c:261:13: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/eventpoll.c:261:9: branch_false: ...to here
criu-4.1.1/criu/eventpoll.c:262:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/eventpoll.c:264:9: branch_false: ...to here
criu-4.1.1/criu/eventpoll.c:266:14: acquire_memory: allocated here
criu-4.1.1/criu/eventpoll.c:266:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/eventpoll.c:266:9: branch_false: ...to here
criu-4.1.1/criu/eventpoll.c:267:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/eventpoll.c:269:9: branch_false: ...to here
criu-4.1.1/criu/eventpoll.c:269:9: danger: ‘___p’ leaks here; was allocated at [(5)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/4)
#  267|   	if (!fe)
#  268|   		goto out;
#  269|-> 	file_entry__init(fe);
#  270|   
#  271|   	e->id = id;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def248]
criu-4.1.1/criu/eventpoll.c:297:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/eventpoll.c:261:13: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/eventpoll.c:261:9: branch_false: ...to here
criu-4.1.1/criu/eventpoll.c:262:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/eventpoll.c:264:9: branch_false: ...to here
criu-4.1.1/criu/eventpoll.c:266:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/eventpoll.c:266:9: branch_false: ...to here
criu-4.1.1/criu/eventpoll.c:267:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/eventpoll.c:269:9: branch_false: ...to here
criu-4.1.1/criu/eventpoll.c:275:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/eventpoll.c:278:9: branch_false: ...to here
criu-4.1.1/criu/eventpoll.c:287:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/eventpoll.c:288:24: branch_true: ...to here
criu-4.1.1/criu/eventpoll.c:288:24: acquire_memory: allocated here
criu-4.1.1/criu/eventpoll.c:288:24: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/eventpoll.c:288:17: branch_false: ...to here
criu-4.1.1/criu/eventpoll.c:289:20: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/eventpoll.c:297:17: danger: ‘___p’ leaks here; was allocated at [(13)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/12)
#  295|   		}
#  296|   
#  297|-> 		qsort(toff, e->n_tfd, sizeof(*toff), toff_cmp);
#  298|   
#  299|   		for (i = 1; i < e->n_tfd; i++)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def249]
criu-4.1.1/criu/external.c:22:19: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/external.c:11:5: enter_function: entry to ‘add_external’
criu-4.1.1/criu/external.c:15:13: call_function: inlined call to ‘strstartswith’ from ‘add_external’
criu-4.1.1/criu/external.c:15:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/external.c:18:15: branch_false: ...to here
criu-4.1.1/criu/external.c:18:15: acquire_memory: allocated here
criu-4.1.1/criu/external.c:18:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/external.c:22:19: branch_false: ...to here
criu-4.1.1/criu/external.c:22:19: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/external.c:22:19: branch_true: ...to here
criu-4.1.1/criu/external.c:22:19: danger: ‘___p’ leaks here; was allocated at [(8)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/7)
#   20|   		return -1;
#   21|   
#   22|-> 	ext->id = xstrdup(key);
#   23|   	if (!ext->id)
#   24|   		goto err_id;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def250]
criu-4.1.1/criu/file-lock.c:174:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/file-lock.c:162:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/file-lock.c:169:13: branch_false: ...to here
criu-4.1.1/criu/file-lock.c:169:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/file-lock.c:170:21: branch_true: ...to here
criu-4.1.1/criu/file-lock.c:170:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/file-lock.c:173:29: branch_true: ...to here
criu-4.1.1/criu/file-lock.c:174:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/file-lock.c:174:25: branch_true: ...to here
criu-4.1.1/criu/file-lock.c:174:25: danger: dereference of NULL ‘0’
#  172|   
#  173|   			m = lookup_mnt_id(p->mnt_id);
#  174|-> 			BUG_ON(m == NULL);
#  175|   			dev = kdev_to_odev(m->s_dev);
#  176|   		} else /* old kernel */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def251]
criu-4.1.1/criu/files-reg.c:126:21: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/files-reg.c:1758:5: enter_function: entry to ‘dump_one_reg_file’
criu-4.1.1/criu/files-reg.c:1777:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files-reg.c:1785:28: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:1795:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files-reg.c:1801:13: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:1811:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files-reg.c:1816:12: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:1816:12: branch_false: following ‘false’ branch (when ‘skip_for_shell_job == 0’)...
criu-4.1.1/criu/files-reg.c:1816:36: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:1816:36: call_function: calling ‘check_path_remap’ from ‘dump_one_reg_file’
#  124|   		goto err;
#  125|   
#  126|-> 	rlb->path = xstrdup(path);
#  127|   	if (!rlb->path)
#  128|   		goto err2;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def252]
criu-4.1.1/criu/files-reg.c:1141:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/files-reg.c:1758:5: enter_function: entry to ‘dump_one_reg_file’
criu-4.1.1/criu/files-reg.c:1777:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files-reg.c:1785:28: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:1795:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files-reg.c:1801:13: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:1811:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files-reg.c:1816:12: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:1816:12: branch_false: following ‘false’ branch (when ‘skip_for_shell_job == 0’)...
criu-4.1.1/criu/files-reg.c:1816:36: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:1816:36: call_function: calling ‘check_path_remap’ from ‘dump_one_reg_file’
# 1139|   	tmp = link_name + len;
# 1140|   	while (*tmp != '/') {
# 1141|-> 		BUG_ON(tmp == link_name);
# 1142|   		tmp--;
# 1143|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def253]
criu-4.1.1/criu/files-reg.c:1267:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/files-reg.c:1758:5: enter_function: entry to ‘dump_one_reg_file’
criu-4.1.1/criu/files-reg.c:1777:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files-reg.c:1785:28: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:1795:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files-reg.c:1801:13: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:1811:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files-reg.c:1816:12: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:1816:12: branch_false: following ‘false’ branch (when ‘skip_for_shell_job == 0’)...
criu-4.1.1/criu/files-reg.c:1816:36: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:1816:36: call_function: calling ‘check_path_remap’ from ‘dump_one_reg_file’
# 1265|   
# 1266|   	name = strrchr(name, '/');
# 1267|-> 	BUG_ON(name == NULL); /* see check in dump_one_reg_file */
# 1268|   	name++;
# 1269|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def254]
criu-4.1.1/criu/files-reg.c:1715:9: warning[-Wanalyzer-malloc-leak]: leak of ‘build_id’
criu-4.1.1/criu/files-reg.c:1740:13: enter_function: entry to ‘store_validation_data’
criu-4.1.1/criu/files-reg.c:1747:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/files-reg.c:1748:26: branch_true: ...to here
criu-4.1.1/criu/files-reg.c:1748:26: call_function: calling ‘store_validation_data_build_id’ from ‘store_validation_data’
# 1713|   
# 1714|   	build_id_size = get_build_id(fd, &(p->stat), &build_id);
# 1715|-> 	close(fd);
# 1716|   	if (!build_id || build_id_size == -1)
# 1717|   		return 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def255]
criu-4.1.1/criu/files-reg.c:1835:15: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/files-reg.c:1758:5: enter_function: entry to ‘dump_one_reg_file’
criu-4.1.1/criu/files-reg.c:1777:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/files-reg.c:1779:28: branch_true: ...to here
criu-4.1.1/criu/files-reg.c:1779:28: acquire_memory: allocated here
criu-4.1.1/criu/files-reg.c:1779:28: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/files-reg.c:1779:17: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:1834:16: call_function: calling ‘img_from_set’ from ‘dump_one_reg_file’
criu-4.1.1/criu/files-reg.c:1834:16: return_function: returning to ‘dump_one_reg_file’ from ‘img_from_set’
criu-4.1.1/criu/files-reg.c:1835:15: danger: ‘___p’ leaks here; was allocated at [(4)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/3)
# 1833|   
# 1834|   	rimg = img_from_set(glob_imgset, CR_FD_FILES);
# 1835|-> 	ret = pb_write_one(rimg, &fe, PB_FILE);
# 1836|   
# 1837|   	if (rfe.build_id)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def256]
criu-4.1.1/criu/files-reg.c:1858:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/files-reg.c:1858:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/files-reg.c:1858:9: branch_true: ...to here
criu-4.1.1/criu/files-reg.c:1858:9: danger: dereference of NULL ‘0’
# 1856|   	 */
# 1857|   	off = strlen(smi->ns_mountpoint + 1);
# 1858|-> 	BUG_ON(strlen(smi->root) < strlen(dmi->root));
# 1859|   
# 1860|   	/*

Error: GCC_ANALYZER_WARNING (CWE-476): [#def257]
criu-4.1.1/criu/files-reg.c:1967:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/files-reg.c:1963:16: branch_true: following ‘true’ branch (when ‘count > 0’)...
criu-4.1.1/criu/files-reg.c:1964:21: branch_true: ...to here
criu-4.1.1/criu/files-reg.c:1965:20: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
criu-4.1.1/criu/files-reg.c:1967:25: branch_true: ...to here
criu-4.1.1/criu/files-reg.c:1967:25: branch_false: following ‘false’ branch (when ‘prev’ is NULL)...
criu-4.1.1/criu/files-reg.c:1968:25: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:1981:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files-reg.c:1985:17: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:1963:16: branch_true: following ‘true’ branch (when ‘count > 0’)...
criu-4.1.1/criu/files-reg.c:1964:21: branch_true: ...to here
criu-4.1.1/criu/files-reg.c:1965:20: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
criu-4.1.1/criu/files-reg.c:1967:25: branch_true: ...to here
criu-4.1.1/criu/files-reg.c:1967:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/files-reg.c:1967:25: danger: dereference of NULL ‘0’
# 1965|   		if (p) {
# 1966|   			/* We don't handle "//" in path */
# 1967|-> 			BUG_ON(prev && (prev - p == 1));
# 1968|   			*p = '\0';
# 1969|   		} else {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def258]
criu-4.1.1/criu/files-reg.c:2090:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/files-reg.c:2058:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files-reg.c:2066:14: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:2067:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files-reg.c:2070:13: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:2070:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files-reg.c:2078:15: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:2079:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/files-reg.c:2090:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/files-reg.c:2090:9: branch_true: ...to here
criu-4.1.1/criu/files-reg.c:2090:9: danger: dereference of NULL ‘0’
# 2088|   		;
# 2089|   
# 2090|-> 	BUG_ON(tmi->s_dev != rmi->s_dev);
# 2091|   	BUG_ON(tmi->s_dev != mi->s_dev);
# 2092|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def259]
criu-4.1.1/criu/files-reg.c:2091:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/files-reg.c:2058:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files-reg.c:2066:14: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:2067:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files-reg.c:2070:13: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:2070:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files-reg.c:2078:15: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:2079:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/files-reg.c:2090:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files-reg.c:2091:9: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:2091:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/files-reg.c:2091:9: branch_true: ...to here
criu-4.1.1/criu/files-reg.c:2091:9: danger: dereference of NULL ‘0’
# 2089|   
# 2090|   	BUG_ON(tmi->s_dev != rmi->s_dev);
# 2091|-> 	BUG_ON(tmi->s_dev != mi->s_dev);
# 2092|   
# 2093|   	/* Calculate paths on the device (root mount) */

Error: GCC_ANALYZER_WARNING (CWE-476): [#def260]
criu-4.1.1/criu/files-reg.c:2478:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 2476|   	 */
# 2477|   
# 2478|-> 	BUG_ON((vma->vmfd == NULL) || !vma->e->has_fdflags);
# 2479|   	flags = vma->e->fdflags;
# 2480|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def261]
criu-4.1.1/criu/files.c:205:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  203|   
#  204|   	item = pstree_item_by_virt(virt);
#  205|-> 	BUG_ON(!item);
#  206|   
#  207|   	is_set = !!test_and_set_bit_le(FDS_EVENT_BIT, &item->task_st_le_bits);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def262]
criu-4.1.1/criu/files.c:225:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/files.c:225:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files.c:225:9: danger: dereference of NULL ‘0’
#  223|   
#  224|   	value = htole32(FDS_EVENT);
#  225|-> 	futex_wait_if_cond(f, value, &);
#  226|   	clear_fds_event();
#  227|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def263]
criu-4.1.1/criu/files.c:244:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  242|   	if (!fle) {
#  243|   		pr_err("Empty list on file desc id %#x(%d)\n", d->id, d->ops ? d->ops->type : -1);
#  244|-> 		BUG();
#  245|   	}
#  246|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def264]
criu-4.1.1/criu/files.c:637:16: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/files.c:633:16: acquire_memory: allocated here
criu-4.1.1/criu/files.c:633:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/files.c:637:16: branch_false: ...to here
criu-4.1.1/criu/files.c:637:16: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/files.c:637:16: branch_true: ...to here
criu-4.1.1/criu/files.c:637:16: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#  635|   		goto err;
#  636|   
#  637|-> 	opts = xmalloc(nr_fds * sizeof(struct fd_opts));
#  638|   	if (!opts)
#  639|   		goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def265]
criu-4.1.1/criu/files.c:641:15: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/files.c:633:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/files.c:637:16: branch_false: ...to here
criu-4.1.1/criu/files.c:637:16: acquire_memory: allocated here
criu-4.1.1/criu/files.c:637:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/files.c:641:15: branch_false: ...to here
criu-4.1.1/criu/files.c:641:15: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#  639|   		goto err;
#  640|   
#  641|-> 	img = open_image(CR_FD_FDINFO, O_DUMP, item->ids->files_id);
#  642|   	if (!img)
#  643|   		goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def266]
criu-4.1.1/criu/files.c:650:23: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/files.c:633:16: acquire_memory: allocated here
criu-4.1.1/criu/files.c:633:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/files.c:637:16: branch_false: ...to here
criu-4.1.1/criu/files.c:637:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/files.c:641:15: branch_false: ...to here
criu-4.1.1/criu/files.c:642:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/files.c:646:23: branch_true: following ‘true’ branch...
criu-4.1.1/criu/files.c:650:23: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
#  648|   			nr_fds = dfds->nr_fds - off;
#  649|   
#  650|-> 		ret = parasite_drain_fds_seized(ctl, dfds, nr_fds, off, lfds, opts);
#  651|   		if (ret)
#  652|   			goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def267]
criu-4.1.1/criu/files.c:670:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/files.c:633:16: acquire_memory: allocated here
criu-4.1.1/criu/files.c:633:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/files.c:637:16: branch_false: ...to here
criu-4.1.1/criu/files.c:637:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/files.c:641:15: branch_false: ...to here
criu-4.1.1/criu/files.c:642:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/files.c:646:23: branch_true: following ‘true’ branch (when ‘ret == 0’)...
criu-4.1.1/criu/files.c:646:41: branch_true: ...to here
criu-4.1.1/criu/files.c:646:23: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files.c:670:9: branch_false: ...to here
criu-4.1.1/criu/files.c:670:9: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/0)
#  668|   	}
#  669|   
#  670|-> 	pr_info("----------------------------------------\n");
#  671|   err:
#  672|   	if (img)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def268]
criu-4.1.1/criu/files.c:673:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/files.c:633:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/files.c:637:16: branch_false: ...to here
criu-4.1.1/criu/files.c:637:16: acquire_memory: allocated here
criu-4.1.1/criu/files.c:637:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/files.c:641:15: branch_false: ...to here
criu-4.1.1/criu/files.c:642:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/files.c:646:23: branch_true: following ‘true’ branch (when ‘ret == 0’)...
criu-4.1.1/criu/files.c:646:41: branch_true: ...to here
criu-4.1.1/criu/files.c:646:23: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files.c:670:9: branch_false: ...to here
criu-4.1.1/criu/files.c:673:17: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/2)
#  671|   err:
#  672|   	if (img)
#  673|-> 		close_image(img);
#  674|   	xfree(opts);
#  675|   	xfree(lfds);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def269]
criu-4.1.1/criu/files.c:722:22: warning[-Wanalyzer-malloc-leak]: leak of ‘fdopendir(do_open_proc(pid, 0, "fd"))’
criu-4.1.1/criu/files.c:718:18: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files.c:718:18: branch_false: ...to here
criu-4.1.1/criu/files.c:718:18: acquire_memory: allocated here
criu-4.1.1/criu/files.c:718:18: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files.c:719:12: branch_false: ...to here
criu-4.1.1/criu/files.c:719:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/files.c:722:22: danger: ‘fdopendir(do_open_proc(pid, 0, "fd"))’ leaks here; was allocated at [(3)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/2)
#  720|   		return -1;
#  721|   
#  722|-> 	while ((de = readdir(fd_dir))) {
#  723|   		if (dir_dots(de))
#  724|   			continue;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def270]
criu-4.1.1/criu/files.c:998:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/files.c:998:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/files.c:998:9: branch_true: ...to here
criu-4.1.1/criu/files.c:998:9: danger: dereference of NULL ‘0’
#  996|   static int plant_fd(struct fdinfo_list_entry *fle, int fd)
#  997|   {
#  998|-> 	BUG_ON(fle->received);
#  999|   	fle->received = 1;
# 1000|   	return reopen_fd_as(fle->fe->fd, fd);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def271]
criu-4.1.1/criu/files.c:1072:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/files.c:1069:12: branch_false: following ‘false’ branch (when ‘dfd != fd’)...
criu-4.1.1/criu/files.c:1072:9: branch_false: ...to here
criu-4.1.1/criu/files.c:1072:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/files.c:1072:9: branch_true: ...to here
criu-4.1.1/criu/files.c:1072:9: danger: dereference of NULL ‘0’
# 1070|   		return 0;
# 1071|   
# 1072|-> 	BUG_ON(dfd == get_service_fd(TRANSPORT_FD_OFF));
# 1073|   
# 1074|   	pr_info("\t\t\tGoing to dup %d into %d\n", fd, dfd);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def272]
criu-4.1.1/criu/files.c:1075:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(fd,  dfd)’
criu-4.1.1/criu/files.c:1069:12: branch_false: following ‘false’ branch (when ‘dfd != fd’)...
criu-4.1.1/criu/files.c:1072:9: branch_false: ...to here
criu-4.1.1/criu/files.c:1072:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files.c:1074:9: branch_false: ...to here
criu-4.1.1/criu/files.c:1075:13: acquire_resource: opened here
criu-4.1.1/criu/files.c:1075:12: danger: ‘dup2(fd,  dfd)’ leaks here; was opened at [(5)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/4)
# 1073|   
# 1074|   	pr_info("\t\t\tGoing to dup %d into %d\n", fd, dfd);
# 1075|-> 	if (dup2(fd, dfd) != dfd) {
# 1076|   		pr_perror("Can't dup local fd %d -> %d", fd, dfd);
# 1077|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def273]
criu-4.1.1/criu/files.c:1127:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/files.c:1119:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files.c:1122:41: branch_false: ...to here
criu-4.1.1/criu/files.c:1122:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files.c:1127:9: branch_false: ...to here
criu-4.1.1/criu/files.c:1127:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/files.c:1127:9: branch_true: ...to here
criu-4.1.1/criu/files.c:1127:9: danger: dereference of NULL ‘0’
# 1125|   	}
# 1126|   
# 1127|-> 	BUG_ON(fle->stage != FLE_INITIALIZED);
# 1128|   	fle->stage = FLE_OPEN;
# 1129|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def274]
criu-4.1.1/criu/files.c:1143:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/files.c:1135:12: enter_function: entry to ‘open_fd’
criu-4.1.1/criu/files.c:1141:17: call_function: calling ‘file_master’ from ‘open_fd’
criu-4.1.1/criu/files.c:1141:17: return_function: returning to ‘open_fd’ from ‘file_master’
criu-4.1.1/criu/files.c:1142:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/files.c:1143:17: branch_true: ...to here
criu-4.1.1/criu/files.c:1143:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/files.c:1143:17: branch_true: ...to here
criu-4.1.1/criu/files.c:1143:17: danger: dereference of NULL ‘0’
# 1141|   	fle_m = file_master(d);
# 1142|   	if (fle != fle_m) {
# 1143|-> 		BUG_ON(fle->stage != FLE_INITIALIZED);
# 1144|   		ret = receive_fd(fle);
# 1145|   		if (ret != 0)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def275]
criu-4.1.1/criu/files.c:1218:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/files.c:1216:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/files.c:1217:30: branch_true: ...to here
criu-4.1.1/criu/files.c:1218:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/files.c:1218:25: branch_true: ...to here
criu-4.1.1/criu/files.c:1218:25: danger: dereference of NULL ‘0’
# 1216|   		list_for_each_entry_safe(fle, tmp, list, ps_list) {
# 1217|   			st = fle->stage;
# 1218|-> 			BUG_ON(st == FLE_RESTORED);
# 1219|   			ret = open_fd(fle);
# 1220|   			if (ret == -1) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def276]
criu-4.1.1/criu/files.c:1276:22: warning[-Wanalyzer-malloc-leak]: leak of ‘fdopendir(do_open_proc(0, 0, "fd"))’
criu-4.1.1/criu/files.c:1272:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files.c:1272:15: branch_false: ...to here
criu-4.1.1/criu/files.c:1272:15: acquire_memory: allocated here
criu-4.1.1/criu/files.c:1272:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files.c:1273:12: branch_false: ...to here
criu-4.1.1/criu/files.c:1273:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/files.c:1276:22: danger: ‘fdopendir(do_open_proc(0, 0, "fd"))’ leaks here; was allocated at [(3)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/2)
# 1274|   		return -1;
# 1275|   
# 1276|-> 	while ((de = readdir(dir))) {
# 1277|   		if (dir_dots(de))
# 1278|   			continue;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def277]
criu-4.1.1/criu/files.c:1323:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/files.c:1298:5: enter_function: entry to ‘prepare_fds’
criu-4.1.1/criu/files.c:1314:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/files.c:1322:17: branch_true: ...to here
criu-4.1.1/criu/files.c:1322:17: call_function: calling ‘futex_inc_and_wake’ from ‘prepare_fds’
criu-4.1.1/criu/files.c:1322:17: return_function: returning to ‘prepare_fds’ from ‘futex_inc_and_wake’
criu-4.1.1/criu/files.c:1323:17: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files.c:1323:17: danger: dereference of NULL ‘0’
# 1321|   		 */
# 1322|   		futex_inc_and_wake(&fdt->fdt_lock);
# 1323|-> 		futex_wait_while_lt(&fdt->fdt_lock, fdt->nr);
# 1324|   
# 1325|   		if (fdt->pid != vpid(me)) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def278]
criu-4.1.1/criu/files.c:1327:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/files.c:1298:5: enter_function: entry to ‘prepare_fds’
criu-4.1.1/criu/files.c:1314:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/files.c:1322:17: branch_true: ...to here
criu-4.1.1/criu/files.c:1322:17: call_function: calling ‘futex_inc_and_wake’ from ‘prepare_fds’
criu-4.1.1/criu/files.c:1322:17: return_function: returning to ‘prepare_fds’ from ‘futex_inc_and_wake’
criu-4.1.1/criu/files.c:1325:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/files.c:1326:25: branch_true: ...to here
criu-4.1.1/criu/files.c:1327:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files.c:1327:25: danger: dereference of NULL ‘0’
# 1325|   		if (fdt->pid != vpid(me)) {
# 1326|   			pr_info("File descriptor table is shared with %d\n", fdt->pid);
# 1327|-> 			futex_wait_until(&fdt->fdt_lock, fdt->nr + 1);
# 1328|   			goto out;
# 1329|   		}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def279]
criu-4.1.1/criu/files.c:1332:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/files.c:1332:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/files.c:1332:9: branch_true: ...to here
criu-4.1.1/criu/files.c:1332:9: danger: dereference of NULL ‘0’
# 1330|   	}
# 1331|   
# 1332|-> 	BUG_ON(current->pid->state == TASK_HELPER);
# 1333|   	ret = open_fdinfos(me);
# 1334|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def280]
criu-4.1.1/criu/files.c:1609:23: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/files.c:1597:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/files.c:1602:15: branch_false: ...to here
criu-4.1.1/criu/files.c:1602:15: acquire_memory: allocated here
criu-4.1.1/criu/files.c:1602:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/files.c:1606:13: branch_false: ...to here
criu-4.1.1/criu/files.c:1609:23: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/files.c:1609:23: branch_true: ...to here
criu-4.1.1/criu/files.c:1609:23: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/2)
# 1607|   		inh_fd_max = fd;
# 1608|   
# 1609|-> 	inh->inh_id = xstrdup(key);
# 1610|   	if (inh->inh_id == NULL) {
# 1611|   		xfree(inh);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def281]
criu-4.1.1/criu/filesystems.c:404:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
criu-4.1.1/criu/filesystems.c:386:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/filesystems.c:393:21: branch_true: following ‘true’ branch (when ‘ntmp_fds != 3’)...
criu-4.1.1/criu/filesystems.c:394:21: branch_true: ...to here
criu-4.1.1/criu/filesystems.c:394:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/filesystems.c:396:25: branch_false: ...to here
criu-4.1.1/criu/filesystems.c:397:22: acquire_resource: opened here
criu-4.1.1/criu/filesystems.c:398:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/filesystems.c:393:21: branch_true: following ‘true’ branch (when ‘ntmp_fds != 3’)...
criu-4.1.1/criu/filesystems.c:394:21: branch_true: ...to here
criu-4.1.1/criu/filesystems.c:404:13: danger: ‘fd’ leaks here; was opened at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#  402|   	}
#  403|   
#  404|-> 	if (move_fd_from(&fd, STDIN_FILENO) < 0)
#  405|   		goto out;
#  406|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def282]
criu-4.1.1/criu/filesystems.c:537:22: warning[-Wanalyzer-malloc-leak]: leak of ‘fdopendir(open_mountpoint(pm))’
criu-4.1.1/criu/filesystems.c:528:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/filesystems.c:531:16: branch_false: ...to here
criu-4.1.1/criu/filesystems.c:531:16: acquire_memory: allocated here
criu-4.1.1/criu/filesystems.c:532:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/filesystems.c:537:22: danger: ‘fdopendir(open_mountpoint(pm))’ leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  535|   	}
#  536|   
#  537|-> 	while ((de = readdir(fdir))) {
#  538|   		int id;
#  539|   		struct mount_info *it;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def283]
criu-4.1.1/criu/fsnotify.c:291:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/fsnotify.c:231:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/fsnotify.c:232:17: branch_true: ...to here
criu-4.1.1/criu/fsnotify.c:283:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/fsnotify.c:287:16: branch_false: ...to here
criu-4.1.1/criu/fsnotify.c:287:16: acquire_memory: allocated here
criu-4.1.1/criu/fsnotify.c:287:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/fsnotify.c:290:1: branch_false: ...to here
criu-4.1.1/criu/fsnotify.c:291:9: danger: ‘___p’ leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  289|   		goto err;
#  290|   out:
#  291|-> 	pr_debug("\tDumping %s as path for handle\n", path);
#  292|   	f_handle->path = path;
#  293|   out_nopath:

Error: GCC_ANALYZER_WARNING (CWE-476): [#def284]
criu-4.1.1/criu/fsnotify.c:384:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/fsnotify.c:383:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/fsnotify.c:384:17: branch_true: ...to here
criu-4.1.1/criu/fsnotify.c:384:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/fsnotify.c:384:17: branch_true: ...to here
criu-4.1.1/criu/fsnotify.c:384:17: danger: dereference of NULL ‘0’
#  382|   {
#  383|   	if (fme->type == MARK_TYPE__INODE) {
#  384|-> 		BUG_ON(!fme->ie);
#  385|   
#  386|   		pr_info("mark: s_dev %#08x i_ino %#016" PRIx64 " mask %#08x\n", fme->s_dev, fme->ie->i_ino, fme->mask);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def285]
criu-4.1.1/criu/fsnotify.c:399:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/fsnotify.c:383:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/fsnotify.c:396:13: branch_false: ...to here
criu-4.1.1/criu/fsnotify.c:396:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/fsnotify.c:399:17: branch_true: ...to here
criu-4.1.1/criu/fsnotify.c:399:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/fsnotify.c:399:17: branch_true: ...to here
criu-4.1.1/criu/fsnotify.c:399:17: danger: dereference of NULL ‘0’
#  397|   		struct mount_info *m;
#  398|   
#  399|-> 		BUG_ON(!fme->me);
#  400|   
#  401|   		m = lookup_mnt_id(fme->me->mnt_id);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def286]
criu-4.1.1/criu/image.c:522:29: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/image.c:508:15: acquire_memory: allocated here
criu-4.1.1/criu/image.c:508:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/image.c:512:26: branch_false: ...to here
criu-4.1.1/criu/image.c:518:12: branch_true: following ‘true’ branch (when ‘lazy != 0’)...
criu-4.1.1/criu/image.c:519:17: branch_true: ...to here
criu-4.1.1/criu/image.c:522:29: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/image.c:522:29: branch_true: ...to here
criu-4.1.1/criu/image.c:522:29: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  520|   		img->type = type;
#  521|   		img->oflags = oflags;
#  522|-> 		img->path = xstrdup(path);
#  523|   		return img;
#  524|   	} else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def287]
criu-4.1.1/criu/image.c:604:23: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/image.c:495:16: enter_function: entry to ‘open_image_at’
criu-4.1.1/criu/image.c:508:15: acquire_memory: allocated here
criu-4.1.1/criu/image.c:508:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/image.c:512:26: branch_false: ...to here
criu-4.1.1/criu/image.c:518:12: branch_false: following ‘false’ branch (when ‘lazy == 0’)...
criu-4.1.1/criu/image.c:525:17: branch_false: ...to here
criu-4.1.1/criu/image.c:527:13: call_function: calling ‘do_open_image’ from ‘open_image_at’
#  602|   
#  603|   	if (opts.stream && !(oflags & O_FORCE_LOCAL)) {
#  604|-> 		ret = img_streamer_open(path, flags);
#  605|   		errno = EIO; /* errno value is meaningless, only the ret value is meaningful */
#  606|   	} else if (root_ns_mask & CLONE_NEWUSER && type == CR_FD_PAGES && oflags & O_RDWR) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def288]
criu-4.1.1/criu/image.c:618:23: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/image.c:495:16: enter_function: entry to ‘open_image_at’
criu-4.1.1/criu/image.c:508:15: acquire_memory: allocated here
criu-4.1.1/criu/image.c:508:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/image.c:512:26: branch_false: ...to here
criu-4.1.1/criu/image.c:518:12: branch_false: following ‘false’ branch (when ‘lazy == 0’)...
criu-4.1.1/criu/image.c:525:17: branch_false: ...to here
criu-4.1.1/criu/image.c:527:13: call_function: calling ‘do_open_image’ from ‘open_image_at’
#  616|   		};
#  617|   		snprintf(pa.path, PATH_MAX, "%s", path);
#  618|-> 		ret = userns_call(userns_openat, UNS_FDOUT, &pa, sizeof(struct openat_args), dfd);
#  619|   		if (ret < 0)
#  620|   			errno = pa.err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def289]
criu-4.1.1/criu/image.c:622:23: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/image.c:495:16: enter_function: entry to ‘open_image_at’
criu-4.1.1/criu/image.c:508:15: acquire_memory: allocated here
criu-4.1.1/criu/image.c:508:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/image.c:512:26: branch_false: ...to here
criu-4.1.1/criu/image.c:518:12: branch_false: following ‘false’ branch (when ‘lazy == 0’)...
criu-4.1.1/criu/image.c:525:17: branch_false: ...to here
criu-4.1.1/criu/image.c:527:13: call_function: calling ‘do_open_image’ from ‘open_image_at’
#  620|   			errno = pa.err;
#  621|   	} else
#  622|-> 		ret = openat(dfd, path, flags, CR_FD_PERM);
#  623|   	if (ret < 0) {
#  624|   		if (!(flags & O_CREAT) && (errno == ENOENT || ret == -ENOENT)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def290]
criu-4.1.1/criu/image.c:625:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/image.c:495:16: enter_function: entry to ‘open_image_at’
criu-4.1.1/criu/image.c:508:15: acquire_memory: allocated here
criu-4.1.1/criu/image.c:508:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/image.c:512:26: branch_false: ...to here
criu-4.1.1/criu/image.c:518:12: branch_false: following ‘false’ branch (when ‘lazy == 0’)...
criu-4.1.1/criu/image.c:525:17: branch_false: ...to here
criu-4.1.1/criu/image.c:527:13: call_function: calling ‘do_open_image’ from ‘open_image_at’
#  623|   	if (ret < 0) {
#  624|   		if (!(flags & O_CREAT) && (errno == ENOENT || ret == -ENOENT)) {
#  625|-> 			pr_info("No %s image\n", path);
#  626|   			img->_x.fd = EMPTY_IMG_FD;
#  627|   			goto skip_magic;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def291]
criu-4.1.1/criu/image.c:630:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/image.c:495:16: enter_function: entry to ‘open_image_at’
criu-4.1.1/criu/image.c:508:15: acquire_memory: allocated here
criu-4.1.1/criu/image.c:508:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/image.c:512:26: branch_false: ...to here
criu-4.1.1/criu/image.c:518:12: branch_false: following ‘false’ branch (when ‘lazy == 0’)...
criu-4.1.1/criu/image.c:525:17: branch_false: ...to here
criu-4.1.1/criu/image.c:527:13: call_function: calling ‘do_open_image’ from ‘open_image_at’
#  628|   		}
#  629|   
#  630|-> 		pr_perror("Unable to open %s", path);
#  631|   		goto err;
#  632|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def292]
criu-4.1.1/criu/image.c:639:31: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/image.c:495:16: enter_function: entry to ‘open_image_at’
criu-4.1.1/criu/image.c:508:15: acquire_memory: allocated here
criu-4.1.1/criu/image.c:508:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/image.c:512:26: branch_false: ...to here
criu-4.1.1/criu/image.c:518:12: branch_false: following ‘false’ branch (when ‘lazy == 0’)...
criu-4.1.1/criu/image.c:525:17: branch_false: ...to here
criu-4.1.1/criu/image.c:527:13: call_function: calling ‘do_open_image’ from ‘open_image_at’
#  637|   	else {
#  638|   		if (flags == O_RDONLY)
#  639|-> 			ret = bfdopenr(&img->_x);
#  640|   		else
#  641|   			ret = bfdopenw(&img->_x);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def293]
criu-4.1.1/criu/image.c:726:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(dir, 0)’
criu-4.1.1/criu/image.c:719:14: acquire_resource: opened here
criu-4.1.1/criu/image.c:720:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/image.c:725:15: branch_false: ...to here
criu-4.1.1/criu/image.c:726:12: danger: ‘open(dir, 0)’ leaks here; was opened at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#  724|   
#  725|   	ret = install_service_fd(IMG_FD_OFF, fd);
#  726|-> 	if (ret < 0) {
#  727|   		pr_err("install_service_fd failed.\n");
#  728|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def294]
criu-4.1.1/criu/image.c:798:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/image.c:798:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/image.c:798:9: branch_true: ...to here
criu-4.1.1/criu/image.c:798:9: danger: dereference of NULL ‘0’
#  796|   	 */
#  797|   
#  798|-> 	BUG_ON(page_ids != 1);
#  799|   	page_ids += 0x10000;
#  800|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def295]
criu-4.1.1/criu/image.c:857:15: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/image.c:894:5: enter_function: entry to ‘read_img_str’
criu-4.1.1/criu/image.c:899:15: acquire_memory: allocated here
criu-4.1.1/criu/image.c:899:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/image.c:903:15: branch_false: ...to here
criu-4.1.1/criu/image.c:903:15: call_function: calling ‘read_img_buf’ from ‘read_img_str’
#  855|   	int ret;
#  856|   
#  857|-> 	ret = bread(&img->_x, ptr, size);
#  858|   	if (ret == size)
#  859|   		return 1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def296]
criu-4.1.1/criu/img-streamer.c:41:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sockfd’
criu-4.1.1/criu/img-streamer.c:50:5: enter_function: entry to ‘img_streamer_init’
criu-4.1.1/criu/img-streamer.c:59:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:64:18: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:64:18: acquire_resource: stream socket created here
criu-4.1.1/criu/img-streamer.c:65:12: branch_false: following ‘false’ branch (when ‘sockfd >= 0’)...
criu-4.1.1/criu/img-streamer.c:70:9: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:72:9: call_function: calling ‘socket_name_for_mode’ from ‘img_streamer_init’
#   39|   		return IMG_STREAMER_SERVE_SOCKET_NAME;
#   40|   	default:
#   41|-> 		BUG();
#   42|   		return NULL;
#   43|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def297]
criu-4.1.1/criu/img-streamer.c:41:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#   39|   		return IMG_STREAMER_SERVE_SOCKET_NAME;
#   40|   	default:
#   41|-> 		BUG();
#   42|   		return NULL;
#   43|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def298]
criu-4.1.1/criu/img-streamer.c:74:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sockfd’
criu-4.1.1/criu/img-streamer.c:59:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:64:18: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:64:18: acquire_resource: stream socket created here
criu-4.1.1/criu/img-streamer.c:65:12: branch_false: following ‘false’ branch (when ‘sockfd >= 0’)...
criu-4.1.1/criu/img-streamer.c:70:9: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:74:13: danger: ‘sockfd’ leaks here
#   72|   	snprintf(addr.sun_path, sizeof(addr.sun_path), "%s/%s", image_dir, socket_name_for_mode(mode));
#   73|   
#   74|-> 	if (connect(sockfd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
#   75|   		pr_perror("Unable to connect to image streamer socket: %s", addr.sun_path);
#   76|   		goto err;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def299]
criu-4.1.1/criu/img-streamer.c:183:24: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[0]’
criu-4.1.1/criu/img-streamer.c:181:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:186:13: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:183:24: danger: ‘fds[0]’ leaks here
#  181|   	if (pipe(fds) < 0) {
#  182|   		pr_perror("Unable to create pipe");
#  183|-> 		return -1;
#  184|   	}
#  185|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def300]
criu-4.1.1/criu/img-streamer.c:183:24: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
criu-4.1.1/criu/img-streamer.c:181:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:186:13: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:183:24: danger: ‘fds[1]’ leaks here
#  181|   	if (pipe(fds) < 0) {
#  182|   		pr_perror("Unable to create pipe");
#  183|-> 		return -1;
#  184|   	}
#  185|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def301]
criu-4.1.1/criu/img-streamer.c:186:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[0]’
criu-4.1.1/criu/img-streamer.c:181:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:186:13: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:186:13: danger: ‘fds[0]’ leaks here
#  184|   	}
#  185|   
#  186|-> 	if (send_fd(get_service_fd(IMG_STREAMER_FD_OFF), NULL, 0, fds[streamer_pipe_direction]) < 0)
#  187|   		close(fds[criu_pipe_direction]);
#  188|   	else

Error: GCC_ANALYZER_WARNING (CWE-775): [#def302]
criu-4.1.1/criu/img-streamer.c:186:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
criu-4.1.1/criu/img-streamer.c:181:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:186:13: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:186:13: danger: ‘fds[1]’ leaks here
#  184|   	}
#  185|   
#  186|-> 	if (send_fd(get_service_fd(IMG_STREAMER_FD_OFF), NULL, 0, fds[streamer_pipe_direction]) < 0)
#  187|   		close(fds[criu_pipe_direction]);
#  188|   	else

Error: GCC_ANALYZER_WARNING (CWE-775): [#def303]
criu-4.1.1/criu/img-streamer.c:186:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[criu_pipe_direction]’
criu-4.1.1/criu/img-streamer.c:196:12: enter_function: entry to ‘_img_streamer_open’
criu-4.1.1/criu/img-streamer.c:198:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:201:13: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:201:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/img-streamer.c:204:21: branch_true: ...to here
criu-4.1.1/criu/img-streamer.c:204:21: call_function: calling ‘recv_file_reply’ from ‘_img_streamer_open’
criu-4.1.1/criu/img-streamer.c:204:21: return_function: returning to ‘_img_streamer_open’ from ‘recv_file_reply’
criu-4.1.1/criu/img-streamer.c:204:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:207:21: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:207:20: branch_true: following ‘true’ branch...
 branch_true: ...to here
criu-4.1.1/criu/img-streamer.c:219:16: call_function: calling ‘establish_streamer_file_pipe’ from ‘_img_streamer_open’
#  184|   	}
#  185|   
#  186|-> 	if (send_fd(get_service_fd(IMG_STREAMER_FD_OFF), NULL, 0, fds[streamer_pipe_direction]) < 0)
#  187|   		close(fds[criu_pipe_direction]);
#  188|   	else

Error: GCC_ANALYZER_WARNING (CWE-775): [#def304]
criu-4.1.1/criu/img-streamer.c:186:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[streamer_pipe_direction]’
criu-4.1.1/criu/img-streamer.c:196:12: enter_function: entry to ‘_img_streamer_open’
criu-4.1.1/criu/img-streamer.c:198:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:201:13: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:201:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/img-streamer.c:204:21: branch_true: ...to here
criu-4.1.1/criu/img-streamer.c:204:21: call_function: calling ‘recv_file_reply’ from ‘_img_streamer_open’
criu-4.1.1/criu/img-streamer.c:204:21: return_function: returning to ‘_img_streamer_open’ from ‘recv_file_reply’
criu-4.1.1/criu/img-streamer.c:204:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:207:21: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:207:20: branch_true: following ‘true’ branch...
 branch_true: ...to here
criu-4.1.1/criu/img-streamer.c:219:16: call_function: calling ‘establish_streamer_file_pipe’ from ‘_img_streamer_open’
#  184|   	}
#  185|   
#  186|-> 	if (send_fd(get_service_fd(IMG_STREAMER_FD_OFF), NULL, 0, fds[streamer_pipe_direction]) < 0)
#  187|   		close(fds[criu_pipe_direction]);
#  188|   	else

Error: GCC_ANALYZER_WARNING (CWE-775): [#def305]
criu-4.1.1/criu/img-streamer.c:187:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[0]’
criu-4.1.1/criu/img-streamer.c:181:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:186:13: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:186:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/img-streamer.c:187:17: branch_true: ...to here
criu-4.1.1/criu/img-streamer.c:187:17: danger: ‘fds[0]’ leaks here
#  185|   
#  186|   	if (send_fd(get_service_fd(IMG_STREAMER_FD_OFF), NULL, 0, fds[streamer_pipe_direction]) < 0)
#  187|-> 		close(fds[criu_pipe_direction]);
#  188|   	else
#  189|   		ret = fds[criu_pipe_direction];

Error: GCC_ANALYZER_WARNING (CWE-775): [#def306]
criu-4.1.1/criu/img-streamer.c:187:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
criu-4.1.1/criu/img-streamer.c:181:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:186:13: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:186:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/img-streamer.c:187:17: branch_true: ...to here
criu-4.1.1/criu/img-streamer.c:187:17: danger: ‘fds[1]’ leaks here
#  185|   
#  186|   	if (send_fd(get_service_fd(IMG_STREAMER_FD_OFF), NULL, 0, fds[streamer_pipe_direction]) < 0)
#  187|-> 		close(fds[criu_pipe_direction]);
#  188|   	else
#  189|   		ret = fds[criu_pipe_direction];

Error: GCC_ANALYZER_WARNING (CWE-775): [#def307]
criu-4.1.1/criu/img-streamer.c:191:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[0]’
criu-4.1.1/criu/img-streamer.c:181:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:186:13: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:191:9: danger: ‘fds[0]’ leaks here
#  189|   		ret = fds[criu_pipe_direction];
#  190|   
#  191|-> 	close(fds[streamer_pipe_direction]);
#  192|   
#  193|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def308]
criu-4.1.1/criu/img-streamer.c:191:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
criu-4.1.1/criu/img-streamer.c:181:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:186:13: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:191:9: danger: ‘fds[1]’ leaks here
#  189|   		ret = fds[criu_pipe_direction];
#  190|   
#  191|-> 	close(fds[streamer_pipe_direction]);
#  192|   
#  193|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def309]
criu-4.1.1/criu/img-streamer.c:191:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘ret’
criu-4.1.1/criu/img-streamer.c:196:12: enter_function: entry to ‘_img_streamer_open’
criu-4.1.1/criu/img-streamer.c:198:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:201:13: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:201:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/img-streamer.c:204:21: branch_true: ...to here
criu-4.1.1/criu/img-streamer.c:204:21: call_function: calling ‘recv_file_reply’ from ‘_img_streamer_open’
criu-4.1.1/criu/img-streamer.c:204:21: return_function: returning to ‘_img_streamer_open’ from ‘recv_file_reply’
criu-4.1.1/criu/img-streamer.c:204:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:207:21: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:207:20: branch_true: following ‘true’ branch...
 branch_true: ...to here
criu-4.1.1/criu/img-streamer.c:219:16: call_function: calling ‘establish_streamer_file_pipe’ from ‘_img_streamer_open’
#  189|   		ret = fds[criu_pipe_direction];
#  190|   
#  191|-> 	close(fds[streamer_pipe_direction]);
#  192|   
#  193|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def310]
criu-4.1.1/criu/img-streamer.c:234:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/img-streamer.c:234:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/img-streamer.c:234:9: branch_true: ...to here
criu-4.1.1/criu/img-streamer.c:234:9: danger: dereference of NULL ‘0’
#  232|   	int ret;
#  233|   
#  234|-> 	BUG_ON(flags != img_streamer_mode);
#  235|   
#  236|   	mutex_lock(img_streamer_fd_lock);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def311]
criu-4.1.1/criu/include/criu-log.h:46:16: warning[-Wanalyzer-file-leak]: leak of FILE ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:312:25: branch_true: ...to here
criu-4.1.1/criu/seize.c:312:25: call_function: inlined call to ‘__task_comm_info’ from ‘seize_cgroup_tree’
#   44|   static inline int pr_quelled(unsigned int loglevel)
#   45|   {
#   46|-> 	return log_get_loglevel() < loglevel && loglevel != LOG_MSG;
#   47|   }
#   48|   #endif /* __CR_LOG_LEVELS_H__ */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def312]
criu-4.1.1/criu/include/criu-log.h:46:16: warning[-Wanalyzer-malloc-leak]: leak of ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:312:25: branch_true: ...to here
criu-4.1.1/criu/seize.c:312:25: call_function: inlined call to ‘__task_comm_info’ from ‘seize_cgroup_tree’
#   44|   static inline int pr_quelled(unsigned int loglevel)
#   45|   {
#   46|-> 	return log_get_loglevel() < loglevel && loglevel != LOG_MSG;
#   47|   }
#   48|   #endif /* __CR_LOG_LEVELS_H__ */

Error: GCC_ANALYZER_WARNING (CWE-775): [#def313]
criu-4.1.1/criu/include/image.h:143:32: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘steal_pipe[0]’
criu-4.1.1/criu/pipes.c:396:5: enter_function: entry to ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:404:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/pipes.c:415:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:420:15: branch_false: ...to here
criu-4.1.1/criu/pipes.c:420:15: call_function: calling ‘img_from_set’ from ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:420:15: return_function: returning to ‘dump_one_pipe_data’ from ‘img_from_set’
criu-4.1.1/criu/pipes.c:424:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:429:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:429:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:435:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:435:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:440:17: branch_false: ...to here
criu-4.1.1/criu/pipes.c:441:12: branch_false: following ‘false’ branch (when ‘bytes >= 0’)...
criu-4.1.1/criu/pipes.c:450:23: call_function: inlined call to ‘pipe_id’ from ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:455:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/pipes.c:458:16: branch_true: following ‘true’ branch (when ‘bytes > 0’)...
criu-4.1.1/criu/pipes.c:460:25: branch_true: ...to here
criu-4.1.1/criu/pipes.c:460:25: call_function: calling ‘img_raw_fd’ from ‘dump_one_pipe_data’
#  141|   	if (!img)
#  142|   		return -1;
#  143|-> 	if (lazy_image(img) && open_image_lazy(img))
#  144|   		return -1;
#  145|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def314]
criu-4.1.1/criu/include/image.h:143:32: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/net.c:2017:19: enter_function: entry to ‘dump_rule’
criu-4.1.1/criu/net.c:2022:15: call_function: calling ‘img_from_set’ from ‘dump_rule’
criu-4.1.1/criu/net.c:2022:15: return_function: returning to ‘dump_rule’ from ‘img_from_set’
criu-4.1.1/criu/net.c:2023:16: acquire_memory: allocated here
criu-4.1.1/criu/net.c:2023:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/net.c:2028:13: branch_false: ...to here
criu-4.1.1/criu/net.c:2028:13: call_function: calling ‘img_raw_fd’ from ‘dump_rule’
#  141|   	if (!img)
#  142|   		return -1;
#  143|-> 	if (lazy_image(img) && open_image_lazy(img))
#  144|   		return -1;
#  145|   

Error: CPPCHECK_WARNING (CWE-476): [#def315]
criu-4.1.1/criu/include/image.h:146: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#  144|   		return -1;
#  145|   
#  146|-> 	BUG_ON(bfd_buffered(&img->_x));
#  147|   	return img->_x.fd;
#  148|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def316]
criu-4.1.1/criu/include/image.h:146:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘steal_pipe[0]’
criu-4.1.1/criu/pipes.c:396:5: enter_function: entry to ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:404:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/pipes.c:415:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:420:15: branch_false: ...to here
criu-4.1.1/criu/pipes.c:420:15: call_function: calling ‘img_from_set’ from ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:420:15: return_function: returning to ‘dump_one_pipe_data’ from ‘img_from_set’
criu-4.1.1/criu/pipes.c:424:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:429:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:429:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:435:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:435:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:440:17: branch_false: ...to here
criu-4.1.1/criu/pipes.c:441:12: branch_false: following ‘false’ branch (when ‘bytes >= 0’)...
criu-4.1.1/criu/pipes.c:450:23: call_function: inlined call to ‘pipe_id’ from ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:455:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/pipes.c:458:16: branch_true: following ‘true’ branch (when ‘bytes > 0’)...
criu-4.1.1/criu/pipes.c:460:25: branch_true: ...to here
criu-4.1.1/criu/pipes.c:460:25: call_function: calling ‘img_raw_fd’ from ‘dump_one_pipe_data’
#  144|   		return -1;
#  145|   
#  146|-> 	BUG_ON(bfd_buffered(&img->_x));
#  147|   	return img->_x.fd;
#  148|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def317]
criu-4.1.1/criu/include/image.h:146:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/net.c:2017:19: enter_function: entry to ‘dump_rule’
criu-4.1.1/criu/net.c:2022:15: call_function: calling ‘img_from_set’ from ‘dump_rule’
criu-4.1.1/criu/net.c:2022:15: return_function: returning to ‘dump_rule’ from ‘img_from_set’
criu-4.1.1/criu/net.c:2023:16: acquire_memory: allocated here
criu-4.1.1/criu/net.c:2023:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/net.c:2028:13: branch_false: ...to here
criu-4.1.1/criu/net.c:2028:13: call_function: calling ‘img_raw_fd’ from ‘dump_rule’
#  144|   		return -1;
#  145|   
#  146|-> 	BUG_ON(bfd_buffered(&img->_x));
#  147|   	return img->_x.fd;
#  148|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def318]
criu-4.1.1/criu/include/image.h:146:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  144|   		return -1;
#  145|   
#  146|-> 	BUG_ON(bfd_buffered(&img->_x));
#  147|   	return img->_x.fd;
#  148|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def319]
criu-4.1.1/criu/include/imgset.h:20:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/files-reg.c:1758:5: enter_function: entry to ‘dump_one_reg_file’
criu-4.1.1/criu/files-reg.c:1777:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/files-reg.c:1779:28: branch_true: ...to here
criu-4.1.1/criu/files-reg.c:1779:28: acquire_memory: allocated here
criu-4.1.1/criu/files-reg.c:1779:28: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/files-reg.c:1779:17: branch_false: ...to here
criu-4.1.1/criu/files-reg.c:1834:16: call_function: calling ‘img_from_set’ from ‘dump_one_reg_file’
#   18|   
#   19|   	idx = type - imgset->fd_off;
#   20|-> 	BUG_ON(idx > imgset->fd_nr);
#   21|   
#   22|   	return imgset->_imgs[idx];

Error: GCC_ANALYZER_WARNING (CWE-476): [#def320]
criu-4.1.1/criu/include/imgset.h:20:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/apparmor.c:643:5: enter_function: entry to ‘dump_aa_namespaces’
criu-4.1.1/criu/apparmor.c:648:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/apparmor.c:651:14: branch_false: ...to here
criu-4.1.1/criu/apparmor.c:651:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/apparmor.c:654:9: branch_false: ...to here
criu-4.1.1/criu/apparmor.c:659:15: call_function: calling ‘img_from_set’ from ‘dump_aa_namespaces’
#   18|   
#   19|   	idx = type - imgset->fd_off;
#   20|-> 	BUG_ON(idx > imgset->fd_nr);
#   21|   
#   22|   	return imgset->_imgs[idx];

Error: GCC_ANALYZER_WARNING (CWE-401): [#def321]
criu-4.1.1/criu/include/rbtree.h:91:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/kcmp-ids.c:64:26: enter_function: entry to ‘alloc_kid_entry’
criu-4.1.1/criu/kcmp-ids.c:68:13: acquire_memory: allocated here
criu-4.1.1/criu/kcmp-ids.c:68:13: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/kcmp-ids.c:72:20: branch_false: ...to here
criu-4.1.1/criu/kcmp-ids.c:76:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kcmp-ids.c:78:9: branch_false: ...to here
criu-4.1.1/criu/kcmp-ids.c:81:9: call_function: inlined call to ‘rb_link_and_balance’ from ‘alloc_kid_entry’
#   89|   {
#   90|   	rb_link_node(node, parent, rb_link);
#   91|-> 	rb_insert_color(node, root);
#   92|   }
#   93|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def322]
criu-4.1.1/criu/include/util-caps.h:19:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/cr-check.c:1040:12: enter_function: entry to ‘check_tcp’
criu-4.1.1/criu/cr-check.c:1046:14: acquire_resource: stream socket created here
criu-4.1.1/criu/cr-check.c:1047:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/cr-check.c:1052:9: branch_false: ...to here
criu-4.1.1/criu/cr-check.c:1053:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/cr-check.c:1053:35: call_function: inlined call to ‘has_cap_net_admin’ from ‘check_tcp’
#   17|   
#   18|   	if (!(mask & effective)) {
#   19|-> 		pr_debug("Effective capability %d missing\n", cap);
#   20|   		return false;
#   21|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def323]
criu-4.1.1/criu/include/util.h:408:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
criu-4.1.1/criu/mount.c:3367:5: enter_function: entry to ‘read_mnt_ns_img’
criu-4.1.1/criu/mount.c:3372:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3377:14: branch_false: ...to here
criu-4.1.1/criu/mount.c:3377:29: branch_true: following ‘true’ branch (when ‘nsid’ is non-NULL)...
criu-4.1.1/criu/mount.c:3378:36: branch_true: ...to here
criu-4.1.1/criu/mount.c:3380:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3383:21: branch_false: ...to here
criu-4.1.1/criu/mount.c:3383:21: call_function: calling ‘collect_mnt_from_image’ from ‘read_mnt_ns_img’
#  406|   {
#  407|   	void **pp = (void **)p;
#  408|-> 	free(*pp);
#  409|   }
#  410|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def324]
criu-4.1.1/criu/include/util.h:408:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/config.c:603:5: enter_function: entry to ‘parse_options’
criu-4.1.1/criu/config.c:716:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/config.c:722:20: branch_true: following ‘true’ branch (when ‘opt == -1’)...
criu-4.1.1/criu/config.c:724:28: branch_true: ...to here
criu-4.1.1/criu/config.c:735:33: call_function: calling ‘next_config’ from ‘parse_options’
#  406|   {
#  407|   	void **pp = (void **)p;
#  408|-> 	free(*pp);
#  409|   }
#  410|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def325]
criu-4.1.1/criu/include/util.h:408:9: warning[-Wanalyzer-malloc-leak]: leak of ‘tail’
criu-4.1.1/criu/mount.c:3367:5: enter_function: entry to ‘read_mnt_ns_img’
criu-4.1.1/criu/mount.c:3372:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3377:14: branch_false: ...to here
criu-4.1.1/criu/mount.c:3377:29: branch_true: following ‘true’ branch (when ‘nsid’ is non-NULL)...
criu-4.1.1/criu/mount.c:3378:36: branch_true: ...to here
criu-4.1.1/criu/mount.c:3380:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3383:21: branch_false: ...to here
criu-4.1.1/criu/mount.c:3383:21: call_function: calling ‘collect_mnt_from_image’ from ‘read_mnt_ns_img’
#  406|   {
#  407|   	void **pp = (void **)p;
#  408|-> 	free(*pp);
#  409|   }
#  410|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def326]
criu-4.1.1/criu/ipc_ns.c:198:23: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/ipc_ns.c:182:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/ipc_ns.c:187:16: branch_false: ...to here
criu-4.1.1/criu/ipc_ns.c:188:19: acquire_memory: allocated here
criu-4.1.1/criu/ipc_ns.c:188:19: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/ipc_ns.c:189:12: branch_false: ...to here
criu-4.1.1/criu/ipc_ns.c:189:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/ipc_ns.c:194:27: branch_true: following ‘true’ branch...
criu-4.1.1/criu/ipc_ns.c:195:24: branch_true: ...to here
criu-4.1.1/criu/ipc_ns.c:198:23: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  196|   		size_t rounded;
#  197|   
#  198|-> 		ret = msgrcv(msq->desc->id, message, msgmax, msg_cnt, IPC_NOWAIT | MSG_COPY);
#  199|   		if (ret < 0) {
#  200|   			pr_perror("Failed to copy IPC message");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def327]
criu-4.1.1/criu/ipc_ns.c:322:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/ipc_ns.c:460:12: enter_function: entry to ‘dump_ipc_var’
criu-4.1.1/criu/ipc_ns.c:466:24: acquire_memory: allocated here
criu-4.1.1/criu/ipc_ns.c:466:24: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/ipc_ns.c:466:9: branch_false: ...to here
criu-4.1.1/criu/ipc_ns.c:467:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/ipc_ns.c:469:9: branch_false: ...to here
criu-4.1.1/criu/ipc_ns.c:475:15: call_function: calling ‘ipc_sysctl_req’ from ‘dump_ipc_var’
#  320|   	/* Skip sysctls which can't be set or haven't existed on dump */
#  321|   	if (access("/proc/sys/fs/mqueue", X_OK))
#  322|-> 		pr_info("Mqueue sysctls are missing\n");
#  323|   	else {
#  324|   		nr += 3;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def328]
criu-4.1.1/criu/ipc_ns.c:555:15: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/ipc_ns.c:548:18: acquire_memory: allocated here
criu-4.1.1/criu/ipc_ns.c:548:18: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/ipc_ns.c:555:15: branch_false: ...to here
criu-4.1.1/criu/ipc_ns.c:555:15: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  553|   	}
#  554|   
#  555|-> 	ret = read_img_buf(img, values, size);
#  556|   	if (ret < 0) {
#  557|   		pr_err("Failed to allocate memory for semaphores set values\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def329]
criu-4.1.1/criu/irmap.c:152:22: warning[-Wanalyzer-malloc-leak]: leak of ‘fdopendir(openat(get_service_fd(8), *t.path + 1, 0))’
criu-4.1.1/criu/irmap.c:132:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/irmap.c:135:22: branch_false: ...to here
criu-4.1.1/criu/irmap.c:139:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/irmap.c:144:15: branch_false: ...to here
criu-4.1.1/criu/irmap.c:144:15: acquire_memory: allocated here
criu-4.1.1/criu/irmap.c:145:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/irmap.c:151:9: branch_false: ...to here
criu-4.1.1/criu/irmap.c:152:22: danger: ‘fdopendir(openat(get_service_fd(8), *t.path + 1, 0))’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  150|   
#  151|   	errno = 0;
#  152|-> 	while ((de = readdir(dfd)) != NULL) {
#  153|   		struct irmap *k;
#  154|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def330]
criu-4.1.1/criu/irmap.c:330:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/irmap.c:323:14: acquire_memory: allocated here
criu-4.1.1/criu/irmap.c:323:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/irmap.c:327:9: branch_false: ...to here
criu-4.1.1/criu/irmap.c:330:25: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/irmap.c:330:25: branch_true: ...to here
criu-4.1.1/criu/irmap.c:330:25: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  328|   	ip->ino = ino;
#  329|   	ip->fh = *fh;
#  330|-> 	ip->fh.handle = xmemdup(fh->handle, FH_ENTRY_SIZES__min_entries * sizeof(uint64_t));
#  331|   	if (!ip->fh.handle) {
#  332|   		xfree(ip);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def331]
criu-4.1.1/criu/irmap.c:336:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/irmap.c:323:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/irmap.c:327:9: branch_false: ...to here
criu-4.1.1/criu/irmap.c:330:25: acquire_memory: allocated here
criu-4.1.1/criu/irmap.c:330:25: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/irmap.c:330:25: branch_false: ...to here
criu-4.1.1/criu/irmap.c:331:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/irmap.c:336:9: branch_false: ...to here
criu-4.1.1/criu/irmap.c:336:9: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  334|   	}
#  335|   
#  336|-> 	pr_debug("Queue %x:%lx for pre-dump\n", dev, ino);
#  337|   
#  338|   	ip->next = predump_queue;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def332]
criu-4.1.1/criu/irmap.c:408:20: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/irmap.c:402:14: acquire_memory: allocated here
criu-4.1.1/criu/irmap.c:402:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/irmap.c:406:19: branch_false: ...to here
criu-4.1.1/criu/irmap.c:408:20: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/irmap.c:408:20: branch_true: ...to here
criu-4.1.1/criu/irmap.c:408:20: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  406|   	ic->dev = ie->dev;
#  407|   	ic->ino = ie->inode;
#  408|-> 	ic->path = xstrdup(ie->path);
#  409|   	if (!ie->path) {
#  410|   		xfree(ic);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def333]
criu-4.1.1/criu/irmap.c:421:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/irmap.c:402:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/irmap.c:406:19: branch_false: ...to here
criu-4.1.1/criu/irmap.c:408:20: acquire_memory: allocated here
criu-4.1.1/criu/irmap.c:408:20: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/irmap.c:408:9: branch_false: ...to here
criu-4.1.1/criu/irmap.c:409:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/irmap.c:414:9: branch_false: ...to here
criu-4.1.1/criu/irmap.c:421:9: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/2)
#  419|   	ic->revalidate = true;
#  420|   
#  421|-> 	pr_debug("Pre-cache %x:%lx -> %s\n", ic->dev, ic->ino, ic->path);
#  422|   
#  423|   	hv = irmap_hashfn(ic->dev, ic->ino);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def334]
criu-4.1.1/criu/irmap.c:497:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/irmap.c:493:13: acquire_memory: allocated here
criu-4.1.1/criu/irmap.c:493:13: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/irmap.c:497:17: branch_false: ...to here
criu-4.1.1/criu/irmap.c:497:17: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/irmap.c:497:17: branch_true: ...to here
criu-4.1.1/criu/irmap.c:497:17: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#  495|   		return -1;
#  496|   
#  497|-> 	o->ir = xzalloc(sizeof(*o->ir));
#  498|   	if (!o->ir) {
#  499|   		xfree(o);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def335]
criu-4.1.1/criu/irmap.c:503:23: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/irmap.c:493:13: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/irmap.c:497:17: branch_false: ...to here
criu-4.1.1/criu/irmap.c:497:17: acquire_memory: allocated here
criu-4.1.1/criu/irmap.c:497:17: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/irmap.c:497:9: branch_false: ...to here
criu-4.1.1/criu/irmap.c:498:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/irmap.c:503:23: branch_false: ...to here
criu-4.1.1/criu/irmap.c:503:23: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/irmap.c:503:23: branch_true: ...to here
criu-4.1.1/criu/irmap.c:503:23: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/2)
#  501|   	}
#  502|   
#  503|-> 	o->ir->path = xstrdup(path);
#  504|   	if (!o->ir->path) {
#  505|   		xfree(o->ir);

Error: CPPCHECK_WARNING (CWE-476): [#def336]
criu-4.1.1/criu/kcmp-ids.c:76: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#   74|   
#   75|   	/* Make sure no overflow here */
#   76|-> 	BUG_ON(!e->subid);
#   77|   
#   78|   	rb_init_node(&e->node);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def337]
criu-4.1.1/criu/kcmp-ids.c:76:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/kcmp-ids.c:68:13: acquire_memory: allocated here
criu-4.1.1/criu/kcmp-ids.c:68:13: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/kcmp-ids.c:72:20: branch_false: ...to here
criu-4.1.1/criu/kcmp-ids.c:76:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/kcmp-ids.c:76:9: branch_true: ...to here
criu-4.1.1/criu/kcmp-ids.c:76:9: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#   74|   
#   75|   	/* Make sure no overflow here */
#   76|-> 	BUG_ON(!e->subid);
#   77|   
#   78|   	rb_init_node(&e->node);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def338]
criu-4.1.1/criu/kcmp-ids.c:76:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/kcmp-ids.c:68:13: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/kcmp-ids.c:72:20: branch_false: ...to here
criu-4.1.1/criu/kcmp-ids.c:76:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/kcmp-ids.c:76:9: branch_true: ...to here
criu-4.1.1/criu/kcmp-ids.c:76:9: danger: dereference of NULL ‘0’
#   74|   
#   75|   	/* Make sure no overflow here */
#   76|-> 	BUG_ON(!e->subid);
#   77|   
#   78|   	rb_init_node(&e->node);

Error: CPPCHECK_WARNING (CWE-476): [#def339]
criu-4.1.1/criu/kcmp-ids.c:94: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#   92|   	struct rb_node *parent = NULL;
#   93|   
#   94|-> 	BUG_ON(!node);
#   95|   
#   96|   	while (node) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def340]
criu-4.1.1/criu/kcmp-ids.c:94:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/kcmp-ids.c:94:9: branch_true: following ‘true’ branch (when ‘node’ is NULL)...
criu-4.1.1/criu/kcmp-ids.c:94:9: branch_true: ...to here
criu-4.1.1/criu/kcmp-ids.c:94:9: danger: dereference of NULL ‘0’
#   92|   	struct rb_node *parent = NULL;
#   93|   
#   94|-> 	BUG_ON(!node);
#   95|   
#   96|   	while (node) {

Error: CPPCHECK_WARNING (CWE-476): [#def341]
criu-4.1.1/criu/kcmp-ids.c:158: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#  156|   	struct rb_node **new = &e->subtree_root.rb_node;
#  157|   
#  158|-> 	BUG_ON(!node);
#  159|   
#  160|   	while (node) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def342]
criu-4.1.1/criu/kcmp-ids.c:158:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/kcmp-ids.c:158:9: branch_true: following ‘true’ branch (when ‘node’ is NULL)...
criu-4.1.1/criu/kcmp-ids.c:158:9: branch_true: ...to here
criu-4.1.1/criu/kcmp-ids.c:158:9: danger: dereference of NULL ‘0’
#  156|   	struct rb_node **new = &e->subtree_root.rb_node;
#  157|   
#  158|-> 	BUG_ON(!node);
#  159|   
#  160|   	while (node) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def343]
criu-4.1.1/criu/kerndat.c:395:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/kerndat.c:365:12: branch_false: following ‘false’ branch (when ‘which <= 2’)...
criu-4.1.1/criu/kerndat.c:370:13: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:370:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/kerndat.c:374:21: branch_true: ...to here
criu-4.1.1/criu/kerndat.c:374:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:385:21: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:385:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:390:26: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:390:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:395:17: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:395:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/kerndat.c:395:17: branch_true: ...to here
criu-4.1.1/criu/kerndat.c:395:17: danger: dereference of NULL ‘0’
#  393|   		}
#  394|   
#  395|-> 		BUG_ON(st.st_dev == 0);
#  396|   		kstat[which].fs_dev = st.st_dev;
#  397|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def344]
criu-4.1.1/criu/kerndat.c:489:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/kerndat.c:477:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:482:16: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:483:12: branch_false: following ‘false’ branch (when ‘addr != 18446744073709551615’)...
criu-4.1.1/criu/kerndat.c:488:13: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:488:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/kerndat.c:489:17: branch_true: ...to here
criu-4.1.1/criu/kerndat.c:489:17: danger: dereference of NULL ‘0’
#  487|   
#  488|   	if (*((int *)addr) != 0) {
#  489|-> 		BUG();
#  490|   		return -1;
#  491|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def345]
criu-4.1.1/criu/kerndat.c:658:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
criu-4.1.1/criu/kerndat.c:651:14: acquire_resource: opened here
criu-4.1.1/criu/kerndat.c:652:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:657:9: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:658:13: danger: ‘fd’ leaks here; was opened at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  656|   
#  657|   	kdat.has_xtlocks = 1;
#  658|-> 	if (cr_system(fd, fd, fd, "sh", argv, CRS_CAN_FAIL) == -1)
#  659|   		kdat.has_xtlocks = 0;
#  660|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def346]
criu-4.1.1/criu/kerndat.c:726:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘clnt’
criu-4.1.1/criu/kerndat.c:694:12: branch_false: following ‘false’ branch (when ‘sock >= 0’)...
criu-4.1.1/criu/kerndat.c:704:13: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:704:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:709:9: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:710:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:715:13: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:715:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:720:23: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:720:16: acquire_resource: stream socket created here
criu-4.1.1/criu/kerndat.c:721:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:726:13: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:726:13: danger: ‘clnt’ leaks here
#  724|   	}
#  725|   
#  726|-> 	if (connect(clnt, (const struct sockaddr *)&listener_addr, addrlen)) {
#  727|   		pr_perror("Unable to connect a socket");
#  728|   		goto err;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def347]
criu-4.1.1/criu/kerndat.c:765:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/kerndat.c:759:14: acquire_resource: socket created here
criu-4.1.1/criu/kerndat.c:760:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/kerndat.c:765:30: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:765:13: danger: ‘sk’ leaks here
#  763|   	}
#  764|   
#  765|-> 	if (net_get_nsid(sk, getpid(), &nsid) < 0) {
#  766|   		pr_warn("NSID is not supported\n");
#  767|   		close(sk);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def348]
criu-4.1.1/criu/kerndat.c:826:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen("/proc/self/maps", "r")’
criu-4.1.1/criu/kerndat.c:803:12: branch_false: following ‘false’ branch (when ‘mem != 18446744073709551615’)...
criu-4.1.1/criu/kerndat.c:807:9: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:811:12: branch_false: following ‘false’ branch (when ‘mem != 18446744073709551615’)...
criu-4.1.1/criu/kerndat.c:816:16: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:816:16: acquire_resource: opened here
criu-4.1.1/criu/kerndat.c:817:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/kerndat.c:823:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/kerndat.c:824:23: branch_true: ...to here
criu-4.1.1/criu/kerndat.c:826:25: danger: ‘fopen("/proc/self/maps", "r")’ leaks here; was opened at [(5)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/4)
#  824|   		num = sscanf(buf, "%lx-%lx %c%c%c%c", &start, &end, &r, &w, &x, &s);
#  825|   		if (num < 6) {
#  826|-> 			pr_err("Can't parse: %s\n", buf);
#  827|   			goto err;
#  828|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def349]
criu-4.1.1/criu/kerndat.c:826:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen("/proc/self/maps", "r")’
criu-4.1.1/criu/kerndat.c:803:12: branch_false: following ‘false’ branch (when ‘mem != 18446744073709551615’)...
criu-4.1.1/criu/kerndat.c:807:9: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:811:12: branch_false: following ‘false’ branch (when ‘mem != 18446744073709551615’)...
criu-4.1.1/criu/kerndat.c:816:16: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:816:16: acquire_memory: allocated here
criu-4.1.1/criu/kerndat.c:817:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/kerndat.c:823:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/kerndat.c:824:23: branch_true: ...to here
criu-4.1.1/criu/kerndat.c:826:25: danger: ‘fopen("/proc/self/maps", "r")’ leaks here; was allocated at [(5)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/4)
#  824|   		num = sscanf(buf, "%lx-%lx %c%c%c%c", &start, &end, &r, &w, &x, &s);
#  825|   		if (num < 6) {
#  826|-> 			pr_err("Can't parse: %s\n", buf);
#  827|   			goto err;
#  828|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def350]
criu-4.1.1/criu/kerndat.c:846:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen("/proc/self/maps", "r")’
criu-4.1.1/criu/kerndat.c:803:12: branch_false: following ‘false’ branch (when ‘mem != 18446744073709551615’)...
criu-4.1.1/criu/kerndat.c:807:9: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:811:12: branch_false: following ‘false’ branch (when ‘mem != 18446744073709551615’)...
criu-4.1.1/criu/kerndat.c:816:16: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:816:16: acquire_resource: opened here
criu-4.1.1/criu/kerndat.c:817:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/kerndat.c:823:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/kerndat.c:824:23: branch_true: ...to here
criu-4.1.1/criu/kerndat.c:825:20: branch_false: following ‘false’ branch (when ‘num > 5’)...
criu-4.1.1/criu/kerndat.c:841:21: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:841:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:845:37: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:846:25: danger: ‘fopen("/proc/self/maps", "r")’ leaks here; was opened at [(5)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/4)
#  844|   			break;
#  845|   		} else if (start == ((unsigned long)mem + (1ul << 20))) {
#  846|-> 			pr_warn("Unsupported stack guard detected, confused but continue\n");
#  847|   			kdat.stack_guard_gap_hidden = true;
#  848|   			detected = 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def351]
criu-4.1.1/criu/kerndat.c:846:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen("/proc/self/maps", "r")’
criu-4.1.1/criu/kerndat.c:803:12: branch_false: following ‘false’ branch (when ‘mem != 18446744073709551615’)...
criu-4.1.1/criu/kerndat.c:807:9: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:811:12: branch_false: following ‘false’ branch (when ‘mem != 18446744073709551615’)...
criu-4.1.1/criu/kerndat.c:816:16: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:816:16: acquire_memory: allocated here
criu-4.1.1/criu/kerndat.c:817:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/kerndat.c:823:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/kerndat.c:824:23: branch_true: ...to here
criu-4.1.1/criu/kerndat.c:825:20: branch_false: following ‘false’ branch (when ‘num > 5’)...
criu-4.1.1/criu/kerndat.c:841:21: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:841:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:845:37: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:846:25: danger: ‘fopen("/proc/self/maps", "r")’ leaks here; was allocated at [(5)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/4)
#  844|   			break;
#  845|   		} else if (start == ((unsigned long)mem + (1ul << 20))) {
#  846|-> 			pr_warn("Unsupported stack guard detected, confused but continue\n");
#  847|   			kdat.stack_guard_gap_hidden = true;
#  848|   			detected = 1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def352]
criu-4.1.1/criu/kerndat.c:928:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[1]’
criu-4.1.1/criu/kerndat.c:912:12: branch_false: following ‘false’ branch (when ‘efd >= 0’)...
criu-4.1.1/criu/kerndat.c:917:9: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:920:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:926:9: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:927:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/kerndat.c:928:17: branch_true: ...to here
criu-4.1.1/criu/kerndat.c:928:17: danger: ‘pipefd[1]’ leaks here
#  926|   	tfd = pipefd[0];
#  927|   	if (epoll_ctl(efd, EPOLL_CTL_ADD, tfd, &ev)) {
#  928|-> 		pr_perror("Can't add event");
#  929|   		goto out;
#  930|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def353]
criu-4.1.1/criu/kerndat.c:942:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[1]’
criu-4.1.1/criu/kerndat.c:912:12: branch_false: following ‘false’ branch (when ‘efd >= 0’)...
criu-4.1.1/criu/kerndat.c:917:9: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:920:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:926:9: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:942:9: danger: ‘pipefd[1]’ leaks here
#  940|   
#  941|   out:
#  942|-> 	close(pipefd[0]);
#  943|   	close(pipefd[1]);
#  944|   	close(efd);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def354]
criu-4.1.1/criu/kerndat.c:943:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[1]’
criu-4.1.1/criu/kerndat.c:912:12: branch_false: following ‘false’ branch (when ‘efd >= 0’)...
criu-4.1.1/criu/kerndat.c:917:9: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:920:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:926:9: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:943:9: danger: ‘pipefd[1]’ leaks here
#  941|   out:
#  942|   	close(pipefd[0]);
#  943|-> 	close(pipefd[1]);
#  944|   	close(efd);
#  945|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def355]
criu-4.1.1/criu/kerndat.c:1237:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(kdat_file, 0)’
criu-4.1.1/criu/kerndat.c:1223:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:1226:14: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:1226:14: acquire_resource: opened here
criu-4.1.1/criu/kerndat.c:1227:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:1235:15: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:1236:12: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/kerndat.c:1237:17: branch_true: ...to here
criu-4.1.1/criu/kerndat.c:1237:17: danger: ‘open(kdat_file, 0)’ leaks here; was opened at [(3)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/2)
# 1235|   	ret = read(fd, &kdat, sizeof(kdat));
# 1236|   	if (ret < 0) {
# 1237|-> 		pr_perror("Can't read kdat cache");
# 1238|   		close(fd);
# 1239|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def356]
criu-4.1.1/criu/kerndat.c:1238:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(kdat_file, 0)’
criu-4.1.1/criu/kerndat.c:1223:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:1226:14: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:1226:14: acquire_resource: opened here
criu-4.1.1/criu/kerndat.c:1227:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:1235:15: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:1236:12: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/kerndat.c:1237:17: branch_true: ...to here
criu-4.1.1/criu/kerndat.c:1238:17: danger: ‘open(kdat_file, 0)’ leaks here; was opened at [(3)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/2)
# 1236|   	if (ret < 0) {
# 1237|   		pr_perror("Can't read kdat cache");
# 1238|-> 		close(fd);
# 1239|   		return -1;
# 1240|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def357]
criu-4.1.1/criu/kerndat.c:1242:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(kdat_file, 0)’
criu-4.1.1/criu/kerndat.c:1223:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:1226:14: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:1226:14: acquire_resource: opened here
criu-4.1.1/criu/kerndat.c:1227:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:1235:15: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:1236:12: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/kerndat.c:1242:9: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:1242:9: danger: ‘open(kdat_file, 0)’ leaks here; was opened at [(3)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/2)
# 1240|   	}
# 1241|   
# 1242|-> 	close(fd);
# 1243|   
# 1244|   	if (ret != sizeof(kdat) || kdat.magic1 != KDAT_MAGIC || kdat.magic2 != KDAT_MAGIC_2) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def358]
criu-4.1.1/criu/kerndat.c:1393:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘f.fd’
criu-4.1.1/criu/kerndat.c:1368:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:1377:16: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:1378:12: branch_false: following ‘false’ branch (when ‘addr != 18446744073709551615’)...
criu-4.1.1/criu/kerndat.c:1383:13: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:1383:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:1388:16: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:1388:16: acquire_resource: opened here
criu-4.1.1/criu/kerndat.c:1389:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:1393:13: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:1393:13: danger: ‘f.fd’ leaks here; was opened at [(7)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/6)
# 1391|   		goto out_unmap;
# 1392|   	}
# 1393|-> 	if (bfdopenr(&f))
# 1394|   		goto out_unmap;
# 1395|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def359]
criu-4.1.1/criu/kerndat.c:1568:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘f.fd’
criu-4.1.1/criu/kerndat.c:1563:16: acquire_resource: opened here
criu-4.1.1/criu/kerndat.c:1564:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/kerndat.c:1568:13: branch_false: ...to here
criu-4.1.1/criu/kerndat.c:1568:13: danger: ‘f.fd’ leaks here; was opened at [(1)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/0)
# 1566|   		return -1;
# 1567|   	}
# 1568|-> 	if (bfdopenr(&f))
# 1569|   		return -1;
# 1570|   	while ((str = breadline(&f)) != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-404): [#def360]
criu-4.1.1/criu/log.c:81:18: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
criu-4.1.1/criu/log.c:391:6: enter_function: entry to ‘print_on_level’
criu-4.1.1/criu/log.c:395:9: acquire_resource: ‘va_start’ called here
criu-4.1.1/criu/log.c:396:9: call_function: calling ‘vprint_on_level’ from ‘print_on_level’
#   79|   int log_get_fd(void)
#   80|   {
#   81|-> 	int fd = get_service_fd(LOG_FD_OFF);
#   82|   
#   83|   	return fd < 0 ? DEFAULT_LOGFD : fd;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def361]
criu-4.1.1/criu/lsm.c:282:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  280|   #endif
#  281|   	default:
#  282|-> 		BUG();
#  283|   		ret = -1;
#  284|   		break;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def362]
criu-4.1.1/criu/mem.c:45:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mem.c:608:5: enter_function: entry to ‘parasite_dump_pages_seized’
criu-4.1.1/criu/mem.c:665:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mem.c:670:15: branch_false: ...to here
criu-4.1.1/criu/mem.c:670:15: call_function: calling ‘__parasite_dump_pages_seized’ from ‘parasite_dump_pages_seized’
#   43|   		return 0;
#   44|   
#   45|-> 	BUG_ON(!kdat.has_dirty_track);
#   46|   
#   47|   	ret = do_task_reset_dirty_track(pid);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def363]
criu-4.1.1/criu/mem.c:48:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mem.c:608:5: enter_function: entry to ‘parasite_dump_pages_seized’
criu-4.1.1/criu/mem.c:665:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mem.c:670:15: branch_false: ...to here
criu-4.1.1/criu/mem.c:670:15: call_function: calling ‘__parasite_dump_pages_seized’ from ‘parasite_dump_pages_seized’
#   46|   
#   47|   	ret = do_task_reset_dirty_track(pid);
#   48|-> 	BUG_ON(ret == 1);
#   49|   	return ret;
#   50|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def364]
criu-4.1.1/criu/mem.c:927:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/mem.c:1302:5: enter_function: entry to ‘prepare_mappings’
criu-4.1.1/criu/mem.c:1313:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mem.c:1317:27: branch_false: ...to here
criu-4.1.1/criu/mem.c:1318:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mem.c:1324:9: branch_false: ...to here
criu-4.1.1/criu/mem.c:1330:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mem.c:1333:13: branch_false: ...to here
criu-4.1.1/criu/mem.c:1333:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mem.c:1336:9: branch_false: ...to here
criu-4.1.1/criu/mem.c:1338:15: call_function: calling ‘premap_priv_vmas’ from ‘prepare_mappings’
#  925|   
#  926|   		if (addr == MAP_FAILED) {
#  927|-> 			pr_perror("Unable to map ANON_VMA");
#  928|   			return -1;
#  929|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def365]
criu-4.1.1/criu/mem.c:946:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/mem.c:1019:12: enter_function: entry to ‘premap_priv_vmas’
criu-4.1.1/criu/mem.c:1028:9: branch_true: following ‘true’ branch (when ‘vma != vmas’)...
criu-4.1.1/criu/mem.c:1033:30: branch_true: ...to here
criu-4.1.1/criu/mem.c:1033:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mem.c:1040:22: branch_false: ...to here
criu-4.1.1/criu/mem.c:1040:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mem.c:1043:21: branch_true: ...to here
criu-4.1.1/criu/mem.c:1043:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mem.c:1047:21: branch_false: ...to here
criu-4.1.1/criu/mem.c:1047:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mem.c:1050:21: branch_false: ...to here
criu-4.1.1/criu/mem.c:1068:23: call_function: calling ‘premap_private_vma’ from ‘premap_priv_vmas’
#  944|   		addr = mremap(paddr, size, size, MREMAP_FIXED | MREMAP_MAYMOVE, *tgt_addr);
#  945|   		if (addr != *tgt_addr) {
#  946|-> 			pr_perror("Unable to remap a private vma");
#  947|   			return -1;
#  948|   		}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def366]
criu-4.1.1/criu/mem.c:1154:41: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mem.c:1104:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mem.c:1107:52: branch_false: ...to here
criu-4.1.1/criu/mem.c:1141:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mem.c:1143:34: branch_false: ...to here
criu-4.1.1/criu/mem.c:1143:33: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mem.c:1148:30: branch_false: ...to here
criu-4.1.1/criu/mem.c:1148:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mem.c:1149:53: branch_true: ...to here
criu-4.1.1/criu/mem.c:1151:36: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mem.c:1152:41: branch_true: ...to here
criu-4.1.1/criu/mem.c:1154:41: danger: dereference of NULL ‘0’
# 1152|   					pr_debug("VMA 0x%" PRIx64 ":0x%" PRIx64 " RO %#lx:%lu IO\n", vma->e->start,
# 1153|   						 vma->e->end, va, nr_pages);
# 1154|-> 					BUG();
# 1155|   				}
# 1156|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def367]
criu-4.1.1/criu/mount-v2.c:456:21: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(*mi.plain_mountpoint, 2097152)’
criu-4.1.1/criu/mount-v2.c:449:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount-v2.c:450:27: branch_true: ...to here
criu-4.1.1/criu/mount-v2.c:450:22: acquire_resource: opened here
criu-4.1.1/criu/mount-v2.c:451:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:456:21: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:456:21: danger: ‘open(*mi.plain_mountpoint, 2097152)’ leaks here; was opened at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  454|   		}
#  455|   
#  456|-> 		if (userns_call(mount_root, 0, &flags, sizeof(flags), fd)) {
#  457|   			pr_err("Unable to mount %s\n", mi->plain_mountpoint);
#  458|   			close(fd);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def368]
criu-4.1.1/criu/mount-v2.c:491:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount-v2.c:491:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount-v2.c:491:9: branch_true: ...to here
criu-4.1.1/criu/mount-v2.c:491:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:491:9: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:491:9: danger: dereference of NULL ‘0’
#  489|   
#  490|   	/* Parent should be mounted already, that's how mnt_tree_for_each works */
#  491|-> 	BUG_ON(mi->parent && !mi->parent->mounted);
#  492|   
#  493|   	/* Root mounts can be mounted at any moment */

Error: GCC_ANALYZER_WARNING (CWE-476): [#def369]
criu-4.1.1/criu/mount-v2.c:643:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount-v2.c:643:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount-v2.c:643:9: branch_true: ...to here
criu-4.1.1/criu/mount-v2.c:643:9: danger: dereference of NULL ‘0’
#  641|   static int create_plain_mountpoint(struct mount_info *mi)
#  642|   {
#  643|-> 	BUG_ON(mi->is_dir == -1);
#  644|   
#  645|   	pr_debug("Create plain mountpoint %s for %d\n", mi->plain_mountpoint, mi->mnt_id);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def370]
criu-4.1.1/criu/mount-v2.c:659:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘creat(*mi.plain_mountpoint, 384)’
criu-4.1.1/criu/mount-v2.c:643:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:645:9: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:646:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:654:28: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:654:22: acquire_resource: opened here
criu-4.1.1/criu/mount-v2.c:655:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:659:17: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:659:17: danger: ‘creat(*mi.plain_mountpoint, 384)’ leaks here; was opened at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4)
#  657|   			return -1;
#  658|   		}
#  659|-> 		close(fd);
#  660|   	}
#  661|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def371]
criu-4.1.1/criu/mount-v2.c:793:24: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(*mi.mountpoint, 2097152)’
criu-4.1.1/criu/mount-v2.c:787:14: acquire_resource: opened here
criu-4.1.1/criu/mount-v2.c:788:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:793:24: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:793:24: danger: ‘open(*mi.mountpoint, 2097152)’ leaks here; was opened at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  791|   	}
#  792|   
#  793|-> 	mi->mp_fd_id = fdstore_add(fd);
#  794|   	close(fd);
#  795|   	if (mi->mp_fd_id < 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def372]
criu-4.1.1/criu/mount-v2.c:812:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(*mi.mountpoint, 2097152)’
criu-4.1.1/criu/mount-v2.c:788:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:793:24: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:795:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:800:9: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:801:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:806:19: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:806:14: acquire_resource: opened here
criu-4.1.1/criu/mount-v2.c:807:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:812:25: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:812:25: danger: ‘open(*mi.mountpoint, 2097152)’ leaks here; was opened at [(7)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/6)
#  810|   	}
#  811|   
#  812|-> 	mi->mnt_fd_id = fdstore_add(fd);
#  813|   	close(fd);
#  814|   	if (mi->mnt_fd_id < 0) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def373]
criu-4.1.1/criu/mount-v2.c:861:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount-v2.c:859:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount-v2.c:860:26: branch_true: ...to here
criu-4.1.1/criu/mount-v2.c:861:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount-v2.c:861:17: branch_true: ...to here
criu-4.1.1/criu/mount-v2.c:861:17: danger: dereference of NULL ‘0’
#  859|   	if (sga->src_id != -1) {
#  860|   		src_fd = fdstore_get(sga->src_id);
#  861|-> 		BUG_ON(src_fd < 0);
#  862|   	} else {
#  863|   		char *source_mp;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def374]
criu-4.1.1/criu/mount-v2.c:865:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount-v2.c:859:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:865:17: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:865:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount-v2.c:865:17: branch_true: ...to here
criu-4.1.1/criu/mount-v2.c:865:17: danger: dereference of NULL ‘0’
#  863|   		char *source_mp;
#  864|   
#  865|-> 		BUG_ON(sga->source[0] == '\0');
#  866|   		/*
#  867|   		 * Source path should not always be a mountpoint as we

Error: GCC_ANALYZER_WARNING (CWE-775): [#def375]
criu-4.1.1/criu/mount-v2.c:885:18: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘src_fd’
criu-4.1.1/criu/mount-v2.c:859:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:865:17: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:865:17: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:870:48: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:871:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:876:26: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:876:26: acquire_resource: opened here
criu-4.1.1/criu/mount-v2.c:877:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:882:17: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:885:18: danger: ‘src_fd’ leaks here; was opened at [(7)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/6)
#  883|   	}
#  884|   
#  885|-> 	dst_fd = fdstore_get(sga->dst_id);
#  886|   	BUG_ON(dst_fd < 0);
#  887|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def376]
criu-4.1.1/criu/mount-v2.c:886:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘src_fd’
criu-4.1.1/criu/mount-v2.c:859:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:865:17: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:865:17: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:870:48: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:871:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:876:26: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:876:26: acquire_resource: opened here
criu-4.1.1/criu/mount-v2.c:877:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:882:17: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:886:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount-v2.c:886:9: branch_true: ...to here
criu-4.1.1/criu/mount-v2.c:886:9: danger: ‘src_fd’ leaks here; was opened at [(7)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/6)
#  884|   
#  885|   	dst_fd = fdstore_get(sga->dst_id);
#  886|-> 	BUG_ON(dst_fd < 0);
#  887|   
#  888|   	/* Copy shared_id of the source */

Error: GCC_ANALYZER_WARNING (CWE-476): [#def377]
criu-4.1.1/criu/mount-v2.c:886:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount-v2.c:859:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount-v2.c:860:26: branch_true: ...to here
criu-4.1.1/criu/mount-v2.c:861:17: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount-v2.c:885:18: branch_false: ...to here
criu-4.1.1/criu/mount-v2.c:886:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount-v2.c:886:9: branch_true: ...to here
criu-4.1.1/criu/mount-v2.c:886:9: danger: dereference of NULL ‘0’
#  884|   
#  885|   	dst_fd = fdstore_get(sga->dst_id);
#  886|-> 	BUG_ON(dst_fd < 0);
#  887|   
#  888|   	/* Copy shared_id of the source */

Error: GCC_ANALYZER_WARNING (CWE-476): [#def378]
criu-4.1.1/criu/mount-v2.c:938:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount-v2.c:938:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount-v2.c:938:9: branch_true: ...to here
criu-4.1.1/criu/mount-v2.c:938:9: danger: dereference of NULL ‘0’
#  936|   
#  937|   	target_fd = fdstore_get(target->mnt_fd_id);
#  938|-> 	BUG_ON(target_fd < 0);
#  939|   	snprintf(target_path, sizeof(target_path), "/proc/self/fd/%d", target_fd);
#  940|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def379]
criu-4.1.1/criu/mount-v2.c:1086:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 1084|   	char *cut_root, path[PATH_MAX], *root;
# 1085|   
# 1086|-> 	BUG_ON(!mi->deleted || !mi->bind);
# 1087|   
# 1088|   	cut_root = get_relative_path(mi->root, mi->bind->root);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def380]
criu-4.1.1/criu/mount.c:48:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#   46|   {
#   47|   	if (!opts.mntns_compat_mode && opts.mode == CR_RESTORE) {
#   48|-> 		BUG_ON(!mi->plain_mountpoint);
#   49|   		return mi->plain_mountpoint;
#   50|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def381]
criu-4.1.1/criu/mount.c:520:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount.c:3970:5: enter_function: entry to ‘collect_mnt_namespaces’
criu-4.1.1/criu/mount.c:3979:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3982:9: branch_false: ...to here
criu-4.1.1/criu/mount.c:4007:15: call_function: calling ‘resolve_external_mounts’ from ‘collect_mnt_namespaces’
#  518|   			snprintf(source, len, "dev[%s]", val);
#  519|   			info->fstype = fstype_auto();
#  520|-> 			BUG_ON(info->fstype->code != FSTYPE__AUTO);
#  521|   			info->source = source;
#  522|   			return 1;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def382]
criu-4.1.1/criu/mount.c:925:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount.c:2559:13: enter_function: entry to ‘can_mount_now’
criu-4.1.1/criu/mount.c:2637:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:2639:17: branch_true: ...to here
criu-4.1.1/criu/mount.c:2643:17: branch_true: following ‘true’ branch (when ‘s != mi’)...
criu-4.1.1/criu/mount.c:2644:25: branch_true: ...to here
criu-4.1.1/criu/mount.c:2644:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:2648:39: branch_true: ...to here
criu-4.1.1/criu/mount.c:2648:39: call_function: calling ‘root_path_from_parent’ from ‘can_mount_now’
#  923|   		return -1;
#  924|   
#  925|-> 	BUG_ON(len <= 0);
#  926|   	if (buf[len - 1] == '/')
#  927|   		tail_slash = true;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def383]
criu-4.1.1/criu/mount.c:933:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount.c:2559:13: enter_function: entry to ‘can_mount_now’
criu-4.1.1/criu/mount.c:2637:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:2639:17: branch_true: ...to here
criu-4.1.1/criu/mount.c:2643:17: branch_true: following ‘true’ branch (when ‘s != mi’)...
criu-4.1.1/criu/mount.c:2644:25: branch_true: ...to here
criu-4.1.1/criu/mount.c:2644:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:2648:39: branch_true: ...to here
criu-4.1.1/criu/mount.c:2648:39: call_function: calling ‘root_path_from_parent’ from ‘can_mount_now’
#  931|   
#  932|   	len = m_len - p_len;
#  933|-> 	BUG_ON(len < 0);
#  934|   	if (len) {
#  935|   		if (m->ns_mountpoint[p_len] == '/')

Error: GCC_ANALYZER_WARNING (CWE-476): [#def384]
criu-4.1.1/criu/mount.c:1028:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount.c:2559:13: enter_function: entry to ‘can_mount_now’
criu-4.1.1/criu/mount.c:2571:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:2574:14: branch_false: ...to here
criu-4.1.1/criu/mount.c:2574:12: branch_true: following ‘true’ branch...
# 1026|   	 * Shouldn't use mnt_bind list before it was populated in search_bindmounts
# 1027|   	 */
# 1028|-> 	BUG_ON(!mi->mnt_bind_is_populated);
# 1029|   
# 1030|   	list_for_each_entry(bind, &mi->mnt_bind, mnt_bind)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def385]
criu-4.1.1/criu/mount.c:2098:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount.c:2098:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:2098:9: branch_true: ...to here
criu-4.1.1/criu/mount.c:2098:9: danger: dereference of NULL ‘0’
# 2096|   	char *mpath, buf[PATH_MAX];
# 2097|   
# 2098|-> 	BUG_ON(mi->parent == root_yard_mp);
# 2099|   
# 2100|   	list_for_each_entry(t, &mi->parent->mnt_slave_list, mnt_slave) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def386]
criu-4.1.1/criu/mount.c:2330:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount.c:2284:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:2288:12: branch_false: ...to here
criu-4.1.1/criu/mount.c:2296:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:2301:13: branch_false: ...to here
criu-4.1.1/criu/mount.c:2304:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:2321:12: branch_false: ...to here
criu-4.1.1/criu/mount.c:2330:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:2330:9: branch_true: ...to here
criu-4.1.1/criu/mount.c:2330:9: danger: dereference of NULL ‘0’
# 2328|   	 * Look at can_mount_now() for details.
# 2329|   	 */
# 2330|-> 	BUG_ON(mi->master_id);
# 2331|   	if (restore_shared_options(mi, !mi->shared_id, mi->shared_id, 0))
# 2332|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def387]
criu-4.1.1/criu/mount.c:2569:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount.c:2569:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:2569:9: branch_true: ...to here
criu-4.1.1/criu/mount.c:2569:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:2569:9: branch_false: ...to here
criu-4.1.1/criu/mount.c:2569:9: danger: dereference of NULL ‘0’
# 2567|   
# 2568|   	/* Parent should be mounted already, that's how mnt_tree_for_each works */
# 2569|-> 	BUG_ON(mi->parent && !mi->parent->mounted);
# 2570|   
# 2571|   	if (mnt_is_nodev_external(mi))

Error: GCC_ANALYZER_WARNING (CWE-476): [#def388]
criu-4.1.1/criu/mount.c:2624:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount.c:2620:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:2623:17: branch_true: ...to here
criu-4.1.1/criu/mount.c:2623:17: branch_true: following ‘true’ branch (when ‘p != mi’)...
criu-4.1.1/criu/mount.c:2624:25: branch_true: ...to here
criu-4.1.1/criu/mount.c:2624:25: danger: dereference of NULL ‘0’
# 2622|   
# 2623|   		list_for_each_entry(p, &mi->mnt_propagate, mnt_propagate) {
# 2624|-> 			BUG_ON(!p->parent);
# 2625|   			if (!p->parent->mounted) {
# 2626|   				pr_debug("%s: false as %d has unmounted parent %d of its propagation group\n", __func__,

Error: GCC_ANALYZER_WARNING (CWE-476): [#def389]
criu-4.1.1/criu/mount.c:2649:33: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount.c:2637:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:2639:17: branch_true: ...to here
criu-4.1.1/criu/mount.c:2643:17: branch_true: following ‘true’ branch (when ‘s != mi’)...
criu-4.1.1/criu/mount.c:2644:25: branch_true: ...to here
criu-4.1.1/criu/mount.c:2644:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:2648:39: branch_true: ...to here
criu-4.1.1/criu/mount.c:2649:33: danger: dereference of NULL ‘0’
# 2647|   
# 2648|   				ret = root_path_from_parent(c, root_path, PATH_MAX);
# 2649|-> 				BUG_ON(ret);
# 2650|   
# 2651|   				/* Mount is out of our root */

Error: GCC_ANALYZER_WARNING (CWE-775): [#def390]
criu-4.1.1/criu/mount.c:2754:29: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(service_mountpoint(mi), 2097152)’
criu-4.1.1/criu/mount.c:2715:12: enter_function: entry to ‘do_mount_one’
criu-4.1.1/criu/mount.c:2741:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:2747:21: branch_false: ...to here
criu-4.1.1/criu/mount.c:2747:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:2748:35: branch_true: ...to here
criu-4.1.1/criu/mount.c:2748:30: acquire_resource: opened here
criu-4.1.1/criu/mount.c:2749:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:2754:29: branch_false: ...to here
criu-4.1.1/criu/mount.c:2754:29: danger: ‘open(service_mountpoint(mi), 2097152)’ leaks here; was opened at [(9)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/8)
# 2752|   			}
# 2753|   
# 2754|-> 			if (userns_call(mount_root, 0, &flags, sizeof(flags), fd)) {
# 2755|   				pr_err("Unable to mount %s\n", service_mountpoint(mi));
# 2756|   				close(fd);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def391]
criu-4.1.1/criu/mount.c:2853:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount.c:2865:12: enter_function: entry to ‘find_remap_mounts’
criu-4.1.1/criu/mount.c:2875:13: call_function: calling ‘mnt_tree_for_each’ from ‘find_remap_mounts’
# 2851|   		return 0;
# 2852|   
# 2853|-> 	BUG_ON(!m->parent);
# 2854|   
# 2855|   	r = xmalloc(sizeof(struct mnt_remap_entry));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def392]
criu-4.1.1/criu/mount.c:3004:36: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/mount.c:3001:15: acquire_memory: allocated here
criu-4.1.1/criu/mount.c:3001:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/mount.c:3003:20: branch_false: ...to here
criu-4.1.1/criu/mount.c:3003:20: branch_true: following ‘true’ branch (when ‘rst != 0’)...
criu-4.1.1/criu/mount.c:3004:36: branch_true: ...to here
criu-4.1.1/criu/mount.c:3004:36: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/0)
# 3002|   	if (new) {
# 3003|   		if (rst) {
# 3004|-> 			new->rmi = shmalloc(sizeof(struct rst_mount_info));
# 3005|   			if (!new->rmi) {
# 3006|   				xfree(new);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def393]
criu-4.1.1/criu/mount.c:3080:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount.c:3080:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:3080:9: danger: dereference of NULL ‘0’
# 3078|   	char *ext = NULL;
# 3079|   
# 3080|-> 	BUG_ON(me->ext_mount && me->ext_key);
# 3081|   
# 3082|   	/* Forward compatibility fixup */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def394]
criu-4.1.1/criu/mount.c:3286:30: warning[-Wanalyzer-malloc-leak]: leak of ‘tail’
criu-4.1.1/criu/mount.c:3367:5: enter_function: entry to ‘read_mnt_ns_img’
criu-4.1.1/criu/mount.c:3372:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3377:14: branch_false: ...to here
criu-4.1.1/criu/mount.c:3377:29: branch_true: following ‘true’ branch (when ‘nsid’ is non-NULL)...
criu-4.1.1/criu/mount.c:3378:36: branch_true: ...to here
criu-4.1.1/criu/mount.c:3380:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3383:21: branch_false: ...to here
criu-4.1.1/criu/mount.c:3383:21: call_function: calling ‘collect_mnt_from_image’ from ‘read_mnt_ns_img’
# 3284|   			pm->internal_sharing = me->internal_sharing;
# 3285|   
# 3286|-> 		pm->source = xstrdup(me->source);
# 3287|   		if (!pm->source)
# 3288|   			goto err;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def395]
criu-4.1.1/criu/mount.c:3483:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount.c:3458:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3461:13: branch_false: ...to here
criu-4.1.1/criu/mount.c:3461:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:3474:20: branch_false: following ‘false’ branch (when ‘parent’ is NULL)...
criu-4.1.1/criu/mount.c:3477:24: branch_false: ...to here
criu-4.1.1/criu/mount.c:3478:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3483:17: branch_false: ...to here
criu-4.1.1/criu/mount.c:3483:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:3483:17: branch_true: ...to here
criu-4.1.1/criu/mount.c:3483:17: danger: dereference of NULL ‘0’
# 3481|   		}
# 3482|   
# 3483|-> 		BUG_ON(nsid->type == NS_CRIU);
# 3484|   
# 3485|   		if (do_restore_task_mnt_ns(nsid))

Error: GCC_ANALYZER_WARNING (CWE-775): [#def396]
criu-4.1.1/criu/mount.c:3609:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(".", 2097152)’
criu-4.1.1/criu/mount.c:3631:5: enter_function: entry to ‘depopulate_roots_yard’
criu-4.1.1/criu/mount.c:3635:12: branch_false: following ‘false’ branch (when ‘mntns_fd >= 0’)...
criu-4.1.1/criu/mount.c:3641:9: branch_false: ...to here
criu-4.1.1/criu/mount.c:3643:19: acquire_resource: opened here
criu-4.1.1/criu/mount.c:3644:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3649:18: branch_false: ...to here
criu-4.1.1/criu/mount.c:3649:18: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3655:13: branch_false: ...to here
criu-4.1.1/criu/mount.c:3655:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3662:13: branch_false: ...to here
criu-4.1.1/criu/mount.c:3665:13: call_function: calling ‘__depopulate_roots_yard’ from ‘depopulate_roots_yard’
# 3607|   
# 3608|   	if (mount("none", mnt_roots, "none", MS_REC | MS_PRIVATE, NULL)) {
# 3609|-> 		pr_perror("Can't remount root with MS_PRIVATE");
# 3610|   		ret = 1;
# 3611|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def397]
criu-4.1.1/criu/mount.c:3619:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(".", 2097152)’
criu-4.1.1/criu/mount.c:3631:5: enter_function: entry to ‘depopulate_roots_yard’
criu-4.1.1/criu/mount.c:3635:12: branch_false: following ‘false’ branch (when ‘mntns_fd >= 0’)...
criu-4.1.1/criu/mount.c:3641:9: branch_false: ...to here
criu-4.1.1/criu/mount.c:3643:19: acquire_resource: opened here
criu-4.1.1/criu/mount.c:3644:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3649:18: branch_false: ...to here
criu-4.1.1/criu/mount.c:3649:18: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3655:13: branch_false: ...to here
criu-4.1.1/criu/mount.c:3655:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3662:13: branch_false: ...to here
criu-4.1.1/criu/mount.c:3665:13: call_function: calling ‘__depopulate_roots_yard’ from ‘depopulate_roots_yard’
# 3617|   	 */
# 3618|   	if (umount2(mnt_roots, MNT_DETACH)) {
# 3619|-> 		pr_perror("Can't unmount %s", mnt_roots);
# 3620|   		ret = -1;
# 3621|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def398]
criu-4.1.1/criu/mount.c:3624:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(".", 2097152)’
criu-4.1.1/criu/mount.c:3631:5: enter_function: entry to ‘depopulate_roots_yard’
criu-4.1.1/criu/mount.c:3635:12: branch_false: following ‘false’ branch (when ‘mntns_fd >= 0’)...
criu-4.1.1/criu/mount.c:3641:9: branch_false: ...to here
criu-4.1.1/criu/mount.c:3643:19: acquire_resource: opened here
criu-4.1.1/criu/mount.c:3644:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3649:18: branch_false: ...to here
criu-4.1.1/criu/mount.c:3649:18: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3655:13: branch_false: ...to here
criu-4.1.1/criu/mount.c:3655:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3662:13: branch_false: ...to here
criu-4.1.1/criu/mount.c:3665:13: call_function: calling ‘__depopulate_roots_yard’ from ‘depopulate_roots_yard’
# 3622|   
# 3623|   	if (rmdir(mnt_roots)) {
# 3624|-> 		pr_perror("Can't remove the directory %s", mnt_roots);
# 3625|   		ret = -1;
# 3626|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def399]
criu-4.1.1/criu/mount.c:3649:18: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(".", 2097152)’
criu-4.1.1/criu/mount.c:3635:12: branch_false: following ‘false’ branch (when ‘mntns_fd >= 0’)...
criu-4.1.1/criu/mount.c:3641:9: branch_false: ...to here
criu-4.1.1/criu/mount.c:3643:19: acquire_resource: opened here
criu-4.1.1/criu/mount.c:3644:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3649:18: branch_false: ...to here
criu-4.1.1/criu/mount.c:3649:18: danger: ‘open(".", 2097152)’ leaks here; was opened at [(3)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/2)
# 3647|   	}
# 3648|   
# 3649|-> 	old_ns = open_proc(PROC_SELF, "ns/mnt");
# 3650|   	if (old_ns < 0) {
# 3651|   		pr_perror("`- Can't keep old ns");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def400]
criu-4.1.1/criu/mount.c:3651:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(".", 2097152)’
criu-4.1.1/criu/mount.c:3635:12: branch_false: following ‘false’ branch (when ‘mntns_fd >= 0’)...
criu-4.1.1/criu/mount.c:3641:9: branch_false: ...to here
criu-4.1.1/criu/mount.c:3643:19: acquire_resource: opened here
criu-4.1.1/criu/mount.c:3644:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3649:18: branch_false: ...to here
criu-4.1.1/criu/mount.c:3649:18: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:3649:18: branch_true: ...to here
criu-4.1.1/criu/mount.c:3651:17: danger: ‘open(".", 2097152)’ leaks here; was opened at [(3)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/2)
# 3649|   	old_ns = open_proc(PROC_SELF, "ns/mnt");
# 3650|   	if (old_ns < 0) {
# 3651|-> 		pr_perror("`- Can't keep old ns");
# 3652|   		close(old_cwd);
# 3653|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def401]
criu-4.1.1/criu/mount.c:3652:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(".", 2097152)’
criu-4.1.1/criu/mount.c:3635:12: branch_false: following ‘false’ branch (when ‘mntns_fd >= 0’)...
criu-4.1.1/criu/mount.c:3641:9: branch_false: ...to here
criu-4.1.1/criu/mount.c:3643:19: acquire_resource: opened here
criu-4.1.1/criu/mount.c:3644:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3649:18: branch_false: ...to here
criu-4.1.1/criu/mount.c:3649:18: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:3649:18: branch_true: ...to here
criu-4.1.1/criu/mount.c:3652:17: danger: ‘open(".", 2097152)’ leaks here; was opened at [(3)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/2)
# 3650|   	if (old_ns < 0) {
# 3651|   		pr_perror("`- Can't keep old ns");
# 3652|-> 		close(old_cwd);
# 3653|   		return -1;
# 3654|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def402]
criu-4.1.1/criu/mount.c:3656:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(".", 2097152)’
criu-4.1.1/criu/mount.c:3635:12: branch_false: following ‘false’ branch (when ‘mntns_fd >= 0’)...
criu-4.1.1/criu/mount.c:3641:9: branch_false: ...to here
criu-4.1.1/criu/mount.c:3643:19: acquire_resource: opened here
criu-4.1.1/criu/mount.c:3644:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3649:18: branch_false: ...to here
criu-4.1.1/criu/mount.c:3649:18: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3655:13: branch_false: ...to here
criu-4.1.1/criu/mount.c:3655:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:3656:17: branch_true: ...to here
criu-4.1.1/criu/mount.c:3656:17: danger: ‘open(".", 2097152)’ leaks here; was opened at [(3)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/2)
# 3654|   	}
# 3655|   	if (setns(mntns_fd, CLONE_NEWNS) < 0) {
# 3656|-> 		pr_perror("`- Can't switch");
# 3657|   		close(old_ns);
# 3658|   		close(old_cwd);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def403]
criu-4.1.1/criu/mount.c:3657:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(".", 2097152)’
criu-4.1.1/criu/mount.c:3635:12: branch_false: following ‘false’ branch (when ‘mntns_fd >= 0’)...
criu-4.1.1/criu/mount.c:3641:9: branch_false: ...to here
criu-4.1.1/criu/mount.c:3643:19: acquire_resource: opened here
criu-4.1.1/criu/mount.c:3644:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3649:18: branch_false: ...to here
criu-4.1.1/criu/mount.c:3649:18: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3655:13: branch_false: ...to here
criu-4.1.1/criu/mount.c:3655:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:3656:17: branch_true: ...to here
criu-4.1.1/criu/mount.c:3657:17: danger: ‘open(".", 2097152)’ leaks here; was opened at [(3)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/2)
# 3655|   	if (setns(mntns_fd, CLONE_NEWNS) < 0) {
# 3656|   		pr_perror("`- Can't switch");
# 3657|-> 		close(old_ns);
# 3658|   		close(old_cwd);
# 3659|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def404]
criu-4.1.1/criu/mount.c:3658:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(".", 2097152)’
criu-4.1.1/criu/mount.c:3635:12: branch_false: following ‘false’ branch (when ‘mntns_fd >= 0’)...
criu-4.1.1/criu/mount.c:3641:9: branch_false: ...to here
criu-4.1.1/criu/mount.c:3643:19: acquire_resource: opened here
criu-4.1.1/criu/mount.c:3644:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3649:18: branch_false: ...to here
criu-4.1.1/criu/mount.c:3649:18: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3655:13: branch_false: ...to here
criu-4.1.1/criu/mount.c:3655:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:3656:17: branch_true: ...to here
criu-4.1.1/criu/mount.c:3658:17: danger: ‘open(".", 2097152)’ leaks here; was opened at [(3)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/2)
# 3656|   		pr_perror("`- Can't switch");
# 3657|   		close(old_ns);
# 3658|-> 		close(old_cwd);
# 3659|   		return -1;
# 3660|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def405]
criu-4.1.1/criu/mount.c:3662:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(".", 2097152)’
criu-4.1.1/criu/mount.c:3635:12: branch_false: following ‘false’ branch (when ‘mntns_fd >= 0’)...
criu-4.1.1/criu/mount.c:3641:9: branch_false: ...to here
criu-4.1.1/criu/mount.c:3643:19: acquire_resource: opened here
criu-4.1.1/criu/mount.c:3644:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3649:18: branch_false: ...to here
criu-4.1.1/criu/mount.c:3649:18: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3655:13: branch_false: ...to here
criu-4.1.1/criu/mount.c:3655:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3662:13: branch_false: ...to here
criu-4.1.1/criu/mount.c:3662:13: danger: ‘open(".", 2097152)’ leaks here; was opened at [(3)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/2)
# 3660|   	}
# 3661|   
# 3662|-> 	if (try_clean_remaps(only_ghosts))
# 3663|   		ret = -1;
# 3664|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def406]
criu-4.1.1/criu/mount.c:3669:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(".", 2097152)’
criu-4.1.1/criu/mount.c:3635:12: branch_false: following ‘false’ branch (when ‘mntns_fd >= 0’)...
criu-4.1.1/criu/mount.c:3641:9: branch_false: ...to here
criu-4.1.1/criu/mount.c:3643:19: acquire_resource: opened here
criu-4.1.1/criu/mount.c:3644:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3649:18: branch_false: ...to here
criu-4.1.1/criu/mount.c:3649:18: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3655:13: branch_false: ...to here
criu-4.1.1/criu/mount.c:3655:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3662:13: branch_false: ...to here
criu-4.1.1/criu/mount.c:3668:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:3669:17: branch_true: ...to here
criu-4.1.1/criu/mount.c:3669:17: danger: ‘open(".", 2097152)’ leaks here; was opened at [(3)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/2)
# 3667|   
# 3668|   	if (setns(old_ns, CLONE_NEWNS) < 0) {
# 3669|-> 		pr_perror("Fail to switch back!");
# 3670|   		ret = -1;
# 3671|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def407]
criu-4.1.1/criu/mount.c:3672:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(".", 2097152)’
criu-4.1.1/criu/mount.c:3635:12: branch_false: following ‘false’ branch (when ‘mntns_fd >= 0’)...
criu-4.1.1/criu/mount.c:3641:9: branch_false: ...to here
criu-4.1.1/criu/mount.c:3643:19: acquire_resource: opened here
criu-4.1.1/criu/mount.c:3644:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3649:18: branch_false: ...to here
criu-4.1.1/criu/mount.c:3649:18: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3655:13: branch_false: ...to here
criu-4.1.1/criu/mount.c:3655:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3662:13: branch_false: ...to here
criu-4.1.1/criu/mount.c:3672:9: danger: ‘open(".", 2097152)’ leaks here; was opened at [(3)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/2)
# 3670|   		ret = -1;
# 3671|   	}
# 3672|-> 	close(old_ns);
# 3673|   
# 3674|   	if (fchdir(old_cwd)) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def408]
criu-4.1.1/criu/mount.c:3817:15: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
criu-4.1.1/criu/mount.c:3824:5: enter_function: entry to ‘__mntns_get_root_fd’
criu-4.1.1/criu/mount.c:3830:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3833:14: branch_false: ...to here
criu-4.1.1/criu/mount.c:3833:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:3841:22: branch_true: ...to here
criu-4.1.1/criu/mount.c:3841:22: acquire_resource: opened here
criu-4.1.1/criu/mount.c:3842:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:3847:17: branch_false: ...to here
criu-4.1.1/criu/mount.c:3877:16: call_function: inlined call to ‘mntns_set_root_fd’ from ‘__mntns_get_root_fd’
# 3815|   	int ret;
# 3816|   
# 3817|-> 	ret = install_service_fd(ROOT_FD_OFF, fd);
# 3818|   	if (ret >= 0)
# 3819|   		mntns_root_pid = pid;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def409]
criu-4.1.1/criu/mount.c:3942:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount.c:3940:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:3941:25: branch_true: ...to here
criu-4.1.1/criu/mount.c:3942:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:3942:17: branch_true: ...to here
criu-4.1.1/criu/mount.c:3942:17: danger: dereference of NULL ‘0’
# 3940|   	if (root_ns_mask & CLONE_NEWNS) {
# 3941|   		mntns = lookup_nsid_by_mnt_id(mnt_id);
# 3942|-> 		BUG_ON(mntns == NULL);
# 3943|   	}
# 3944|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def410]
criu-4.1.1/criu/mount.c:4141:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/mount.c:4134:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/mount.c:4137:12: branch_false: ...to here
criu-4.1.1/criu/mount.c:4141:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/mount.c:4141:9: branch_true: ...to here
criu-4.1.1/criu/mount.c:4141:9: danger: dereference of NULL ‘0’
# 4139|   
# 4140|   	/* All mounts in mntinfo list should have it on restore */
# 4141|-> 	BUG_ON(mi->rmi == NULL);
# 4142|   
# 4143|   	if (mi->flags & MS_RDONLY && !(mi->rmi->remounted_rw & remounted)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def411]
criu-4.1.1/criu/namespaces.c:150:23: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/namespaces.c:143:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:146:14: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:146:14: acquire_memory: allocated here
criu-4.1.1/criu/namespaces.c:146:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:150:23: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:150:23: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/namespaces.c:150:23: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:150:23: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
#  148|   		return -1;
#  149|   
#  150|-> 	jn->ns_file = xstrdup(ns_file);
#  151|   	if (!jn->ns_file) {
#  152|   		xfree(jn);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def412]
criu-4.1.1/criu/namespaces.c:169:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/namespaces.c:143:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:146:14: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:146:14: acquire_memory: allocated here
criu-4.1.1/criu/namespaces.c:146:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:150:23: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:150:23: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:150:9: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:151:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:156:14: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:156:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:159:21: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:159:19: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:162:21: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:162:19: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:165:21: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:165:19: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:168:21: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:168:19: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:169:17: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:169:17: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2)
#  167|   		join_ns_flags |= CLONE_NEWIPC;
#  168|   	} else if (!strncmp(type, "pid", 4)) {
#  169|-> 		pr_err("join-ns pid namespace not supported\n");
#  170|   		goto err;
#  171|   	} else if (!strncmp(type, "user", 5)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def413]
criu-4.1.1/criu/namespaces.c:174:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/namespaces.c:139:5: enter_function: entry to ‘join_ns_add’
criu-4.1.1/criu/namespaces.c:143:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:146:14: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:146:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:150:23: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:150:23: acquire_memory: allocated here
criu-4.1.1/criu/namespaces.c:150:23: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:150:9: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:151:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:156:14: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:156:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:159:21: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:159:19: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:162:21: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:162:19: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:165:21: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:165:19: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:168:21: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:168:19: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:171:21: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:171:19: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:172:17: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:173:21: call_function: calling ‘set_user_extra_opts’ from ‘join_ns_add’
criu-4.1.1/criu/namespaces.c:173:21: return_function: returning to ‘join_ns_add’ from ‘set_user_extra_opts’
criu-4.1.1/criu/namespaces.c:173:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:174:25: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:174:25: danger: ‘___p’ leaks here; was allocated at [(6)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/5)
#  172|   		jn->nd = &user_ns_desc;
#  173|   		if (set_user_extra_opts(jn, extra_opts)) {
#  174|-> 			pr_err("invalid user namespace extra_opts %s\n", extra_opts);
#  175|   			goto err;
#  176|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def414]
criu-4.1.1/criu/namespaces.c:182:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/namespaces.c:143:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:146:14: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:146:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:150:23: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:150:23: acquire_memory: allocated here
criu-4.1.1/criu/namespaces.c:150:23: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:150:9: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:151:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:156:14: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:156:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:159:21: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:159:19: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:162:21: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:162:19: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:165:21: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:165:19: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:168:21: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:168:19: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:171:21: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:171:19: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:178:21: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:178:19: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:182:17: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:182:17: danger: ‘___p’ leaks here; was allocated at [(5)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/4)
#  180|   		join_ns_flags |= CLONE_NEWNS;
#  181|   	} else {
#  182|-> 		pr_err("invalid namespace type %s\n", type);
#  183|   		goto err;
#  184|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def415]
criu-4.1.1/criu/namespaces.c:204:33: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/namespaces.c:200:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:201:25: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:201:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:203:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:204:33: branch_true: following ‘true’ branch (when ‘kid > 4294967295’)...
criu-4.1.1/criu/namespaces.c:204:33: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:204:33: danger: dereference of NULL ‘0’
#  202|   			kid = strtoul(&link[d->len + 2], &end, 10);
#  203|   			if (end && *end == ']')
#  204|-> 				BUG_ON(kid > UINT_MAX);
#  205|   			else
#  206|   				kid = 0;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def416]
criu-4.1.1/criu/namespaces.c:235:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(".", 2097152)’
criu-4.1.1/criu/namespaces.c:285:5: enter_function: entry to ‘switch_mnt_ns’
criu-4.1.1/criu/namespaces.c:289:12: branch_false: following ‘false’ branch (when ‘cwd_fd’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:292:14: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:292:14: acquire_resource: opened here
criu-4.1.1/criu/namespaces.c:293:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:298:13: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:298:13: call_function: calling ‘switch_ns’ from ‘switch_mnt_ns’
#  233|   	int ret;
#  234|   
#  235|-> 	nsfd = open_proc(pid, "ns/%s", nd->str);
#  236|   	if (nsfd < 0)
#  237|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def417]
criu-4.1.1/criu/namespaces.c:241:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(".", 2097152)’
criu-4.1.1/criu/namespaces.c:285:5: enter_function: entry to ‘switch_mnt_ns’
criu-4.1.1/criu/namespaces.c:289:12: branch_false: following ‘false’ branch (when ‘cwd_fd’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:292:14: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:292:14: acquire_resource: opened here
criu-4.1.1/criu/namespaces.c:293:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:298:13: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:298:13: call_function: calling ‘switch_ns’ from ‘switch_mnt_ns’
#  239|   	ret = switch_ns_by_fd(nsfd, nd, rst);
#  240|   
#  241|-> 	close(nsfd);
#  242|   
#  243|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def418]
criu-4.1.1/criu/namespaces.c:251:26: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(".", 2097152)’
criu-4.1.1/criu/namespaces.c:285:5: enter_function: entry to ‘switch_mnt_ns’
criu-4.1.1/criu/namespaces.c:289:12: branch_false: following ‘false’ branch (when ‘cwd_fd’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:292:14: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:292:14: acquire_resource: opened here
criu-4.1.1/criu/namespaces.c:293:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:298:13: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:298:13: call_function: calling ‘switch_ns’ from ‘switch_mnt_ns’
#  249|   
#  250|   	if (rst) {
#  251|-> 		old_ns = open_proc(PROC_SELF, "ns/%s", nd->str);
#  252|   		if (old_ns < 0)
#  253|   			goto err_ns;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def419]
criu-4.1.1/criu/namespaces.c:258:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(".", 2097152)’
criu-4.1.1/criu/namespaces.c:285:5: enter_function: entry to ‘switch_mnt_ns’
criu-4.1.1/criu/namespaces.c:289:12: branch_false: following ‘false’ branch (when ‘cwd_fd’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:292:14: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:292:14: acquire_resource: opened here
criu-4.1.1/criu/namespaces.c:293:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:298:13: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:298:13: call_function: calling ‘switch_ns’ from ‘switch_mnt_ns’
#  256|   	ret = setns(nsfd, nd->cflag);
#  257|   	if (ret < 0) {
#  258|-> 		pr_perror("Can't setns %d/%s", nsfd, nd->str);
#  259|   		goto err_set;
#  260|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def420]
criu-4.1.1/criu/namespaces.c:267:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(".", 2097152)’
criu-4.1.1/criu/namespaces.c:285:5: enter_function: entry to ‘switch_mnt_ns’
criu-4.1.1/criu/namespaces.c:289:12: branch_false: following ‘false’ branch (when ‘cwd_fd’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:292:14: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:292:14: acquire_resource: opened here
criu-4.1.1/criu/namespaces.c:293:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:298:13: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:298:13: call_function: calling ‘switch_ns’ from ‘switch_mnt_ns’
#  265|   
#  266|   err_set:
#  267|-> 	close_safe(&old_ns);
#  268|   err_ns:
#  269|   	return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def421]
criu-4.1.1/criu/namespaces.c:299:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(".", 2097152)’
criu-4.1.1/criu/namespaces.c:289:12: branch_false: following ‘false’ branch (when ‘cwd_fd’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:292:14: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:292:14: acquire_resource: opened here
criu-4.1.1/criu/namespaces.c:293:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:298:13: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:298:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:299:17: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:299:17: danger: ‘open(".", 2097152)’ leaks here; was opened at [(3)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/2)
#  297|   
#  298|   	if (switch_ns(pid, &mnt_ns_desc, rst)) {
#  299|-> 		close(fd);
#  300|   		return -1;
#  301|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def422]
criu-4.1.1/criu/namespaces.c:455:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/namespaces.c:449:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:452:20: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:452:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:454:37: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:454:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:455:25: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:455:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:455:25: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:455:25: danger: dereference of NULL ‘0’
#  453|   		type = NS_OTHER;
#  454|   		if (pid == root_item->pid->real) {
#  455|-> 			BUG_ON(root_ns_mask & nd->cflag);
#  456|   			pr_info("Will take %s namespace in the image\n", nd->str);
#  457|   			root_ns_mask |= nd->cflag;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def423]
criu-4.1.1/criu/namespaces.c:509:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/namespaces.c:494:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:497:9: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:499:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:508:15: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:509:9: branch_true: following ‘true’ branch (when ‘kid == 0’)...
criu-4.1.1/criu/namespaces.c:509:9: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:509:9: danger: dereference of NULL ‘0’
#  507|   	}
#  508|   	kid = st.st_ino;
#  509|-> 	BUG_ON(!kid);
#  510|   
#  511|   out:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def424]
criu-4.1.1/criu/namespaces.c:842:29: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/namespaces.c:830:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:830:13: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:830:13: acquire_memory: allocated here
criu-4.1.1/criu/namespaces.c:830:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:831:12: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:831:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/namespaces.c:838:20: branch_true: following ‘true’ branch (when ‘len == size’)...
criu-4.1.1/criu/namespaces.c:841:32: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:842:29: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/namespaces.c:842:29: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:842:29: danger: ‘__f’ leaks here; was allocated at [(3)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/2)
#  840|   
#  841|   			size = size * 2 + 1;
#  842|-> 			t = xrealloc(extents, size * sizeof(UidGidExtent));
#  843|   			if (t == NULL)
#  844|   				break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def425]
criu-4.1.1/criu/namespaces.c:850:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/namespaces.c:830:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:831:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/namespaces.c:838:20: branch_true: following ‘true’ branch (when ‘len == size’)...
criu-4.1.1/criu/namespaces.c:841:32: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:842:29: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:848:31: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:850:17: danger: ‘___p’ leaks here; was allocated at [(7)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/6)
#  848|   		ext = &extents[len];
#  849|   
#  850|-> 		uid_gid_extent__init(ext);
#  851|   		ret = fscanf(f, "%d %d %d", &ext->first, &ext->lower_first, &ext->count);
#  852|   		if (ret != 3) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def426]
criu-4.1.1/criu/namespaces.c:850:17: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/namespaces.c:830:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:830:13: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:830:13: acquire_memory: allocated here
criu-4.1.1/criu/namespaces.c:830:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:831:12: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:831:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/namespaces.c:838:20: branch_true: following ‘true’ branch (when ‘len == size’)...
criu-4.1.1/criu/namespaces.c:841:32: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:842:29: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:848:31: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:850:17: danger: ‘__f’ leaks here; was allocated at [(3)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/2)
#  848|   		ext = &extents[len];
#  849|   
#  850|-> 		uid_gid_extent__init(ext);
#  851|   		ret = fscanf(f, "%d %d %d", &ext->first, &ext->lower_first, &ext->count);
#  852|   		if (ret != 3) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def427]
criu-4.1.1/criu/namespaces.c:1262:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 1260|   		m->h.msg_controllen += CMSG_SPACE(sizeof(int));
# 1261|   		ch = CMSG_NXTHDR(&m->h, ch);
# 1262|-> 		BUG_ON(!ch);
# 1263|   		ch->cmsg_len = CMSG_LEN(sizeof(int));
# 1264|   		ch->cmsg_level = SOL_SOCKET;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def428]
criu-4.1.1/criu/namespaces.c:1276:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 1274|   
# 1275|   	ch = CMSG_FIRSTHDR(&um->h);
# 1276|-> 	BUG_ON(!ch);
# 1277|   	BUG_ON(ch->cmsg_len != CMSG_LEN(sizeof(struct ucred)));
# 1278|   	BUG_ON(ch->cmsg_level != SOL_SOCKET);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def429]
criu-4.1.1/criu/namespaces.c:1277:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/namespaces.c:1275:14: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:1275:9: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:1276:9: branch_false: following ‘false’ branch (when ‘ch’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:1277:9: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:1277:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:1277:9: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:1277:9: danger: dereference of NULL ‘0’
# 1275|   	ch = CMSG_FIRSTHDR(&um->h);
# 1276|   	BUG_ON(!ch);
# 1277|-> 	BUG_ON(ch->cmsg_len != CMSG_LEN(sizeof(struct ucred)));
# 1278|   	BUG_ON(ch->cmsg_level != SOL_SOCKET);
# 1279|   	BUG_ON(ch->cmsg_type != SCM_CREDENTIALS);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def430]
criu-4.1.1/criu/namespaces.c:1278:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/namespaces.c:1275:14: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:1275:9: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:1276:9: branch_false: following ‘false’ branch (when ‘ch’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:1277:9: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:1277:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:1278:9: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:1278:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:1278:9: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:1278:9: danger: dereference of NULL ‘0’
# 1276|   	BUG_ON(!ch);
# 1277|   	BUG_ON(ch->cmsg_len != CMSG_LEN(sizeof(struct ucred)));
# 1278|-> 	BUG_ON(ch->cmsg_level != SOL_SOCKET);
# 1279|   	BUG_ON(ch->cmsg_type != SCM_CREDENTIALS);
# 1280|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def431]
criu-4.1.1/criu/namespaces.c:1279:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/namespaces.c:1275:14: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:1275:9: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:1276:9: branch_false: following ‘false’ branch (when ‘ch’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:1277:9: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:1277:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:1278:9: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:1278:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:1279:9: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:1279:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:1279:9: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:1279:9: danger: dereference of NULL ‘0’
# 1277|   	BUG_ON(ch->cmsg_len != CMSG_LEN(sizeof(struct ucred)));
# 1278|   	BUG_ON(ch->cmsg_level != SOL_SOCKET);
# 1279|-> 	BUG_ON(ch->cmsg_type != SCM_CREDENTIALS);
# 1280|   
# 1281|   	if (pid) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def432]
criu-4.1.1/criu/namespaces.c:1289:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/namespaces.c:1270:6: enter_function: entry to ‘unsc_msg_pid_fd’
criu-4.1.1/criu/namespaces.c:1275:14: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:1275:9: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:1276:9: branch_false: following ‘false’ branch (when ‘ch’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:1277:9: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:1277:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:1278:9: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:1278:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:1279:9: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:1279:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:1281:12: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:1286:14: call_function: inlined call to ‘__cmsg_nxthdr’ from ‘unsc_msg_pid_fd’
criu-4.1.1/criu/namespaces.c:1288:13: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:1289:17: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:1289:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:1289:17: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:1289:17: danger: dereference of NULL ‘0’
# 1287|   
# 1288|   	if (ch && ch->cmsg_len == CMSG_LEN(sizeof(int))) {
# 1289|-> 		BUG_ON(ch->cmsg_level != SOL_SOCKET);
# 1290|   		BUG_ON(ch->cmsg_type != SCM_RIGHTS);
# 1291|   		*fd = *((int *)CMSG_DATA(ch));

Error: GCC_ANALYZER_WARNING (CWE-476): [#def433]
criu-4.1.1/criu/namespaces.c:1290:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/namespaces.c:1270:6: enter_function: entry to ‘unsc_msg_pid_fd’
criu-4.1.1/criu/namespaces.c:1275:14: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:1275:9: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:1276:9: branch_false: following ‘false’ branch (when ‘ch’ is non-NULL)...
criu-4.1.1/criu/namespaces.c:1277:9: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:1277:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:1278:9: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:1278:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:1279:9: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:1279:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:1281:12: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:1286:14: call_function: inlined call to ‘__cmsg_nxthdr’ from ‘unsc_msg_pid_fd’
criu-4.1.1/criu/namespaces.c:1288:13: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:1289:17: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:1289:17: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:1290:17: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:1290:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:1290:17: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:1290:17: danger: dereference of NULL ‘0’
# 1288|   	if (ch && ch->cmsg_len == CMSG_LEN(sizeof(int))) {
# 1289|   		BUG_ON(ch->cmsg_level != SOL_SOCKET);
# 1290|-> 		BUG_ON(ch->cmsg_type != SCM_RIGHTS);
# 1291|   		*fd = *((int *)CMSG_DATA(ch));
# 1292|   	} else {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def434]
criu-4.1.1/criu/namespaces.c:1400:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/namespaces.c:1370:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:1375:13: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:1375:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:1378:14: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:1379:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/namespaces.c:1383:9: branch_false: ...to here
criu-4.1.1/criu/namespaces.c:1385:12: branch_true: following ‘true’ branch (when ‘async != 0’)...
criu-4.1.1/criu/namespaces.c:1400:17: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:1400:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/namespaces.c:1400:17: branch_true: ...to here
criu-4.1.1/criu/namespaces.c:1400:17: danger: dereference of NULL ‘0’
# 1398|   		 * we should NOT do the asynchronous call.
# 1399|   		 */
# 1400|-> 		BUG_ON(flags & UNS_FDOUT);
# 1401|   
# 1402|   	/* Send the request */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def435]
criu-4.1.1/criu/net.c:260:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/net.c:2652:12: enter_function: entry to ‘restore_netns_conf’
criu-4.1.1/criu/net.c:2657:12: branch_false: following ‘false’ branch (when ‘netns’ is non-NULL)...
criu-4.1.1/criu/net.c:2661:13: branch_false: ...to here
criu-4.1.1/criu/net.c:2661:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:2662:63: branch_true: ...to here
criu-4.1.1/criu/net.c:2662:23: call_function: calling ‘ipv4_conf_op’ from ‘restore_netns_conf’
#  258|   	for (i = 0, ri = 0; i < size; i++) {
#  259|   		if (i >= n) {
#  260|-> 			pr_warn("Skip %s/%s\n", tgt, devconfs[i]);
#  261|   			continue;
#  262|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def436]
criu-4.1.1/criu/net.c:323:15: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/net.c:2652:12: enter_function: entry to ‘restore_netns_conf’
criu-4.1.1/criu/net.c:2657:12: branch_false: following ‘false’ branch (when ‘netns’ is non-NULL)...
criu-4.1.1/criu/net.c:2661:13: branch_false: ...to here
criu-4.1.1/criu/net.c:2661:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:2662:63: branch_true: ...to here
criu-4.1.1/criu/net.c:2662:23: call_function: calling ‘ipv4_conf_op’ from ‘restore_netns_conf’
#  321|   	}
#  322|   
#  323|-> 	ret = sysctl_op(req, ri, op, CLONE_NEWNET);
#  324|   	if (ret < 0) {
#  325|   		pr_err("Failed to %s %s/<confs>\n", (op == CTL_READ) ? "read" : "write", tgt);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def437]
criu-4.1.1/criu/net.c:325:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/net.c:2652:12: enter_function: entry to ‘restore_netns_conf’
criu-4.1.1/criu/net.c:2657:12: branch_false: following ‘false’ branch (when ‘netns’ is non-NULL)...
criu-4.1.1/criu/net.c:2661:13: branch_false: ...to here
criu-4.1.1/criu/net.c:2661:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:2662:63: branch_true: ...to here
criu-4.1.1/criu/net.c:2662:23: call_function: calling ‘ipv4_conf_op’ from ‘restore_netns_conf’
#  323|   	ret = sysctl_op(req, ri, op, CLONE_NEWNET);
#  324|   	if (ret < 0) {
#  325|-> 		pr_err("Failed to %s %s/<confs>\n", (op == CTL_READ) ? "read" : "write", tgt);
#  326|   		goto err_free;
#  327|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def438]
criu-4.1.1/criu/net.c:968:15: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:2933:12: enter_function: entry to ‘prepare_net_ns_second_stage’
criu-4.1.1/criu/net.c:2954:23: call_function: calling ‘restore_nf_ct’ from ‘prepare_net_ns_second_stage’
#  966|   		return 0;
#  967|   
#  968|-> 	err = nlmsg_parse(nlh, sizeof(struct nfgenmsg), tb, CTA_MAX, NULL);
#  969|   	if (err < 0)
#  970|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def439]
criu-4.1.1/criu/net.c:975:15: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:2933:12: enter_function: entry to ‘prepare_net_ns_second_stage’
criu-4.1.1/criu/net.c:2954:23: call_function: calling ‘restore_nf_ct’ from ‘prepare_net_ns_second_stage’
#  973|   		return 0;
#  974|   
#  975|-> 	err = nla_parse_nested(tbp, CTA_PROTOINFO_MAX, tb[CTA_PROTOINFO], NULL);
#  976|   	if (err < 0)
#  977|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def440]
criu-4.1.1/criu/net.c:982:15: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:2933:12: enter_function: entry to ‘prepare_net_ns_second_stage’
criu-4.1.1/criu/net.c:2954:23: call_function: calling ‘restore_nf_ct’ from ‘prepare_net_ns_second_stage’
#  980|   		return 0;
#  981|   
#  982|-> 	err = nla_parse_nested(tb_tcp, CTA_PROTOINFO_TCP_MAX, tbp[CTA_PROTOINFO_TCP], NULL);
#  983|   	if (err < 0)
#  984|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def441]
criu-4.1.1/criu/net.c:989:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:2933:12: enter_function: entry to ‘prepare_net_ns_second_stage’
criu-4.1.1/criu/net.c:2954:23: call_function: calling ‘restore_nf_ct’ from ‘prepare_net_ns_second_stage’
#  987|   		struct nf_ct_tcp_flags *flags;
#  988|   
#  989|-> 		flags = nla_data(tb_tcp[CTA_PROTOINFO_TCP_FLAGS_ORIGINAL]);
#  990|   		flags->flags |= IP_CT_TCP_FLAG_BE_LIBERAL;
#  991|   		flags->mask |= IP_CT_TCP_FLAG_BE_LIBERAL;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def442]
criu-4.1.1/criu/net.c:997:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:2933:12: enter_function: entry to ‘prepare_net_ns_second_stage’
criu-4.1.1/criu/net.c:2954:23: call_function: calling ‘restore_nf_ct’ from ‘prepare_net_ns_second_stage’
#  995|   		struct nf_ct_tcp_flags *flags;
#  996|   
#  997|-> 		flags = nla_data(tb_tcp[CTA_PROTOINFO_TCP_FLAGS_REPLY]);
#  998|   		flags->flags |= IP_CT_TCP_FLAG_BE_LIBERAL;
#  999|   		flags->mask |= IP_CT_TCP_FLAG_BE_LIBERAL;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def443]
criu-4.1.1/criu/net.c:1025:15: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:2933:12: enter_function: entry to ‘prepare_net_ns_second_stage’
criu-4.1.1/criu/net.c:2954:23: call_function: calling ‘restore_nf_ct’ from ‘prepare_net_ns_second_stage’
# 1023|   	}
# 1024|   
# 1025|-> 	nlh = xmalloc(sizeof(struct nlmsghdr));
# 1026|   	if (nlh == NULL)
# 1027|   		goto out;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def444]
criu-4.1.1/criu/net.c:1033:23: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:2933:12: enter_function: entry to ‘prepare_net_ns_second_stage’
criu-4.1.1/criu/net.c:2954:23: call_function: calling ‘restore_nf_ct’ from ‘prepare_net_ns_second_stage’
# 1031|   		int ret;
# 1032|   
# 1033|-> 		ret = read_img_buf_eof(img, nlh, sizeof(struct nlmsghdr));
# 1034|   		if (ret < 0)
# 1035|   			goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def445]
criu-4.1.1/criu/net.c:1033:23: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/net.c:2933:12: enter_function: entry to ‘prepare_net_ns_second_stage’
criu-4.1.1/criu/net.c:2954:23: call_function: calling ‘restore_nf_ct’ from ‘prepare_net_ns_second_stage’
# 1031|   		int ret;
# 1032|   
# 1033|-> 		ret = read_img_buf_eof(img, nlh, sizeof(struct nlmsghdr));
# 1034|   		if (ret < 0)
# 1035|   			goto out;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def446]
criu-4.1.1/criu/net.c:1039:21: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:2933:12: enter_function: entry to ‘prepare_net_ns_second_stage’
criu-4.1.1/criu/net.c:2954:23: call_function: calling ‘restore_nf_ct’ from ‘prepare_net_ns_second_stage’
# 1037|   			break;
# 1038|   
# 1039|-> 		p = xrealloc(nlh, nlh->nlmsg_len);
# 1040|   		if (p == NULL)
# 1041|   			goto out;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def447]
criu-4.1.1/criu/net.c:1044:23: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:2933:12: enter_function: entry to ‘prepare_net_ns_second_stage’
criu-4.1.1/criu/net.c:2954:23: call_function: calling ‘restore_nf_ct’ from ‘prepare_net_ns_second_stage’
# 1042|   		nlh = p;
# 1043|   
# 1044|-> 		ret = read_img_buf_eof(img, nlh + 1, nlh->nlmsg_len - sizeof(struct nlmsghdr));
# 1045|   		if (ret < 0)
# 1046|   			goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def448]
criu-4.1.1/criu/net.c:1044:23: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/net.c:2933:12: enter_function: entry to ‘prepare_net_ns_second_stage’
criu-4.1.1/criu/net.c:2954:23: call_function: calling ‘restore_nf_ct’ from ‘prepare_net_ns_second_stage’
# 1042|   		nlh = p;
# 1043|   
# 1044|-> 		ret = read_img_buf_eof(img, nlh + 1, nlh->nlmsg_len - sizeof(struct nlmsghdr));
# 1045|   		if (ret < 0)
# 1046|   			goto out;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def449]
criu-4.1.1/criu/net.c:1048:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:2933:12: enter_function: entry to ‘prepare_net_ns_second_stage’
criu-4.1.1/criu/net.c:2954:23: call_function: calling ‘restore_nf_ct’ from ‘prepare_net_ns_second_stage’
# 1046|   			goto out;
# 1047|   		if (ret == 0) {
# 1048|-> 			pr_err("The image file was truncated\n");
# 1049|   			goto out;
# 1050|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def450]
criu-4.1.1/criu/net.c:1065:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:2933:12: enter_function: entry to ‘prepare_net_ns_second_stage’
criu-4.1.1/criu/net.c:2954:23: call_function: calling ‘restore_nf_ct’ from ‘prepare_net_ns_second_stage’
# 1063|   out:
# 1064|   	xfree(nlh);
# 1065|-> 	close(sk);
# 1066|   out_img:
# 1067|   	close_image(img);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def451]
criu-4.1.1/criu/net.c:1218:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:3950:5: enter_function: entry to ‘kerndat_link_nsid’
criu-4.1.1/criu/net.c:3956:12: branch_false: following ‘false’ branch (when ‘pid >= 0’)...
criu-4.1.1/criu/net.c:3961:12: branch_false: ...to here
criu-4.1.1/criu/net.c:3961:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/net.c:3963:32: branch_true: ...to here
criu-4.1.1/criu/net.c:3970:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3975:24: branch_false: ...to here
criu-4.1.1/criu/net.c:3975:24: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3979:21: branch_false: ...to here
criu-4.1.1/criu/net.c:3979:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3984:22: branch_false: ...to here
criu-4.1.1/criu/net.c:3984:22: acquire_resource: socket created here
criu-4.1.1/criu/net.c:3985:20: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/net.c:3990:17: branch_false: ...to here
criu-4.1.1/criu/net.c:3999:23: call_function: calling ‘restore_one_link’ from ‘kerndat_link_nsid’
# 1216|   	}
# 1217|   
# 1218|-> 	addattr_l(&req->h, sizeof(*req), IFLA_IFNAME, nde->name, strlen(nde->name));
# 1219|   	addattr_l(&req->h, sizeof(*req), IFLA_MTU, &nde->mtu, sizeof(nde->mtu));
# 1220|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def452]
criu-4.1.1/criu/net.c:1219:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:3950:5: enter_function: entry to ‘kerndat_link_nsid’
criu-4.1.1/criu/net.c:3956:12: branch_false: following ‘false’ branch (when ‘pid >= 0’)...
criu-4.1.1/criu/net.c:3961:12: branch_false: ...to here
criu-4.1.1/criu/net.c:3961:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/net.c:3963:32: branch_true: ...to here
criu-4.1.1/criu/net.c:3970:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3975:24: branch_false: ...to here
criu-4.1.1/criu/net.c:3975:24: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3979:21: branch_false: ...to here
criu-4.1.1/criu/net.c:3979:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3984:22: branch_false: ...to here
criu-4.1.1/criu/net.c:3984:22: acquire_resource: socket created here
criu-4.1.1/criu/net.c:3985:20: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/net.c:3990:17: branch_false: ...to here
criu-4.1.1/criu/net.c:3999:23: call_function: calling ‘restore_one_link’ from ‘kerndat_link_nsid’
# 1217|   
# 1218|   	addattr_l(&req->h, sizeof(*req), IFLA_IFNAME, nde->name, strlen(nde->name));
# 1219|-> 	addattr_l(&req->h, sizeof(*req), IFLA_MTU, &nde->mtu, sizeof(nde->mtu));
# 1220|   
# 1221|   	if (nde->has_address) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def453]
criu-4.1.1/criu/net.c:1231:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:3950:5: enter_function: entry to ‘kerndat_link_nsid’
criu-4.1.1/criu/net.c:3956:12: branch_false: following ‘false’ branch (when ‘pid >= 0’)...
criu-4.1.1/criu/net.c:3961:12: branch_false: ...to here
criu-4.1.1/criu/net.c:3961:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/net.c:3963:32: branch_true: ...to here
criu-4.1.1/criu/net.c:3970:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3975:24: branch_false: ...to here
criu-4.1.1/criu/net.c:3975:24: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3979:21: branch_false: ...to here
criu-4.1.1/criu/net.c:3979:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3984:22: branch_false: ...to here
criu-4.1.1/criu/net.c:3984:22: acquire_resource: socket created here
criu-4.1.1/criu/net.c:3985:20: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/net.c:3990:17: branch_false: ...to here
criu-4.1.1/criu/net.c:3999:23: call_function: calling ‘restore_one_link’ from ‘kerndat_link_nsid’
# 1229|   
# 1230|   		linkinfo = NLMSG_TAIL(&req->h);
# 1231|-> 		addattr_l(&req->h, sizeof(*req), IFLA_LINKINFO, NULL, 0);
# 1232|   
# 1233|   		ret = link_info(ns, link, req);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def454]
criu-4.1.1/criu/net.c:1311:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:3950:5: enter_function: entry to ‘kerndat_link_nsid’
criu-4.1.1/criu/net.c:3956:12: branch_false: following ‘false’ branch (when ‘pid >= 0’)...
criu-4.1.1/criu/net.c:3961:12: branch_false: ...to here
criu-4.1.1/criu/net.c:3961:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/net.c:3963:32: branch_true: ...to here
criu-4.1.1/criu/net.c:3970:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3975:24: branch_false: ...to here
criu-4.1.1/criu/net.c:3975:24: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3979:21: branch_false: ...to here
criu-4.1.1/criu/net.c:3979:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3984:22: branch_false: ...to here
criu-4.1.1/criu/net.c:3984:22: acquire_resource: socket created here
criu-4.1.1/criu/net.c:3985:20: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/net.c:3990:17: branch_false: ...to here
criu-4.1.1/criu/net.c:3999:23: call_function: calling ‘restore_one_link’ from ‘kerndat_link_nsid’
# 1309|   			    struct newlink_extras *extras)
# 1310|   {
# 1311|-> 	pr_info("Restoring netdev %s idx %d\n", link->nde->name, link->nde->ifindex);
# 1312|   	return do_rtm_link_req(RTM_NEWLINK, link, nlsk, ns, link_info, extras);
# 1313|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def455]
criu-4.1.1/criu/net.c:1512:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/net.c:1881:12: enter_function: entry to ‘__restore_links’
criu-4.1.1/criu/net.c:1886:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:1889:21: branch_true: ...to here
criu-4.1.1/criu/net.c:1889:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:1892:17: branch_false: ...to here
criu-4.1.1/criu/net.c:1895:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:1909:23: branch_false: ...to here
criu-4.1.1/criu/net.c:1909:23: call_function: calling ‘restore_link’ from ‘__restore_links’
# 1510|   	struct rtattr *venet_data;
# 1511|   
# 1512|-> 	BUG_ON(ns_fd < 0);
# 1513|   
# 1514|   	venet_data = NLMSG_TAIL(&req->h);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def456]
criu-4.1.1/criu/net.c:1960:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/net.c:2017:19: enter_function: entry to ‘dump_rule’
criu-4.1.1/criu/net.c:2022:15: call_function: calling ‘img_from_set’ from ‘dump_rule’
criu-4.1.1/criu/net.c:2022:15: return_function: returning to ‘dump_rule’ from ‘img_from_set’
criu-4.1.1/criu/net.c:2023:16: acquire_memory: allocated here
criu-4.1.1/criu/net.c:2023:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/net.c:2028:13: branch_false: ...to here
criu-4.1.1/criu/net.c:2028:13: call_function: calling ‘img_raw_fd’ from ‘dump_rule’
criu-4.1.1/criu/net.c:2028:13: return_function: returning to ‘dump_rule’ from ‘img_raw_fd’
criu-4.1.1/criu/net.c:2028:13: call_function: calling ‘run_ip_tool’ from ‘dump_rule’
# 1958|   	int ret;
# 1959|   
# 1960|-> 	pr_debug("\tRunning ip %s %s %s %s\n", arg1, arg2, arg3 ?: "", arg4 ?: "");
# 1961|   
# 1962|   	ip_tool_cmd = getenv("CR_IP_TOOL");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def457]
criu-4.1.1/criu/net.c:1960:9: warning[-Wanalyzer-malloc-leak]: leak of ‘tmpfile()’
criu-4.1.1/criu/net.c:2346:12: enter_function: entry to ‘restore_ip_dump’
criu-4.1.1/criu/net.c:2354:13: call_function: inlined call to ‘empty_image’ from ‘restore_ip_dump’
criu-4.1.1/criu/net.c:2358:18: branch_false: ...to here
criu-4.1.1/criu/net.c:2358:18: call_function: calling ‘img_raw_fd’ from ‘restore_ip_dump’
criu-4.1.1/criu/net.c:2358:18: return_function: returning to ‘restore_ip_dump’ from ‘img_raw_fd’
criu-4.1.1/criu/net.c:2359:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2363:20: branch_false: ...to here
criu-4.1.1/criu/net.c:2363:20: acquire_memory: allocated here
criu-4.1.1/criu/net.c:2364:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/net.c:2379:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2384:12: branch_false: ...to here
criu-4.1.1/criu/net.c:2384:12: branch_true: following ‘true’ branch (when ‘type == 26’)...
criu-4.1.1/criu/net.c:2389:17: branch_true: ...to here
criu-4.1.1/criu/net.c:2389:17: call_function: calling ‘run_ip_tool’ from ‘restore_ip_dump’
# 1958|   	int ret;
# 1959|   
# 1960|-> 	pr_debug("\tRunning ip %s %s %s %s\n", arg1, arg2, arg3 ?: "", arg4 ?: "");
# 1961|   
# 1962|   	ip_tool_cmd = getenv("CR_IP_TOOL");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def458]
criu-4.1.1/criu/net.c:1966:15: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/net.c:2017:19: enter_function: entry to ‘dump_rule’
criu-4.1.1/criu/net.c:2022:15: call_function: calling ‘img_from_set’ from ‘dump_rule’
criu-4.1.1/criu/net.c:2022:15: return_function: returning to ‘dump_rule’ from ‘img_from_set’
criu-4.1.1/criu/net.c:2023:16: acquire_memory: allocated here
criu-4.1.1/criu/net.c:2023:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/net.c:2028:13: branch_false: ...to here
criu-4.1.1/criu/net.c:2028:13: call_function: calling ‘img_raw_fd’ from ‘dump_rule’
criu-4.1.1/criu/net.c:2028:13: return_function: returning to ‘dump_rule’ from ‘img_raw_fd’
criu-4.1.1/criu/net.c:2028:13: call_function: calling ‘run_ip_tool’ from ‘dump_rule’
# 1964|   		ip_tool_cmd = "ip";
# 1965|   
# 1966|-> 	ret = cr_system(fdin, fdout, -1, ip_tool_cmd, (char *[]){ "ip", arg1, arg2, arg3, arg4, NULL }, flags);
# 1967|   	if (ret) {
# 1968|   		if (!(flags & CRS_CAN_FAIL))

Error: GCC_ANALYZER_WARNING (CWE-401): [#def459]
criu-4.1.1/criu/net.c:1966:15: warning[-Wanalyzer-malloc-leak]: leak of ‘tmpfile()’
criu-4.1.1/criu/net.c:2346:12: enter_function: entry to ‘restore_ip_dump’
criu-4.1.1/criu/net.c:2354:13: call_function: inlined call to ‘empty_image’ from ‘restore_ip_dump’
criu-4.1.1/criu/net.c:2358:18: branch_false: ...to here
criu-4.1.1/criu/net.c:2358:18: call_function: calling ‘img_raw_fd’ from ‘restore_ip_dump’
criu-4.1.1/criu/net.c:2358:18: return_function: returning to ‘restore_ip_dump’ from ‘img_raw_fd’
criu-4.1.1/criu/net.c:2359:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2363:20: branch_false: ...to here
criu-4.1.1/criu/net.c:2363:20: acquire_memory: allocated here
criu-4.1.1/criu/net.c:2364:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/net.c:2379:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2384:12: branch_false: ...to here
criu-4.1.1/criu/net.c:2384:12: branch_true: following ‘true’ branch (when ‘type == 26’)...
criu-4.1.1/criu/net.c:2389:17: branch_true: ...to here
criu-4.1.1/criu/net.c:2389:17: call_function: calling ‘run_ip_tool’ from ‘restore_ip_dump’
# 1964|   		ip_tool_cmd = "ip";
# 1965|   
# 1966|-> 	ret = cr_system(fdin, fdout, -1, ip_tool_cmd, (char *[]){ "ip", arg1, arg2, arg3, arg4, NULL }, flags);
# 1967|   	if (ret) {
# 1968|   		if (!(flags & CRS_CAN_FAIL))

Error: GCC_ANALYZER_WARNING (CWE-401): [#def460]
criu-4.1.1/criu/net.c:1969:25: warning[-Wanalyzer-malloc-leak]: leak of ‘tmpfile()’
criu-4.1.1/criu/net.c:2346:12: enter_function: entry to ‘restore_ip_dump’
criu-4.1.1/criu/net.c:2354:13: call_function: inlined call to ‘empty_image’ from ‘restore_ip_dump’
criu-4.1.1/criu/net.c:2358:18: branch_false: ...to here
criu-4.1.1/criu/net.c:2358:18: call_function: calling ‘img_raw_fd’ from ‘restore_ip_dump’
criu-4.1.1/criu/net.c:2358:18: return_function: returning to ‘restore_ip_dump’ from ‘img_raw_fd’
criu-4.1.1/criu/net.c:2359:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2363:20: branch_false: ...to here
criu-4.1.1/criu/net.c:2363:20: acquire_memory: allocated here
criu-4.1.1/criu/net.c:2364:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/net.c:2379:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2384:12: branch_false: ...to here
criu-4.1.1/criu/net.c:2384:12: branch_true: following ‘true’ branch (when ‘type == 26’)...
criu-4.1.1/criu/net.c:2389:17: branch_true: ...to here
criu-4.1.1/criu/net.c:2389:17: call_function: calling ‘run_ip_tool’ from ‘restore_ip_dump’
# 1967|   	if (ret) {
# 1968|   		if (!(flags & CRS_CAN_FAIL))
# 1969|-> 			pr_err("IP tool failed on %s %s %s %s\n", arg1, arg2, arg3 ?: "", arg4 ?: "");
# 1970|   		return -1;
# 1971|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def461]
criu-4.1.1/criu/net.c:2029:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/net.c:2017:19: enter_function: entry to ‘dump_rule’
criu-4.1.1/criu/net.c:2022:15: call_function: calling ‘img_from_set’ from ‘dump_rule’
criu-4.1.1/criu/net.c:2022:15: return_function: returning to ‘dump_rule’ from ‘img_from_set’
criu-4.1.1/criu/net.c:2023:16: acquire_memory: allocated here
criu-4.1.1/criu/net.c:2023:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/net.c:2028:13: branch_false: ...to here
criu-4.1.1/criu/net.c:2028:13: call_function: calling ‘img_raw_fd’ from ‘dump_rule’
criu-4.1.1/criu/net.c:2028:13: return_function: returning to ‘dump_rule’ from ‘img_raw_fd’
criu-4.1.1/criu/net.c:2028:13: call_function: calling ‘run_ip_tool’ from ‘dump_rule’
criu-4.1.1/criu/net.c:2028:13: return_function: returning to ‘dump_rule’ from ‘run_ip_tool’
criu-4.1.1/criu/net.c:2028:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:2029:17: branch_true: ...to here
criu-4.1.1/criu/net.c:2029:17: danger: ‘___p’ leaks here; was allocated at [(7)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/6)
# 2027|   
# 2028|   	if (run_ip_tool("rule", "save", NULL, NULL, -1, img_raw_fd(img), CRS_CAN_FAIL)) {
# 2029|-> 		pr_warn("Check if \"ip rule save\" is supported!\n");
# 2030|   		unlinkat(get_service_fd(IMG_FD_OFF), path, 0);
# 2031|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def462]
criu-4.1.1/criu/net.c:2030:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/net.c:2017:19: enter_function: entry to ‘dump_rule’
criu-4.1.1/criu/net.c:2022:15: call_function: calling ‘img_from_set’ from ‘dump_rule’
criu-4.1.1/criu/net.c:2022:15: return_function: returning to ‘dump_rule’ from ‘img_from_set’
criu-4.1.1/criu/net.c:2023:16: acquire_memory: allocated here
criu-4.1.1/criu/net.c:2023:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/net.c:2028:13: branch_false: ...to here
criu-4.1.1/criu/net.c:2028:13: call_function: calling ‘img_raw_fd’ from ‘dump_rule’
criu-4.1.1/criu/net.c:2028:13: return_function: returning to ‘dump_rule’ from ‘img_raw_fd’
criu-4.1.1/criu/net.c:2028:13: call_function: calling ‘run_ip_tool’ from ‘dump_rule’
criu-4.1.1/criu/net.c:2028:13: return_function: returning to ‘dump_rule’ from ‘run_ip_tool’
criu-4.1.1/criu/net.c:2028:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:2029:17: branch_true: ...to here
criu-4.1.1/criu/net.c:2030:17: danger: ‘___p’ leaks here; was allocated at [(7)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/6)
# 2028|   	if (run_ip_tool("rule", "save", NULL, NULL, -1, img_raw_fd(img), CRS_CAN_FAIL)) {
# 2029|   		pr_warn("Check if \"ip rule save\" is supported!\n");
# 2030|-> 		unlinkat(get_service_fd(IMG_FD_OFF), path, 0);
# 2031|   	}
# 2032|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def463]
criu-4.1.1/criu/net.c:2109:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
criu-4.1.1/criu/net.c:2078:19: enter_function: entry to ‘dump_nftables’
criu-4.1.1/criu/net.c:2087:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2090:15: branch_false: ...to here
criu-4.1.1/criu/net.c:2090:15: call_function: calling ‘img_from_set’ from ‘dump_nftables’
criu-4.1.1/criu/net.c:2090:15: return_function: returning to ‘dump_nftables’ from ‘img_from_set’
criu-4.1.1/criu/net.c:2091:18: call_function: calling ‘img_raw_fd’ from ‘dump_nftables’
criu-4.1.1/criu/net.c:2091:18: return_function: returning to ‘dump_nftables’ from ‘img_raw_fd’
criu-4.1.1/criu/net.c:2092:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2096:18: branch_false: ...to here
criu-4.1.1/criu/net.c:2097:12: branch_false: following ‘false’ branch (when ‘img_fd >= 0’)...
criu-4.1.1/criu/net.c:2102:14: branch_false: ...to here
criu-4.1.1/criu/net.c:2102:14: acquire_memory: allocated here
criu-4.1.1/criu/net.c:2103:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
criu-4.1.1/criu/net.c:2109:9: branch_false: ...to here
criu-4.1.1/criu/net.c:2109:9: danger: ‘fp’ leaks here; was allocated at [(18)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/17)
# 2107|   	}
# 2108|   
# 2109|-> 	nft_ctx_set_output(nft, fp);
# 2110|   #define DUMP_NFTABLES_CMD "list ruleset"
# 2111|   #if defined(CONFIG_HAS_NFTABLES_LIB_API_0)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def464]
criu-4.1.1/criu/net.c:2372:25: warning[-Wanalyzer-malloc-leak]: leak of ‘tmpfile()’
criu-4.1.1/criu/net.c:2346:12: enter_function: entry to ‘restore_ip_dump’
criu-4.1.1/criu/net.c:2354:13: call_function: inlined call to ‘empty_image’ from ‘restore_ip_dump’
criu-4.1.1/criu/net.c:2358:18: branch_false: ...to here
criu-4.1.1/criu/net.c:2358:18: call_function: calling ‘img_raw_fd’ from ‘restore_ip_dump’
criu-4.1.1/criu/net.c:2358:18: return_function: returning to ‘restore_ip_dump’ from ‘img_raw_fd’
criu-4.1.1/criu/net.c:2359:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2363:20: branch_false: ...to here
criu-4.1.1/criu/net.c:2363:20: acquire_memory: allocated here
criu-4.1.1/criu/net.c:2364:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/net.c:2369:16: branch_true: following ‘true’ branch (when ‘n > 0’)...
criu-4.1.1/criu/net.c:2370:27: branch_true: ...to here
criu-4.1.1/criu/net.c:2372:25: danger: ‘tmpfile()’ leaks here; was allocated at [(12)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/11)
# 2370|   		written = fwrite(buf, sizeof(char), n, tmp_file);
# 2371|   		if (written < n) {
# 2372|-> 			pr_perror("Failed to write to tmpfile "
# 2373|   				  "[written: %d; total: %d]",
# 2374|   				  written, n);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def465]
criu-4.1.1/criu/net.c:2379:13: warning[-Wanalyzer-malloc-leak]: leak of ‘tmpfile()’
criu-4.1.1/criu/net.c:2346:12: enter_function: entry to ‘restore_ip_dump’
criu-4.1.1/criu/net.c:2354:13: call_function: inlined call to ‘empty_image’ from ‘restore_ip_dump’
criu-4.1.1/criu/net.c:2358:18: branch_false: ...to here
criu-4.1.1/criu/net.c:2358:18: call_function: calling ‘img_raw_fd’ from ‘restore_ip_dump’
criu-4.1.1/criu/net.c:2358:18: return_function: returning to ‘restore_ip_dump’ from ‘img_raw_fd’
criu-4.1.1/criu/net.c:2359:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2363:20: branch_false: ...to here
criu-4.1.1/criu/net.c:2363:20: acquire_memory: allocated here
criu-4.1.1/criu/net.c:2364:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/net.c:2379:13: danger: ‘tmpfile()’ leaks here; was allocated at [(12)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/11)
# 2377|   	}
# 2378|   
# 2379|-> 	if (fseek(tmp_file, 0, SEEK_SET)) {
# 2380|   		pr_perror("Failed to set file position to beginning of tmpfile");
# 2381|   		goto out_tmp_file;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def466]
criu-4.1.1/criu/net.c:2380:17: warning[-Wanalyzer-malloc-leak]: leak of ‘tmpfile()’
criu-4.1.1/criu/net.c:2346:12: enter_function: entry to ‘restore_ip_dump’
criu-4.1.1/criu/net.c:2354:13: call_function: inlined call to ‘empty_image’ from ‘restore_ip_dump’
criu-4.1.1/criu/net.c:2358:18: branch_false: ...to here
criu-4.1.1/criu/net.c:2358:18: call_function: calling ‘img_raw_fd’ from ‘restore_ip_dump’
criu-4.1.1/criu/net.c:2358:18: return_function: returning to ‘restore_ip_dump’ from ‘img_raw_fd’
criu-4.1.1/criu/net.c:2359:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2363:20: branch_false: ...to here
criu-4.1.1/criu/net.c:2363:20: acquire_memory: allocated here
criu-4.1.1/criu/net.c:2364:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/net.c:2379:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:2380:17: branch_true: ...to here
criu-4.1.1/criu/net.c:2380:17: danger: ‘tmpfile()’ leaks here; was allocated at [(12)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/11)
# 2378|   
# 2379|   	if (fseek(tmp_file, 0, SEEK_SET)) {
# 2380|-> 		pr_perror("Failed to set file position to beginning of tmpfile");
# 2381|   		goto out_tmp_file;
# 2382|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def467]
criu-4.1.1/criu/net.c:2437:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/run/xtables.lock", 0)’
criu-4.1.1/criu/net.c:2435:14: acquire_resource: opened here
criu-4.1.1/criu/net.c:2436:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:2437:17: branch_true: ...to here
criu-4.1.1/criu/net.c:2437:17: danger: ‘open("/run/xtables.lock", 0)’ leaks here; was opened at [(1)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/0)
# 2435|   	fd = open("/run/xtables.lock", O_RDONLY);
# 2436|   	if (fd >= 0) {
# 2437|-> 		close(fd);
# 2438|   		return 0;
# 2439|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def468]
criu-4.1.1/criu/net.c:2706:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/net.c:2706:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:2706:9: branch_true: ...to here
criu-4.1.1/criu/net.c:2706:9: danger: dereference of NULL ‘0’
# 2704|   	char sys_mount[] = "crtools-sys.XXXXXX";
# 2705|   
# 2706|-> 	BUG_ON(ns_sysfs_fd != -1);
# 2707|   
# 2708|   	if (kdat.has_fsopen) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def469]
criu-4.1.1/criu/net.c:2768:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/net.c:2758:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2761:13: branch_false: ...to here
criu-4.1.1/criu/net.c:2761:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2764:20: branch_false: ...to here
criu-4.1.1/criu/net.c:2764:20: acquire_memory: allocated here
criu-4.1.1/criu/net.c:2764:20: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/net.c:2768:9: branch_false: ...to here
criu-4.1.1/criu/net.c:2768:9: danger: ‘___p’ leaks here; was allocated at [(5)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/4)
# 2766|   		return -1;
# 2767|   
# 2768|-> 	pr_debug("Found the %d id for %d in %d\n", nsid, ns->id, arg->ns->id);
# 2769|   	netns_id->target_ns_id = ns->id;
# 2770|   	netns_id->netnsid_value = nsid;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def470]
criu-4.1.1/criu/net.c:2893:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:2880:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2883:14: branch_false: ...to here
criu-4.1.1/criu/net.c:2883:14: acquire_resource: socket created here
criu-4.1.1/criu/net.c:2884:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
 branch_false: ...to here
criu-4.1.1/criu/net.c:2889:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:2893:22: branch_true: ...to here
criu-4.1.1/criu/net.c:2893:22: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/net.c:2893:22: branch_true: ...to here
criu-4.1.1/criu/net.c:2893:22: danger: ‘sk’ leaks here
# 2891|   		struct netns_id *id;
# 2892|   
# 2893|-> 		id = xmalloc(sizeof(*id));
# 2894|   		if (!id)
# 2895|   			goto out;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def471]
criu-4.1.1/criu/net.c:2900:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:2880:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2883:14: branch_false: ...to here
criu-4.1.1/criu/net.c:2883:14: acquire_resource: socket created here
criu-4.1.1/criu/net.c:2884:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
 branch_false: ...to here
criu-4.1.1/criu/net.c:2889:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:2893:22: branch_true: ...to here
criu-4.1.1/criu/net.c:2893:22: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/net.c:2896:36: branch_false: ...to here
criu-4.1.1/criu/net.c:2900:25: danger: ‘sk’ leaks here
# 2898|   		list_add(&id->node, &ns->net.ids);
# 2899|   
# 2900|-> 		tg_ns = lookup_ns_by_id(id->target_ns_id, &net_ns_desc);
# 2901|   		if (tg_ns == NULL) {
# 2902|   			pr_err("Unknown namespace: %d\n", id->target_ns_id);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def472]
criu-4.1.1/criu/net.c:2902:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:2880:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2883:14: branch_false: ...to here
criu-4.1.1/criu/net.c:2883:14: acquire_resource: socket created here
criu-4.1.1/criu/net.c:2884:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
 branch_false: ...to here
criu-4.1.1/criu/net.c:2889:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:2893:22: branch_true: ...to here
criu-4.1.1/criu/net.c:2893:22: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/net.c:2896:36: branch_false: ...to here
criu-4.1.1/criu/net.c:2901:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:2902:25: branch_true: ...to here
criu-4.1.1/criu/net.c:2902:25: danger: ‘sk’ leaks here
# 2900|   		tg_ns = lookup_ns_by_id(id->target_ns_id, &net_ns_desc);
# 2901|   		if (tg_ns == NULL) {
# 2902|-> 			pr_err("Unknown namespace: %d\n", id->target_ns_id);
# 2903|   			goto out;
# 2904|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def473]
criu-4.1.1/criu/net.c:2912:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:2880:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2883:14: branch_false: ...to here
criu-4.1.1/criu/net.c:2883:14: acquire_resource: socket created here
criu-4.1.1/criu/net.c:2884:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
 branch_false: ...to here
criu-4.1.1/criu/net.c:2912:9: danger: ‘sk’ leaks here
# 2910|   	exit_code = 0;
# 2911|   out:
# 2912|-> 	close(sk);
# 2913|   
# 2914|   	return exit_code;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def474]
criu-4.1.1/criu/net.c:3109:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/net.c:3099:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:3104:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3109:17: branch_false: ...to here
criu-4.1.1/criu/net.c:3109:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:3109:17: branch_true: ...to here
criu-4.1.1/criu/net.c:3109:17: danger: dereference of NULL ‘0’
# 3107|   		}
# 3108|   
# 3109|-> 		BUG_ON(nsid->type == NS_CRIU);
# 3110|   
# 3111|   		if (do_restore_task_net_ns(nsid, current))

Error: GCC_ANALYZER_WARNING (CWE-775): [#def475]
criu-4.1.1/criu/net.c:3163:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/net.c:3158:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3163:13: branch_false: ...to here
criu-4.1.1/criu/net.c:3163:13: danger: ‘pfd[0]’ leaks here
# 3161|   	}
# 3162|   
# 3163|-> 	if (write(pfd[1], buf, size) < size) {
# 3164|   		pr_perror("Unable to write iptables configugration");
# 3165|   		goto err;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def476]
criu-4.1.1/criu/net.c:3163:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/net.c:3158:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3163:13: branch_false: ...to here
criu-4.1.1/criu/net.c:3163:13: danger: ‘pfd[1]’ leaks here
# 3161|   	}
# 3162|   
# 3163|-> 	if (write(pfd[1], buf, size) < size) {
# 3164|   		pr_perror("Unable to write iptables configugration");
# 3165|   		goto err;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def477]
criu-4.1.1/criu/net.c:3164:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/net.c:3158:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3163:13: branch_false: ...to here
criu-4.1.1/criu/net.c:3163:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:3164:17: branch_true: ...to here
criu-4.1.1/criu/net.c:3164:17: danger: ‘pfd[0]’ leaks here
# 3162|   
# 3163|   	if (write(pfd[1], buf, size) < size) {
# 3164|-> 		pr_perror("Unable to write iptables configugration");
# 3165|   		goto err;
# 3166|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def478]
criu-4.1.1/criu/net.c:3164:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/net.c:3158:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3163:13: branch_false: ...to here
criu-4.1.1/criu/net.c:3163:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:3164:17: branch_true: ...to here
criu-4.1.1/criu/net.c:3164:17: danger: ‘pfd[1]’ leaks here
# 3162|   
# 3163|   	if (write(pfd[1], buf, size) < size) {
# 3164|-> 		pr_perror("Unable to write iptables configugration");
# 3165|   		goto err;
# 3166|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def479]
criu-4.1.1/criu/net.c:3167:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/net.c:3158:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3163:13: branch_false: ...to here
criu-4.1.1/criu/net.c:3163:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3167:9: branch_false: ...to here
criu-4.1.1/criu/net.c:3167:9: danger: ‘pfd[0]’ leaks here
# 3165|   		goto err;
# 3166|   	}
# 3167|-> 	close_safe(&pfd[1]);
# 3168|   
# 3169|   	ret = cr_system(pfd[0], -1, -1, cmd[0], cmd, 0);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def480]
criu-4.1.1/criu/net.c:3167:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/net.c:3158:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3163:13: branch_false: ...to here
criu-4.1.1/criu/net.c:3163:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3167:9: branch_false: ...to here
criu-4.1.1/criu/net.c:3167:9: danger: ‘pfd[1]’ leaks here
# 3165|   		goto err;
# 3166|   	}
# 3167|-> 	close_safe(&pfd[1]);
# 3168|   
# 3169|   	ret = cr_system(pfd[0], -1, -1, cmd[0], cmd, 0);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def481]
criu-4.1.1/criu/net.c:3171:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/net.c:3158:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3163:13: branch_false: ...to here
criu-4.1.1/criu/net.c:3163:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:3164:17: branch_true: ...to here
criu-4.1.1/criu/net.c:3171:9: danger: ‘pfd[0]’ leaks here
# 3169|   	ret = cr_system(pfd[0], -1, -1, cmd[0], cmd, 0);
# 3170|   err:
# 3171|-> 	close_safe(&pfd[1]);
# 3172|   	close_safe(&pfd[0]);
# 3173|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def482]
criu-4.1.1/criu/net.c:3171:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/net.c:3158:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3163:13: branch_false: ...to here
criu-4.1.1/criu/net.c:3163:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:3164:17: branch_true: ...to here
criu-4.1.1/criu/net.c:3171:9: danger: ‘pfd[1]’ leaks here
# 3169|   	ret = cr_system(pfd[0], -1, -1, cmd[0], cmd, 0);
# 3170|   err:
# 3171|-> 	close_safe(&pfd[1]);
# 3172|   	close_safe(&pfd[0]);
# 3173|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def483]
criu-4.1.1/criu/net.c:3202:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
criu-4.1.1/criu/net.c:3183:12: branch_false: following ‘false’ branch (when ‘fd >= 0’)...
criu-4.1.1/criu/net.c:3188:14: branch_false: ...to here
criu-4.1.1/criu/net.c:3188:14: acquire_memory: allocated here
criu-4.1.1/criu/net.c:3189:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
criu-4.1.1/criu/net.c:3200:9: branch_false: ...to here
criu-4.1.1/criu/net.c:3202:9: danger: ‘fp’ leaks here; was allocated at [(3)](sarif:/runs/0/results/52/codeFlows/0/threadFlows/0/locations/2)
# 3200|   	setvbuf(fp, NULL, _IONBF, 0);
# 3201|   
# 3202|-> 	nft_ctx_set_output(nft, fp);
# 3203|   	nft_ctx_set_error(nft, fp);
# 3204|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def484]
criu-4.1.1/criu/net.c:3359:15: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
criu-4.1.1/criu/net.c:3353:14: acquire_resource: opened here
criu-4.1.1/criu/net.c:3354:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3359:15: branch_false: ...to here
criu-4.1.1/criu/net.c:3359:15: danger: ‘fd’ leaks here; was opened at [(1)](sarif:/runs/0/results/53/codeFlows/0/threadFlows/0/locations/0)
# 3357|   	}
# 3358|   
# 3359|-> 	ret = cr_system(fd, fd, fd, "sh", argv, CRS_CAN_FAIL);
# 3360|   	close_safe(&fd);
# 3361|   	return !ret;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def485]
criu-4.1.1/criu/net.c:3552:15: warning[-Wanalyzer-fd-leak]: leak of file descriptor
criu-4.1.1/criu/net.c:3498:12: branch_true: following ‘true’ branch (when ‘for_dump != 0’)...
criu-4.1.1/criu/net.c:3499:38: branch_true: ...to here
criu-4.1.1/criu/net.c:3499:38: acquire_resource: socket created here
criu-4.1.1/criu/net.c:3500:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3536:13: branch_false: ...to here
criu-4.1.1/criu/net.c:3536:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3552:31: branch_false: ...to here
criu-4.1.1/criu/net.c:3552:15: danger: leaks here
# 3550|   #endif
# 3551|   
# 3552|-> 	ret = ns->net.seqsk = socket(PF_UNIX, SOCK_SEQPACKET | SOCK_NONBLOCK, 0);
# 3553|   	if (ret < 0) {
# 3554|   		pr_perror("Can't create seqsk for parasite");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def486]
criu-4.1.1/criu/net.c:3742:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘s’
criu-4.1.1/criu/net.c:3707:12: enter_function: entry to ‘move_to_bridge’
criu-4.1.1/criu/net.c:3714:15: call_function: calling ‘external_val’ from ‘move_to_bridge’
criu-4.1.1/criu/net.c:3714:15: return_function: returning to ‘move_to_bridge’ from ‘external_val’
criu-4.1.1/criu/net.c:3715:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3718:14: branch_false: ...to here
criu-4.1.1/criu/net.c:3719:12: branch_false: following ‘false’ branch (when ‘br’ is non-NULL)...
criu-4.1.1/criu/net.c:3722:9: branch_false: ...to here
criu-4.1.1/criu/net.c:3728:20: branch_true: following ‘true’ branch (when ‘s == -1’)...
criu-4.1.1/criu/net.c:3729:29: branch_true: ...to here
criu-4.1.1/criu/net.c:3729:29: acquire_resource: socket created here
criu-4.1.1/criu/net.c:3730:28: branch_false: following ‘false’ branch (when ‘s >= 0’)...
criu-4.1.1/criu/net.c:3740:35: branch_false: ...to here
criu-4.1.1/criu/net.c:3741:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:3742:25: branch_true: ...to here
criu-4.1.1/criu/net.c:3742:25: danger: ‘s’ leaks here
# 3740|   		ifr.ifr_ifindex = if_nametoindex(out);
# 3741|   		if (ifr.ifr_ifindex == 0) {
# 3742|-> 			pr_perror("Can't get index of %s", out);
# 3743|   			ret = -1;
# 3744|   			goto out;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def487]
criu-4.1.1/criu/net.c:3746:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘s’
criu-4.1.1/criu/net.c:3707:12: enter_function: entry to ‘move_to_bridge’
criu-4.1.1/criu/net.c:3714:15: call_function: calling ‘external_val’ from ‘move_to_bridge’
criu-4.1.1/criu/net.c:3714:15: return_function: returning to ‘move_to_bridge’ from ‘external_val’
criu-4.1.1/criu/net.c:3715:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3718:14: branch_false: ...to here
criu-4.1.1/criu/net.c:3719:12: branch_false: following ‘false’ branch (when ‘br’ is non-NULL)...
criu-4.1.1/criu/net.c:3722:9: branch_false: ...to here
criu-4.1.1/criu/net.c:3728:20: branch_true: following ‘true’ branch (when ‘s == -1’)...
criu-4.1.1/criu/net.c:3729:29: branch_true: ...to here
criu-4.1.1/criu/net.c:3729:29: acquire_resource: socket created here
criu-4.1.1/criu/net.c:3730:28: branch_false: following ‘false’ branch (when ‘s >= 0’)...
criu-4.1.1/criu/net.c:3740:35: branch_false: ...to here
criu-4.1.1/criu/net.c:3741:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3746:17: branch_false: ...to here
criu-4.1.1/criu/net.c:3746:17: danger: ‘s’ leaks here
# 3744|   			goto out;
# 3745|   		}
# 3746|-> 		__strlcpy(ifr.ifr_name, br, IFNAMSIZ);
# 3747|   		ret = ioctl(s, SIOCBRADDIF, &ifr);
# 3748|   		if (ret < 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def488]
criu-4.1.1/criu/net.c:3845:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:2876:12: enter_function: entry to ‘restore_netns_ids’
criu-4.1.1/criu/net.c:2880:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2883:14: branch_false: ...to here
criu-4.1.1/criu/net.c:2883:14: acquire_resource: socket created here
criu-4.1.1/criu/net.c:2884:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
 branch_false: ...to here
criu-4.1.1/criu/net.c:2889:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:2893:22: branch_true: ...to here
criu-4.1.1/criu/net.c:2893:22: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/net.c:2896:36: branch_false: ...to here
criu-4.1.1/criu/net.c:2901:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2906:56: branch_false: ...to here
criu-4.1.1/criu/net.c:2906:21: call_function: calling ‘net_set_nsid’ from ‘restore_netns_ids’
# 3843|   	req.nlh.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK;
# 3844|   	req.nlh.nlmsg_seq = CR_NLMSG_SEQ;
# 3845|-> 	if (addattr_l(&req.nlh, sizeof(req), NETNSA_FD, &fd, sizeof(fd)))
# 3846|   		return -1;
# 3847|   	if (addattr_l(&req.nlh, sizeof(req), NETNSA_NSID, &nsid, sizeof(nsid)))

Error: GCC_ANALYZER_WARNING (CWE-775): [#def489]
criu-4.1.1/criu/net.c:3847:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:2876:12: enter_function: entry to ‘restore_netns_ids’
criu-4.1.1/criu/net.c:2880:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2883:14: branch_false: ...to here
criu-4.1.1/criu/net.c:2883:14: acquire_resource: socket created here
criu-4.1.1/criu/net.c:2884:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
 branch_false: ...to here
criu-4.1.1/criu/net.c:2889:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:2893:22: branch_true: ...to here
criu-4.1.1/criu/net.c:2893:22: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/net.c:2896:36: branch_false: ...to here
criu-4.1.1/criu/net.c:2901:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2906:56: branch_false: ...to here
criu-4.1.1/criu/net.c:2906:21: call_function: calling ‘net_set_nsid’ from ‘restore_netns_ids’
# 3845|   	if (addattr_l(&req.nlh, sizeof(req), NETNSA_FD, &fd, sizeof(fd)))
# 3846|   		return -1;
# 3847|-> 	if (addattr_l(&req.nlh, sizeof(req), NETNSA_NSID, &nsid, sizeof(nsid)))
# 3848|   		return -1;
# 3849|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def490]
criu-4.1.1/criu/net.c:3850:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:2876:12: enter_function: entry to ‘restore_netns_ids’
criu-4.1.1/criu/net.c:2880:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2883:14: branch_false: ...to here
criu-4.1.1/criu/net.c:2883:14: acquire_resource: socket created here
criu-4.1.1/criu/net.c:2884:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
 branch_false: ...to here
criu-4.1.1/criu/net.c:2889:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/net.c:2893:22: branch_true: ...to here
criu-4.1.1/criu/net.c:2893:22: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/net.c:2896:36: branch_false: ...to here
criu-4.1.1/criu/net.c:2901:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:2906:56: branch_false: ...to here
criu-4.1.1/criu/net.c:2906:21: call_function: calling ‘net_set_nsid’ from ‘restore_netns_ids’
# 3848|   		return -1;
# 3849|   
# 3850|-> 	if (do_rtnl_req(rtsk, &req, req.nlh.nlmsg_len, NULL, NULL, NULL, NULL) < 0)
# 3851|   		return -1;
# 3852|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def491]
criu-4.1.1/criu/net.c:3890:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:3950:5: enter_function: entry to ‘kerndat_link_nsid’
criu-4.1.1/criu/net.c:3956:12: branch_false: following ‘false’ branch (when ‘pid >= 0’)...
criu-4.1.1/criu/net.c:3961:12: branch_false: ...to here
criu-4.1.1/criu/net.c:3961:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/net.c:3963:32: branch_true: ...to here
criu-4.1.1/criu/net.c:3970:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3975:24: branch_false: ...to here
criu-4.1.1/criu/net.c:3975:24: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3979:21: branch_false: ...to here
criu-4.1.1/criu/net.c:3979:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3984:22: branch_false: ...to here
criu-4.1.1/criu/net.c:3984:22: acquire_resource: socket created here
criu-4.1.1/criu/net.c:3985:20: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/net.c:3990:17: branch_false: ...to here
criu-4.1.1/criu/net.c:3999:23: call_function: calling ‘restore_one_link’ from ‘kerndat_link_nsid’
# 3888|   	struct ifinfomsg ifm;
# 3889|   
# 3890|-> 	addattr_l(&req->h, sizeof(*req), IFLA_INFO_KIND, "veth", 4);
# 3891|   
# 3892|   	veth_data = NLMSG_TAIL(&req->h);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def492]
criu-4.1.1/criu/net.c:3893:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:3950:5: enter_function: entry to ‘kerndat_link_nsid’
criu-4.1.1/criu/net.c:3956:12: branch_false: following ‘false’ branch (when ‘pid >= 0’)...
criu-4.1.1/criu/net.c:3961:12: branch_false: ...to here
criu-4.1.1/criu/net.c:3961:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/net.c:3963:32: branch_true: ...to here
criu-4.1.1/criu/net.c:3970:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3975:24: branch_false: ...to here
criu-4.1.1/criu/net.c:3975:24: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3979:21: branch_false: ...to here
criu-4.1.1/criu/net.c:3979:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3984:22: branch_false: ...to here
criu-4.1.1/criu/net.c:3984:22: acquire_resource: socket created here
criu-4.1.1/criu/net.c:3985:20: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/net.c:3990:17: branch_false: ...to here
criu-4.1.1/criu/net.c:3999:23: call_function: calling ‘restore_one_link’ from ‘kerndat_link_nsid’
# 3891|   
# 3892|   	veth_data = NLMSG_TAIL(&req->h);
# 3893|-> 	addattr_l(&req->h, sizeof(*req), IFLA_INFO_DATA, NULL, 0);
# 3894|   	peer_data = NLMSG_TAIL(&req->h);
# 3895|   	memset(&ifm, 0, sizeof(ifm));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def493]
criu-4.1.1/criu/net.c:3898:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:3950:5: enter_function: entry to ‘kerndat_link_nsid’
criu-4.1.1/criu/net.c:3956:12: branch_false: following ‘false’ branch (when ‘pid >= 0’)...
criu-4.1.1/criu/net.c:3961:12: branch_false: ...to here
criu-4.1.1/criu/net.c:3961:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/net.c:3963:32: branch_true: ...to here
criu-4.1.1/criu/net.c:3970:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3975:24: branch_false: ...to here
criu-4.1.1/criu/net.c:3975:24: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3979:21: branch_false: ...to here
criu-4.1.1/criu/net.c:3979:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3984:22: branch_false: ...to here
criu-4.1.1/criu/net.c:3984:22: acquire_resource: socket created here
criu-4.1.1/criu/net.c:3985:20: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/net.c:3990:17: branch_false: ...to here
criu-4.1.1/criu/net.c:3999:23: call_function: calling ‘restore_one_link’ from ‘kerndat_link_nsid’
# 3896|   
# 3897|   	ifm.ifi_index = nde->peer_ifindex;
# 3898|-> 	addattr_l(&req->h, sizeof(*req), VETH_INFO_PEER, &ifm, sizeof(ifm));
# 3899|   
# 3900|   	addattr_l(&req->h, sizeof(*req), IFLA_NET_NS_FD, &nde->peer_nsid, sizeof(int));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def494]
criu-4.1.1/criu/net.c:3900:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/net.c:3950:5: enter_function: entry to ‘kerndat_link_nsid’
criu-4.1.1/criu/net.c:3956:12: branch_false: following ‘false’ branch (when ‘pid >= 0’)...
criu-4.1.1/criu/net.c:3961:12: branch_false: ...to here
criu-4.1.1/criu/net.c:3961:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/net.c:3963:32: branch_true: ...to here
criu-4.1.1/criu/net.c:3970:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3975:24: branch_false: ...to here
criu-4.1.1/criu/net.c:3975:24: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3979:21: branch_false: ...to here
criu-4.1.1/criu/net.c:3979:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/net.c:3984:22: branch_false: ...to here
criu-4.1.1/criu/net.c:3984:22: acquire_resource: socket created here
criu-4.1.1/criu/net.c:3985:20: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/net.c:3990:17: branch_false: ...to here
criu-4.1.1/criu/net.c:3999:23: call_function: calling ‘restore_one_link’ from ‘kerndat_link_nsid’
# 3898|   	addattr_l(&req->h, sizeof(*req), VETH_INFO_PEER, &ifm, sizeof(ifm));
# 3899|   
# 3900|-> 	addattr_l(&req->h, sizeof(*req), IFLA_NET_NS_FD, &nde->peer_nsid, sizeof(int));
# 3901|   	peer_data->rta_len = (void *)NLMSG_TAIL(&req->h) - (void *)peer_data;
# 3902|   	veth_data->rta_len = (void *)NLMSG_TAIL(&req->h) - (void *)veth_data;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def495]
criu-4.1.1/criu/page-pipe.c:36:15: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/page-pipe.c:98:30: enter_function: entry to ‘ppb_alloc’
criu-4.1.1/criu/page-pipe.c:100:38: call_function: calling ‘pp_prev_ppb’ from ‘ppb_alloc’
criu-4.1.1/criu/page-pipe.c:100:38: return_function: returning to ‘ppb_alloc’ from ‘pp_prev_ppb’
criu-4.1.1/criu/page-pipe.c:104:15: acquire_memory: allocated here
criu-4.1.1/criu/page-pipe.c:104:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:107:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:109:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-pipe.c:109:21: branch_true: ...to here
criu-4.1.1/criu/page-pipe.c:109:21: call_function: calling ‘ppb_resize_pipe’ from ‘ppb_alloc’
#   34|   	int ret;
#   35|   
#   36|-> 	ret = fcntl(ppb->p[0], F_SETPIPE_SZ, new_size * PAGE_SIZE);
#   37|   	if (ret < 0)
#   38|   		return -1;

Error: CPPCHECK_WARNING (CWE-476): [#def496]
criu-4.1.1/criu/page-pipe.c:41: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#   39|   
#   40|   	ret /= PAGE_SIZE;
#   41|-> 	BUG_ON(ret < ppb->pipe_size);
#   42|   
#   43|   	pr_debug("Grow pipe %x -> %x\n", ppb->pipe_size, ret);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def497]
criu-4.1.1/criu/page-pipe.c:41:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/page-pipe.c:98:30: enter_function: entry to ‘ppb_alloc’
criu-4.1.1/criu/page-pipe.c:100:38: call_function: calling ‘pp_prev_ppb’ from ‘ppb_alloc’
criu-4.1.1/criu/page-pipe.c:100:38: return_function: returning to ‘ppb_alloc’ from ‘pp_prev_ppb’
criu-4.1.1/criu/page-pipe.c:104:15: acquire_memory: allocated here
criu-4.1.1/criu/page-pipe.c:104:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:107:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:109:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-pipe.c:109:21: branch_true: ...to here
criu-4.1.1/criu/page-pipe.c:109:21: call_function: calling ‘ppb_resize_pipe’ from ‘ppb_alloc’
#   39|   
#   40|   	ret /= PAGE_SIZE;
#   41|-> 	BUG_ON(ret < ppb->pipe_size);
#   42|   
#   43|   	pr_debug("Grow pipe %x -> %x\n", ppb->pipe_size, ret);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def498]
criu-4.1.1/criu/page-pipe.c:41:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/page-pipe.c:37:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-pipe.c:40:13: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:41:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-pipe.c:41:9: branch_true: ...to here
criu-4.1.1/criu/page-pipe.c:41:9: danger: dereference of NULL ‘0’
#   39|   
#   40|   	ret /= PAGE_SIZE;
#   41|-> 	BUG_ON(ret < ppb->pipe_size);
#   42|   
#   43|   	pr_debug("Grow pipe %x -> %x\n", ppb->pipe_size, ret);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def499]
criu-4.1.1/criu/page-pipe.c:43:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/page-pipe.c:98:30: enter_function: entry to ‘ppb_alloc’
criu-4.1.1/criu/page-pipe.c:100:38: call_function: calling ‘pp_prev_ppb’ from ‘ppb_alloc’
criu-4.1.1/criu/page-pipe.c:100:38: return_function: returning to ‘ppb_alloc’ from ‘pp_prev_ppb’
criu-4.1.1/criu/page-pipe.c:104:15: acquire_memory: allocated here
criu-4.1.1/criu/page-pipe.c:104:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:107:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:109:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-pipe.c:109:21: branch_true: ...to here
criu-4.1.1/criu/page-pipe.c:109:21: call_function: calling ‘ppb_resize_pipe’ from ‘ppb_alloc’
#   41|   	BUG_ON(ret < ppb->pipe_size);
#   42|   
#   43|-> 	pr_debug("Grow pipe %x -> %x\n", ppb->pipe_size, ret);
#   44|   	ppb->pipe_size = ret;
#   45|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def500]
criu-4.1.1/criu/page-pipe.c:104:15: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/page-pipe.c:187:19: enter_function: entry to ‘create_page_pipe’
criu-4.1.1/criu/page-pipe.c:193:14: acquire_memory: allocated here
criu-4.1.1/criu/page-pipe.c:193:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:197:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:202:12: branch_false: following ‘false’ branch (when ‘iovs’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:208:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:210:13: call_function: calling ‘page_pipe_grow’ from ‘create_page_pipe’
#  102|   	int ppb_size = 0;
#  103|   
#  104|-> 	ppb = xmalloc(sizeof(*ppb));
#  105|   	if (!ppb)
#  106|   		return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def501]
criu-4.1.1/criu/page-pipe.c:107:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/page-pipe.c:187:19: enter_function: entry to ‘create_page_pipe’
criu-4.1.1/criu/page-pipe.c:193:14: acquire_memory: allocated here
criu-4.1.1/criu/page-pipe.c:193:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:197:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:202:12: branch_false: following ‘false’ branch (when ‘iovs’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:208:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:210:13: call_function: calling ‘page_pipe_grow’ from ‘create_page_pipe’
#  105|   	if (!ppb)
#  106|   		return NULL;
#  107|-> 	cnt_add(CNT_PAGE_PIPE_BUFS, 1);
#  108|   
#  109|   	if (prev && ppb_resize_pipe(prev) == 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def502]
criu-4.1.1/criu/page-pipe.c:118:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/page-pipe.c:187:19: enter_function: entry to ‘create_page_pipe’
criu-4.1.1/criu/page-pipe.c:193:14: acquire_memory: allocated here
criu-4.1.1/criu/page-pipe.c:193:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:197:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:202:12: branch_false: following ‘false’ branch (when ‘iovs’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:208:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:210:13: call_function: calling ‘page_pipe_grow’ from ‘create_page_pipe’
#  116|   		if (pipe(ppb->p)) {
#  117|   			xfree(ppb);
#  118|-> 			pr_perror("Can't make pipe for page-pipe");
#  119|   			return NULL;
#  120|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def503]
criu-4.1.1/criu/page-pipe.c:121:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor
criu-4.1.1/criu/page-pipe.c:104:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:107:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:109:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-pipe.c:116:26: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:116:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-pipe.c:121:17: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:121:17: danger: leaks here
#  119|   			return NULL;
#  120|   		}
#  121|-> 		cnt_add(CNT_PAGE_PIPES, 1);
#  122|   
#  123|   		ppb->pipe_off = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def504]
criu-4.1.1/criu/page-pipe.c:121:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/page-pipe.c:104:15: acquire_memory: allocated here
criu-4.1.1/criu/page-pipe.c:104:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:107:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:109:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-pipe.c:116:26: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:116:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-pipe.c:121:17: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:121:17: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/0)
#  119|   			return NULL;
#  120|   		}
#  121|-> 		cnt_add(CNT_PAGE_PIPES, 1);
#  122|   
#  123|   		ppb->pipe_off = 0;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def505]
criu-4.1.1/criu/page-pipe.c:124:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor
criu-4.1.1/criu/page-pipe.c:104:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:107:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:109:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-pipe.c:116:26: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:116:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-pipe.c:121:17: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:124:28: danger: leaks here
#  122|   
#  123|   		ppb->pipe_off = 0;
#  124|-> 		ppb_size = fcntl(ppb->p[0], F_GETPIPE_SZ, 0);
#  125|   		if (ppb_size < 0) {
#  126|   			xfree(ppb);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def506]
criu-4.1.1/criu/page-pipe.c:124:28: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/page-pipe.c:187:19: enter_function: entry to ‘create_page_pipe’
criu-4.1.1/criu/page-pipe.c:193:14: acquire_memory: allocated here
criu-4.1.1/criu/page-pipe.c:193:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:197:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:202:12: branch_false: following ‘false’ branch (when ‘iovs’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:208:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:210:13: call_function: calling ‘page_pipe_grow’ from ‘create_page_pipe’
#  122|   
#  123|   		ppb->pipe_off = 0;
#  124|-> 		ppb_size = fcntl(ppb->p[0], F_GETPIPE_SZ, 0);
#  125|   		if (ppb_size < 0) {
#  126|   			xfree(ppb);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def507]
criu-4.1.1/criu/page-pipe.c:126:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor
criu-4.1.1/criu/page-pipe.c:104:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:107:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:109:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-pipe.c:116:26: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:116:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-pipe.c:121:17: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:125:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-pipe.c:126:25: branch_true: ...to here
criu-4.1.1/criu/page-pipe.c:126:25: danger: leaks here
#  124|   		ppb_size = fcntl(ppb->p[0], F_GETPIPE_SZ, 0);
#  125|   		if (ppb_size < 0) {
#  126|-> 			xfree(ppb);
#  127|   			pr_perror("Can't get pipe size");
#  128|   			return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def508]
criu-4.1.1/criu/page-pipe.c:127:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/page-pipe.c:187:19: enter_function: entry to ‘create_page_pipe’
criu-4.1.1/criu/page-pipe.c:193:14: acquire_memory: allocated here
criu-4.1.1/criu/page-pipe.c:193:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:197:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:202:12: branch_false: following ‘false’ branch (when ‘iovs’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:208:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:210:13: call_function: calling ‘page_pipe_grow’ from ‘create_page_pipe’
#  125|   		if (ppb_size < 0) {
#  126|   			xfree(ppb);
#  127|-> 			pr_perror("Can't get pipe size");
#  128|   			return NULL;
#  129|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def509]
criu-4.1.1/criu/page-pipe.c:165:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/page-pipe.c:187:19: enter_function: entry to ‘create_page_pipe’
criu-4.1.1/criu/page-pipe.c:193:14: acquire_memory: allocated here
criu-4.1.1/criu/page-pipe.c:193:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:197:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:202:12: branch_false: following ‘false’ branch (when ‘iovs’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:208:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:210:13: call_function: calling ‘page_pipe_grow’ from ‘create_page_pipe’
#  163|   	struct iovec *free_iov;
#  164|   
#  165|-> 	pr_debug("Will grow page pipe (iov off is %u)\n", pp->free_iov);
#  166|   
#  167|   	if (!list_empty(&pp->free_bufs)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def510]
criu-4.1.1/criu/page-pipe.c:203:24: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/page-pipe.c:193:14: acquire_memory: allocated here
criu-4.1.1/criu/page-pipe.c:193:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-pipe.c:197:9: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:202:12: branch_true: following ‘true’ branch (when ‘iovs’ is NULL)...
criu-4.1.1/criu/page-pipe.c:203:24: branch_true: ...to here
criu-4.1.1/criu/page-pipe.c:203:24: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/page-pipe.c:203:24: branch_true: ...to here
criu-4.1.1/criu/page-pipe.c:203:24: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/0)
#  201|   
#  202|   	if (!iovs) {
#  203|-> 		iovs = xmalloc(sizeof(*iovs) * nr_segs);
#  204|   		if (!iovs)
#  205|   			goto err_free_pp;

Error: CPPCHECK_WARNING (CWE-476): [#def511]
criu-4.1.1/criu/page-pipe.c:242: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#  240|   	struct page_pipe_buf *ppb, *n;
#  241|   
#  242|-> 	BUG_ON(!(pp->flags & PP_CHUNK_MODE));
#  243|   
#  244|   	pr_debug("Clean up page pipe\n");

Error: GCC_ANALYZER_WARNING (CWE-476): [#def512]
criu-4.1.1/criu/page-pipe.c:242:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/page-pipe.c:242:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-pipe.c:242:9: branch_true: ...to here
criu-4.1.1/criu/page-pipe.c:242:9: danger: dereference of NULL ‘0’
#  240|   	struct page_pipe_buf *ppb, *n;
#  241|   
#  242|-> 	BUG_ON(!(pp->flags & PP_CHUNK_MODE));
#  243|   
#  244|   	pr_debug("Clean up page pipe\n");

Error: CPPCHECK_WARNING (CWE-476): [#def513]
criu-4.1.1/criu/page-pipe.c:252: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#  250|   
#  251|   	if (page_pipe_grow(pp, 0))
#  252|-> 		BUG(); /* It can't fail, because ppb is in free_bufs */
#  253|   }
#  254|   

Error: CPPCHECK_WARNING (CWE-476): [#def514]
criu-4.1.1/criu/page-pipe.c:270: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#  268|   	iov_init(&ppb->iov[ppb->nr_segs++], addr);
#  269|   	pp->free_iov++;
#  270|-> 	BUG_ON(pp->free_iov > pp->nr_iovs);
#  271|   out:
#  272|   	ppb->pages_in++;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def515]
criu-4.1.1/criu/page-pipe.c:270:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/page-pipe.c:258:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-pipe.c:261:13: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:261:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-pipe.c:264:13: branch_false: ...to here
criu-4.1.1/criu/page-pipe.c:270:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-pipe.c:270:9: branch_true: ...to here
criu-4.1.1/criu/page-pipe.c:270:9: danger: dereference of NULL ‘0’
#  268|   	iov_init(&ppb->iov[ppb->nr_segs++], addr);
#  269|   	pp->free_iov++;
#  270|-> 	BUG_ON(pp->free_iov > pp->nr_iovs);
#  271|   out:
#  272|   	ppb->pages_in++;

Error: CPPCHECK_WARNING (CWE-476): [#def516]
criu-4.1.1/criu/page-pipe.c:278: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#  276|   static inline int try_add_page(struct page_pipe *pp, unsigned long addr, unsigned int flags)
#  277|   {
#  278|-> 	BUG_ON(list_empty(&pp->bufs));
#  279|   	return try_add_page_to(pp, list_entry(pp->bufs.prev, struct page_pipe_buf, l), addr, flags);
#  280|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def517]
criu-4.1.1/criu/page-pipe.c:278:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  276|   static inline int try_add_page(struct page_pipe *pp, unsigned long addr, unsigned int flags)
#  277|   {
#  278|-> 	BUG_ON(list_empty(&pp->bufs));
#  279|   	return try_add_page_to(pp, list_entry(pp->bufs.prev, struct page_pipe_buf, l), addr, flags);
#  280|   }

Error: CPPCHECK_WARNING (CWE-476): [#def518]
criu-4.1.1/criu/page-pipe.c:295: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#  293|   
#  294|   	ret = try_add_page(pp, addr, flags);
#  295|-> 	BUG_ON(ret > 0);
#  296|   	return ret;
#  297|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def519]
criu-4.1.1/criu/page-xfer.c:77:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#   75|   		type = PS_TYPE_SHMEM;
#   76|   	else {
#   77|-> 		BUG();
#   78|   		return 0;
#   79|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def520]
criu-4.1.1/criu/page-xfer.c:442:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/page-xfer.c:877:5: enter_function: entry to ‘page_xfer_dump_pages’
criu-4.1.1/criu/page-xfer.c:885:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-xfer.c:888:17: branch_true: ...to here
criu-4.1.1/criu/page-xfer.c:890:29: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-xfer.c:891:44: branch_true: ...to here
criu-4.1.1/criu/page-xfer.c:894:31: call_function: calling ‘dump_holes’ from ‘page_xfer_dump_pages’
#  440|   static int page_xfer_dump_hole(struct page_xfer *xfer, struct iovec *hole, u32 flags)
#  441|   {
#  442|-> 	BUG_ON(hole->iov_base < (void *)xfer->offset);
#  443|   	hole->iov_base -= xfer->offset;
#  444|   	pr_debug("\th %p [%u]\n", hole->iov_base, (unsigned int)(hole->iov_len / PAGE_SIZE));

Error: GCC_ANALYZER_WARNING (CWE-476): [#def521]
criu-4.1.1/criu/page-xfer.c:459:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/page-xfer.c:877:5: enter_function: entry to ‘page_xfer_dump_pages’
criu-4.1.1/criu/page-xfer.c:885:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-xfer.c:888:17: branch_true: ...to here
criu-4.1.1/criu/page-xfer.c:890:29: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-xfer.c:891:44: branch_true: ...to here
criu-4.1.1/criu/page-xfer.c:894:31: call_function: calling ‘dump_holes’ from ‘page_xfer_dump_pages’
#  457|   		return PE_PARENT;
#  458|   	else
#  459|-> 		BUG();
#  460|   
#  461|   	return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def522]
criu-4.1.1/criu/page-xfer.c:649:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/page-xfer.c:775:5: enter_function: entry to ‘page_xfer_predump_pages’
criu-4.1.1/criu/page-xfer.c:789:12: branch_false: following ‘false’ branch (when ‘userbuf != 18446744073709551615’)...
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:793:19: acquire_memory: allocated here
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-xfer.c:797:9: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:797:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-xfer.c:798:21: branch_true: ...to here
criu-4.1.1/criu/page-xfer.c:798:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-xfer.c:813:17: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:819:30: call_function: calling ‘fill_userbuf’ from ‘page_xfer_predump_pages’
#  647|   		if (bytes_read == -1) {
#  648|   			/* Handling faulty page read in faulty iov */
#  649|-> 			cnt_sub(CNT_PAGES_WRITTEN, 1);
#  650|   			dummy.iov_base += PAGE_SIZE;
#  651|   			dummy.iov_len -= PAGE_SIZE;

Error: GCC_ANALYZER_WARNING (CWE-127): [#def523]
criu-4.1.1/criu/page-xfer.c:656:21: warning[-Wanalyzer-out-of-bounds]: heap-based buffer under-read
criu-4.1.1/criu/page-xfer.c:775:5: enter_function: entry to ‘page_xfer_predump_pages’
criu-4.1.1/criu/page-xfer.c:789:12: branch_false: following ‘false’ branch (when ‘userbuf != 18446744073709551615’)...
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-xfer.c:797:9: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:797:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-xfer.c:798:21: branch_true: ...to here
criu-4.1.1/criu/page-xfer.c:798:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-xfer.c:813:17: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:819:30: call_function: calling ‘fill_userbuf’ from ‘page_xfer_predump_pages’
#  654|   
#  655|   		/* If aux-iov can merge and expand or new entry required */
#  656|-> 		if (aux_iov[(*aux_len) - 1].iov_base + aux_iov[(*aux_len) - 1].iov_len == dummy.iov_base)
#  657|   			aux_iov[(*aux_len) - 1].iov_len += bytes_read;
#  658|   		else {

Error: GCC_ANALYZER_WARNING (CWE-127): [#def524]
criu-4.1.1/criu/page-xfer.c:656:56: warning[-Wanalyzer-out-of-bounds]: heap-based buffer under-read
criu-4.1.1/criu/page-xfer.c:775:5: enter_function: entry to ‘page_xfer_predump_pages’
criu-4.1.1/criu/page-xfer.c:789:12: branch_false: following ‘false’ branch (when ‘userbuf != 18446744073709551615’)...
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-xfer.c:797:9: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:797:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-xfer.c:798:21: branch_true: ...to here
criu-4.1.1/criu/page-xfer.c:798:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-xfer.c:813:17: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:819:30: call_function: calling ‘fill_userbuf’ from ‘page_xfer_predump_pages’
#  654|   
#  655|   		/* If aux-iov can merge and expand or new entry required */
#  656|-> 		if (aux_iov[(*aux_len) - 1].iov_base + aux_iov[(*aux_len) - 1].iov_len == dummy.iov_base)
#  657|   			aux_iov[(*aux_len) - 1].iov_len += bytes_read;
#  658|   		else {

Error: GCC_ANALYZER_WARNING (CWE-124): [#def525]
criu-4.1.1/criu/page-xfer.c:657:25: warning[-Wanalyzer-out-of-bounds]: heap-based buffer underwrite
criu-4.1.1/criu/page-xfer.c:775:5: enter_function: entry to ‘page_xfer_predump_pages’
criu-4.1.1/criu/page-xfer.c:789:12: branch_false: following ‘false’ branch (when ‘userbuf != 18446744073709551615’)...
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-xfer.c:797:9: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:797:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-xfer.c:798:21: branch_true: ...to here
criu-4.1.1/criu/page-xfer.c:798:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-xfer.c:813:17: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:819:30: call_function: calling ‘fill_userbuf’ from ‘page_xfer_predump_pages’
#  655|   		/* If aux-iov can merge and expand or new entry required */
#  656|   		if (aux_iov[(*aux_len) - 1].iov_base + aux_iov[(*aux_len) - 1].iov_len == dummy.iov_base)
#  657|-> 			aux_iov[(*aux_len) - 1].iov_len += bytes_read;
#  658|   		else {
#  659|   			aux_iov[*aux_len].iov_base = dummy.iov_base;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def526]
criu-4.1.1/criu/page-xfer.c:735:33: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/page-xfer.c:775:5: enter_function: entry to ‘page_xfer_predump_pages’
criu-4.1.1/criu/page-xfer.c:789:12: branch_false: following ‘false’ branch (when ‘userbuf != 18446744073709551615’)...
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:793:19: acquire_memory: allocated here
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-xfer.c:797:9: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:797:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-xfer.c:798:21: branch_true: ...to here
criu-4.1.1/criu/page-xfer.c:798:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-xfer.c:813:17: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:819:30: call_function: calling ‘fill_userbuf’ from ‘page_xfer_predump_pages’
#  733|   		if (bytes_read == -1) {
#  734|   			if (errno == ESRCH) {
#  735|-> 				pr_debug("Target process PID:%d not found\n", pid);
#  736|   				return -ESRCH;
#  737|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def527]
criu-4.1.1/criu/page-xfer.c:739:33: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/page-xfer.c:775:5: enter_function: entry to ‘page_xfer_predump_pages’
criu-4.1.1/criu/page-xfer.c:789:12: branch_false: following ‘false’ branch (when ‘userbuf != 18446744073709551615’)...
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:793:19: acquire_memory: allocated here
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-xfer.c:797:9: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:797:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-xfer.c:798:21: branch_true: ...to here
criu-4.1.1/criu/page-xfer.c:798:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-xfer.c:813:17: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:819:30: call_function: calling ‘fill_userbuf’ from ‘page_xfer_predump_pages’
#  737|   			}
#  738|   			if (errno != EFAULT) {
#  739|-> 				pr_perror("process_vm_readv failed");
#  740|   				return -1;
#  741|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def528]
criu-4.1.1/criu/page-xfer.c:744:33: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/page-xfer.c:775:5: enter_function: entry to ‘page_xfer_predump_pages’
criu-4.1.1/criu/page-xfer.c:789:12: branch_false: following ‘false’ branch (when ‘userbuf != 18446744073709551615’)...
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:793:19: acquire_memory: allocated here
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-xfer.c:797:9: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:797:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-xfer.c:798:21: branch_true: ...to here
criu-4.1.1/criu/page-xfer.c:798:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-xfer.c:813:17: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:819:30: call_function: calling ‘fill_userbuf’ from ‘page_xfer_predump_pages’
#  742|   			/* Handling Case 1*/
#  743|   			if (riov[start].iov_len == PAGE_SIZE) {
#  744|-> 				cnt_sub(CNT_PAGES_WRITTEN, 1);
#  745|   				start += 1;
#  746|   				continue;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def529]
criu-4.1.1/criu/page-xfer.c:803:33: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/page-xfer.c:789:12: branch_false: following ‘false’ branch (when ‘userbuf != 18446744073709551615’)...
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:793:19: acquire_memory: allocated here
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-xfer.c:797:9: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:797:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-xfer.c:798:21: branch_true: ...to here
criu-4.1.1/criu/page-xfer.c:798:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-xfer.c:801:32: branch_true: ...to here
criu-4.1.1/criu/page-xfer.c:802:28: branch_true: following ‘true’ branch (when ‘addr == 18446744073709551615’)...
criu-4.1.1/criu/page-xfer.c:803:33: branch_true: ...to here
criu-4.1.1/criu/page-xfer.c:803:33: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/2)
#  801|   			addr = mremap(userbuf, userbuf_len, ppb->pipe_size * PAGE_SIZE, MREMAP_MAYMOVE);
#  802|   			if (addr == MAP_FAILED) {
#  803|-> 				pr_perror("Unable to mmap a buffer");
#  804|   				goto err;
#  805|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def530]
criu-4.1.1/criu/page-xfer.c:808:32: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/page-xfer.c:789:12: branch_false: following ‘false’ branch (when ‘userbuf != 18446744073709551615’)...
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:793:19: acquire_memory: allocated here
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-xfer.c:797:9: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:797:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-xfer.c:798:21: branch_true: ...to here
criu-4.1.1/criu/page-xfer.c:798:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-xfer.c:801:32: branch_true: ...to here
criu-4.1.1/criu/page-xfer.c:802:28: branch_false: following ‘false’ branch (when ‘addr != 18446744073709551615’)...
criu-4.1.1/criu/page-xfer.c:806:39: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:808:32: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/page-xfer.c:808:32: branch_true: ...to here
criu-4.1.1/criu/page-xfer.c:808:32: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/2)
#  806|   			userbuf_len = ppb->pipe_size * PAGE_SIZE;
#  807|   			userbuf = addr;
#  808|-> 			addr = xrealloc(aux_iov, ppb->pipe_size * sizeof(aux_iov[0]));
#  809|   			if (!addr)
#  810|   				goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def531]
criu-4.1.1/criu/page-xfer.c:813:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/page-xfer.c:789:12: branch_false: following ‘false’ branch (when ‘userbuf != 18446744073709551615’)...
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:793:19: acquire_memory: allocated here
criu-4.1.1/criu/page-xfer.c:793:19: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/page-xfer.c:797:9: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:797:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-xfer.c:798:21: branch_true: ...to here
criu-4.1.1/criu/page-xfer.c:798:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-xfer.c:813:17: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:813:17: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/2)
#  811|   			aux_iov = addr;
#  812|   		}
#  813|-> 		timing_start(TIME_MEMDUMP);
#  814|   
#  815|   		aux_len = 0;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def532]
criu-4.1.1/criu/page-xfer.c:1626:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/page-xfer.c:1620:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/page-xfer.c:1626:9: branch_false: ...to here
criu-4.1.1/criu/page-xfer.c:1626:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/page-xfer.c:1626:9: branch_true: ...to here
criu-4.1.1/criu/page-xfer.c:1626:9: danger: dereference of NULL ‘0’
# 1624|   	 * IO complete -- notify the caller and drop the request
# 1625|   	 */
# 1626|-> 	BUG_ON(ar->rb > ar->goal);
# 1627|   	return ar->complete((int)ar->pi.dst_id, (unsigned long)ar->pi.vaddr, (int)ar->pi.nr_pages, ar->priv);
# 1628|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def533]
criu-4.1.1/criu/page-xfer.c:1635:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 1633|   	int ret;
# 1634|   
# 1635|-> 	BUG_ON(list_empty(&async_reads));
# 1636|   	ar = list_first_entry(&async_reads, struct ps_async_read, l);
# 1637|   	ret = page_server_read(ar, MSG_DONTWAIT);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def534]
criu-4.1.1/criu/pagemap-cache.c:52:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/pagemap-cache.c:52:9: branch_true: following ‘true’ branch (when ‘vma_head’ is NULL)...
criu-4.1.1/criu/pagemap-cache.c:52:9: branch_true: ...to here
criu-4.1.1/criu/pagemap-cache.c:52:9: danger: dereference of NULL ‘0’
#   50|   	pmc_reset(pmc);
#   51|   
#   52|-> 	BUG_ON(!vma_head);
#   53|   
#   54|   	pmc->pid = pid;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def535]
criu-4.1.1/criu/pagemap-cache.c:143:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/pagemap-cache.c:132:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap-cache.c:132:13: branch_false: ...to here
criu-4.1.1/criu/pagemap-cache.c:132:13: branch_true: following ‘true’ branch...
criu-4.1.1/criu/pagemap-cache.c:139:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/pagemap-cache.c:140:29: branch_true: ...to here
criu-4.1.1/criu/pagemap-cache.c:140:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap-cache.c:143:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/pagemap-cache.c:143:25: branch_true: ...to here
criu-4.1.1/criu/pagemap-cache.c:143:25: danger: dereference of NULL ‘0’
#  141|   				break;
#  142|   
#  143|-> 			BUG_ON(vma->e->start < low);
#  144|   			size_cov += vma_area_len(vma);
#  145|   			nr_vmas++;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def536]
criu-4.1.1/criu/pagemap-cache.c:174:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/pagemap-cache.c:174:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/pagemap-cache.c:174:9: branch_true: ...to here
criu-4.1.1/criu/pagemap-cache.c:174:9: danger: dereference of NULL ‘0’
#  172|   
#  173|   	size_map = PAGEMAP_LEN(pmc->end - pmc->start);
#  174|-> 	BUG_ON(pmc->map_len < size_map);
#  175|   	BUG_ON(pmc->fd < 0);
#  176|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def537]
criu-4.1.1/criu/pagemap-cache.c:175:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/pagemap-cache.c:174:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap-cache.c:175:9: branch_false: ...to here
criu-4.1.1/criu/pagemap-cache.c:175:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/pagemap-cache.c:175:9: branch_true: ...to here
criu-4.1.1/criu/pagemap-cache.c:175:9: danger: dereference of NULL ‘0’
#  173|   	size_map = PAGEMAP_LEN(pmc->end - pmc->start);
#  174|   	BUG_ON(pmc->map_len < size_map);
#  175|-> 	BUG_ON(pmc->fd < 0);
#  176|   
#  177|   	if (pmc->regs) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def538]
criu-4.1.1/criu/pagemap.c:596:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/pagemap.c:596:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/pagemap.c:596:9: branch_true: ...to here
criu-4.1.1/criu/pagemap.c:596:9: danger: dereference of NULL ‘0’
#  594|   	int ret;
#  595|   
#  596|-> 	BUG_ON(!list_empty(&pr->async));
#  597|   
#  598|   	if (pr->bunch.iov_len > 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def539]
criu-4.1.1/criu/pagemap.c:642:13: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/pagemap.c:633:12: enter_function: entry to ‘try_open_parent’
criu-4.1.1/criu/pagemap.c:639:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:642:13: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:642:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:644:13: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:644:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:647:18: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:647:18: acquire_memory: allocated here
criu-4.1.1/criu/pagemap.c:647:18: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/pagemap.c:651:15: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:651:15: call_function: calling ‘open_page_read_at’ from ‘try_open_parent’
#  640|   		goto out;
#  641|   
#  642|-> 	if (open_parent(dfd, &pfd))
#  643|   		goto err;
#  644|   	if (pfd < 0)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def540]
criu-4.1.1/criu/pagemap.c:647:18: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/pagemap.c:756:5: enter_function: entry to ‘open_page_read_at’
criu-4.1.1/criu/pagemap.c:798:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:801:13: call_function: inlined call to ‘empty_image’ from ‘open_page_read_at’
criu-4.1.1/criu/pagemap.c:806:13: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:806:13: call_function: calling ‘try_open_parent’ from ‘open_page_read_at’
#  645|   		goto out;
#  646|   
#  647|-> 	parent = xmalloc(sizeof(*parent));
#  648|   	if (!parent)
#  649|   		goto err_cl;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def541]
criu-4.1.1/criu/pagemap.c:668:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/pagemap.c:633:12: enter_function: entry to ‘try_open_parent’
criu-4.1.1/criu/pagemap.c:639:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:642:13: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:642:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:644:13: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:644:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:647:18: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:647:18: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/pagemap.c:651:15: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:651:15: call_function: calling ‘open_page_read_at’ from ‘try_open_parent’
#  666|   	xfree(parent);
#  667|   err_cl:
#  668|-> 	close(pfd);
#  669|   err:
#  670|   	return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def542]
criu-4.1.1/criu/pagemap.c:782:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/pagemap.c:633:12: enter_function: entry to ‘try_open_parent’
criu-4.1.1/criu/pagemap.c:639:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:642:13: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:642:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:644:13: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:644:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:647:18: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:647:18: acquire_memory: allocated here
criu-4.1.1/criu/pagemap.c:647:18: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/pagemap.c:651:15: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:651:15: call_function: calling ‘open_page_read_at’ from ‘try_open_parent’
#  780|   		break;
#  781|   	default:
#  782|-> 		BUG();
#  783|   		return -1;
#  784|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def543]
criu-4.1.1/criu/pagemap.c:782:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  780|   		break;
#  781|   	default:
#  782|-> 		BUG();
#  783|   		return -1;
#  784|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def544]
criu-4.1.1/criu/pagemap.c:797:19: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/pagemap.c:633:12: enter_function: entry to ‘try_open_parent’
criu-4.1.1/criu/pagemap.c:639:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:642:13: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:642:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:644:13: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:644:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:647:18: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:647:18: acquire_memory: allocated here
criu-4.1.1/criu/pagemap.c:647:18: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/pagemap.c:651:15: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:651:15: call_function: calling ‘open_page_read_at’ from ‘try_open_parent’
#  795|   	pr->disable_dedup = false;
#  796|   
#  797|-> 	pr->pmi = open_image_at(dfd, i_typ, O_RSTR, img_id);
#  798|   	if (!pr->pmi)
#  799|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def545]
criu-4.1.1/criu/pagemap.c:802:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/pagemap.c:633:12: enter_function: entry to ‘try_open_parent’
criu-4.1.1/criu/pagemap.c:639:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:642:13: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:642:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:644:13: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:644:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:647:18: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:647:18: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/pagemap.c:651:15: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:651:15: call_function: calling ‘open_page_read_at’ from ‘try_open_parent’
#  800|   
#  801|   	if (empty_image(pr->pmi)) {
#  802|-> 		close_image(pr->pmi);
#  803|   		return 0;
#  804|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def546]
criu-4.1.1/criu/pagemap.c:807:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/pagemap.c:633:12: enter_function: entry to ‘try_open_parent’
criu-4.1.1/criu/pagemap.c:639:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:642:13: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:642:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:644:13: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:644:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:647:18: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:647:18: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/pagemap.c:651:15: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:651:15: call_function: calling ‘open_page_read_at’ from ‘try_open_parent’
#  805|   
#  806|   	if (try_open_parent(dfd, img_id, pr, pr_flags)) {
#  807|-> 		close_image(pr->pmi);
#  808|   		return -1;
#  809|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def547]
criu-4.1.1/criu/pagemap.c:811:18: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/pagemap.c:633:12: enter_function: entry to ‘try_open_parent’
criu-4.1.1/criu/pagemap.c:639:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:642:13: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:642:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:644:13: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:644:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pagemap.c:647:18: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:647:18: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/pagemap.c:651:15: branch_false: ...to here
criu-4.1.1/criu/pagemap.c:651:15: call_function: calling ‘open_page_read_at’ from ‘try_open_parent’
#  809|   	}
#  810|   
#  811|-> 	pr->pi = open_pages_image_at(dfd, flags, pr->pmi, &pr->pages_img_id);
#  812|   	if (!pr->pi) {
#  813|   		close_page_read(pr);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def548]
criu-4.1.1/criu/parasite-syscall.c:108:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/parasite-syscall.c:108:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/parasite-syscall.c:108:9: branch_true: ...to here
criu-4.1.1/criu/parasite-syscall.c:108:9: danger: dereference of NULL ‘0’
#  106|   	BUILD_BUG_ON(sizeof(ce->cap_amb[0]) != sizeof(c->cap_amb[0]));
#  107|   
#  108|-> 	BUG_ON(ce->n_cap_inh != CR_CAP_SIZE);
#  109|   	BUG_ON(ce->n_cap_prm != CR_CAP_SIZE);
#  110|   	BUG_ON(ce->n_cap_eff != CR_CAP_SIZE);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def549]
criu-4.1.1/criu/parasite-syscall.c:109:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/parasite-syscall.c:108:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/parasite-syscall.c:109:9: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:109:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/parasite-syscall.c:109:9: branch_true: ...to here
criu-4.1.1/criu/parasite-syscall.c:109:9: danger: dereference of NULL ‘0’
#  107|   
#  108|   	BUG_ON(ce->n_cap_inh != CR_CAP_SIZE);
#  109|-> 	BUG_ON(ce->n_cap_prm != CR_CAP_SIZE);
#  110|   	BUG_ON(ce->n_cap_eff != CR_CAP_SIZE);
#  111|   	BUG_ON(ce->n_cap_bnd != CR_CAP_SIZE);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def550]
criu-4.1.1/criu/parasite-syscall.c:110:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/parasite-syscall.c:108:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/parasite-syscall.c:109:9: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:109:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/parasite-syscall.c:110:9: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:110:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/parasite-syscall.c:110:9: branch_true: ...to here
criu-4.1.1/criu/parasite-syscall.c:110:9: danger: dereference of NULL ‘0’
#  108|   	BUG_ON(ce->n_cap_inh != CR_CAP_SIZE);
#  109|   	BUG_ON(ce->n_cap_prm != CR_CAP_SIZE);
#  110|-> 	BUG_ON(ce->n_cap_eff != CR_CAP_SIZE);
#  111|   	BUG_ON(ce->n_cap_bnd != CR_CAP_SIZE);
#  112|   	BUG_ON(ce->n_cap_amb != CR_CAP_SIZE);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def551]
criu-4.1.1/criu/parasite-syscall.c:111:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/parasite-syscall.c:108:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/parasite-syscall.c:109:9: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:109:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/parasite-syscall.c:110:9: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:110:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/parasite-syscall.c:111:9: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:111:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/parasite-syscall.c:111:9: branch_true: ...to here
criu-4.1.1/criu/parasite-syscall.c:111:9: danger: dereference of NULL ‘0’
#  109|   	BUG_ON(ce->n_cap_prm != CR_CAP_SIZE);
#  110|   	BUG_ON(ce->n_cap_eff != CR_CAP_SIZE);
#  111|-> 	BUG_ON(ce->n_cap_bnd != CR_CAP_SIZE);
#  112|   	BUG_ON(ce->n_cap_amb != CR_CAP_SIZE);
#  113|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def552]
criu-4.1.1/criu/parasite-syscall.c:112:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/parasite-syscall.c:108:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/parasite-syscall.c:109:9: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:109:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/parasite-syscall.c:110:9: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:110:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/parasite-syscall.c:111:9: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:111:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/parasite-syscall.c:112:9: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:112:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/parasite-syscall.c:112:9: branch_true: ...to here
criu-4.1.1/criu/parasite-syscall.c:112:9: danger: dereference of NULL ‘0’
#  110|   	BUG_ON(ce->n_cap_eff != CR_CAP_SIZE);
#  111|   	BUG_ON(ce->n_cap_bnd != CR_CAP_SIZE);
#  112|-> 	BUG_ON(ce->n_cap_amb != CR_CAP_SIZE);
#  113|   
#  114|   	memcpy(ce->cap_inh, c->cap_inh, sizeof(c->cap_inh[0]) * CR_CAP_SIZE);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def553]
criu-4.1.1/criu/parasite-syscall.c:187:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/parasite-syscall.c:187:9: branch_true: following ‘true’ branch (when ‘id == 0’)...
criu-4.1.1/criu/parasite-syscall.c:187:9: branch_true: ...to here
criu-4.1.1/criu/parasite-syscall.c:187:9: danger: dereference of NULL ‘0’
#  185|   	int ret;
#  186|   
#  187|-> 	BUG_ON(id == 0); /* Leader is dumped in dump_task_core_all */
#  188|   
#  189|   	args = compel_parasite_args(ctl, struct parasite_dump_thread);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def554]
criu-4.1.1/criu/parasite-syscall.c:350:21: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/parasite-syscall.c:346:23: acquire_memory: allocated here
criu-4.1.1/criu/parasite-syscall.c:346:23: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/parasite-syscall.c:350:21: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:350:21: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/parasite-syscall.c:350:21: branch_true: ...to here
criu-4.1.1/criu/parasite-syscall.c:350:21: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0)
#  348|   		return -1;
#  349|   
#  350|-> 	thread_sp = xzalloc(sizeof(*thread_sp) * item->nr_threads);
#  351|   	if (!thread_sp)
#  352|   		goto free_ctls;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def555]
criu-4.1.1/criu/parasite-syscall.c:358:40: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/parasite-syscall.c:346:23: acquire_memory: allocated here
criu-4.1.1/criu/parasite-syscall.c:346:23: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/parasite-syscall.c:350:21: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:350:21: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/parasite-syscall.c:351:12: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:351:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:354:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/parasite-syscall.c:355:36: branch_true: ...to here
criu-4.1.1/criu/parasite-syscall.c:357:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/parasite-syscall.c:358:34: branch_true: ...to here
criu-4.1.1/criu/parasite-syscall.c:358:40: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#  356|   
#  357|   		if (item->pid->real == tid->real) {
#  358|-> 			thread_sp[i] = compel_get_leader_sp(ctl);
#  359|   			continue;
#  360|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def556]
criu-4.1.1/criu/parasite-syscall.c:362:34: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/parasite-syscall.c:346:23: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/parasite-syscall.c:350:21: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:350:21: acquire_memory: allocated here
criu-4.1.1/criu/parasite-syscall.c:350:21: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/parasite-syscall.c:351:12: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:351:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:354:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/parasite-syscall.c:355:36: branch_true: ...to here
criu-4.1.1/criu/parasite-syscall.c:357:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/parasite-syscall.c:362:28: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:362:34: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
#  360|   		}
#  361|   
#  362|-> 		thread_ctls[i] = compel_prepare_thread(ctl, tid->real);
#  363|   		if (!thread_ctls[i])
#  364|   			goto free_sp;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def557]
criu-4.1.1/criu/parasite-syscall.c:366:32: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/parasite-syscall.c:346:23: acquire_memory: allocated here
criu-4.1.1/criu/parasite-syscall.c:346:23: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/parasite-syscall.c:350:21: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:350:21: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/parasite-syscall.c:351:12: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:351:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:354:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/parasite-syscall.c:355:36: branch_true: ...to here
criu-4.1.1/criu/parasite-syscall.c:357:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/parasite-syscall.c:362:28: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:363:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/parasite-syscall.c:366:26: branch_false: ...to here
criu-4.1.1/criu/parasite-syscall.c:366:32: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/0)
#  364|   			goto free_sp;
#  365|   
#  366|-> 		thread_sp[i] = compel_get_thread_sp(thread_ctls[i]);
#  367|   	}
#  368|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def558]
criu-4.1.1/criu/parasite-syscall.c:388:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/parasite-syscall.c:388:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/parasite-syscall.c:388:9: branch_true: ...to here
criu-4.1.1/criu/parasite-syscall.c:388:9: danger: dereference of NULL ‘0’
#  386|   	int ret;
#  387|   
#  388|-> 	BUG_ON(item->threads[0].real != pid);
#  389|   
#  390|   	p = get_exec_start(vma_area_list);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def559]
criu-4.1.1/criu/pidfd-store.c:165:23: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/pidfd-store.c:142:5: enter_function: entry to ‘init_pidfd_store_hash’
criu-4.1.1/criu/pidfd-store.c:147:21: branch_true: following ‘true’ branch (when ‘i != 32’)...
criu-4.1.1/criu/pidfd-store.c:148:17: branch_true: ...to here
criu-4.1.1/criu/pidfd-store.c:151:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/pidfd-store.c:160:25: acquire_memory: allocated here
criu-4.1.1/criu/pidfd-store.c:160:25: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/pidfd-store.c:163:17: call_function: inlined call to ‘INIT_HLIST_NODE’ from ‘init_pidfd_store_hash’
criu-4.1.1/criu/pidfd-store.c:165:23: danger: ‘___p’ leaks here; was allocated at [(6)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/5)
#  163|   		INIT_HLIST_NODE(&entry->hash);
#  164|   
#  165|-> 		ret = __recv_fds(pidfd_store_sk, &entry->pidfd, 1, &entry->pid, sizeof(pid_t), MSG_DONTWAIT);
#  166|   		if (ret == -EAGAIN || ret == -EWOULDBLOCK) {
#  167|   			/* No more fds to read */

Error: GCC_ANALYZER_WARNING (CWE-476): [#def560]
criu-4.1.1/criu/pidfd.c:205:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/pidfd.c:187:12: enter_function: entry to ‘open_one_pidfd’
criu-4.1.1/criu/pidfd.c:195:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pidfd.c:204:34: branch_false: ...to here
criu-4.1.1/criu/pidfd.c:204:16: call_function: calling ‘lookup_dead_pidfd’ from ‘open_one_pidfd’
criu-4.1.1/criu/pidfd.c:204:16: return_function: returning to ‘open_one_pidfd’ from ‘lookup_dead_pidfd’
criu-4.1.1/criu/pidfd.c:205:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/pidfd.c:205:9: branch_true: ...to here
criu-4.1.1/criu/pidfd.c:205:9: danger: dereference of NULL ‘0’
#  203|   
#  204|   	dead = lookup_dead_pidfd(info->pidfe->ino);
#  205|-> 	BUG_ON(!dead);
#  206|   
#  207|   	if (info->dead && info->dead->creator_id != info->pidfe->id) {

Error: GCC_ANALYZER_WARNING (CWE-465): [#def561]
criu-4.1.1/criu/pie-util-vdso-elf32.c:153:28: warning[-Wanalyzer-deref-before-check]: check of ‘addr’ for NULL after already dereferencing it
criu-4.1.1/criu/pie-util-vdso-elf32.c:430:5: enter_function: entry to ‘vdso_fill_symtable_compat’
criu-4.1.1/criu/pie-util-vdso-elf32.c:449:15: call_function: calling ‘parse_elf_phdr’ from ‘vdso_fill_symtable_compat’
#  151|   		switch (phdr->p_type) {
#  152|   		case PT_DYNAMIC:
#  153|-> 			if (*dynamic) {
#  154|   				pr_err("Second PT_DYNAMIC header\n");
#  155|   				return -EINVAL;

Error: GCC_ANALYZER_WARNING (CWE-465): [#def562]
criu-4.1.1/criu/pie-util-vdso-elf32.c:160:28: warning[-Wanalyzer-deref-before-check]: check of ‘addr’ for NULL after already dereferencing it
criu-4.1.1/criu/pie-util-vdso-elf32.c:430:5: enter_function: entry to ‘vdso_fill_symtable_compat’
criu-4.1.1/criu/pie-util-vdso-elf32.c:449:15: call_function: calling ‘parse_elf_phdr’ from ‘vdso_fill_symtable_compat’
#  158|   			break;
#  159|   		case PT_LOAD:
#  160|-> 			if (*load) {
#  161|   				pr_err("Second PT_LOAD header\n");
#  162|   				return -EINVAL;

Error: GCC_ANALYZER_WARNING (CWE-465): [#def563]
criu-4.1.1/criu/pie-util-vdso.c:153:28: warning[-Wanalyzer-deref-before-check]: check of ‘addr’ for NULL after already dereferencing it
criu-4.1.1/criu/pie-util-vdso.c:430:5: enter_function: entry to ‘vdso_fill_symtable’
criu-4.1.1/criu/pie-util-vdso.c:449:15: call_function: calling ‘parse_elf_phdr’ from ‘vdso_fill_symtable’
#  151|   		switch (phdr->p_type) {
#  152|   		case PT_DYNAMIC:
#  153|-> 			if (*dynamic) {
#  154|   				pr_err("Second PT_DYNAMIC header\n");
#  155|   				return -EINVAL;

Error: GCC_ANALYZER_WARNING (CWE-465): [#def564]
criu-4.1.1/criu/pie-util-vdso.c:160:28: warning[-Wanalyzer-deref-before-check]: check of ‘addr’ for NULL after already dereferencing it
criu-4.1.1/criu/pie-util-vdso.c:430:5: enter_function: entry to ‘vdso_fill_symtable’
criu-4.1.1/criu/pie-util-vdso.c:449:15: call_function: calling ‘parse_elf_phdr’ from ‘vdso_fill_symtable’
#  158|   			break;
#  159|   		case PT_LOAD:
#  160|-> 			if (*load) {
#  161|   				pr_err("Second PT_LOAD header\n");
#  162|   				return -EINVAL;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def565]
criu-4.1.1/criu/pie/parasite-vdso.c:132:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/pie/parasite-vdso.c:131:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/pie/parasite-vdso.c:132:17: branch_true: ...to here
criu-4.1.1/criu/pie/parasite-vdso.c:132:17: branch_true: following ‘true’ branch (when ‘vdso_size < space’)...
criu-4.1.1/criu/pie/parasite-vdso.c:132:17: branch_true: ...to here
criu-4.1.1/criu/pie/parasite-vdso.c:132:17: danger: dereference of NULL ‘0’
#  130|   
#  131|   	if (rt->vvar_start == VVAR_BAD_ADDR) {
#  132|-> 		BUG_ON(vdso_size < space);
#  133|   		return park_at(rt, addr, 0);
#  134|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def566]
criu-4.1.1/criu/pie/parasite-vdso.c:136:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/pie/parasite-vdso.c:131:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pie/parasite-vdso.c:136:9: branch_false: ...to here
criu-4.1.1/criu/pie/parasite-vdso.c:136:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/pie/parasite-vdso.c:136:9: branch_true: ...to here
criu-4.1.1/criu/pie/parasite-vdso.c:136:9: danger: dereference of NULL ‘0’
#  134|   	}
#  135|   
#  136|-> 	BUG_ON((vdso_size + vvar_size) < space);
#  137|   
#  138|   	if (rt->sym.vdso_before_vvar)

Error: GCC_ANALYZER_WARNING (CWE-457): [#def567]
criu-4.1.1/criu/pie/restorer.c:1217:59: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘ts.tv_sec’
criu-4.1.1/criu/pie/restorer.c:1197:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/pie/restorer.c:1198:46: branch_true: ...to here
criu-4.1.1/criu/pie/restorer.c:1203:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/pie/restorer.c:1212:47: branch_true: ...to here
criu-4.1.1/criu/pie/restorer.c:1212:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pie/restorer.c:1217:25: branch_false: ...to here
criu-4.1.1/criu/pie/restorer.c:1217:59: danger: use of uninitialized value ‘ts.tv_sec’ here
# 1215|   			}
# 1216|   
# 1217|-> 			t->val.it_value.tv_sec += (time_t)ts.tv_sec;
# 1218|   
# 1219|   			pr_debug("Adjust id %x it_value(%llu, %llu) -> it_value(%llu, %llu)\n", t->id,

Error: GCC_ANALYZER_WARNING (CWE-476): [#def568]
criu-4.1.1/criu/pie/restorer.c:1406:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/pie/restorer.c:1395:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/pie/restorer.c:1398:63: branch_true: ...to here
criu-4.1.1/criu/pie/restorer.c:1401:20: branch_true: following ‘true’ branch (when ‘ret == -10’)...
 branch_true: ...to here
criu-4.1.1/criu/pie/restorer.c:1406:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pie/restorer.c:1406:25: branch_false: ...to here
criu-4.1.1/criu/pie/restorer.c:1406:25: danger: dereference of NULL ‘0’
# 1404|   			 * and try again.
# 1405|   			 */
# 1406|-> 			futex_wait_while_eq(&task_entries_local->nr_in_progress, nr_in_progress);
# 1407|   			i--;
# 1408|   			continue;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def569]
criu-4.1.1/criu/pie/restorer.c:2266:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 2264|   	pr_err("Restorer stack smash detected %ld\n", sys_getpid());
# 2265|   	sys_exit_group(1);
# 2266|-> 	BUG();
# 2267|   }

Error: GCC_ANALYZER_WARNING (CWE-465): [#def570]
criu-4.1.1/criu/pie/util-vdso-elf32.c:153:28: warning[-Wanalyzer-deref-before-check]: check of ‘addr’ for NULL after already dereferencing it
criu-4.1.1/criu/pie/util-vdso-elf32.c:430:5: enter_function: entry to ‘vdso_fill_symtable_compat’
criu-4.1.1/criu/pie/util-vdso-elf32.c:449:15: call_function: calling ‘parse_elf_phdr’ from ‘vdso_fill_symtable_compat’
#  151|   		switch (phdr->p_type) {
#  152|   		case PT_DYNAMIC:
#  153|-> 			if (*dynamic) {
#  154|   				pr_err("Second PT_DYNAMIC header\n");
#  155|   				return -EINVAL;

Error: GCC_ANALYZER_WARNING (CWE-465): [#def571]
criu-4.1.1/criu/pie/util-vdso-elf32.c:160:28: warning[-Wanalyzer-deref-before-check]: check of ‘addr’ for NULL after already dereferencing it
criu-4.1.1/criu/pie/util-vdso-elf32.c:430:5: enter_function: entry to ‘vdso_fill_symtable_compat’
criu-4.1.1/criu/pie/util-vdso-elf32.c:449:15: call_function: calling ‘parse_elf_phdr’ from ‘vdso_fill_symtable_compat’
#  158|   			break;
#  159|   		case PT_LOAD:
#  160|-> 			if (*load) {
#  161|   				pr_err("Second PT_LOAD header\n");
#  162|   				return -EINVAL;

Error: GCC_ANALYZER_WARNING (CWE-465): [#def572]
criu-4.1.1/criu/pie/util-vdso.c:153:28: warning[-Wanalyzer-deref-before-check]: check of ‘addr’ for NULL after already dereferencing it
criu-4.1.1/criu/pie/util-vdso.c:430:5: enter_function: entry to ‘vdso_fill_symtable’
criu-4.1.1/criu/pie/util-vdso.c:449:15: call_function: calling ‘parse_elf_phdr’ from ‘vdso_fill_symtable’
#  151|   		switch (phdr->p_type) {
#  152|   		case PT_DYNAMIC:
#  153|-> 			if (*dynamic) {
#  154|   				pr_err("Second PT_DYNAMIC header\n");
#  155|   				return -EINVAL;

Error: GCC_ANALYZER_WARNING (CWE-465): [#def573]
criu-4.1.1/criu/pie/util-vdso.c:160:28: warning[-Wanalyzer-deref-before-check]: check of ‘addr’ for NULL after already dereferencing it
criu-4.1.1/criu/pie/util-vdso.c:430:5: enter_function: entry to ‘vdso_fill_symtable’
criu-4.1.1/criu/pie/util-vdso.c:449:15: call_function: calling ‘parse_elf_phdr’ from ‘vdso_fill_symtable’
#  158|   			break;
#  159|   		case PT_LOAD:
#  160|-> 			if (*load) {
#  161|   				pr_err("Second PT_LOAD header\n");
#  162|   				return -EINVAL;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def574]
criu-4.1.1/criu/pipes.c:157:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/pipes.c:284:5: enter_function: entry to ‘open_pipe’
criu-4.1.1/criu/pipes.c:292:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:300:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:300:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:303:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:303:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:308:59: branch_false: ...to here
criu-4.1.1/criu/pipes.c:308:15: call_function: calling ‘restore_pipe_data’ from ‘open_pipe’
#  155|   
#  156|   	if (!pd) { /* no data for this pipe */
#  157|-> 		pr_info("No data for pipe %#x\n", id);
#  158|   		return 0;
#  159|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def575]
criu-4.1.1/criu/pipes.c:157:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/pipes.c:284:5: enter_function: entry to ‘open_pipe’
criu-4.1.1/criu/pipes.c:292:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:300:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:300:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:303:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:303:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:308:59: branch_false: ...to here
criu-4.1.1/criu/pipes.c:308:15: call_function: calling ‘restore_pipe_data’ from ‘open_pipe’
#  155|   
#  156|   	if (!pd) { /* no data for this pipe */
#  157|-> 		pr_info("No data for pipe %#x\n", id);
#  158|   		return 0;
#  159|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def576]
criu-4.1.1/criu/pipes.c:162:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/pipes.c:284:5: enter_function: entry to ‘open_pipe’
criu-4.1.1/criu/pipes.c:292:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:300:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:300:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:303:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:303:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:308:59: branch_false: ...to here
criu-4.1.1/criu/pipes.c:308:15: call_function: calling ‘restore_pipe_data’ from ‘open_pipe’
#  160|   
#  161|   	if (pd->pde->has_size) {
#  162|-> 		pr_info("Restoring size %#x for %#x\n", pd->pde->size, pd->pde->pipe_id);
#  163|   		ret = fcntl(pfd, F_SETPIPE_SZ, pd->pde->size);
#  164|   		if (ret < 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def577]
criu-4.1.1/criu/pipes.c:162:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/pipes.c:284:5: enter_function: entry to ‘open_pipe’
criu-4.1.1/criu/pipes.c:292:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:300:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:300:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:303:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:303:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:308:59: branch_false: ...to here
criu-4.1.1/criu/pipes.c:308:15: call_function: calling ‘restore_pipe_data’ from ‘open_pipe’
#  160|   
#  161|   	if (pd->pde->has_size) {
#  162|-> 		pr_info("Restoring size %#x for %#x\n", pd->pde->size, pd->pde->pipe_id);
#  163|   		ret = fcntl(pfd, F_SETPIPE_SZ, pd->pde->size);
#  164|   		if (ret < 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def578]
criu-4.1.1/criu/pipes.c:163:23: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/pipes.c:284:5: enter_function: entry to ‘open_pipe’
criu-4.1.1/criu/pipes.c:292:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:300:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:300:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:303:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:303:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:308:59: branch_false: ...to here
criu-4.1.1/criu/pipes.c:308:15: call_function: calling ‘restore_pipe_data’ from ‘open_pipe’
#  161|   	if (pd->pde->has_size) {
#  162|   		pr_info("Restoring size %#x for %#x\n", pd->pde->size, pd->pde->pipe_id);
#  163|-> 		ret = fcntl(pfd, F_SETPIPE_SZ, pd->pde->size);
#  164|   		if (ret < 0) {
#  165|   			pr_perror("Can't restore pipe size");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def579]
criu-4.1.1/criu/pipes.c:163:23: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/pipes.c:284:5: enter_function: entry to ‘open_pipe’
criu-4.1.1/criu/pipes.c:292:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:300:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:300:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:303:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:303:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:308:59: branch_false: ...to here
criu-4.1.1/criu/pipes.c:308:15: call_function: calling ‘restore_pipe_data’ from ‘open_pipe’
#  161|   	if (pd->pde->has_size) {
#  162|   		pr_info("Restoring size %#x for %#x\n", pd->pde->size, pd->pde->pipe_id);
#  163|-> 		ret = fcntl(pfd, F_SETPIPE_SZ, pd->pde->size);
#  164|   		if (ret < 0) {
#  165|   			pr_perror("Can't restore pipe size");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def580]
criu-4.1.1/criu/pipes.c:165:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/pipes.c:284:5: enter_function: entry to ‘open_pipe’
criu-4.1.1/criu/pipes.c:292:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:300:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:300:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:303:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:303:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:308:59: branch_false: ...to here
criu-4.1.1/criu/pipes.c:308:15: call_function: calling ‘restore_pipe_data’ from ‘open_pipe’
#  163|   		ret = fcntl(pfd, F_SETPIPE_SZ, pd->pde->size);
#  164|   		if (ret < 0) {
#  165|-> 			pr_perror("Can't restore pipe size");
#  166|   			return -1;
#  167|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def581]
criu-4.1.1/criu/pipes.c:174:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/pipes.c:284:5: enter_function: entry to ‘open_pipe’
criu-4.1.1/criu/pipes.c:292:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:300:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:300:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:303:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:303:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:308:59: branch_false: ...to here
criu-4.1.1/criu/pipes.c:308:15: call_function: calling ‘restore_pipe_data’ from ‘open_pipe’
#  172|   
#  173|   	if (!pd->data) {
#  174|-> 		pr_err("Double data restore occurred on %#x\n", id);
#  175|   		return -1;
#  176|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def582]
criu-4.1.1/criu/pipes.c:174:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/pipes.c:284:5: enter_function: entry to ‘open_pipe’
criu-4.1.1/criu/pipes.c:292:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:300:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:300:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:303:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:303:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:308:59: branch_false: ...to here
criu-4.1.1/criu/pipes.c:308:15: call_function: calling ‘restore_pipe_data’ from ‘open_pipe’
#  172|   
#  173|   	if (!pd->data) {
#  174|-> 		pr_err("Double data restore occurred on %#x\n", id);
#  175|   		return -1;
#  176|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def583]
criu-4.1.1/criu/pipes.c:182:23: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/pipes.c:284:5: enter_function: entry to ‘open_pipe’
criu-4.1.1/criu/pipes.c:292:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:300:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:300:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:303:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:303:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:308:59: branch_false: ...to here
criu-4.1.1/criu/pipes.c:308:15: call_function: calling ‘restore_pipe_data’ from ‘open_pipe’
#  180|   
#  181|   	while (iov.iov_len > 0) {
#  182|-> 		ret = vmsplice(pfd, &iov, 1, SPLICE_F_GIFT | SPLICE_F_NONBLOCK);
#  183|   		if (ret < 0) {
#  184|   			pr_perror("%#x: Error splicing data", id);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def584]
criu-4.1.1/criu/pipes.c:182:23: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/pipes.c:284:5: enter_function: entry to ‘open_pipe’
criu-4.1.1/criu/pipes.c:292:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:300:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:300:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:303:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:303:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:308:59: branch_false: ...to here
criu-4.1.1/criu/pipes.c:308:15: call_function: calling ‘restore_pipe_data’ from ‘open_pipe’
#  180|   
#  181|   	while (iov.iov_len > 0) {
#  182|-> 		ret = vmsplice(pfd, &iov, 1, SPLICE_F_GIFT | SPLICE_F_NONBLOCK);
#  183|   		if (ret < 0) {
#  184|   			pr_perror("%#x: Error splicing data", id);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def585]
criu-4.1.1/criu/pipes.c:221:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(&path,  flags)’
criu-4.1.1/criu/pipes.c:218:15: acquire_resource: opened here
criu-4.1.1/criu/pipes.c:219:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:221:9: branch_false: ...to here
criu-4.1.1/criu/pipes.c:221:9: danger: ‘open(&path,  flags)’ leaks here; was opened at [(1)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/0)
#  219|   	if (ret < 0)
#  220|   		pr_perror("Unable to reopen the pipe %s", path);
#  221|-> 	close(fd);
#  222|   
#  223|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def586]
criu-4.1.1/criu/pipes.c:240:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘ret’
criu-4.1.1/criu/pipes.c:232:15: acquire_resource: opened here
criu-4.1.1/criu/pipes.c:233:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/pipes.c:240:9: danger: ‘ret’ leaks here; was opened at [(1)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/0)
#  238|   			pr_perror("Unable to reopen the pipe %s", path);
#  239|   	}
#  240|-> 	close(fd);
#  241|   
#  242|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def587]
criu-4.1.1/criu/pipes.c:261:21: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
criu-4.1.1/criu/pipes.c:245:12: enter_function: entry to ‘recv_pipe_fd’
criu-4.1.1/criu/pipes.c:250:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:256:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:256:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/pipes.c:257:39: branch_true: ...to here
criu-4.1.1/criu/pipes.c:257:22: call_function: calling ‘reopen_pipe’ from ‘recv_pipe_fd’
criu-4.1.1/criu/pipes.c:257:22: return_function: returning to ‘recv_pipe_fd’ from ‘reopen_pipe’
criu-4.1.1/criu/pipes.c:260:12: branch_true: following ‘true’ branch (when ‘fd >= 0’)...
criu-4.1.1/criu/pipes.c:261:55: branch_true: ...to here
criu-4.1.1/criu/pipes.c:261:21: danger: ‘fd’ leaks here; was opened at [(8)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/7)
#  259|   		fd = tmp;
#  260|   	if (fd >= 0) {
#  261|-> 		if (rst_file_params(fd, pi->pe->fown, pi->pe->flags)) {
#  262|   			close(fd);
#  263|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def588]
criu-4.1.1/criu/pipes.c:435:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘steal_pipe[(int)pde.has_size]’
criu-4.1.1/criu/pipes.c:396:5: enter_function: entry to ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:404:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/pipes.c:415:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:420:15: branch_false: ...to here
criu-4.1.1/criu/pipes.c:420:15: call_function: calling ‘img_from_set’ from ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:420:15: return_function: returning to ‘dump_one_pipe_data’ from ‘img_from_set’
criu-4.1.1/criu/pipes.c:424:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:429:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:429:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:435:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:435:13: danger: ‘steal_pipe[(int)pde.has_size]’ leaks here
#  433|   
#  434|   	/* steal_pipe has to be able to fit all data from a target pipe */
#  435|-> 	if (fcntl(steal_pipe[1], F_SETPIPE_SZ, pipe_size) < 0) {
#  436|   		pr_perror("Unable to set a pipe size");
#  437|   		goto err_close;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def589]
criu-4.1.1/criu/pipes.c:435:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘steal_pipe[1]’
criu-4.1.1/criu/pipes.c:396:5: enter_function: entry to ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:404:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/pipes.c:415:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:420:15: branch_false: ...to here
criu-4.1.1/criu/pipes.c:420:15: call_function: calling ‘img_from_set’ from ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:420:15: return_function: returning to ‘dump_one_pipe_data’ from ‘img_from_set’
criu-4.1.1/criu/pipes.c:424:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:429:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:429:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:435:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:435:13: danger: ‘steal_pipe[1]’ leaks here
#  433|   
#  434|   	/* steal_pipe has to be able to fit all data from a target pipe */
#  435|-> 	if (fcntl(steal_pipe[1], F_SETPIPE_SZ, pipe_size) < 0) {
#  436|   		pr_perror("Unable to set a pipe size");
#  437|   		goto err_close;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def590]
criu-4.1.1/criu/pipes.c:436:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘steal_pipe[(int)pde.has_size]’
criu-4.1.1/criu/pipes.c:396:5: enter_function: entry to ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:404:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/pipes.c:415:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:420:15: branch_false: ...to here
criu-4.1.1/criu/pipes.c:420:15: call_function: calling ‘img_from_set’ from ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:420:15: return_function: returning to ‘dump_one_pipe_data’ from ‘img_from_set’
criu-4.1.1/criu/pipes.c:424:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:429:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:429:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:435:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:435:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/pipes.c:436:17: branch_true: ...to here
criu-4.1.1/criu/pipes.c:436:17: danger: ‘steal_pipe[(int)pde.has_size]’ leaks here
#  434|   	/* steal_pipe has to be able to fit all data from a target pipe */
#  435|   	if (fcntl(steal_pipe[1], F_SETPIPE_SZ, pipe_size) < 0) {
#  436|-> 		pr_perror("Unable to set a pipe size");
#  437|   		goto err_close;
#  438|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def591]
criu-4.1.1/criu/pipes.c:440:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘steal_pipe[(int)pde.has_size]’
criu-4.1.1/criu/pipes.c:396:5: enter_function: entry to ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:404:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/pipes.c:415:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:420:15: branch_false: ...to here
criu-4.1.1/criu/pipes.c:420:15: call_function: calling ‘img_from_set’ from ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:420:15: return_function: returning to ‘dump_one_pipe_data’ from ‘img_from_set’
criu-4.1.1/criu/pipes.c:424:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:429:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:429:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:435:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:435:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:440:17: branch_false: ...to here
criu-4.1.1/criu/pipes.c:440:17: danger: ‘steal_pipe[(int)pde.has_size]’ leaks here
#  438|   	}
#  439|   
#  440|-> 	bytes = tee(lfd, steal_pipe[1], pipe_size, SPLICE_F_NONBLOCK);
#  441|   	if (bytes < 0) {
#  442|   		if (errno != EAGAIN) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def592]
criu-4.1.1/criu/pipes.c:443:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘steal_pipe[(int)pde.has_size]’
criu-4.1.1/criu/pipes.c:396:5: enter_function: entry to ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:404:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/pipes.c:415:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:420:15: branch_false: ...to here
criu-4.1.1/criu/pipes.c:420:15: call_function: calling ‘img_from_set’ from ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:420:15: return_function: returning to ‘dump_one_pipe_data’ from ‘img_from_set’
criu-4.1.1/criu/pipes.c:424:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:429:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:429:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:435:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:435:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:440:17: branch_false: ...to here
criu-4.1.1/criu/pipes.c:441:12: branch_true: following ‘true’ branch (when ‘bytes < 0’)...
criu-4.1.1/criu/pipes.c:442:21: branch_true: ...to here
criu-4.1.1/criu/pipes.c:442:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/pipes.c:443:25: branch_true: ...to here
criu-4.1.1/criu/pipes.c:443:25: danger: ‘steal_pipe[(int)pde.has_size]’ leaks here
#  441|   	if (bytes < 0) {
#  442|   		if (errno != EAGAIN) {
#  443|-> 			pr_perror("Can't pick pipe data");
#  444|   			goto err_close;
#  445|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def593]
criu-4.1.1/criu/pipes.c:455:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘steal_pipe[0]’
criu-4.1.1/criu/pipes.c:396:5: enter_function: entry to ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:404:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/pipes.c:415:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:420:15: branch_false: ...to here
criu-4.1.1/criu/pipes.c:420:15: call_function: calling ‘img_from_set’ from ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:420:15: return_function: returning to ‘dump_one_pipe_data’ from ‘img_from_set’
criu-4.1.1/criu/pipes.c:424:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:429:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:429:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:435:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:435:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:440:17: branch_false: ...to here
criu-4.1.1/criu/pipes.c:441:12: branch_false: following ‘false’ branch (when ‘bytes >= 0’)...
criu-4.1.1/criu/pipes.c:450:23: call_function: inlined call to ‘pipe_id’ from ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:455:13: danger: ‘steal_pipe[0]’ leaks here
#  453|   	pde.size = pipe_size;
#  454|   
#  455|-> 	if (pb_write_one(img, &pde, PB_PIPE_DATA))
#  456|   		goto err_close;
#  457|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def594]
criu-4.1.1/criu/pipes.c:455:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘steal_pipe[bytes]’
criu-4.1.1/criu/pipes.c:396:5: enter_function: entry to ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:404:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/pipes.c:415:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:420:15: branch_false: ...to here
criu-4.1.1/criu/pipes.c:420:15: call_function: calling ‘img_from_set’ from ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:420:15: return_function: returning to ‘dump_one_pipe_data’ from ‘img_from_set’
criu-4.1.1/criu/pipes.c:424:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:429:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:429:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:435:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:435:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:440:17: branch_false: ...to here
criu-4.1.1/criu/pipes.c:441:12: branch_true: following ‘true’ branch (when ‘bytes < 0’)...
criu-4.1.1/criu/pipes.c:442:21: branch_true: ...to here
criu-4.1.1/criu/pipes.c:442:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:450:23: call_function: inlined call to ‘pipe_id’ from ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:455:13: danger: ‘steal_pipe[bytes]’ leaks here
#  453|   	pde.size = pipe_size;
#  454|   
#  455|-> 	if (pb_write_one(img, &pde, PB_PIPE_DATA))
#  456|   		goto err_close;
#  457|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def595]
criu-4.1.1/criu/pipes.c:460:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘steal_pipe[0]’
criu-4.1.1/criu/pipes.c:396:5: enter_function: entry to ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:404:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/pipes.c:415:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:420:15: branch_false: ...to here
criu-4.1.1/criu/pipes.c:420:15: call_function: calling ‘img_from_set’ from ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:420:15: return_function: returning to ‘dump_one_pipe_data’ from ‘img_from_set’
criu-4.1.1/criu/pipes.c:424:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:429:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:429:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:435:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:435:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:440:17: branch_false: ...to here
criu-4.1.1/criu/pipes.c:441:12: branch_false: following ‘false’ branch (when ‘bytes >= 0’)...
criu-4.1.1/criu/pipes.c:450:23: call_function: inlined call to ‘pipe_id’ from ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:455:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/pipes.c:458:16: branch_true: following ‘true’ branch (when ‘bytes > 0’)...
criu-4.1.1/criu/pipes.c:460:25: branch_true: ...to here
criu-4.1.1/criu/pipes.c:460:25: danger: ‘steal_pipe[0]’ leaks here
#  458|   	while (bytes > 0) {
#  459|   		int wrote;
#  460|-> 		wrote = splice(steal_pipe[0], NULL, img_raw_fd(img), NULL, bytes, 0);
#  461|   		if (wrote < 0) {
#  462|   			pr_perror("Can't push pipe data");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def596]
criu-4.1.1/criu/pipes.c:472:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘steal_pipe[(int)pde.has_size]’
criu-4.1.1/criu/pipes.c:396:5: enter_function: entry to ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:404:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/pipes.c:415:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:420:15: branch_false: ...to here
criu-4.1.1/criu/pipes.c:420:15: call_function: calling ‘img_from_set’ from ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:420:15: return_function: returning to ‘dump_one_pipe_data’ from ‘img_from_set’
criu-4.1.1/criu/pipes.c:424:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:429:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:429:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:435:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:472:9: danger: ‘steal_pipe[(int)pde.has_size]’ leaks here
#  470|   
#  471|   err_close:
#  472|-> 	close(steal_pipe[0]);
#  473|   	close(steal_pipe[1]);
#  474|   err:

Error: GCC_ANALYZER_WARNING (CWE-775): [#def597]
criu-4.1.1/criu/pipes.c:472:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘steal_pipe[0]’
criu-4.1.1/criu/pipes.c:396:5: enter_function: entry to ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:404:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/pipes.c:415:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:420:15: branch_false: ...to here
criu-4.1.1/criu/pipes.c:420:15: call_function: calling ‘img_from_set’ from ‘dump_one_pipe_data’
criu-4.1.1/criu/pipes.c:420:15: return_function: returning to ‘dump_one_pipe_data’ from ‘img_from_set’
criu-4.1.1/criu/pipes.c:424:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:429:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:429:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:435:13: branch_false: ...to here
criu-4.1.1/criu/pipes.c:435:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pipes.c:440:17: branch_false: ...to here
criu-4.1.1/criu/pipes.c:472:9: danger: ‘steal_pipe[0]’ leaks here
#  470|   
#  471|   err_close:
#  472|-> 	close(steal_pipe[0]);
#  473|   	close(steal_pipe[1]);
#  474|   err:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def598]
criu-4.1.1/criu/plugin.c:33:19: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/plugin.c:103:12: enter_function: entry to ‘cr_lib_load’
criu-4.1.1/criu/plugin.c:112:12: branch_false: following ‘false’ branch (when ‘h’ is non-NULL)...
criu-4.1.1/criu/plugin.c:123:13: branch_false: ...to here
criu-4.1.1/criu/plugin.c:124:12: branch_true: following ‘true’ branch (when ‘d’ is NULL)...
criu-4.1.1/criu/plugin.c:125:21: branch_true: ...to here
criu-4.1.1/criu/plugin.c:125:21: call_function: calling ‘cr_gen_plugin_desc’ from ‘cr_lib_load’
#   31|   		return NULL;
#   32|   
#   33|-> 	d->name = xstrdup(path);
#   34|   	d->max_hooks = CR_PLUGIN_HOOK__MAX;
#   35|   	d->version = CRIU_PLUGIN_VERSION_OLD;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def599]
criu-4.1.1/criu/plugin.c:37:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/plugin.c:103:12: enter_function: entry to ‘cr_lib_load’
criu-4.1.1/criu/plugin.c:112:12: branch_false: following ‘false’ branch (when ‘h’ is non-NULL)...
criu-4.1.1/criu/plugin.c:123:13: branch_false: ...to here
criu-4.1.1/criu/plugin.c:124:12: branch_true: following ‘true’ branch (when ‘d’ is NULL)...
criu-4.1.1/criu/plugin.c:125:21: branch_true: ...to here
criu-4.1.1/criu/plugin.c:125:21: call_function: calling ‘cr_gen_plugin_desc’ from ‘cr_lib_load’
#   35|   	d->version = CRIU_PLUGIN_VERSION_OLD;
#   36|   
#   37|-> 	pr_warn("Generating dynamic descriptor for plugin `%s'."
#   38|   		"Won't work in next version of the program."
#   39|   		"Please update your plugin.\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def600]
criu-4.1.1/criu/plugin.c:85:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/plugin.c:202:5: enter_function: entry to ‘cr_plugin_init’
criu-4.1.1/criu/plugin.c:210:21: branch_true: following ‘true’ branch (when ‘i != 12’)...
criu-4.1.1/criu/plugin.c:211:17: branch_true: ...to here
criu-4.1.1/criu/plugin.c:226:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/plugin.c:238:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/plugin.c:245:30: branch_false: ...to here
criu-4.1.1/criu/plugin.c:250:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/plugin.c:255:21: branch_false: ...to here
criu-4.1.1/criu/plugin.c:255:21: call_function: calling ‘cr_lib_load’ from ‘cr_plugin_init’
#   83|   {
#   84|   	if (d->version > CRIU_PLUGIN_VERSION) {
#   85|-> 		pr_debug("Plugin %s has version %x while max %x supported\n", d->name, d->version, CRIU_PLUGIN_VERSION);
#   86|   		return -1;
#   87|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def601]
criu-4.1.1/criu/plugin.c:90:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/plugin.c:202:5: enter_function: entry to ‘cr_plugin_init’
criu-4.1.1/criu/plugin.c:210:21: branch_true: following ‘true’ branch (when ‘i != 12’)...
criu-4.1.1/criu/plugin.c:211:17: branch_true: ...to here
criu-4.1.1/criu/plugin.c:226:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/plugin.c:238:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/plugin.c:245:30: branch_false: ...to here
criu-4.1.1/criu/plugin.c:250:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/plugin.c:255:21: branch_false: ...to here
criu-4.1.1/criu/plugin.c:255:21: call_function: calling ‘cr_lib_load’ from ‘cr_plugin_init’
#   88|   
#   89|   	if (d->max_hooks > CR_PLUGIN_HOOK__MAX) {
#   90|-> 		pr_debug("Plugin %s has %u assigned while max %u supported\n", d->name, d->max_hooks,
#   91|   			 CR_PLUGIN_HOOK__MAX);
#   92|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def602]
criu-4.1.1/criu/plugin.c:133:16: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
criu-4.1.1/criu/plugin.c:202:5: enter_function: entry to ‘cr_plugin_init’
criu-4.1.1/criu/plugin.c:210:21: branch_true: following ‘true’ branch (when ‘i != 12’)...
criu-4.1.1/criu/plugin.c:211:17: branch_true: ...to here
criu-4.1.1/criu/plugin.c:226:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/plugin.c:238:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/plugin.c:245:30: branch_false: ...to here
criu-4.1.1/criu/plugin.c:250:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/plugin.c:255:21: branch_false: ...to here
criu-4.1.1/criu/plugin.c:255:21: call_function: calling ‘cr_lib_load’ from ‘cr_plugin_init’
#  131|   	}
#  132|   
#  133|-> 	this = xzalloc(sizeof(*this));
#  134|   	if (!this)
#  135|   		goto error_close;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def603]
criu-4.1.1/criu/plugin.c:133:16: warning[-Wanalyzer-malloc-leak]: leak of ‘d’
criu-4.1.1/criu/plugin.c:202:5: enter_function: entry to ‘cr_plugin_init’
criu-4.1.1/criu/plugin.c:210:21: branch_true: following ‘true’ branch (when ‘i != 12’)...
criu-4.1.1/criu/plugin.c:211:17: branch_true: ...to here
criu-4.1.1/criu/plugin.c:226:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/plugin.c:238:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/plugin.c:245:30: branch_false: ...to here
criu-4.1.1/criu/plugin.c:250:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/plugin.c:255:21: branch_false: ...to here
criu-4.1.1/criu/plugin.c:255:21: call_function: calling ‘cr_lib_load’ from ‘cr_plugin_init’
#  131|   	}
#  132|   
#  133|-> 	this = xzalloc(sizeof(*this));
#  134|   	if (!this)
#  135|   		goto error_close;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def604]
criu-4.1.1/criu/plugin.c:138:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/plugin.c:202:5: enter_function: entry to ‘cr_plugin_init’
criu-4.1.1/criu/plugin.c:210:21: branch_true: following ‘true’ branch (when ‘i != 12’)...
criu-4.1.1/criu/plugin.c:211:17: branch_true: ...to here
criu-4.1.1/criu/plugin.c:226:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/plugin.c:238:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/plugin.c:245:30: branch_false: ...to here
criu-4.1.1/criu/plugin.c:250:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/plugin.c:255:21: branch_false: ...to here
criu-4.1.1/criu/plugin.c:255:21: call_function: calling ‘cr_lib_load’ from ‘cr_plugin_init’
#  136|   
#  137|   	if (verify_plugin(d)) {
#  138|-> 		pr_err("Corrupted plugin %s\n", path);
#  139|   		goto error_free;
#  140|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def605]
criu-4.1.1/criu/plugin.c:175:17: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
criu-4.1.1/criu/plugin.c:202:5: enter_function: entry to ‘cr_plugin_init’
criu-4.1.1/criu/plugin.c:210:21: branch_true: following ‘true’ branch (when ‘i != 12’)...
criu-4.1.1/criu/plugin.c:211:17: branch_true: ...to here
criu-4.1.1/criu/plugin.c:226:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/plugin.c:238:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/plugin.c:245:30: branch_false: ...to here
criu-4.1.1/criu/plugin.c:250:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/plugin.c:255:21: branch_false: ...to here
criu-4.1.1/criu/plugin.c:255:21: call_function: calling ‘cr_lib_load’ from ‘cr_plugin_init’
#  173|   	dlclose(h);
#  174|   	if (allocated)
#  175|-> 		xfree(d);
#  176|   	return -1;
#  177|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def606]
criu-4.1.1/criu/plugin.c:237:22: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(opts.libdir)’
criu-4.1.1/criu/plugin.c:210:21: branch_true: following ‘true’ branch (when ‘i != 12’)...
criu-4.1.1/criu/plugin.c:211:17: branch_true: ...to here
criu-4.1.1/criu/plugin.c:225:13: acquire_memory: allocated here
criu-4.1.1/criu/plugin.c:226:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/plugin.c:237:22: danger: ‘opendir(opts.libdir)’ leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
#  235|   
#  236|   		errno = 0;
#  237|-> 		de = readdir(d);
#  238|   		if (de == NULL) {
#  239|   			if (errno == 0)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def607]
criu-4.1.1/criu/proc_parse.c:803:23: warning[-Wanalyzer-malloc-leak]: leak of ‘fdopendir(do_open_proc(pid, 0, "map_files"))’
criu-4.1.1/criu/proc_parse.c:788:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:791:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:791:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:794:25: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:795:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:795:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:803:23: danger: ‘fdopendir(do_open_proc(pid, 0, "map_files"))’ leaks here; was allocated at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#  801|   		char *str;
#  802|   
#  803|-> 		str = breadline(&f);
#  804|   		if (IS_ERR(str))
#  805|   			goto err;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def608]
criu-4.1.1/criu/proc_parse.c:810:33: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/proc_parse.c:773:5: enter_function: entry to ‘parse_smaps’
criu-4.1.1/criu/proc_parse.c:788:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:791:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:791:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:795:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:804:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:808:20: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:808:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:808:30: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:808:30: call_function: calling ‘__is_vma_range_fmt’ from ‘parse_smaps’
criu-4.1.1/criu/proc_parse.c:808:30: return_function: returning to ‘parse_smaps’ from ‘__is_vma_range_fmt’
criu-4.1.1/criu/proc_parse.c:808:21: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:809:30: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:810:33: branch_true: following ‘true’ branch (when ‘vma_area’ is NULL)...
criu-4.1.1/criu/proc_parse.c:810:33: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:810:33: danger: dereference of NULL ‘0’
#  808|   		if (!eof && !__is_vma_range_fmt(str)) {
#  809|   			if (!strncmp(str, "VmFlags: ", 9)) {
#  810|-> 				BUG_ON(!vma_area);
#  811|   				parse_vma_vmflags(&str[9], vma_area);
#  812|   				continue;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def609]
criu-4.1.1/criu/proc_parse.c:837:28: warning[-Wanalyzer-malloc-leak]: leak of ‘fdopendir(do_open_proc(pid, 0, "map_files"))’
criu-4.1.1/criu/proc_parse.c:788:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:791:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:791:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:794:25: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:795:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:795:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:804:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:808:20: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:817:20: branch_false: following ‘false’ branch (when ‘vma_area’ is NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:834:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:837:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:837:28: danger: ‘fdopendir(do_open_proc(pid, 0, "map_files"))’ leaks here; was allocated at [(7)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/6)
#  835|   			break;
#  836|   
#  837|-> 		vma_area = alloc_vma_area();
#  838|   		if (!vma_area)
#  839|   			goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def610]
criu-4.1.1/criu/proc_parse.c:844:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fdopendir(do_open_proc(pid, 0, "map_files"))’
criu-4.1.1/criu/proc_parse.c:788:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:791:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:791:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:794:25: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:795:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:795:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:804:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:808:20: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:817:20: branch_false: following ‘false’ branch (when ‘vma_area’ is NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:834:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:837:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:838:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:841:23: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:843:20: branch_true: following ‘true’ branch (when ‘num <= 9’)...
criu-4.1.1/criu/proc_parse.c:844:25: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:844:25: danger: ‘fdopendir(do_open_proc(pid, 0, "map_files"))’ leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  842|   			     &vfi.dev_maj, &vfi.dev_min, &vfi.ino, &path_off);
#  843|   		if (num < 10) {
#  844|-> 			pr_err("Can't parse: %s\n", str);
#  845|   			goto err;
#  846|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def611]
criu-4.1.1/criu/proc_parse.c:868:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fdopendir(do_open_proc(pid, 0, "map_files"))’
criu-4.1.1/criu/proc_parse.c:788:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:791:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:791:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:794:25: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:795:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:795:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:804:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:808:20: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:817:20: branch_false: following ‘false’ branch (when ‘vma_area’ is NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:834:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:837:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:838:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:841:23: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:843:20: branch_false: following ‘false’ branch (when ‘num > 9’)...
criu-4.1.1/criu/proc_parse.c:848:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:863:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:865:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:865:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:868:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:868:25: danger: ‘fdopendir(do_open_proc(pid, 0, "map_files"))’ leaks here; was allocated at [(7)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/6)
#  866|   			vma_area->e->flags = MAP_PRIVATE;
#  867|   		else {
#  868|-> 			pr_err("Unexpected VMA met (%c)\n", s);
#  869|   			goto err;
#  870|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def612]
criu-4.1.1/criu/proc_parse.c:872:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fdopendir(do_open_proc(pid, 0, "map_files"))’
criu-4.1.1/criu/proc_parse.c:788:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:791:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:791:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:794:25: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:795:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:795:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:804:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:808:20: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:817:20: branch_false: following ‘false’ branch (when ‘vma_area’ is NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:834:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:837:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:838:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:841:23: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:843:20: branch_false: following ‘false’ branch (when ‘num > 9’)...
criu-4.1.1/criu/proc_parse.c:848:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:872:17: danger: ‘fdopendir(do_open_proc(pid, 0, "map_files"))’ leaks here; was allocated at [(7)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/6)
#  870|   		}
#  871|   
#  872|-> 		pr_debug("Handling VMA with the following smaps entry: %s\n", str);
#  873|   		if (handle_vma(pid, vma_area, str + path_off, map_files_dir, &vfi, &prev_vfi, &vm_file_fd))
#  874|   			goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def613]
criu-4.1.1/criu/proc_parse.c:887:9: warning[-Wanalyzer-malloc-leak]: leak of ‘__d’
criu-4.1.1/criu/proc_parse.c:788:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:791:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:791:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:794:25: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:795:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:795:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:887:9: danger: ‘__d’ leaks here; was allocated at [(7)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/6)
#  885|   
#  886|   err:
#  887|-> 	bclose(&f);
#  888|   err_n:
#  889|   	close_safe(&vm_file_fd);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def614]
criu-4.1.1/criu/proc_parse.c:889:9: warning[-Wanalyzer-malloc-leak]: leak of ‘__d’
criu-4.1.1/criu/proc_parse.c:788:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:791:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:791:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:794:25: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:795:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:795:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:889:9: danger: ‘__d’ leaks here; was allocated at [(7)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/6)
#  887|   	bclose(&f);
#  888|   err_n:
#  889|-> 	close_safe(&vm_file_fd);
#  890|   	if (map_files_dir)
#  891|   		closedir(map_files_dir);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def615]
criu-4.1.1/criu/proc_parse.c:891:17: warning[-Wanalyzer-malloc-leak]: leak of ‘__d’
criu-4.1.1/criu/proc_parse.c:788:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:791:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:791:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:794:25: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:795:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:795:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:890:12: branch_true: following ‘true’ branch (when ‘map_files_dir’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:891:17: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:891:17: danger: ‘__d’ leaks here; was allocated at [(7)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/6)
#  889|   	close_safe(&vm_file_fd);
#  890|   	if (map_files_dir)
#  891|-> 		closedir(map_files_dir);
#  892|   
#  893|   	xfree(vma_area);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def616]
criu-4.1.1/criu/proc_parse.c:1371:25: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:1647:20: enter_function: entry to ‘parse_mountinfo’
criu-4.1.1/criu/proc_parse.c:1652:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1652:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1652:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:1652:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:1653:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1653:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1656:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:1659:23: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:1662:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1665:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1667:23: call_function: calling ‘parse_mountinfo_ent’ from ‘parse_mountinfo’
# 1369|   		end = strchr(str, ' ');
# 1370|   		if (!end) {
# 1371|-> 			pr_err("Error parsing mount options\n");
# 1372|   			return -1;
# 1373|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def617]
criu-4.1.1/criu/proc_parse.c:1440:27: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:1647:20: enter_function: entry to ‘parse_mountinfo’
criu-4.1.1/criu/proc_parse.c:1652:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1652:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1652:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:1652:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:1653:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1653:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1656:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:1659:23: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:1662:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1665:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1667:23: call_function: calling ‘parse_mountinfo_ent’ from ‘parse_mountinfo’
# 1438|   	char link_path[PATH_MAX];
# 1439|   
# 1440|-> 	new->mountpoint = xmalloc(PATH_MAX);
# 1441|   	if (new->mountpoint == NULL)
# 1442|   		goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def618]
criu-4.1.1/criu/proc_parse.c:1455:17: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:1647:20: enter_function: entry to ‘parse_mountinfo’
criu-4.1.1/criu/proc_parse.c:1652:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1652:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1652:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:1652:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:1653:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1653:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1656:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:1659:23: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:1662:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1665:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1667:23: call_function: calling ‘parse_mountinfo_ent’ from ‘parse_mountinfo’
# 1453|   	len = strlen(new->root);
# 1454|   	if (len >= PATH_MAX - 1) {
# 1455|-> 		pr_err("new root path (%s) exceeds %d\n", new->root, PATH_MAX);
# 1456|   		goto err;
# 1457|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def619]
criu-4.1.1/criu/proc_parse.c:1459:13: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:1647:20: enter_function: entry to ‘parse_mountinfo’
criu-4.1.1/criu/proc_parse.c:1652:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1652:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1652:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:1652:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:1653:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1653:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1656:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:1659:23: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:1662:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1665:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1667:23: call_function: calling ‘parse_mountinfo_ent’ from ‘parse_mountinfo’
# 1457|   	}
# 1458|   	strcpy(link_path, new->root);
# 1459|-> 	if (strip_deleted(link_path, len)) {
# 1460|   		strcpy(new->root, link_path);
# 1461|   		new->deleted = true;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def620]
criu-4.1.1/criu/proc_parse.c:1464:27: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:1647:20: enter_function: entry to ‘parse_mountinfo’
criu-4.1.1/criu/proc_parse.c:1652:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1652:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1652:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:1652:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:1653:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1653:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1656:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:1659:23: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:1662:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1665:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1667:23: call_function: calling ‘parse_mountinfo_ent’ from ‘parse_mountinfo’
# 1462|   	}
# 1463|   
# 1464|-> 	new->mountpoint = xrealloc(new->mountpoint, strlen(new->mountpoint) + 1);
# 1465|   	if (!new->mountpoint)
# 1466|   		goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def621]
criu-4.1.1/criu/proc_parse.c:1571:25: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:1561:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1561:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1561:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:1561:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:1562:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1562:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1566:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:1570:21: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:1571:25: danger: ‘__f’ leaks here; was allocated at [(3)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/2)
# 1569|   
# 1570|   		if (sscanf(buf, "%9s %" PRId64 " %" PRId64 "\n", clockid, &sec, &nsec) != 3) {
# 1571|-> 			pr_err("Unable to parse: %s\n", buf);
# 1572|   			goto out;
# 1573|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def622]
criu-4.1.1/criu/proc_parse.c:1585:17: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:1561:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1561:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1561:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:1561:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:1562:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1562:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1566:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:1570:21: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:1570:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1574:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1585:17: danger: ‘__f’ leaks here; was allocated at [(3)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/2)
# 1583|   			continue;
# 1584|   		}
# 1585|-> 		pr_err("Unknown clockid: %s\n", clockid);
# 1586|   		goto out;
# 1587|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def623]
criu-4.1.1/criu/proc_parse.c:1608:25: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:1599:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1599:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1599:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:1599:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:1600:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1600:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1603:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:1607:21: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:1608:25: danger: ‘__f’ leaks here; was allocated at [(3)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/2)
# 1606|   
# 1607|   		if (sscanf(buf, "%i %*i %u:%u", &id, &kmaj, &kmin) != 3) {
# 1608|-> 			pr_err("Failed to parse mountinfo line %s\n", buf);
# 1609|   			goto err;
# 1610|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def624]
criu-4.1.1/criu/proc_parse.c:1661:23: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:1652:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1652:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1652:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:1652:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:1653:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1653:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1656:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:1659:23: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:1661:23: danger: ‘__f’ leaks here; was allocated at [(3)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/2)
# 1659|   		char *fsname = NULL;
# 1660|   
# 1661|-> 		new = mnt_entry_alloc(false);
# 1662|   		if (!new)
# 1663|   			goto end;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def625]
criu-4.1.1/criu/proc_parse.c:2003:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:1879:12: enter_function: entry to ‘parse_fdinfo_pid_s’
criu-4.1.1/criu/proc_parse.c:1887:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1890:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1890:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1895:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1897:21: call_function: inlined call to ‘IS_ERR’ from ‘parse_fdinfo_pid_s’
criu-4.1.1/criu/proc_parse.c:1897:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1900:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1967:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1979:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1979:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1991:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1996:28: branch_false: following ‘false’ branch (when ‘type == 7’)...
criu-4.1.1/criu/proc_parse.c:1999:29: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1999:29: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:1999:29: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2003:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2003:25: danger: ‘___p’ leaks here; was allocated at [(17)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/16)
# 2001|   				goto out;
# 2002|   
# 2003|-> 			eventpoll_tfd_entry__init(e);
# 2004|   
# 2005|   			ret = sscanf(str,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def626]
criu-4.1.1/criu/proc_parse.c:2070:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:1879:12: enter_function: entry to ‘parse_fdinfo_pid_s’
criu-4.1.1/criu/proc_parse.c:1887:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1890:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1890:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1895:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1897:21: call_function: inlined call to ‘IS_ERR’ from ‘parse_fdinfo_pid_s’
criu-4.1.1/criu/proc_parse.c:1897:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1900:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1967:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1979:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1979:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1991:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1991:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2031:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2031:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2043:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2043:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2055:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2061:28: branch_false: following ‘false’ branch (when ‘type == 12’)...
criu-4.1.1/criu/proc_parse.c:2064:36: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2064:36: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2064:36: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2069:30: call_function: inlined call to ‘xptr_pull_s’ from ‘parse_fdinfo_pid_s’
criu-4.1.1/criu/proc_parse.c:2070:25: danger: ‘___p’ leaks here; was allocated at [(23)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/22)
# 2068|   
# 2069|   			me = xptr_pull(&buf, FanotifyMarkEntry);
# 2070|-> 			fanotify_mark_entry__init(me);
# 2071|   			me->ie = xptr_pull(&buf, FanotifyInodeMarkEntry);
# 2072|   			fanotify_inode_mark_entry__init(me->ie);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def627]
criu-4.1.1/criu/proc_parse.c:2115:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:1879:12: enter_function: entry to ‘parse_fdinfo_pid_s’
criu-4.1.1/criu/proc_parse.c:1887:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1890:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1890:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1895:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1897:21: call_function: inlined call to ‘IS_ERR’ from ‘parse_fdinfo_pid_s’
criu-4.1.1/criu/proc_parse.c:1897:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1900:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1967:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1979:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1979:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1991:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1991:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2031:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2031:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2043:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2043:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2055:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2055:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2101:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2107:28: branch_false: following ‘false’ branch (when ‘type == 12’)...
criu-4.1.1/criu/proc_parse.c:2110:36: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2110:36: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2110:36: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2114:30: call_function: inlined call to ‘xptr_pull_s’ from ‘parse_fdinfo_pid_s’
criu-4.1.1/criu/proc_parse.c:2115:25: danger: ‘___p’ leaks here; was allocated at [(25)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/24)
# 2113|   
# 2114|   			me = xptr_pull(&buf, FanotifyMarkEntry);
# 2115|-> 			fanotify_mark_entry__init(me);
# 2116|   			me->me = xptr_pull(&buf, FanotifyMountMarkEntry);
# 2117|   			fanotify_mount_mark_entry__init(me->me);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def628]
criu-4.1.1/criu/proc_parse.c:2153:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:1879:12: enter_function: entry to ‘parse_fdinfo_pid_s’
criu-4.1.1/criu/proc_parse.c:1887:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1890:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1890:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1895:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1897:21: call_function: inlined call to ‘IS_ERR’ from ‘parse_fdinfo_pid_s’
criu-4.1.1/criu/proc_parse.c:1897:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1900:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1967:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1979:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1979:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:1991:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:1991:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2031:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2031:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2043:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2043:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2055:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2055:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2101:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2101:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2138:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2144:28: branch_false: following ‘false’ branch (when ‘type == 8’)...
criu-4.1.1/criu/proc_parse.c:2147:36: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2147:36: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2147:36: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2152:31: call_function: inlined call to ‘xptr_pull_s’ from ‘parse_fdinfo_pid_s’
criu-4.1.1/criu/proc_parse.c:2153:25: danger: ‘___p’ leaks here; was allocated at [(27)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/26)
# 2151|   
# 2152|   			ify = xptr_pull(&buf, InotifyWdEntry);
# 2153|-> 			inotify_wd_entry__init(ify);
# 2154|   			ify->f_handle = xptr_pull(&buf, FhEntry);
# 2155|   			fh_entry__init(ify->f_handle);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def629]
criu-4.1.1/criu/proc_parse.c:2278:17: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:2331:5: enter_function: entry to ‘parse_file_locks’
criu-4.1.1/criu/proc_parse.c:2339:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2342:20: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2343:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2343:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2346:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2347:30: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2350:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2355:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2355:21: call_function: calling ‘parse_file_lock_buf’ from ‘parse_file_locks’
# 2276|   
# 2277|   	if (num < 10) {
# 2278|-> 		pr_err("Invalid file lock info (%d): %s\n", num, buf);
# 2279|   		return -1;
# 2280|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def630]
criu-4.1.1/criu/proc_parse.c:2307:25: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:2331:5: enter_function: entry to ‘parse_file_locks’
criu-4.1.1/criu/proc_parse.c:2339:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2342:20: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2343:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2343:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2346:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2347:30: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2350:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2355:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2355:21: call_function: calling ‘parse_file_lock_buf’ from ‘parse_file_locks’
# 2305|   			fl->fl_ltype |= LOCK_WRITE;
# 2306|   		} else {
# 2307|-> 			pr_err("Unknown lock option!\n");
# 2308|   			return -1;
# 2309|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def631]
criu-4.1.1/criu/proc_parse.c:2318:25: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:2331:5: enter_function: entry to ‘parse_file_locks’
criu-4.1.1/criu/proc_parse.c:2339:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2342:20: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2343:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2343:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2346:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2347:30: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2350:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2355:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2355:21: call_function: calling ‘parse_file_lock_buf’ from ‘parse_file_locks’
# 2316|   			fl->fl_ltype |= F_RDLCK;
# 2317|   		} else {
# 2318|-> 			pr_err("Unknown lock option!\n");
# 2319|   			return -1;
# 2320|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def632]
criu-4.1.1/criu/proc_parse.c:2349:22: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:2339:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2342:20: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2343:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2343:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2346:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2347:30: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2349:22: danger: ‘__f’ leaks here; was allocated at [(5)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/4)
# 2347|   		is_blocked = strstr(buf, "->") != NULL;
# 2348|   
# 2349|-> 		fl = alloc_file_lock();
# 2350|   		if (!fl) {
# 2351|   			pr_perror("Alloc file lock failed!");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def633]
criu-4.1.1/criu/proc_parse.c:2351:25: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:2339:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2342:20: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2342:20: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2343:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2343:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2346:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2347:30: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2350:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2351:25: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2351:25: danger: ‘__f’ leaks here; was allocated at [(5)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/4)
# 2349|   		fl = alloc_file_lock();
# 2350|   		if (!fl) {
# 2351|-> 			pr_perror("Alloc file lock failed!");
# 2352|   			goto err;
# 2353|   		}

Error: GCC_ANALYZER_WARNING (CWE-457): [#def634]
criu-4.1.1/criu/proc_parse.c:2467:29: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘tidpid[0]’
criu-4.1.1/criu/proc_parse.c:2408:5: enter_function: entry to ‘parse_posix_timers’
criu-4.1.1/criu/proc_parse.c:2425:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2428:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2428:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2435:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2437:21: call_function: inlined call to ‘IS_ERR’ from ‘parse_posix_timers’
criu-4.1.1/criu/proc_parse.c:2437:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2440:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2442:33: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2446:29: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2446:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2489:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2435:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2437:21: call_function: inlined call to ‘IS_ERR’ from ‘parse_posix_timers’
criu-4.1.1/criu/proc_parse.c:2437:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2440:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2450:28: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2435:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2437:21: call_function: inlined call to ‘IS_ERR’ from ‘parse_posix_timers’
criu-4.1.1/criu/proc_parse.c:2437:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2440:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2458:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2461:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2467:29: danger: use of uninitialized value ‘tidpid[0]’ here
# 2465|   			}
# 2466|   
# 2467|-> 			if (tidpid[0] == 't') {
# 2468|   				timer->spt.it_sigev_notify = SIGEV_THREAD_ID;
# 2469|   				timer->spt.notify_thread_id = pid_t;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def635]
criu-4.1.1/criu/proc_parse.c:2517:22: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:2513:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2514:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2517:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2521:21: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2521:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2524:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2524:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2525:31: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2525:31: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2532:27: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2517:22: danger: ‘___p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/10)
# 2515|   		return -1;
# 2516|   
# 2517|-> 	while ((de = readdir(dir))) {
# 2518|   		struct pid *tmp;
# 2519|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def636]
criu-4.1.1/criu/proc_parse.c:2517:22: warning[-Wanalyzer-malloc-leak]: leak of ‘fdopendir(do_open_proc(pid, 0, "task"))’
criu-4.1.1/criu/proc_parse.c:2513:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2513:15: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2513:15: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2513:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2514:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2514:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2517:22: danger: ‘fdopendir(do_open_proc(pid, 0, "task"))’ leaks here; was allocated at [(3)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/2)
# 2515|   		return -1;
# 2516|   
# 2517|-> 	while ((de = readdir(dir))) {
# 2518|   		struct pid *tmp;
# 2519|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def637]
criu-4.1.1/criu/proc_parse.c:2539:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:2513:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2514:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2517:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2521:21: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2521:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2524:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2524:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2525:31: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2525:31: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2532:27: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2517:16: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2539:9: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2539:9: danger: ‘___p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/10)
# 2537|   	}
# 2538|   
# 2539|-> 	closedir(dir);
# 2540|   
# 2541|   	if (*_t == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def638]
criu-4.1.1/criu/proc_parse.c:2545:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:2513:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2514:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2517:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2521:21: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2521:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2524:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2524:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2525:31: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2525:31: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2532:27: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2517:16: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2539:9: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2541:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2545:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2545:17: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2545:17: danger: ‘___p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/10)
# 2543|   		*_n = nr - 1;
# 2544|   	} else
# 2545|-> 		BUG_ON(nr - 1 != *_n);
# 2546|   
# 2547|   	return 0;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def639]
criu-4.1.1/criu/proc_parse.c:2545:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/proc_parse.c:2513:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2514:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2541:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2545:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2545:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2545:17: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2545:17: danger: dereference of NULL ‘0’
# 2543|   		*_n = nr - 1;
# 2544|   	} else
# 2545|-> 		BUG_ON(nr - 1 != *_n);
# 2546|   
# 2547|   	return 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def640]
criu-4.1.1/criu/proc_parse.c:2556:23: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:2621:5: enter_function: entry to ‘parse_thread_cgroup’
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2630:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2634:15: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2634:15: call_function: calling ‘parse_cgroup_file’ from ‘parse_thread_cgroup’
# 2554|   		char *name, *path = NULL, *e;
# 2555|   
# 2556|-> 		ncc = xmalloc(sizeof(*cc));
# 2557|   		if (!ncc)
# 2558|   			goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def641]
criu-4.1.1/criu/proc_parse.c:2569:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:2552:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2556:23: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2556:23: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2556:23: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2567:24: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2568:20: branch_true: following ‘true’ branch (when ‘name’ is NULL)...
criu-4.1.1/criu/proc_parse.c:2569:25: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2569:25: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/37/codeFlows/0/threadFlows/0/locations/2)
# 2567|   		name = strchr(buf, ':');
# 2568|   		if (!name) {
# 2569|-> 			pr_err("Failed parsing cgroup %s\n", buf);
# 2570|   			xfree(ncc);
# 2571|   			goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def642]
criu-4.1.1/criu/proc_parse.c:2569:25: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:2621:5: enter_function: entry to ‘parse_thread_cgroup’
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2630:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2634:15: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2634:15: call_function: calling ‘parse_cgroup_file’ from ‘parse_thread_cgroup’
# 2567|   		name = strchr(buf, ':');
# 2568|   		if (!name) {
# 2569|-> 			pr_err("Failed parsing cgroup %s\n", buf);
# 2570|   			xfree(ncc);
# 2571|   			goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def643]
criu-4.1.1/criu/proc_parse.c:2575:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:2552:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2556:23: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2556:23: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2556:23: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2567:24: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2568:20: branch_false: following ‘false’ branch (when ‘name’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2573:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2574:20: branch_true: following ‘true’ branch (when ‘path’ is NULL)...
criu-4.1.1/criu/proc_parse.c:2575:25: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2575:25: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/2)
# 2573|   		path = strchr(++name, ':');
# 2574|   		if (!path) {
# 2575|-> 			pr_err("Failed parsing cgroup %s\n", buf);
# 2576|   			xfree(ncc);
# 2577|   			goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def644]
criu-4.1.1/criu/proc_parse.c:2575:25: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:2621:5: enter_function: entry to ‘parse_thread_cgroup’
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2630:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2634:15: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2634:15: call_function: calling ‘parse_cgroup_file’ from ‘parse_thread_cgroup’
# 2573|   		path = strchr(++name, ':');
# 2574|   		if (!path) {
# 2575|-> 			pr_err("Failed parsing cgroup %s\n", buf);
# 2576|   			xfree(ncc);
# 2577|   			goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def645]
criu-4.1.1/criu/proc_parse.c:2590:21: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:2552:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2556:23: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2556:23: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2556:23: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2567:24: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2568:20: branch_false: following ‘false’ branch (when ‘name’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2573:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2574:20: branch_false: following ‘false’ branch (when ‘path’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2579:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2581:20: branch_false: following ‘false’ branch (when ‘e’ is NULL)...
criu-4.1.1/criu/proc_parse.c:2590:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2590:21: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/41/codeFlows/0/threadFlows/0/locations/2)
# 2588|   		 * sake or container specifics.
# 2589|   		 */
# 2590|-> 		if (cgp_should_skip_controller(name)) {
# 2591|   			pr_debug("cg-prop: Skipping controller %s\n", name);
# 2592|   			xfree(ncc);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def646]
criu-4.1.1/criu/proc_parse.c:2590:21: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:2621:5: enter_function: entry to ‘parse_thread_cgroup’
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2630:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2634:15: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2634:15: call_function: calling ‘parse_cgroup_file’ from ‘parse_thread_cgroup’
# 2588|   		 * sake or container specifics.
# 2589|   		 */
# 2590|-> 		if (cgp_should_skip_controller(name)) {
# 2591|   			pr_debug("cg-prop: Skipping controller %s\n", name);
# 2592|   			xfree(ncc);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def647]
criu-4.1.1/criu/proc_parse.c:2591:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:2552:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2556:23: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2556:23: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2556:23: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2567:24: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2568:20: branch_false: following ‘false’ branch (when ‘name’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2573:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2574:20: branch_false: following ‘false’ branch (when ‘path’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2579:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2581:20: branch_false: following ‘false’ branch (when ‘e’ is NULL)...
criu-4.1.1/criu/proc_parse.c:2590:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2590:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2591:25: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2591:25: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/43/codeFlows/0/threadFlows/0/locations/2)
# 2589|   		 */
# 2590|   		if (cgp_should_skip_controller(name)) {
# 2591|-> 			pr_debug("cg-prop: Skipping controller %s\n", name);
# 2592|   			xfree(ncc);
# 2593|   			continue;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def648]
criu-4.1.1/criu/proc_parse.c:2591:25: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:2621:5: enter_function: entry to ‘parse_thread_cgroup’
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2630:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2634:15: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2634:15: call_function: calling ‘parse_cgroup_file’ from ‘parse_thread_cgroup’
# 2589|   		 */
# 2590|   		if (cgp_should_skip_controller(name)) {
# 2591|-> 			pr_debug("cg-prop: Skipping controller %s\n", name);
# 2592|   			xfree(ncc);
# 2593|   			continue;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def649]
criu-4.1.1/criu/proc_parse.c:2596:29: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:2552:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2556:23: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2556:23: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2556:23: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2567:24: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2568:20: branch_false: following ‘false’ branch (when ‘name’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2573:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2574:20: branch_false: following ‘false’ branch (when ‘path’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2579:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2581:20: branch_false: following ‘false’ branch (when ‘e’ is NULL)...
criu-4.1.1/criu/proc_parse.c:2590:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2596:29: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/proc_parse.c:2596:29: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2596:29: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/44/codeFlows/0/threadFlows/0/locations/2)
# 2594|   		}
# 2595|   
# 2596|-> 		ncc->name = xstrdup(name);
# 2597|   		ncc->path = xstrdup(path);
# 2598|   		ncc->cgns_prefix = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def650]
criu-4.1.1/criu/proc_parse.c:2596:29: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:2621:5: enter_function: entry to ‘parse_thread_cgroup’
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2630:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2634:15: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2634:15: call_function: calling ‘parse_cgroup_file’ from ‘parse_thread_cgroup’
# 2594|   		}
# 2595|   
# 2596|-> 		ncc->name = xstrdup(name);
# 2597|   		ncc->path = xstrdup(path);
# 2598|   		ncc->cgns_prefix = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def651]
criu-4.1.1/criu/proc_parse.c:2597:29: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:2552:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2556:23: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2556:23: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2556:23: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2567:24: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2568:20: branch_false: following ‘false’ branch (when ‘name’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2573:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2574:20: branch_false: following ‘false’ branch (when ‘path’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2579:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2581:20: branch_false: following ‘false’ branch (when ‘e’ is NULL)...
criu-4.1.1/criu/proc_parse.c:2590:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2596:29: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2596:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2597:29: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/proc_parse.c:2597:29: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2597:29: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/47/codeFlows/0/threadFlows/0/locations/2)
# 2595|   
# 2596|   		ncc->name = xstrdup(name);
# 2597|-> 		ncc->path = xstrdup(path);
# 2598|   		ncc->cgns_prefix = 0;
# 2599|   		if (!ncc->name || !ncc->path) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def652]
criu-4.1.1/criu/proc_parse.c:2597:29: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:2621:5: enter_function: entry to ‘parse_thread_cgroup’
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2630:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2630:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2634:15: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2634:15: call_function: calling ‘parse_cgroup_file’ from ‘parse_thread_cgroup’
# 2595|   
# 2596|   		ncc->name = xstrdup(name);
# 2597|-> 		ncc->path = xstrdup(path);
# 2598|   		ncc->cgns_prefix = 0;
# 2599|   		if (!ncc->name || !ncc->path) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def653]
criu-4.1.1/criu/proc_parse.c:2734:25: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2724:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2725:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2725:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2728:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2732:31: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2733:20: branch_true: following ‘true’ branch (when ‘controllers’ is NULL)...
criu-4.1.1/criu/proc_parse.c:2734:25: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2734:25: danger: ‘__f’ leaks here; was allocated at [(3)](sarif:/runs/0/results/49/codeFlows/0/threadFlows/0/locations/2)
# 2732|   		controllers = strchr(buf, ':');
# 2733|   		if (!controllers) {
# 2734|-> 			pr_err("Unable to parse \"%s\"\n", buf);
# 2735|   			goto err;
# 2736|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def654]
criu-4.1.1/criu/proc_parse.c:2741:25: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2724:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2725:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2725:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2728:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2732:31: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2733:20: branch_false: following ‘false’ branch (when ‘controllers’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2737:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2740:20: branch_true: following ‘true’ branch (when ‘off’ is NULL)...
criu-4.1.1/criu/proc_parse.c:2741:25: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2741:25: danger: ‘__f’ leaks here; was allocated at [(3)](sarif:/runs/0/results/50/codeFlows/0/threadFlows/0/locations/2)
# 2739|   		off = strchr(controllers, ':');
# 2740|   		if (!off) {
# 2741|-> 			pr_err("Unable to parse \"%s\"\n", buf);
# 2742|   			goto err;
# 2743|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def655]
criu-4.1.1/criu/proc_parse.c:2746:21: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2724:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2725:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2725:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2728:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2732:31: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2733:20: branch_false: following ‘false’ branch (when ‘controllers’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2737:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2740:20: branch_false: following ‘false’ branch (when ‘off’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2744:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2746:21: danger: ‘__f’ leaks here; was allocated at [(3)](sarif:/runs/0/results/51/codeFlows/0/threadFlows/0/locations/2)
# 2744|   		*off = '\0';
# 2745|   
# 2746|-> 		if (cgp_should_skip_controller(controllers)) {
# 2747|   			pr_debug("cg-prop: Skipping controller %s\n", controllers);
# 2748|   			continue;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def656]
criu-4.1.1/criu/proc_parse.c:2747:25: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2724:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2725:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2725:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2728:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2732:31: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2733:20: branch_false: following ‘false’ branch (when ‘controllers’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2737:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2740:20: branch_false: following ‘false’ branch (when ‘off’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2744:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2746:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2747:25: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2747:25: danger: ‘__f’ leaks here; was allocated at [(3)](sarif:/runs/0/results/52/codeFlows/0/threadFlows/0/locations/2)
# 2745|   
# 2746|   		if (cgp_should_skip_controller(controllers)) {
# 2747|-> 			pr_debug("cg-prop: Skipping controller %s\n", controllers);
# 2748|   			continue;
# 2749|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def657]
criu-4.1.1/criu/proc_parse.c:2760:38: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2724:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2725:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2725:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2728:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2732:31: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2733:20: branch_false: following ‘false’ branch (when ‘controllers’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2737:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2740:20: branch_false: following ‘false’ branch (when ‘off’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2744:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2746:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2753:28: branch_false: following ‘false’ branch (when ‘off’ is NULL)...
criu-4.1.1/criu/proc_parse.c:2756:30: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2756:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2759:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2759:28: branch_true: following ‘true’ branch (when ‘nc’ is NULL)...
criu-4.1.1/criu/proc_parse.c:2760:38: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2760:38: danger: ‘__f’ leaks here; was allocated at [(3)](sarif:/runs/0/results/53/codeFlows/0/threadFlows/0/locations/2)
# 2758|   
# 2759|   			if (!nc) {
# 2760|-> 				nc = new_controller(controllers);
# 2761|   				if (!nc)
# 2762|   					goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def658]
criu-4.1.1/criu/proc_parse.c:2770:37: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2724:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2725:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2725:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2728:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2732:31: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2733:20: branch_false: following ‘false’ branch (when ‘controllers’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2737:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2740:20: branch_false: following ‘false’ branch (when ‘off’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2744:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2746:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2753:28: branch_true: following ‘true’ branch (when ‘off’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2754:33: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2759:28: branch_true: following ‘true’ branch (when ‘nc’ is NULL)...
criu-4.1.1/criu/proc_parse.c:2760:38: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2761:36: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2763:33: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2784:28: branch_false: following ‘false’ branch (when ‘off’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2786:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2753:28: branch_false: following ‘false’ branch (when ‘off’ is NULL)...
criu-4.1.1/criu/proc_parse.c:2756:30: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2756:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2759:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2759:28: branch_false: following ‘false’ branch (when ‘nc’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2769:33: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2770:37: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/proc_parse.c:2770:37: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2770:37: danger: ‘__f’ leaks here; was allocated at [(3)](sarif:/runs/0/results/54/codeFlows/0/threadFlows/0/locations/2)
# 2768|   
# 2769|   				nc->n_controllers++;
# 2770|-> 				m = xrealloc(nc->controllers, sizeof(char *) * nc->n_controllers);
# 2771|   				if (!m)
# 2772|   					goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def659]
criu-4.1.1/criu/proc_parse.c:2776:37: warning[-Wanalyzer-malloc-leak]: leak of ‘__f’
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2724:13: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2724:13: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2725:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2725:12: branch_false: following ‘false’ branch (when ‘__f’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2728:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2732:31: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2733:20: branch_false: following ‘false’ branch (when ‘controllers’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2737:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2740:20: branch_false: following ‘false’ branch (when ‘off’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2744:17: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2746:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2753:28: branch_true: following ‘true’ branch (when ‘off’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2754:33: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2759:28: branch_true: following ‘true’ branch (when ‘nc’ is NULL)...
criu-4.1.1/criu/proc_parse.c:2760:38: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2761:36: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2763:33: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2784:28: branch_false: following ‘false’ branch (when ‘off’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2786:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2753:28: branch_false: following ‘false’ branch (when ‘off’ is NULL)...
criu-4.1.1/criu/proc_parse.c:2756:30: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2756:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2759:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2759:28: branch_false: following ‘false’ branch (when ‘nc’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2769:33: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2770:37: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2774:33: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2776:37: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/proc_parse.c:2776:37: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2776:37: danger: ‘__f’ leaks here; was allocated at [(3)](sarif:/runs/0/results/55/codeFlows/0/threadFlows/0/locations/2)
# 2774|   				nc->controllers = m;
# 2775|   
# 2776|-> 				n = xstrdup(controllers);
# 2777|   				if (!n)
# 2778|   					goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def660]
criu-4.1.1/criu/proc_parse.c:2837:22: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:2833:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2834:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2837:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2840:21: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2844:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2847:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2847:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2854:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2861:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2871:27: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2854:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2856:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2874:17: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2837:22: danger: ‘___p’ leaks here; was allocated at [(15)](sarif:/runs/0/results/57/codeFlows/0/threadFlows/0/locations/14)
# 2835|   		return -1;
# 2836|   
# 2837|-> 	while ((de = readdir(dir))) {
# 2838|   		char *pos, *end;
# 2839|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def661]
criu-4.1.1/criu/proc_parse.c:2837:22: warning[-Wanalyzer-malloc-leak]: leak of ‘fdopendir(do_open_proc(pid, 0, "task"))’
criu-4.1.1/criu/proc_parse.c:2833:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2833:15: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2833:15: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:2833:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2834:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2834:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2837:22: danger: ‘fdopendir(do_open_proc(pid, 0, "task"))’ leaks here; was allocated at [(3)](sarif:/runs/0/results/56/codeFlows/0/threadFlows/0/locations/2)
# 2835|   		return -1;
# 2836|   
# 2837|-> 	while ((de = readdir(dir))) {
# 2838|   		char *pos, *end;
# 2839|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def662]
criu-4.1.1/criu/proc_parse.c:2843:24: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:2833:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2834:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2837:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2840:21: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2844:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2847:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2847:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2854:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2861:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2871:27: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2854:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2856:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2874:17: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2837:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2840:21: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2840:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2843:24: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2843:24: danger: ‘___p’ leaks here; was allocated at [(15)](sarif:/runs/0/results/58/codeFlows/0/threadFlows/0/locations/14)
# 2841|   			continue;
# 2842|   
# 2843|-> 		f.fd = open_proc(pid, "task/%s/children", de->d_name);
# 2844|   		if (f.fd < 0)
# 2845|   			goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def663]
criu-4.1.1/criu/proc_parse.c:2847:21: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:2833:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2834:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2837:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2840:21: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2844:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2847:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2847:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2854:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2861:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2871:27: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2854:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2856:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2874:17: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2837:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2840:21: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2840:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2843:24: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2844:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2847:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2847:21: danger: ‘___p’ leaks here; was allocated at [(15)](sarif:/runs/0/results/60/codeFlows/0/threadFlows/0/locations/14)
# 2845|   			goto err;
# 2846|   
# 2847|-> 		if (bfdopenr(&f))
# 2848|   			goto err;
# 2849|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def664]
criu-4.1.1/criu/proc_parse.c:2853:31: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:2833:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2834:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2837:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2840:21: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2844:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2847:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2847:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2854:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2861:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2871:27: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2853:31: danger: ‘___p’ leaks here; was allocated at [(15)](sarif:/runs/0/results/61/codeFlows/0/threadFlows/0/locations/14)
# 2851|   			pid_t val, *tmp;
# 2852|   
# 2853|-> 			pos = breadchr(&f, ' ');
# 2854|   			if (IS_ERR(pos))
# 2855|   				goto err_close;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def665]
criu-4.1.1/criu/proc_parse.c:2862:33: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:2833:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2834:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2837:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2840:21: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2844:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2847:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2847:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2854:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2861:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2871:27: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2854:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2859:31: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2861:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2862:33: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2862:33: danger: ‘___p’ leaks here; was allocated at [(15)](sarif:/runs/0/results/62/codeFlows/0/threadFlows/0/locations/14)
# 2860|   
# 2861|   			if (*end != 0 && *end != ' ') {
# 2862|-> 				pr_err("Unable to parse %s\n", end);
# 2863|   				goto err_close;
# 2864|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def666]
criu-4.1.1/criu/proc_parse.c:2866:31: warning[-Wanalyzer-malloc-leak]: leak of ‘ch’
criu-4.1.1/criu/proc_parse.c:2833:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2834:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2837:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2840:21: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2844:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2847:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2847:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2854:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2861:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2871:27: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2854:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2859:31: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2861:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2866:31: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/proc_parse.c:2866:31: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2866:31: danger: ‘ch’ leaks here; was allocated at [(15)](sarif:/runs/0/results/63/codeFlows/0/threadFlows/0/locations/14)
# 2864|   			}
# 2865|   
# 2866|-> 			tmp = xrealloc(ch, (nr + 1) * sizeof(pid_t));
# 2867|   			if (!tmp)
# 2868|   				goto err_close;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def667]
criu-4.1.1/criu/proc_parse.c:2874:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:2833:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2834:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2837:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2840:21: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2844:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2847:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2847:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2854:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2861:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2871:27: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2854:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2856:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2874:17: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2874:17: danger: ‘___p’ leaks here; was allocated at [(15)](sarif:/runs/0/results/64/codeFlows/0/threadFlows/0/locations/14)
# 2872|   			nr++;
# 2873|   		}
# 2874|-> 		bclose(&f);
# 2875|   	}
# 2876|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def668]
criu-4.1.1/criu/proc_parse.c:2883:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:2833:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2834:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2837:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2840:21: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2844:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2847:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2847:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2854:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2861:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2871:27: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2854:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2859:31: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2861:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2871:27: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2854:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2859:31: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2861:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2871:27: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2883:9: danger: ‘___p’ leaks here; was allocated at [(15)](sarif:/runs/0/results/65/codeFlows/0/threadFlows/0/locations/14)
# 2881|   	return 0;
# 2882|   err_close:
# 2883|-> 	bclose(&f);
# 2884|   err:
# 2885|   	closedir(dir);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def669]
criu-4.1.1/criu/proc_parse.c:2885:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/proc_parse.c:2833:15: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2834:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2837:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2840:21: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2844:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2847:21: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2847:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2854:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2861:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2866:31: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/proc_parse.c:2871:27: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2854:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2856:28: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2856:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2874:17: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2837:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2840:21: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2840:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:2843:24: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:2844:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:2845:25: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:2885:9: danger: ‘___p’ leaks here; was allocated at [(15)](sarif:/runs/0/results/66/codeFlows/0/threadFlows/0/locations/14)
# 2883|   	bclose(&f);
# 2884|   err:
# 2885|-> 	closedir(dir);
# 2886|   	xfree(ch);
# 2887|   	return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def670]
criu-4.1.1/criu/protobuf.c:88:15: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
criu-4.1.1/criu/protobuf.c:57:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/protobuf.c:62:9: branch_false: ...to here
criu-4.1.1/criu/protobuf.c:68:12: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/protobuf.c:75:20: branch_false: ...to here
criu-4.1.1/criu/protobuf.c:75:19: branch_false: following ‘false’ branch...
criu-4.1.1/criu/protobuf.c:81:13: branch_false: ...to here
criu-4.1.1/criu/protobuf.c:81:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/protobuf.c:83:23: branch_true: ...to here
criu-4.1.1/criu/protobuf.c:83:23: acquire_memory: allocated here
criu-4.1.1/criu/protobuf.c:83:23: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/protobuf.c:88:15: branch_false: ...to here
criu-4.1.1/criu/protobuf.c:88:15: danger: ‘buf’ leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
#   86|   	}
#   87|   
#   88|-> 	ret = bread(&img->_x, buf, size);
#   89|   	if (ret < 0) {
#   90|   		pr_perror("Can't read %d bytes from file %s", size, image_name(img, img_name_buf));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def671]
criu-4.1.1/criu/protobuf.c:144:18: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
criu-4.1.1/criu/protobuf.c:121:5: enter_function: entry to ‘pb_write_one’
criu-4.1.1/criu/protobuf.c:129:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/protobuf.c:134:13: call_function: inlined call to ‘lazy_image’ from ‘pb_write_one’
criu-4.1.1/criu/protobuf.c:138:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/protobuf.c:139:23: branch_true: ...to here
criu-4.1.1/criu/protobuf.c:139:23: acquire_memory: allocated here
criu-4.1.1/criu/protobuf.c:139:23: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/protobuf.c:144:18: branch_false: ...to here
criu-4.1.1/criu/protobuf.c:144:18: danger: ‘buf’ leaks here; was allocated at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#  142|   	}
#  143|   
#  144|-> 	packed = cr_pb_descs[type].pack(obj, buf);
#  145|   	if (packed != size) {
#  146|   		pr_err("Failed packing PB object %p\n", obj);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def672]
criu-4.1.1/criu/pstree.c:238:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  236|   int init_pstree_helper(struct pstree_item *ret)
#  237|   {
#  238|-> 	BUG_ON(!ret->parent);
#  239|   	ret->pid->state = TASK_HELPER;
#  240|   	rsti(ret)->clone_flags = CLONE_FILES | CLONE_FS;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def673]
criu-4.1.1/criu/pstree.c:490:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  488|   	if (!node)
#  489|   		return NULL;
#  490|-> 	BUG_ON(node->state == TASK_THREAD);
#  491|   
#  492|   	return node->item;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def674]
criu-4.1.1/criu/pstree.c:560:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/pstree.c:643:12: enter_function: entry to ‘read_pstree_image’
criu-4.1.1/criu/pstree.c:651:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/pstree.c:655:23: call_function: calling ‘read_one_pstree_item’ from ‘read_pstree_image’
#  558|   	if (pi == NULL)
#  559|   		goto err;
#  560|-> 	BUG_ON(pi->pid->state != TASK_UNDEF);
#  561|   
#  562|   	/*

Error: GCC_ANALYZER_WARNING (CWE-476): [#def675]
criu-4.1.1/criu/pstree.c:714:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/pstree.c:689:12: enter_function: entry to ‘prepare_pstree_ids’
criu-4.1.1/criu/pstree.c:702:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/pstree.c:710:21: branch_true: ...to here
criu-4.1.1/criu/pstree.c:710:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pstree.c:710:65: call_function: inlined call to ‘vpid’ from ‘prepare_pstree_ids’
criu-4.1.1/criu/pstree.c:710:21: branch_false: following ‘false’ branch...
criu-4.1.1/criu/pstree.c:713:26: branch_false: ...to here
criu-4.1.1/criu/pstree.c:713:26: call_function: calling ‘pstree_item_by_virt’ from ‘prepare_pstree_ids’
criu-4.1.1/criu/pstree.c:713:26: return_function: returning to ‘prepare_pstree_ids’ from ‘pstree_item_by_virt’
criu-4.1.1/criu/pstree.c:714:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/pstree.c:714:17: branch_true: ...to here
criu-4.1.1/criu/pstree.c:714:17: danger: dereference of NULL ‘0’
#  712|   
#  713|   		leader = pstree_item_by_virt(item->sid);
#  714|-> 		BUG_ON(leader == NULL);
#  715|   		if (leader->pid->state != TASK_UNDEF) {
#  716|   			pid_t helper_pid;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def676]
criu-4.1.1/criu/pstree.c:1104:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 1102|   	if (pid == NULL)
# 1103|   		return NULL;
# 1104|-> 	BUG_ON(pid->state == TASK_THREAD);
# 1105|   
# 1106|   	return pid->item;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def677]
criu-4.1.1/criu/rst-malloc.c:150:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  148|   {
#  149|   	struct rst_mem_type_s *t = &rst_mems[type];
#  150|-> 	BUG_ON(!t->remapable || !t->enabled);
#  151|   
#  152|   	rst_mem_align(type);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def678]
criu-4.1.1/criu/rst-malloc.c:160:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/rst-malloc.c:160:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/rst-malloc.c:160:9: branch_false: ...to here
criu-4.1.1/criu/rst-malloc.c:160:9: danger: dereference of NULL ‘0’
#  158|   {
#  159|   	struct rst_mem_type_s *t = &rst_mems[type];
#  160|-> 	BUG_ON(!t->remapable);
#  161|   	return t->buf + pos;
#  162|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def679]
criu-4.1.1/criu/rst-malloc.c:169:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/rst-malloc.c:169:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/rst-malloc.c:169:9: branch_false: ...to here
criu-4.1.1/criu/rst-malloc.c:169:9: danger: dereference of NULL ‘0’
#  167|   	void *ret;
#  168|   
#  169|-> 	BUG_ON(!t->enabled);
#  170|   
#  171|   	if ((t->free_bytes < size) && t->grow(t, size)) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def680]
criu-4.1.1/criu/rst-malloc.c:188:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  186|   	struct rst_mem_type_s *t = &rst_mems[type];
#  187|   
#  188|-> 	BUG_ON(!t->enabled);
#  189|   
#  190|   	t->free_mem -= t->last;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def681]
criu-4.1.1/criu/rst-malloc.c:211:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  209|   	void *aux;
#  210|   
#  211|-> 	BUG_ON(!t->remapable || t->enabled);
#  212|   
#  213|   	if (!t->buf)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def682]
criu-4.1.1/criu/seccomp.c:173:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/seccomp.c:140:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seccomp.c:145:20: branch_false: following ‘false’ branch (when ‘len >= 0’)...
criu-4.1.1/criu/seccomp.c:154:20: branch_false: ...to here
criu-4.1.1/criu/seccomp.c:154:20: branch_true: following ‘true’ branch (when ‘meta’ is non-NULL)...
criu-4.1.1/criu/seccomp.c:155:25: branch_true: ...to here
criu-4.1.1/criu/seccomp.c:157:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seccomp.c:169:25: branch_false: ...to here
criu-4.1.1/criu/seccomp.c:169:25: acquire_memory: allocated here
criu-4.1.1/criu/seccomp.c:169:25: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/seccomp.c:173:17: branch_false: ...to here
criu-4.1.1/criu/seccomp.c:173:17: danger: ‘___p’ leaks here; was allocated at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
#  171|   			return -1;
#  172|   
#  173|-> 		seccomp_filter__init(&chain->filter);
#  174|   
#  175|   		chain->filter.has_flags = true;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def683]
criu-4.1.1/criu/seccomp.c:222:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/seccomp.c:211:13: enter_function: entry to ‘try_use_tsync’
criu-4.1.1/criu/seccomp.c:217:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seccomp.c:220:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seccomp.c:221:25: branch_true: ...to here
criu-4.1.1/criu/seccomp.c:221:25: call_function: calling ‘seccomp_lookup’ from ‘try_use_tsync’
criu-4.1.1/criu/seccomp.c:221:25: return_function: returning to ‘try_use_tsync’ from ‘seccomp_lookup’
criu-4.1.1/criu/seccomp.c:222:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seccomp.c:222:17: branch_true: ...to here
criu-4.1.1/criu/seccomp.c:222:17: danger: dereference of NULL ‘0’
#  220|   	for (i = 0; i < item->nr_threads; i++) {
#  221|   		entry = seccomp_find_entry(item->threads[i].real);
#  222|-> 		BUG_ON(!entry);
#  223|   
#  224|   		if (entry == leader)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def684]
criu-4.1.1/criu/seccomp.c:234:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/seccomp.c:211:13: enter_function: entry to ‘try_use_tsync’
criu-4.1.1/criu/seccomp.c:217:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seccomp.c:220:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seccomp.c:221:25: branch_true: ...to here
criu-4.1.1/criu/seccomp.c:221:25: call_function: calling ‘seccomp_lookup’ from ‘try_use_tsync’
criu-4.1.1/criu/seccomp.c:221:25: return_function: returning to ‘try_use_tsync’ from ‘seccomp_lookup’
criu-4.1.1/criu/seccomp.c:222:17: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seccomp.c:224:20: branch_false: ...to here
criu-4.1.1/criu/seccomp.c:227:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seccomp.c:234:25: danger: dereference of NULL ‘0’
#  232|   
#  233|   		for (j = 0; j < leader->nr_chains; j++) {
#  234|-> 			BUG_ON((!chain_a || !chain_b));
#  235|   
#  236|   			if (chain_a->filter.filter.len != chain_b->filter.filter.len)

Error: GCC_ANALYZER_WARNING (CWE-476): [#def685]
criu-4.1.1/criu/seccomp.c:256:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/seccomp.c:211:13: enter_function: entry to ‘try_use_tsync’
criu-4.1.1/criu/seccomp.c:217:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seccomp.c:254:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seccomp.c:255:25: branch_true: ...to here
criu-4.1.1/criu/seccomp.c:255:25: call_function: calling ‘seccomp_lookup’ from ‘try_use_tsync’
criu-4.1.1/criu/seccomp.c:255:25: return_function: returning to ‘try_use_tsync’ from ‘seccomp_lookup’
criu-4.1.1/criu/seccomp.c:256:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seccomp.c:256:17: branch_true: ...to here
criu-4.1.1/criu/seccomp.c:256:17: danger: dereference of NULL ‘0’
#  254|   	for (i = 0; i < item->nr_threads; i++) {
#  255|   		entry = seccomp_find_entry(item->threads[i].real);
#  256|-> 		BUG_ON(!entry);
#  257|   
#  258|   		if (entry == leader)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def686]
criu-4.1.1/criu/seccomp.c:318:21: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/seccomp.c:312:12: branch_true: following ‘true’ branch (when ‘nr_chains != 0’)...
criu-4.1.1/criu/seccomp.c:313:38: branch_true: ...to here
criu-4.1.1/criu/seccomp.c:313:38: acquire_memory: allocated here
criu-4.1.1/criu/seccomp.c:313:38: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/seccomp.c:313:17: branch_false: ...to here
criu-4.1.1/criu/seccomp.c:314:20: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/seccomp.c:318:21: branch_false: ...to here
criu-4.1.1/criu/seccomp.c:318:21: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#  316|   	}
#  317|   
#  318|-> 	for (node = rb_first(&seccomp_tid_rb_root); node; node = rb_next(node)) {
#  319|   		entry = rb_entry(node, struct seccomp_entry, node);
#  320|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def687]
criu-4.1.1/criu/seccomp.c:318:66: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/seccomp.c:312:12: branch_true: following ‘true’ branch (when ‘nr_chains != 0’)...
criu-4.1.1/criu/seccomp.c:313:38: branch_true: ...to here
criu-4.1.1/criu/seccomp.c:313:38: acquire_memory: allocated here
criu-4.1.1/criu/seccomp.c:313:38: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/seccomp.c:313:17: branch_false: ...to here
criu-4.1.1/criu/seccomp.c:314:20: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/seccomp.c:318:21: branch_false: ...to here
criu-4.1.1/criu/seccomp.c:318:53: branch_true: following ‘true’ branch (when ‘node’ is non-NULL)...
criu-4.1.1/criu/seccomp.c:321:22: branch_true: ...to here
criu-4.1.1/criu/seccomp.c:321:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seccomp.c:321:20: branch_true: ...to here
criu-4.1.1/criu/seccomp.c:318:66: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
#  316|   	}
#  317|   
#  318|-> 	for (node = rb_first(&seccomp_tid_rb_root); node; node = rb_next(node)) {
#  319|   		entry = rb_entry(node, struct seccomp_entry, node);
#  320|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def688]
criu-4.1.1/criu/seccomp.c:326:33: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/seccomp.c:312:12: branch_true: following ‘true’ branch (when ‘nr_chains != 0’)...
criu-4.1.1/criu/seccomp.c:313:38: branch_true: ...to here
criu-4.1.1/criu/seccomp.c:313:38: acquire_memory: allocated here
criu-4.1.1/criu/seccomp.c:313:38: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/seccomp.c:313:17: branch_false: ...to here
criu-4.1.1/criu/seccomp.c:314:20: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/seccomp.c:318:21: branch_false: ...to here
criu-4.1.1/criu/seccomp.c:318:53: branch_true: following ‘true’ branch (when ‘node’ is non-NULL)...
criu-4.1.1/criu/seccomp.c:321:22: branch_true: ...to here
criu-4.1.1/criu/seccomp.c:321:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seccomp.c:324:22: branch_false: ...to here
criu-4.1.1/criu/seccomp.c:324:44: branch_true: following ‘true’ branch (when ‘chain’ is non-NULL)...
criu-4.1.1/criu/seccomp.c:325:28: branch_true: ...to here
criu-4.1.1/criu/seccomp.c:325:28: branch_true: following ‘true’ branch (when ‘img_filter_pos >= nr_chains’)...
criu-4.1.1/criu/seccomp.c:326:33: branch_true: ...to here
criu-4.1.1/criu/seccomp.c:326:33: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/2)
#  324|   		for (chain = entry->chain; chain; chain = chain->prev) {
#  325|   			if (img_filter_pos >= nr_chains) {
#  326|-> 				pr_err("Unexpected position %zu > %zu\n", img_filter_pos, nr_chains);
#  327|   				xfree(se.seccomp_filters);
#  328|   				return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def689]
criu-4.1.1/criu/seccomp.c:342:15: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/seccomp.c:297:12: enter_function: entry to ‘dump_seccomp_filters’
criu-4.1.1/criu/seccomp.c:312:12: branch_true: following ‘true’ branch (when ‘nr_chains != 0’)...
criu-4.1.1/criu/seccomp.c:313:38: branch_true: ...to here
criu-4.1.1/criu/seccomp.c:313:38: acquire_memory: allocated here
criu-4.1.1/criu/seccomp.c:313:38: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/seccomp.c:313:17: branch_false: ...to here
criu-4.1.1/criu/seccomp.c:314:20: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/seccomp.c:318:21: branch_false: ...to here
criu-4.1.1/criu/seccomp.c:342:15: call_function: calling ‘img_from_set’ from ‘dump_seccomp_filters’
criu-4.1.1/criu/seccomp.c:342:15: return_function: returning to ‘dump_seccomp_filters’ from ‘img_from_set’
criu-4.1.1/criu/seccomp.c:342:15: danger: ‘___p’ leaks here; was allocated at [(4)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/3)
#  340|   	}
#  341|   
#  342|-> 	ret = pb_write_one(img_from_set(glob_imgset, CR_FD_SECCOMP), &se, PB_SECCOMP);
#  343|   
#  344|   	xfree(se.seccomp_filters);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def690]
criu-4.1.1/criu/seccomp.c:380:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/seccomp.c:372:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seccomp.c:375:15: branch_false: ...to here
criu-4.1.1/criu/seccomp.c:377:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seccomp.c:380:9: branch_false: ...to here
criu-4.1.1/criu/seccomp.c:380:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seccomp.c:380:9: branch_true: ...to here
criu-4.1.1/criu/seccomp.c:380:9: danger: dereference of NULL ‘0’
#  378|   		return 0; /* there were no filters */
#  379|   
#  380|-> 	BUG_ON(!seccomp_img_entry);
#  381|   
#  382|   	return 0;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def691]
criu-4.1.1/criu/seize.c:51:22: warning[-Wanalyzer-file-leak]: leak of FILE ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:312:25: branch_true: ...to here
criu-4.1.1/criu/seize.c:312:25: call_function: inlined call to ‘__task_comm_info’ from ‘seize_cgroup_tree’
#   49|   
#   50|   		snprintf(path, sizeof(path), "/proc/%d/comm", pid);
#   51|-> 		fd = open(path, O_RDONLY);
#   52|   		if (fd >= 0) {
#   53|   			ssize_t n = read(fd, comm, size);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def692]
criu-4.1.1/criu/seize.c:51:22: warning[-Wanalyzer-malloc-leak]: leak of ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:312:25: branch_true: ...to here
criu-4.1.1/criu/seize.c:312:25: call_function: inlined call to ‘__task_comm_info’ from ‘seize_cgroup_tree’
#   49|   
#   50|   		snprintf(path, sizeof(path), "/proc/%d/comm", pid);
#   51|-> 		fd = open(path, O_RDONLY);
#   52|   		if (fd >= 0) {
#   53|   			ssize_t n = read(fd, comm, size);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def693]
criu-4.1.1/criu/seize.c:59:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(&path, 0)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:312:25: branch_true: ...to here
criu-4.1.1/criu/seize.c:312:25: call_function: inlined call to ‘__task_comm_info’ from ‘seize_cgroup_tree’
#   57|   				comm[n - 1] = '\0';
#   58|   			} else {
#   59|-> 				pr_warn("Failed to read %s: %s\n", path, strerror(errno));
#   60|   			}
#   61|   			close(fd);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def694]
criu-4.1.1/criu/seize.c:59:33: warning[-Wanalyzer-file-leak]: leak of FILE ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:312:25: branch_true: ...to here
criu-4.1.1/criu/seize.c:312:25: call_function: inlined call to ‘__task_comm_info’ from ‘seize_cgroup_tree’
#   57|   				comm[n - 1] = '\0';
#   58|   			} else {
#   59|-> 				pr_warn("Failed to read %s: %s\n", path, strerror(errno));
#   60|   			}
#   61|   			close(fd);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def695]
criu-4.1.1/criu/seize.c:59:33: warning[-Wanalyzer-malloc-leak]: leak of ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:312:25: branch_true: ...to here
criu-4.1.1/criu/seize.c:312:25: call_function: inlined call to ‘__task_comm_info’ from ‘seize_cgroup_tree’
#   57|   				comm[n - 1] = '\0';
#   58|   			} else {
#   59|-> 				pr_warn("Failed to read %s: %s\n", path, strerror(errno));
#   60|   			}
#   61|   			close(fd);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def696]
criu-4.1.1/criu/seize.c:61:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(&path, 0)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:312:25: branch_true: ...to here
criu-4.1.1/criu/seize.c:312:25: call_function: inlined call to ‘__task_comm_info’ from ‘seize_cgroup_tree’
#   59|   				pr_warn("Failed to read %s: %s\n", path, strerror(errno));
#   60|   			}
#   61|-> 			close(fd);
#   62|   		} else {
#   63|   			pr_warn("Failed to open %s: %s\n", path, strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def697]
criu-4.1.1/criu/seize.c:61:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:312:25: branch_true: ...to here
criu-4.1.1/criu/seize.c:312:25: call_function: inlined call to ‘__task_comm_info’ from ‘seize_cgroup_tree’
#   59|   				pr_warn("Failed to read %s: %s\n", path, strerror(errno));
#   60|   			}
#   61|-> 			close(fd);
#   62|   		} else {
#   63|   			pr_warn("Failed to open %s: %s\n", path, strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def698]
criu-4.1.1/criu/seize.c:61:25: warning[-Wanalyzer-malloc-leak]: leak of ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:312:25: branch_true: ...to here
criu-4.1.1/criu/seize.c:312:25: call_function: inlined call to ‘__task_comm_info’ from ‘seize_cgroup_tree’
#   59|   				pr_warn("Failed to read %s: %s\n", path, strerror(errno));
#   60|   			}
#   61|-> 			close(fd);
#   62|   		} else {
#   63|   			pr_warn("Failed to open %s: %s\n", path, strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def699]
criu-4.1.1/criu/seize.c:63:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:312:25: branch_true: ...to here
criu-4.1.1/criu/seize.c:312:25: call_function: inlined call to ‘__task_comm_info’ from ‘seize_cgroup_tree’
#   61|   			close(fd);
#   62|   		} else {
#   63|-> 			pr_warn("Failed to open %s: %s\n", path, strerror(errno));
#   64|   		}
#   65|   		errno = saved_errno;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def700]
criu-4.1.1/criu/seize.c:63:25: warning[-Wanalyzer-malloc-leak]: leak of ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:312:25: branch_true: ...to here
criu-4.1.1/criu/seize.c:312:25: call_function: inlined call to ‘__task_comm_info’ from ‘seize_cgroup_tree’
#   61|   			close(fd);
#   62|   		} else {
#   63|-> 			pr_warn("Failed to open %s: %s\n", path, strerror(errno));
#   64|   		}
#   65|   		errno = saved_errno;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def701]
criu-4.1.1/criu/seize.c:180:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(&path, "r")’
criu-4.1.1/criu/seize.c:511:12: enter_function: entry to ‘prepare_freezer_for_interrupt_only_mode’
criu-4.1.1/criu/seize.c:517:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:519:14: branch_true: ...to here
criu-4.1.1/criu/seize.c:519:14: call_function: calling ‘freezer_open’ from ‘prepare_freezer_for_interrupt_only_mode’
criu-4.1.1/criu/seize.c:519:14: return_function: returning to ‘prepare_freezer_for_interrupt_only_mode’ from ‘freezer_open’
criu-4.1.1/criu/seize.c:520:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:523:17: branch_false: ...to here
criu-4.1.1/criu/seize.c:523:17: call_function: calling ‘get_freezer_state’ from ‘prepare_freezer_for_interrupt_only_mode’
#  178|   	}
#  179|   
#  180|-> 	pr_err("Unknown freezer state: %c\n", state);
#  181|   close:
#  182|   	fclose(event);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def702]
criu-4.1.1/criu/seize.c:180:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(&path, "r")’
criu-4.1.1/criu/seize.c:511:12: enter_function: entry to ‘prepare_freezer_for_interrupt_only_mode’
criu-4.1.1/criu/seize.c:517:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:519:14: branch_true: ...to here
criu-4.1.1/criu/seize.c:519:14: call_function: calling ‘freezer_open’ from ‘prepare_freezer_for_interrupt_only_mode’
criu-4.1.1/criu/seize.c:519:14: return_function: returning to ‘prepare_freezer_for_interrupt_only_mode’ from ‘freezer_open’
criu-4.1.1/criu/seize.c:520:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:523:17: branch_false: ...to here
criu-4.1.1/criu/seize.c:523:17: call_function: calling ‘get_freezer_state’ from ‘prepare_freezer_for_interrupt_only_mode’
#  178|   	}
#  179|   
#  180|-> 	pr_err("Unknown freezer state: %c\n", state);
#  181|   close:
#  182|   	fclose(event);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def703]
criu-4.1.1/criu/seize.c:214:26: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘freezer_open()’
criu-4.1.1/criu/seize.c:820:6: enter_function: entry to ‘pstree_switch_state’
criu-4.1.1/criu/seize.c:824:12: branch_false: following ‘false’ branch (when ‘root_item’ is non-NULL)...
criu-4.1.1/criu/seize.c:827:12: branch_false: ...to here
criu-4.1.1/criu/seize.c:827:12: branch_true: following ‘true’ branch (when ‘st != 2’)...
criu-4.1.1/criu/seize.c:828:17: branch_true: ...to here
criu-4.1.1/criu/seize.c:828:17: call_function: calling ‘freezer_restore_state’ from ‘pstree_switch_state’
#  212|   		if (cgroup_v2)
#  213|   			state[0] = '1';
#  214|-> 		else if (__strlcpy(state, frozen, sizeof(state)) >= sizeof(state))
#  215|   			return -1;
#  216|   	} else {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def704]
criu-4.1.1/criu/seize.c:312:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:312:25: branch_true: ...to here
criu-4.1.1/criu/seize.c:312:25: danger: ‘freezer_open_thread_list(root_path)’ leaks here; was opened at [(4)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/3)
#  310|   			continue;
#  311|   		if (errno != ESRCH) {
#  312|-> 			pr_perror("Unexpected error for pid %d (comm %s)", pid, __task_comm_info(pid));
#  313|   			fclose(f);
#  314|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def705]
criu-4.1.1/criu/seize.c:312:25: warning[-Wanalyzer-malloc-leak]: leak of ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:312:25: branch_true: ...to here
criu-4.1.1/criu/seize.c:312:25: danger: ‘freezer_open_thread_list(root_path)’ leaks here; was allocated at [(4)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/3)
#  310|   			continue;
#  311|   		if (errno != ESRCH) {
#  312|-> 			pr_perror("Unexpected error for pid %d (comm %s)", pid, __task_comm_info(pid));
#  313|   			fclose(f);
#  314|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def706]
criu-4.1.1/criu/seize.c:317:22: warning[-Wanalyzer-file-leak]: leak of FILE ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:317:22: branch_false: ...to here
criu-4.1.1/criu/seize.c:317:22: danger: ‘freezer_open_thread_list(root_path)’ leaks here; was opened at [(4)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/3)
#  315|   		}
#  316|   
#  317|-> 		if (!compel_interrupt_task(pid)) {
#  318|   			pr_debug("SEIZE %d (comm %s): success\n", pid, __task_comm_info(pid));
#  319|   			processes_to_wait++;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def707]
criu-4.1.1/criu/seize.c:317:22: warning[-Wanalyzer-malloc-leak]: leak of ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:317:22: branch_false: ...to here
criu-4.1.1/criu/seize.c:317:22: danger: ‘freezer_open_thread_list(root_path)’ leaks here; was allocated at [(4)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/3)
#  315|   		}
#  316|   
#  317|-> 		if (!compel_interrupt_task(pid)) {
#  318|   			pr_debug("SEIZE %d (comm %s): success\n", pid, __task_comm_info(pid));
#  319|   			processes_to_wait++;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def708]
criu-4.1.1/criu/seize.c:318:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:317:22: branch_false: ...to here
criu-4.1.1/criu/seize.c:317:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:318:25: call_function: inlined call to ‘__task_comm_info’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:318:25: danger: ‘freezer_open_thread_list(root_path)’ leaks here; was opened at [(4)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/3)
#  316|   
#  317|   		if (!compel_interrupt_task(pid)) {
#  318|-> 			pr_debug("SEIZE %d (comm %s): success\n", pid, __task_comm_info(pid));
#  319|   			processes_to_wait++;
#  320|   		} else if (state == FROZEN) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def709]
criu-4.1.1/criu/seize.c:318:25: warning[-Wanalyzer-malloc-leak]: leak of ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:317:22: branch_false: ...to here
criu-4.1.1/criu/seize.c:317:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:318:25: call_function: inlined call to ‘__task_comm_info’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:318:25: danger: ‘freezer_open_thread_list(root_path)’ leaks here; was allocated at [(4)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/3)
#  316|   
#  317|   		if (!compel_interrupt_task(pid)) {
#  318|-> 			pr_debug("SEIZE %d (comm %s): success\n", pid, __task_comm_info(pid));
#  319|   			processes_to_wait++;
#  320|   		} else if (state == FROZEN) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def710]
criu-4.1.1/criu/seize.c:335:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:317:22: branch_false: ...to here
criu-4.1.1/criu/seize.c:317:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:320:27: branch_false: ...to here
criu-4.1.1/criu/seize.c:320:27: branch_true: following ‘true’ branch (when ‘state == 1’)...
criu-4.1.1/criu/seize.c:321:30: branch_true: ...to here
criu-4.1.1/criu/seize.c:335:25: danger: ‘freezer_open_thread_list(root_path)’ leaks here; was opened at [(4)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/3)
#  333|   			 * should wait a bit and try freezing again.
#  334|   			 */
#  335|-> 			pr_err("zombie %d (comm %s) found while seizing\n", pid, __task_comm_info(pid));
#  336|   			fclose(f);
#  337|   			return -EAGAIN;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def711]
criu-4.1.1/criu/seize.c:335:25: warning[-Wanalyzer-malloc-leak]: leak of ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:317:22: branch_false: ...to here
criu-4.1.1/criu/seize.c:317:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:320:27: branch_false: ...to here
criu-4.1.1/criu/seize.c:320:27: branch_true: following ‘true’ branch (when ‘state == 1’)...
criu-4.1.1/criu/seize.c:321:30: branch_true: ...to here
criu-4.1.1/criu/seize.c:335:25: danger: ‘freezer_open_thread_list(root_path)’ leaks here; was allocated at [(4)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/3)
#  333|   			 * should wait a bit and try freezing again.
#  334|   			 */
#  335|-> 			pr_err("zombie %d (comm %s) found while seizing\n", pid, __task_comm_info(pid));
#  336|   			fclose(f);
#  337|   			return -EAGAIN;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def712]
criu-4.1.1/criu/seize.c:337:32: warning[-Wanalyzer-file-leak]: leak of FILE ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:317:22: branch_false: ...to here
criu-4.1.1/criu/seize.c:317:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:320:27: branch_false: ...to here
criu-4.1.1/criu/seize.c:320:27: branch_true: following ‘true’ branch (when ‘state == 1’)...
criu-4.1.1/criu/seize.c:321:30: branch_true: ...to here
criu-4.1.1/criu/seize.c:335:25: call_function: inlined call to ‘__task_comm_info’ from ‘seize_cgroup_tree’
#  335|   			pr_err("zombie %d (comm %s) found while seizing\n", pid, __task_comm_info(pid));
#  336|   			fclose(f);
#  337|-> 			return -EAGAIN;
#  338|   		}
#  339|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def713]
criu-4.1.1/criu/seize.c:337:32: warning[-Wanalyzer-malloc-leak]: leak of ‘freezer_open_thread_list(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:301:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:305:23: call_function: inlined call to ‘atoi’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:309:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/seize.c:311:21: branch_false: ...to here
criu-4.1.1/criu/seize.c:311:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:317:22: branch_false: ...to here
criu-4.1.1/criu/seize.c:317:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:320:27: branch_false: ...to here
criu-4.1.1/criu/seize.c:320:27: branch_true: following ‘true’ branch (when ‘state == 1’)...
criu-4.1.1/criu/seize.c:321:30: branch_true: ...to here
criu-4.1.1/criu/seize.c:335:25: call_function: inlined call to ‘__task_comm_info’ from ‘seize_cgroup_tree’
#  335|   			pr_err("zombie %d (comm %s) found while seizing\n", pid, __task_comm_info(pid));
#  336|   			fclose(f);
#  337|-> 			return -EAGAIN;
#  338|   		}
#  339|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def714]
criu-4.1.1/criu/seize.c:348:22: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(root_path)’
criu-4.1.1/criu/seize.c:286:12: enter_function: entry to ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: call_function: calling ‘freezer_open_thread_list’ from ‘seize_cgroup_tree’
criu-4.1.1/criu/seize.c:297:13: return_function: returning to ‘seize_cgroup_tree’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:298:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:342:15: acquire_memory: allocated here
criu-4.1.1/criu/seize.c:343:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:348:22: danger: ‘opendir(root_path)’ leaks here; was allocated at [(9)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/8)
#  346|   	}
#  347|   
#  348|-> 	while ((de = readdir(dir))) {
#  349|   		struct stat st;
#  350|   		int ret;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def715]
criu-4.1.1/criu/seize.c:458:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘freezer_open_thread_list(root)’
criu-4.1.1/criu/seize.c:440:12: enter_function: entry to ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: call_function: calling ‘freezer_open_thread_list’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: return_function: returning to ‘log_unfrozen_stacks’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:448:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:451:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:456:23: call_function: inlined call to ‘atoi’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:458:25: danger: ‘freezer_open_thread_list(root)’ leaks here; was opened at [(4)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/3)
#  456|   		pid = atoi(path);
#  457|   
#  458|-> 		stack = open_proc(pid, "stack");
#  459|   		if (stack < 0) {
#  460|   			pr_err("`- couldn't log %d's stack\n", pid);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def716]
criu-4.1.1/criu/seize.c:458:25: warning[-Wanalyzer-malloc-leak]: leak of ‘freezer_open_thread_list(root)’
criu-4.1.1/criu/seize.c:440:12: enter_function: entry to ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: call_function: calling ‘freezer_open_thread_list’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: return_function: returning to ‘log_unfrozen_stacks’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:448:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:451:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:456:23: call_function: inlined call to ‘atoi’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:458:25: danger: ‘freezer_open_thread_list(root)’ leaks here; was allocated at [(4)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/3)
#  456|   		pid = atoi(path);
#  457|   
#  458|-> 		stack = open_proc(pid, "stack");
#  459|   		if (stack < 0) {
#  460|   			pr_err("`- couldn't log %d's stack\n", pid);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def717]
criu-4.1.1/criu/seize.c:460:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘freezer_open_thread_list(root)’
criu-4.1.1/criu/seize.c:440:12: enter_function: entry to ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: call_function: calling ‘freezer_open_thread_list’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: return_function: returning to ‘log_unfrozen_stacks’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:448:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:451:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:456:23: call_function: inlined call to ‘atoi’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:458:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:458:25: branch_true: ...to here
criu-4.1.1/criu/seize.c:460:25: danger: ‘freezer_open_thread_list(root)’ leaks here; was opened at [(4)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/3)
#  458|   		stack = open_proc(pid, "stack");
#  459|   		if (stack < 0) {
#  460|-> 			pr_err("`- couldn't log %d's stack\n", pid);
#  461|   			fclose(f);
#  462|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def718]
criu-4.1.1/criu/seize.c:460:25: warning[-Wanalyzer-malloc-leak]: leak of ‘freezer_open_thread_list(root)’
criu-4.1.1/criu/seize.c:440:12: enter_function: entry to ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: call_function: calling ‘freezer_open_thread_list’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: return_function: returning to ‘log_unfrozen_stacks’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:448:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:451:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:456:23: call_function: inlined call to ‘atoi’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:458:25: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:458:25: branch_true: ...to here
criu-4.1.1/criu/seize.c:460:25: danger: ‘freezer_open_thread_list(root)’ leaks here; was allocated at [(4)](sarif:/runs/0/results/39/codeFlows/0/threadFlows/0/locations/3)
#  458|   		stack = open_proc(pid, "stack");
#  459|   		if (stack < 0) {
#  460|-> 			pr_err("`- couldn't log %d's stack\n", pid);
#  461|   			fclose(f);
#  462|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def719]
criu-4.1.1/criu/seize.c:466:17: warning[-Wanalyzer-file-leak]: leak of FILE ‘freezer_open_thread_list(root)’
criu-4.1.1/criu/seize.c:440:12: enter_function: entry to ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: call_function: calling ‘freezer_open_thread_list’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: return_function: returning to ‘log_unfrozen_stacks’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:448:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:451:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:456:23: call_function: inlined call to ‘atoi’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:458:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:465:23: branch_false: ...to here
criu-4.1.1/criu/seize.c:466:17: danger: ‘freezer_open_thread_list(root)’ leaks here; was opened at [(4)](sarif:/runs/0/results/40/codeFlows/0/threadFlows/0/locations/3)
#  464|   
#  465|   		ret = read(stack, stackbuf, sizeof(stackbuf) - 1);
#  466|-> 		close(stack);
#  467|   		if (ret < 0) {
#  468|   			pr_perror("couldn't read %d's stack", pid);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def720]
criu-4.1.1/criu/seize.c:466:17: warning[-Wanalyzer-malloc-leak]: leak of ‘freezer_open_thread_list(root)’
criu-4.1.1/criu/seize.c:440:12: enter_function: entry to ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: call_function: calling ‘freezer_open_thread_list’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: return_function: returning to ‘log_unfrozen_stacks’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:448:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:451:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:456:23: call_function: inlined call to ‘atoi’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:458:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:465:23: branch_false: ...to here
criu-4.1.1/criu/seize.c:466:17: danger: ‘freezer_open_thread_list(root)’ leaks here; was allocated at [(4)](sarif:/runs/0/results/41/codeFlows/0/threadFlows/0/locations/3)
#  464|   
#  465|   		ret = read(stack, stackbuf, sizeof(stackbuf) - 1);
#  466|-> 		close(stack);
#  467|   		if (ret < 0) {
#  468|   			pr_perror("couldn't read %d's stack", pid);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def721]
criu-4.1.1/criu/seize.c:468:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘freezer_open_thread_list(root)’
criu-4.1.1/criu/seize.c:440:12: enter_function: entry to ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: call_function: calling ‘freezer_open_thread_list’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: return_function: returning to ‘log_unfrozen_stacks’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:448:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:451:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:456:23: call_function: inlined call to ‘atoi’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:458:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:465:23: branch_false: ...to here
criu-4.1.1/criu/seize.c:467:20: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/seize.c:468:25: branch_true: ...to here
criu-4.1.1/criu/seize.c:468:25: danger: ‘freezer_open_thread_list(root)’ leaks here; was opened at [(4)](sarif:/runs/0/results/42/codeFlows/0/threadFlows/0/locations/3)
#  466|   		close(stack);
#  467|   		if (ret < 0) {
#  468|-> 			pr_perror("couldn't read %d's stack", pid);
#  469|   			fclose(f);
#  470|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def722]
criu-4.1.1/criu/seize.c:468:25: warning[-Wanalyzer-malloc-leak]: leak of ‘freezer_open_thread_list(root)’
criu-4.1.1/criu/seize.c:440:12: enter_function: entry to ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: call_function: calling ‘freezer_open_thread_list’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: return_function: returning to ‘log_unfrozen_stacks’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:448:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:451:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:456:23: call_function: inlined call to ‘atoi’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:458:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:465:23: branch_false: ...to here
criu-4.1.1/criu/seize.c:467:20: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/seize.c:468:25: branch_true: ...to here
criu-4.1.1/criu/seize.c:468:25: danger: ‘freezer_open_thread_list(root)’ leaks here; was allocated at [(4)](sarif:/runs/0/results/43/codeFlows/0/threadFlows/0/locations/3)
#  466|   		close(stack);
#  467|   		if (ret < 0) {
#  468|-> 			pr_perror("couldn't read %d's stack", pid);
#  469|   			fclose(f);
#  470|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def723]
criu-4.1.1/criu/seize.c:474:17: warning[-Wanalyzer-file-leak]: leak of FILE ‘freezer_open_thread_list(root)’
criu-4.1.1/criu/seize.c:440:12: enter_function: entry to ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: call_function: calling ‘freezer_open_thread_list’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: return_function: returning to ‘log_unfrozen_stacks’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:448:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:451:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:456:23: call_function: inlined call to ‘atoi’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:458:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:465:23: branch_false: ...to here
criu-4.1.1/criu/seize.c:467:20: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/seize.c:472:17: branch_false: ...to here
criu-4.1.1/criu/seize.c:474:17: danger: ‘freezer_open_thread_list(root)’ leaks here; was opened at [(4)](sarif:/runs/0/results/44/codeFlows/0/threadFlows/0/locations/3)
#  472|   		stackbuf[ret] = '\0';
#  473|   
#  474|-> 		pr_debug("Task %d has stack:\n%s", pid, stackbuf);
#  475|   	}
#  476|   	fclose(f);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def724]
criu-4.1.1/criu/seize.c:474:17: warning[-Wanalyzer-malloc-leak]: leak of ‘freezer_open_thread_list(root)’
criu-4.1.1/criu/seize.c:440:12: enter_function: entry to ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: call_function: calling ‘freezer_open_thread_list’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: return_function: returning to ‘log_unfrozen_stacks’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:448:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:451:16: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:456:23: call_function: inlined call to ‘atoi’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:458:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:465:23: branch_false: ...to here
criu-4.1.1/criu/seize.c:467:20: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/seize.c:472:17: branch_false: ...to here
criu-4.1.1/criu/seize.c:474:17: danger: ‘freezer_open_thread_list(root)’ leaks here; was allocated at [(4)](sarif:/runs/0/results/45/codeFlows/0/threadFlows/0/locations/3)
#  472|   		stackbuf[ret] = '\0';
#  473|   
#  474|-> 		pr_debug("Task %d has stack:\n%s", pid, stackbuf);
#  475|   	}
#  476|   	fclose(f);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def725]
criu-4.1.1/criu/seize.c:484:22: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(root)’
criu-4.1.1/criu/seize.c:440:12: enter_function: entry to ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: call_function: calling ‘freezer_open_thread_list’ from ‘log_unfrozen_stacks’
criu-4.1.1/criu/seize.c:447:13: return_function: returning to ‘log_unfrozen_stacks’ from ‘freezer_open_thread_list’
criu-4.1.1/criu/seize.c:448:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:478:15: acquire_memory: allocated here
criu-4.1.1/criu/seize.c:479:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:484:22: danger: ‘opendir(root)’ leaks here; was allocated at [(9)](sarif:/runs/0/results/46/codeFlows/0/threadFlows/0/locations/8)
#  482|   	}
#  483|   
#  484|-> 	while ((de = readdir(dir))) {
#  485|   		struct stat st;
#  486|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def726]
criu-4.1.1/criu/seize.c:517:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/seize.c:517:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:517:9: branch_false: ...to here
criu-4.1.1/criu/seize.c:517:9: danger: dereference of NULL ‘0’
#  515|   	int exit_code = -1;
#  516|   
#  517|-> 	BUG_ON(!compel_interrupt_only_mode);
#  518|   
#  519|   	fd = freezer_open();

Error: GCC_ANALYZER_WARNING (CWE-476): [#def727]
criu-4.1.1/criu/seize.c:807:41: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/seize.c:795:9: branch_true: following ‘true’ branch (when ‘item’ is non-NULL)...
criu-4.1.1/criu/seize.c:796:21: branch_true: ...to here
criu-4.1.1/criu/seize.c:796:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/seize.c:799:29: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:800:31: branch_true: ...to here
criu-4.1.1/criu/seize.c:801:28: branch_false: following ‘false’ branch (when ‘pid >= 0’)...
criu-4.1.1/criu/seize.c:805:38: branch_false: ...to here
criu-4.1.1/criu/seize.c:807:41: danger: dereference of NULL ‘0’
#  805|   				if (!WIFSIGNALED(status) || WTERMSIG(status) != SIGKILL) {
#  806|   					pr_err("Unexpected exit code %d of %d: %s\n", status, pid, strsignal(status));
#  807|-> 					BUG();
#  808|   				}
#  809|   			}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def728]
criu-4.1.1/criu/seize.c:816:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/seize.c:814:12: branch_true: following ‘true’ branch (when ‘pid > 0’)...
criu-4.1.1/criu/seize.c:815:17: branch_true: ...to here
criu-4.1.1/criu/seize.c:816:17: danger: dereference of NULL ‘0’
#  814|   	if (pid > 0) {
#  815|   		pr_err("Unexpected child %d\n", pid);
#  816|-> 		BUG();
#  817|   	}
#  818|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def729]
criu-4.1.1/criu/seize.c:932:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/seize.c:866:12: enter_function: entry to ‘collect_threads’
criu-4.1.1/criu/seize.c:874:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:877:29: branch_false: ...to here
criu-4.1.1/criu/seize.c:878:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:881:14: branch_false: ...to here
criu-4.1.1/criu/seize.c:887:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/seize.c:891:9: branch_false: ...to here
criu-4.1.1/criu/seize.c:900:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/seize.c:901:36: branch_true: ...to here
criu-4.1.1/criu/seize.c:904:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:907:17: branch_false: ...to here
criu-4.1.1/criu/seize.c:911:21: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:915:45: call_function: inlined call to ‘item_ppid’ from ‘collect_threads’
criu-4.1.1/criu/seize.c:916:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/seize.c:927:20: branch_false: ...to here
criu-4.1.1/criu/seize.c:932:17: danger: dereference of NULL ‘0’
#  930|   			processes_to_wait--;
#  931|   
#  932|-> 		BUG_ON(item->nr_threads + 1 > nr_threads);
#  933|   		item->threads[item->nr_threads].real = pid;
#  934|   		item->threads[item->nr_threads].ns[0].virt = t_creds.s.vpid;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def730]
criu-4.1.1/criu/servicefd.c:106:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  104|   int get_service_fd(enum sfd_type type)
#  105|   {
#  106|-> 	BUG_ON((int)type <= SERVICE_FD_MIN || (int)type >= SERVICE_FD_MAX);
#  107|   
#  108|   	if (!test_bit(type, sfd_map))

Error: GCC_ANALYZER_WARNING (CWE-476): [#def731]
criu-4.1.1/criu/servicefd.c:150:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  148|   	pr_err("Service fd %s is being modified in protected context\n", sfd_type_name(type));
#  149|   	print_stack_trace(current ? vpid(current) : 0);
#  150|-> 	BUG();
#  151|   }
#  152|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def732]
criu-4.1.1/criu/servicefd.c:158:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/servicefd.c:158:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/servicefd.c:158:9: branch_true: ...to here
criu-4.1.1/criu/servicefd.c:158:9: danger: dereference of NULL ‘0’
#  156|   	int tmp;
#  157|   
#  158|-> 	BUG_ON((int)type <= SERVICE_FD_MIN || (int)type >= SERVICE_FD_MAX);
#  159|   	if (sfds_protected && !test_bit(type, sfd_map))
#  160|   		sfds_protection_bug(type);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def733]
criu-4.1.1/criu/servicefd.c:179:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘tmp’
criu-4.1.1/criu/servicefd.c:153:5: enter_function: entry to ‘install_service_fd’
criu-4.1.1/criu/servicefd.c:158:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/servicefd.c:159:13: branch_false: ...to here
criu-4.1.1/criu/servicefd.c:162:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/servicefd.c:170:14: branch_false: ...to here
criu-4.1.1/criu/servicefd.c:170:12: branch_true: following ‘true’ branch (when ‘oldbit != 0’)...
criu-4.1.1/criu/servicefd.c:173:23: branch_true: ...to here
criu-4.1.1/criu/servicefd.c:173:23: acquire_resource: opened here
criu-4.1.1/criu/servicefd.c:174:12: branch_false: following ‘false’ branch (when ‘tmp >= 0’)...
criu-4.1.1/criu/servicefd.c:178:19: branch_false: ...to here
criu-4.1.1/criu/servicefd.c:178:19: branch_true: following ‘true’ branch...
criu-4.1.1/criu/servicefd.c:179:17: call_function: inlined call to ‘sfd_type_name’ from ‘install_service_fd’
criu-4.1.1/criu/servicefd.c:179:17: danger: ‘tmp’ leaks here; was opened at [(8)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/7)
#  177|   		return -1;
#  178|   	} else if (tmp != sfd) {
#  179|-> 		pr_err("%s busy target %d -> %d\n", sfd_type_name(type), fd, sfd);
#  180|   		close(tmp);
#  181|   		close(fd);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def734]
criu-4.1.1/criu/servicefd.c:180:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘tmp’
criu-4.1.1/criu/servicefd.c:153:5: enter_function: entry to ‘install_service_fd’
criu-4.1.1/criu/servicefd.c:158:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/servicefd.c:159:13: branch_false: ...to here
criu-4.1.1/criu/servicefd.c:162:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/servicefd.c:170:14: branch_false: ...to here
criu-4.1.1/criu/servicefd.c:170:12: branch_true: following ‘true’ branch (when ‘oldbit != 0’)...
criu-4.1.1/criu/servicefd.c:173:23: branch_true: ...to here
criu-4.1.1/criu/servicefd.c:173:23: acquire_resource: opened here
criu-4.1.1/criu/servicefd.c:174:12: branch_false: following ‘false’ branch (when ‘tmp >= 0’)...
criu-4.1.1/criu/servicefd.c:178:19: branch_false: ...to here
criu-4.1.1/criu/servicefd.c:178:19: branch_true: following ‘true’ branch...
criu-4.1.1/criu/servicefd.c:179:17: call_function: inlined call to ‘sfd_type_name’ from ‘install_service_fd’
criu-4.1.1/criu/servicefd.c:180:17: danger: ‘tmp’ leaks here; was opened at [(8)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/7)
#  178|   	} else if (tmp != sfd) {
#  179|   		pr_err("%s busy target %d -> %d\n", sfd_type_name(type), fd, sfd);
#  180|-> 		close(tmp);
#  181|   		close(fd);
#  182|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def735]
criu-4.1.1/criu/servicefd.c:186:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘tmp’
criu-4.1.1/criu/servicefd.c:153:5: enter_function: entry to ‘install_service_fd’
criu-4.1.1/criu/servicefd.c:158:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/servicefd.c:159:13: branch_false: ...to here
criu-4.1.1/criu/servicefd.c:162:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/servicefd.c:170:14: branch_false: ...to here
criu-4.1.1/criu/servicefd.c:170:12: branch_true: following ‘true’ branch (when ‘oldbit != 0’)...
criu-4.1.1/criu/servicefd.c:173:23: branch_true: ...to here
criu-4.1.1/criu/servicefd.c:173:23: acquire_resource: opened here
criu-4.1.1/criu/servicefd.c:174:12: branch_false: following ‘false’ branch (when ‘tmp >= 0’)...
criu-4.1.1/criu/servicefd.c:178:19: branch_false: ...to here
criu-4.1.1/criu/servicefd.c:178:19: branch_false: following ‘false’ branch...
criu-4.1.1/criu/servicefd.c:185:9: call_function: inlined call to ‘set_bit’ from ‘install_service_fd’
criu-4.1.1/criu/servicefd.c:186:9: danger: ‘tmp’ leaks here; was opened at [(8)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/7)
#  184|   
#  185|   	set_bit(type, sfd_map);
#  186|-> 	close(fd);
#  187|   	return sfd;
#  188|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def736]
criu-4.1.1/criu/servicefd.c:234:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘ret’
criu-4.1.1/criu/servicefd.c:217:12: enter_function: entry to ‘move_service_fd’
criu-4.1.1/criu/servicefd.c:219:19: call_function: calling ‘get_service_fd’ from ‘move_service_fd’
criu-4.1.1/criu/servicefd.c:219:19: return_function: returning to ‘move_service_fd’ from ‘get_service_fd’
criu-4.1.1/criu/servicefd.c:223:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/servicefd.c:226:14: branch_false: ...to here
criu-4.1.1/criu/servicefd.c:226:12: branch_true: following ‘true’ branch (when ‘oldbit != 0’)...
criu-4.1.1/criu/servicefd.c:229:23: branch_true: ...to here
criu-4.1.1/criu/servicefd.c:229:23: acquire_resource: opened here
criu-4.1.1/criu/servicefd.c:230:12: branch_false: following ‘false’ branch (when ‘ret != -1’)...
criu-4.1.1/criu/servicefd.c:233:19: branch_false: ...to here
criu-4.1.1/criu/servicefd.c:233:19: branch_true: following ‘true’ branch (when ‘ret != new’)...
criu-4.1.1/criu/servicefd.c:234:17: call_function: inlined call to ‘sfd_type_name’ from ‘move_service_fd’
criu-4.1.1/criu/servicefd.c:234:17: danger: ‘ret’ leaks here; was opened at [(13)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/12)
#  232|   		return -1;
#  233|   	} else if (ret != new) {
#  234|-> 		pr_err("%s busy target %d -> %d\n", sfd_type_name(type), old, new);
#  235|   		return -1;
#  236|   	} else if (!(rsti(me)->clone_flags & CLONE_FILES))

Error: GCC_ANALYZER_WARNING (CWE-775): [#def737]
criu-4.1.1/criu/servicefd.c:236:19: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘ret’
criu-4.1.1/criu/servicefd.c:217:12: enter_function: entry to ‘move_service_fd’
criu-4.1.1/criu/servicefd.c:219:19: call_function: calling ‘get_service_fd’ from ‘move_service_fd’
criu-4.1.1/criu/servicefd.c:219:19: return_function: returning to ‘move_service_fd’ from ‘get_service_fd’
criu-4.1.1/criu/servicefd.c:223:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/servicefd.c:226:14: branch_false: ...to here
criu-4.1.1/criu/servicefd.c:226:12: branch_true: following ‘true’ branch (when ‘oldbit != 0’)...
criu-4.1.1/criu/servicefd.c:229:23: branch_true: ...to here
criu-4.1.1/criu/servicefd.c:229:23: acquire_resource: opened here
criu-4.1.1/criu/servicefd.c:230:12: branch_false: following ‘false’ branch (when ‘ret != -1’)...
criu-4.1.1/criu/servicefd.c:233:19: branch_false: ...to here
criu-4.1.1/criu/servicefd.c:236:19: danger: ‘ret’ leaks here; was opened at [(11)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/10)
#  234|   		pr_err("%s busy target %d -> %d\n", sfd_type_name(type), old, new);
#  235|   		return -1;
#  236|-> 	} else if (!(rsti(me)->clone_flags & CLONE_FILES))
#  237|   		close(old);
#  238|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def738]
criu-4.1.1/criu/servicefd.c:237:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘ret’
criu-4.1.1/criu/servicefd.c:217:12: enter_function: entry to ‘move_service_fd’
criu-4.1.1/criu/servicefd.c:219:19: call_function: calling ‘get_service_fd’ from ‘move_service_fd’
criu-4.1.1/criu/servicefd.c:219:19: return_function: returning to ‘move_service_fd’ from ‘get_service_fd’
criu-4.1.1/criu/servicefd.c:223:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/servicefd.c:226:14: branch_false: ...to here
criu-4.1.1/criu/servicefd.c:226:12: branch_true: following ‘true’ branch (when ‘oldbit != 0’)...
criu-4.1.1/criu/servicefd.c:229:23: branch_true: ...to here
criu-4.1.1/criu/servicefd.c:229:23: acquire_resource: opened here
criu-4.1.1/criu/servicefd.c:230:12: branch_false: following ‘false’ branch (when ‘ret != -1’)...
criu-4.1.1/criu/servicefd.c:233:19: branch_false: ...to here
criu-4.1.1/criu/servicefd.c:233:19: branch_false: following ‘false’ branch (when ‘ret == new’)...
criu-4.1.1/criu/servicefd.c:236:22: branch_false: ...to here
criu-4.1.1/criu/servicefd.c:236:19: branch_true: following ‘true’ branch...
criu-4.1.1/criu/servicefd.c:237:17: branch_true: ...to here
criu-4.1.1/criu/servicefd.c:237:17: danger: ‘ret’ leaks here; was opened at [(13)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/12)
#  235|   		return -1;
#  236|   	} else if (!(rsti(me)->clone_flags & CLONE_FILES))
#  237|-> 		close(old);
#  238|   
#  239|   	return 0;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def739]
criu-4.1.1/criu/shmem.c:201:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/shmem.c:656:5: enter_function: entry to ‘add_shmem_area’
criu-4.1.1/criu/shmem.c:664:14: call_function: calling ‘shmem_find’ from ‘add_shmem_area’
criu-4.1.1/criu/shmem.c:664:14: return_function: returning to ‘add_shmem_area’ from ‘shmem_find’
criu-4.1.1/criu/shmem.c:665:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/shmem.c:666:21: branch_true: ...to here
criu-4.1.1/criu/shmem.c:666:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/shmem.c:667:29: branch_true: ...to here
criu-4.1.1/criu/shmem.c:667:29: call_function: calling ‘expand_shmem’ from ‘add_shmem_area’
#  199|   	new_map_size = nr_new_map_items * sizeof(*si->pstate_map);
#  200|   
#  201|-> 	BUG_ON(new_map_size < map_size);
#  202|   
#  203|   	if (xrealloc_safe(&si->pstate_map, new_map_size))

Error: GCC_ANALYZER_WARNING (CWE-476): [#def740]
criu-4.1.1/criu/sigact.c:196:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/sigact.c:196:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sigact.c:196:9: branch_true: ...to here
criu-4.1.1/criu/sigact.c:196:9: danger: dereference of NULL ‘0’
#  194|   	int ret = 0;
#  195|   
#  196|-> 	BUG_ON(sig == SIGKILL || sig == SIGSTOP);
#  197|   
#  198|   	ret = pb_read_one_eof(img, &e, PB_SIGACT);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def741]
criu-4.1.1/criu/sk-inet.c:139:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/sk-inet.c:139:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-inet.c:139:9: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:139:9: danger: dereference of NULL ‘0’
#  137|   static int can_dump_inet_sk(const struct inet_sk_desc *sk)
#  138|   {
#  139|-> 	BUG_ON((sk->sd.family != AF_INET) && (sk->sd.family != AF_INET6));
#  140|   
#  141|   	if (sk->type == SOCK_DGRAM) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def742]
criu-4.1.1/criu/sk-inet.c:229:13: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-inet.c:245:29: enter_function: entry to ‘gen_uncon_sk’
criu-4.1.1/criu/sk-inet.c:253:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:259:14: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:259:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-inet.c:259:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-inet.c:263:9: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:276:12: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/sk-inet.c:277:21: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:277:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:284:15: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:285:12: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/sk-inet.c:286:21: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:286:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:293:22: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:295:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-inet.c:305:17: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:307:20: branch_false: following ‘false’ branch (when ‘ret == 0’)...
criu-4.1.1/criu/sk-inet.c:312:21: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:312:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:317:29: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:319:21: call_function: calling ‘dump_tcp_uncon_shutdown’ from ‘gen_uncon_sk’
#  227|   	struct pollfd pfd = { .fd = lfd, .events = POLLRDHUP | POLLHUP };
#  228|   
#  229|-> 	if (poll(&pfd, 1, 0) != 1) {
#  230|   		pr_perror("Unable to poll the socket");
#  231|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def743]
criu-4.1.1/criu/sk-inet.c:230:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-inet.c:245:29: enter_function: entry to ‘gen_uncon_sk’
criu-4.1.1/criu/sk-inet.c:253:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:259:14: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:259:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-inet.c:259:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-inet.c:263:9: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:276:12: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/sk-inet.c:277:21: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:277:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:284:15: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:285:12: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/sk-inet.c:286:21: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:286:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:293:22: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:295:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-inet.c:305:17: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:307:20: branch_false: following ‘false’ branch (when ‘ret == 0’)...
criu-4.1.1/criu/sk-inet.c:312:21: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:312:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:317:29: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:319:21: call_function: calling ‘dump_tcp_uncon_shutdown’ from ‘gen_uncon_sk’
#  228|   
#  229|   	if (poll(&pfd, 1, 0) != 1) {
#  230|-> 		pr_perror("Unable to poll the socket");
#  231|   		return -1;
#  232|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def744]
criu-4.1.1/criu/sk-inet.c:271:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-inet.c:259:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-inet.c:259:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-inet.c:263:9: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:266:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:268:17: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:268:17: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:271:17: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:271:17: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0)
#  269|   		aux = sizeof(struct sockaddr_in6);
#  270|   	else {
#  271|-> 		pr_err("Unsupported socket family: %d\n", sk->sd.family);
#  272|   		goto err;
#  273|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def745]
criu-4.1.1/criu/sk-inet.c:278:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-inet.c:259:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-inet.c:259:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-inet.c:263:9: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:276:12: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/sk-inet.c:277:21: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:277:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-inet.c:278:25: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:278:25: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#  276|   	if (ret < 0) {
#  277|   		if (errno != ENOTCONN) {
#  278|-> 			pr_perror("Unexpected error returned from unconnected socket");
#  279|   			goto err;
#  280|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def746]
criu-4.1.1/criu/sk-inet.c:287:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-inet.c:245:29: enter_function: entry to ‘gen_uncon_sk’
criu-4.1.1/criu/sk-inet.c:259:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-inet.c:259:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-inet.c:263:9: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:276:12: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/sk-inet.c:281:20: call_function: inlined call to ‘dump_sockaddr’ from ‘gen_uncon_sk’
criu-4.1.1/criu/sk-inet.c:285:12: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/sk-inet.c:286:21: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:286:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-inet.c:287:25: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:287:25: danger: ‘___p’ leaks here; was allocated at [(2)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/1)
#  285|   	if (ret < 0) {
#  286|   		if (errno != ENOTCONN) {
#  287|-> 			pr_perror("Unexpected error returned from unconnected socket");
#  288|   			goto err;
#  289|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def747]
criu-4.1.1/criu/sk-inet.c:308:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-inet.c:259:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-inet.c:259:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-inet.c:263:9: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:276:12: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/sk-inet.c:277:21: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:277:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:284:15: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:285:12: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/sk-inet.c:286:21: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:286:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:293:22: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:295:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-inet.c:305:17: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:307:20: branch_true: following ‘true’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/sk-inet.c:308:25: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:308:25: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/0)
#  306|   		ret = getsockopt(lfd, SOL_TCP, TCP_INFO, &info, &aux);
#  307|   		if (ret) {
#  308|-> 			pr_perror("Failed to obtain TCP_INFO");
#  309|   			goto err;
#  310|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def748]
criu-4.1.1/criu/sk-inet.c:313:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-inet.c:259:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-inet.c:259:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-inet.c:263:9: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:276:12: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/sk-inet.c:277:21: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:277:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:284:15: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:285:12: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/sk-inet.c:286:21: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:286:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:293:22: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:295:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-inet.c:305:17: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:307:20: branch_false: following ‘false’ branch (when ‘ret == 0’)...
criu-4.1.1/criu/sk-inet.c:312:21: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:312:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-inet.c:313:25: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:313:25: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/0)
#  311|   
#  312|   		if (info.tcpi_state != TCP_CLOSE) {
#  313|-> 			pr_err("Socket state %d obtained but expected %d\n", info.tcpi_state, TCP_CLOSE);
#  314|   			goto err;
#  315|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def749]
criu-4.1.1/criu/sk-inet.c:325:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-inet.c:253:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:259:14: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:259:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-inet.c:259:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-inet.c:263:9: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:276:12: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/sk-inet.c:277:21: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:277:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:284:15: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:285:12: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/sk-inet.c:286:21: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:286:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:293:22: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:295:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:323:9: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:325:9: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/2)
#  323|   	sk->state = TCP_CLOSE;
#  324|   
#  325|-> 	sk_collect_one(sk->sd.ino, sk->sd.family, &sk->sd, ns);
#  326|   
#  327|   	return sk;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def750]
criu-4.1.1/criu/sk-inet.c:674:31: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-inet.c:660:13: acquire_memory: allocated here
criu-4.1.1/criu/sk-inet.c:660:13: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-inet.c:664:9: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:673:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-inet.c:674:31: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:674:31: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
#  672|   
#  673|   	if (tb[INET_DIAG_SHUTDOWN])
#  674|-> 		d->shutdown = nla_get_u8(tb[INET_DIAG_SHUTDOWN]);
#  675|   	else
#  676|   		pr_err_once("Can't check shutdown state of inet socket\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def751]
criu-4.1.1/criu/sk-inet.c:676:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-inet.c:660:13: acquire_memory: allocated here
criu-4.1.1/criu/sk-inet.c:660:13: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-inet.c:664:9: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:673:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:676:17: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:676:17: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:676:17: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:676:17: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/0)
#  674|   		d->shutdown = nla_get_u8(tb[INET_DIAG_SHUTDOWN]);
#  675|   	else
#  676|-> 		pr_err_once("Can't check shutdown state of inet socket\n");
#  677|   
#  678|   	ret = sk_collect_one(m->idiag_inode, family, &d->sd, ns);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def752]
criu-4.1.1/criu/sk-inet.c:678:15: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-inet.c:660:13: acquire_memory: allocated here
criu-4.1.1/criu/sk-inet.c:660:13: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-inet.c:664:9: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:673:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:676:17: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:678:15: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/0)
#  676|   		pr_err_once("Can't check shutdown state of inet socket\n");
#  677|   
#  678|-> 	ret = sk_collect_one(m->idiag_inode, family, &d->sd, ns);
#  679|   
#  680|   	show_one_inet("Collected", d);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def753]
criu-4.1.1/criu/sk-inet.c:749:23: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/sk-inet.c:844:12: enter_function: entry to ‘open_inet_sk’
criu-4.1.1/criu/sk-inet.c:851:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:854:14: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:859:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:864:14: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:864:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:869:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:869:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:872:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:872:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:875:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:875:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:878:43: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:878:14: acquire_resource: socket created here
criu-4.1.1/criu/sk-inet.c:879:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/sk-inet.c:884:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:884:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:887:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:896:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:898:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:898:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:901:13: call_function: inlined call to ‘tcp_connection’ from ‘open_inet_sk’
criu-4.1.1/criu/sk-inet.c:917:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:926:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-inet.c:927:21: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:927:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:932:29: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:933:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:938:31: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:938:17: call_function: calling ‘mutex_unlock’ from ‘open_inet_sk’
criu-4.1.1/criu/sk-inet.c:938:17: return_function: returning to ‘open_inet_sk’ from ‘mutex_unlock’
criu-4.1.1/criu/sk-inet.c:941:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:943:1: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:944:9: call_function: calling ‘dec_users_and_wake’ from ‘open_inet_sk’
#  747|   		return;
#  748|   	list_for_each_entry(ii, &port->type_list, port_list) {
#  749|-> 		fle = file_master(&ii->d);
#  750|   		set_fds_event(fle->pid);
#  751|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def754]
criu-4.1.1/criu/sk-inet.c:750:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/sk-inet.c:844:12: enter_function: entry to ‘open_inet_sk’
criu-4.1.1/criu/sk-inet.c:851:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:854:14: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:859:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:864:14: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:864:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:869:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:869:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:872:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:872:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:875:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:875:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:878:43: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:878:14: acquire_resource: socket created here
criu-4.1.1/criu/sk-inet.c:879:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/sk-inet.c:884:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:884:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:887:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:896:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:898:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:898:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:901:13: call_function: inlined call to ‘tcp_connection’ from ‘open_inet_sk’
criu-4.1.1/criu/sk-inet.c:917:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:926:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-inet.c:927:21: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:927:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:932:29: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:933:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:938:31: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:938:17: call_function: calling ‘mutex_unlock’ from ‘open_inet_sk’
criu-4.1.1/criu/sk-inet.c:938:17: return_function: returning to ‘open_inet_sk’ from ‘mutex_unlock’
criu-4.1.1/criu/sk-inet.c:941:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:943:1: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:944:9: call_function: calling ‘dec_users_and_wake’ from ‘open_inet_sk’
#  748|   	list_for_each_entry(ii, &port->type_list, port_list) {
#  749|   		fle = file_master(&ii->d);
#  750|-> 		set_fds_event(fle->pid);
#  751|   	}
#  752|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def755]
criu-4.1.1/criu/sk-inet.c:767:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/sk-inet.c:754:12: enter_function: entry to ‘post_open_inet_sk’
criu-4.1.1/criu/sk-inet.c:767:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-inet.c:767:17: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:767:17: danger: dereference of NULL ‘0’
#  765|   	if (tcp_connection(ii->ie)) {
#  766|   		pr_debug("Schedule %d socket for repair off\n", sk);
#  767|-> 		BUG_ON(ii->sk_fd != -1);
#  768|   		ii->sk_fd = sk;
#  769|   		return 0;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def756]
criu-4.1.1/criu/sk-inet.c:884:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/sk-inet.c:851:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:854:14: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:859:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:864:14: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:864:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:869:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:869:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:872:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:872:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:875:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:875:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:878:43: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:878:14: acquire_resource: socket created here
criu-4.1.1/criu/sk-inet.c:879:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/sk-inet.c:884:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:884:13: danger: ‘sk’ leaks here
#  882|   	}
#  883|   
#  884|-> 	if (reset_setsockcreatecon())
#  885|   		goto err;
#  886|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def757]
criu-4.1.1/criu/sk-inet.c:888:21: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/sk-inet.c:851:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:854:14: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:859:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:864:14: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:864:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:869:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:869:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:872:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:872:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:875:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:875:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:878:43: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:878:14: acquire_resource: socket created here
criu-4.1.1/criu/sk-inet.c:879:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/sk-inet.c:884:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:884:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:887:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:887:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-inet.c:888:21: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:888:21: danger: ‘sk’ leaks here
#  886|   
#  887|   	if (ie->v6only) {
#  888|-> 		if (restore_opt(sk, SOL_IPV6, IPV6_V6ONLY, &yes) == -1)
#  889|   			goto err;
#  890|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def758]
criu-4.1.1/criu/sk-inet.c:896:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/sk-inet.c:851:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:854:14: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:859:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:864:14: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:864:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:869:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:869:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:872:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:872:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:875:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:875:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:878:43: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:878:14: acquire_resource: socket created here
criu-4.1.1/criu/sk-inet.c:879:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/sk-inet.c:884:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:884:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:887:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:887:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:896:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:896:13: danger: ‘sk’ leaks here
#  894|   	 * The origin value of SO_REUSEADDR will be restored in post_open.
#  895|   	 */
#  896|-> 	if (restore_opt(sk, SOL_SOCKET, SO_REUSEADDR, &yes))
#  897|   		goto err;
#  898|   	if (restore_opt(sk, SOL_SOCKET, SO_REUSEPORT, &yes))

Error: GCC_ANALYZER_WARNING (CWE-775): [#def759]
criu-4.1.1/criu/sk-inet.c:934:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/sk-inet.c:844:12: enter_function: entry to ‘open_inet_sk’
criu-4.1.1/criu/sk-inet.c:851:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:854:14: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:859:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:864:14: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:864:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:869:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:869:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:872:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:872:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:875:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:875:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:878:43: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:878:14: acquire_resource: socket created here
criu-4.1.1/criu/sk-inet.c:879:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/sk-inet.c:884:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:884:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:887:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:896:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:898:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:898:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:901:13: call_function: inlined call to ‘tcp_connection’ from ‘open_inet_sk’
criu-4.1.1/criu/sk-inet.c:917:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:926:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-inet.c:927:21: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:927:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:932:29: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:933:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-inet.c:934:25: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:934:25: danger: ‘sk’ leaks here
#  932|   		mutex_lock(&ii->port->reuseaddr_lock);
#  933|   		if (listen(sk, ie->backlog) == -1) {
#  934|-> 			pr_perror("Can't listen on a socket");
#  935|   			mutex_unlock(&ii->port->reuseaddr_lock);
#  936|   			goto err;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def760]
criu-4.1.1/criu/sk-inet.c:946:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/sk-inet.c:844:12: enter_function: entry to ‘open_inet_sk’
criu-4.1.1/criu/sk-inet.c:851:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:854:14: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:859:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:864:14: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:864:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:869:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:869:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:872:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:872:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:875:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:875:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:878:43: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:878:14: acquire_resource: socket created here
criu-4.1.1/criu/sk-inet.c:879:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/sk-inet.c:884:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:884:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:887:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:896:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:898:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:898:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:901:13: call_function: inlined call to ‘tcp_connection’ from ‘open_inet_sk’
criu-4.1.1/criu/sk-inet.c:917:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:926:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-inet.c:927:21: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:927:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:932:29: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:933:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:938:31: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:938:17: call_function: calling ‘mutex_unlock’ from ‘open_inet_sk’
criu-4.1.1/criu/sk-inet.c:938:17: return_function: returning to ‘open_inet_sk’ from ‘mutex_unlock’
criu-4.1.1/criu/sk-inet.c:941:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:943:1: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:946:13: danger: ‘sk’ leaks here
#  944|   	dec_users_and_wake(ii->port);
#  945|   
#  946|-> 	if (rst_file_params(sk, ie->fown, ie->flags))
#  947|   		goto err;
#  948|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def761]
criu-4.1.1/criu/sk-inet.c:976:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/sk-inet.c:851:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:854:14: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:859:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:864:14: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:864:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:869:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:869:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:872:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:872:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:875:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:875:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-inet.c:878:43: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:878:14: acquire_resource: socket created here
criu-4.1.1/criu/sk-inet.c:879:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/sk-inet.c:884:13: branch_false: ...to here
criu-4.1.1/criu/sk-inet.c:884:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-inet.c:885:17: branch_true: ...to here
criu-4.1.1/criu/sk-inet.c:976:9: danger: ‘sk’ leaks here
#  974|   	return 1;
#  975|   err:
#  976|-> 	close(sk);
#  977|   	return -1;
#  978|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def762]
criu-4.1.1/criu/sk-inet.c:1007:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 1005|   	}
# 1006|   
# 1007|-> 	BUG();
# 1008|   	return -1;
# 1009|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def763]
criu-4.1.1/criu/sk-netlink.c:51:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-netlink.c:41:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-netlink.c:41:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-netlink.c:45:24: branch_false: ...to here
criu-4.1.1/criu/sk-netlink.c:51:9: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#   49|   	sd->state = m->ndiag_state;
#   50|   
#   51|-> 	nlmsg_parse(hdr, sizeof(struct netlink_diag_msg), tb, NETLINK_DIAG_MAX, NULL);
#   52|   
#   53|   	if (tb[NETLINK_DIAG_GROUPS]) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def764]
criu-4.1.1/criu/sk-netlink.c:54:29: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-netlink.c:41:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-netlink.c:41:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-netlink.c:45:24: branch_false: ...to here
criu-4.1.1/criu/sk-netlink.c:53:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-netlink.c:54:29: branch_true: ...to here
criu-4.1.1/criu/sk-netlink.c:54:29: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#   52|   
#   53|   	if (tb[NETLINK_DIAG_GROUPS]) {
#   54|-> 		sd->gsize = nla_len(tb[NETLINK_DIAG_GROUPS]);
#   55|   		groups = nla_data(tb[NETLINK_DIAG_GROUPS]);
#   56|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def765]
criu-4.1.1/criu/sk-netlink.c:55:26: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-netlink.c:41:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-netlink.c:41:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-netlink.c:45:24: branch_false: ...to here
criu-4.1.1/criu/sk-netlink.c:53:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-netlink.c:54:29: branch_true: ...to here
criu-4.1.1/criu/sk-netlink.c:55:26: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#   53|   	if (tb[NETLINK_DIAG_GROUPS]) {
#   54|   		sd->gsize = nla_len(tb[NETLINK_DIAG_GROUPS]);
#   55|-> 		groups = nla_data(tb[NETLINK_DIAG_GROUPS]);
#   56|   
#   57|   		sd->groups = xmalloc(sd->gsize);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def766]
criu-4.1.1/criu/sk-netlink.c:57:30: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-netlink.c:41:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-netlink.c:41:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-netlink.c:45:24: branch_false: ...to here
criu-4.1.1/criu/sk-netlink.c:53:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-netlink.c:54:29: branch_true: ...to here
criu-4.1.1/criu/sk-netlink.c:57:30: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/sk-netlink.c:57:30: branch_true: ...to here
criu-4.1.1/criu/sk-netlink.c:57:30: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#   55|   		groups = nla_data(tb[NETLINK_DIAG_GROUPS]);
#   56|   
#   57|-> 		sd->groups = xmalloc(sd->gsize);
#   58|   		if (!sd->groups) {
#   59|   			xfree(sd);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def767]
criu-4.1.1/criu/sk-netlink.c:68:16: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-netlink.c:41:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-netlink.c:41:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-netlink.c:45:24: branch_false: ...to here
criu-4.1.1/criu/sk-netlink.c:53:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-netlink.c:64:17: branch_false: ...to here
criu-4.1.1/criu/sk-netlink.c:68:16: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#   66|   	}
#   67|   
#   68|-> 	return sk_collect_one(m->ndiag_ino, PF_NETLINK, &sd->sd, ns);
#   69|   }
#   70|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def768]
criu-4.1.1/criu/sk-netlink.c:100:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/sk-netlink.c:90:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-netlink.c:93:9: branch_false: ...to here
criu-4.1.1/criu/sk-netlink.c:96:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-netlink.c:99:12: branch_true: ...to here
criu-4.1.1/criu/sk-netlink.c:99:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-netlink.c:100:17: branch_true: ...to here
criu-4.1.1/criu/sk-netlink.c:100:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-netlink.c:100:17: branch_true: ...to here
criu-4.1.1/criu/sk-netlink.c:100:17: danger: dereference of NULL ‘0’
#   98|   
#   99|   	if (sk) {
#  100|-> 		BUG_ON(sk->sd.already_dumped);
#  101|   
#  102|   		ne.ns_id = sk->sd.sk_ns->id;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def769]
criu-4.1.1/criu/sk-netlink.c:218:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/sk-netlink.c:205:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-netlink.c:208:43: branch_false: ...to here
criu-4.1.1/criu/sk-netlink.c:208:14: acquire_resource: socket created here
criu-4.1.1/criu/sk-netlink.c:209:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/sk-netlink.c:214:13: branch_false: ...to here
criu-4.1.1/criu/sk-netlink.c:214:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-netlink.c:215:17: branch_true: ...to here
criu-4.1.1/criu/sk-netlink.c:217:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-netlink.c:218:25: branch_true: ...to here
criu-4.1.1/criu/sk-netlink.c:218:25: danger: ‘sk’ leaks here
#  216|   		addr.nl_family = AF_NETLINK;
#  217|   		if (nse->n_groups > 1) {
#  218|-> 			pr_err("Groups above 32 are not supported yet\n");
#  219|   			goto err;
#  220|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def770]
criu-4.1.1/criu/sk-netlink.c:244:21: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/sk-netlink.c:205:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-netlink.c:208:43: branch_false: ...to here
criu-4.1.1/criu/sk-netlink.c:208:14: acquire_resource: socket created here
criu-4.1.1/criu/sk-netlink.c:209:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/sk-netlink.c:214:13: branch_false: ...to here
criu-4.1.1/criu/sk-netlink.c:214:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-netlink.c:240:13: branch_false: ...to here
criu-4.1.1/criu/sk-netlink.c:240:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-netlink.c:241:17: branch_true: ...to here
criu-4.1.1/criu/sk-netlink.c:244:21: danger: ‘sk’ leaks here
#  242|   		addr.nl_groups = 1 << (nse->dst_group - 1);
#  243|   		addr.nl_pid = nse->dst_portid;
#  244|-> 		if (connect(sk, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
#  245|   			pr_perror("Can't connect netlink socket");
#  246|   			goto err;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def771]
criu-4.1.1/criu/sk-netlink.c:250:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/sk-netlink.c:205:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-netlink.c:208:43: branch_false: ...to here
criu-4.1.1/criu/sk-netlink.c:208:14: acquire_resource: socket created here
criu-4.1.1/criu/sk-netlink.c:209:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/sk-netlink.c:214:13: branch_false: ...to here
criu-4.1.1/criu/sk-netlink.c:214:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-netlink.c:240:13: branch_false: ...to here
criu-4.1.1/criu/sk-netlink.c:240:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-netlink.c:250:44: branch_false: ...to here
criu-4.1.1/criu/sk-netlink.c:250:13: danger: ‘sk’ leaks here
#  248|   	}
#  249|   
#  250|-> 	if (rst_file_params(sk, nse->fown, nse->flags))
#  251|   		goto err;
#  252|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def772]
criu-4.1.1/criu/sk-netlink.c:259:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/sk-netlink.c:205:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-netlink.c:208:43: branch_false: ...to here
criu-4.1.1/criu/sk-netlink.c:208:14: acquire_resource: socket created here
criu-4.1.1/criu/sk-netlink.c:209:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/sk-netlink.c:214:13: branch_false: ...to here
criu-4.1.1/criu/sk-netlink.c:214:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-netlink.c:215:17: branch_true: ...to here
criu-4.1.1/criu/sk-netlink.c:217:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-netlink.c:218:25: branch_true: ...to here
criu-4.1.1/criu/sk-netlink.c:259:9: danger: ‘sk’ leaks here
#  257|   	return 0;
#  258|   err:
#  259|-> 	close(sk);
#  260|   	return -1;
#  261|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def773]
criu-4.1.1/criu/sk-packet.c:71:25: warning[-Wanalyzer-malloc-leak]: leak of ‘psk.mclist’
criu-4.1.1/criu/sk-packet.c:150:12: enter_function: entry to ‘dump_one_packet_fd’
criu-4.1.1/criu/sk-packet.c:165:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:166:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:176:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:179:24: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:190:15: call_function: calling ‘dump_mreqs’ from ‘dump_one_packet_fd’
#   69|   
#   70|   		if (m->pdmc_count != 1) {
#   71|-> 			pr_err("Multiple MC membership not supported (but can be)\n");
#   72|   			goto err;
#   73|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def774]
criu-4.1.1/criu/sk-packet.c:75:17: warning[-Wanalyzer-malloc-leak]: leak of ‘psk.mclist’
criu-4.1.1/criu/sk-packet.c:150:12: enter_function: entry to ‘dump_one_packet_fd’
criu-4.1.1/criu/sk-packet.c:165:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:166:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:176:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:179:24: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:190:15: call_function: calling ‘dump_mreqs’ from ‘dump_one_packet_fd’
#   73|   		}
#   74|   
#   75|-> 		pr_debug("\tmr%d: idx %d type %d\n", i, m->pdmc_index, m->pdmc_type);
#   76|   
#   77|   		im = xmalloc(sizeof(*im));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def775]
criu-4.1.1/criu/sk-packet.c:77:22: warning[-Wanalyzer-malloc-leak]: leak of ‘psk.mclist’
criu-4.1.1/criu/sk-packet.c:150:12: enter_function: entry to ‘dump_one_packet_fd’
criu-4.1.1/criu/sk-packet.c:165:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:166:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:176:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:179:24: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:190:15: call_function: calling ‘dump_mreqs’ from ‘dump_one_packet_fd’
#   75|   		pr_debug("\tmr%d: idx %d type %d\n", i, m->pdmc_index, m->pdmc_type);
#   76|   
#   77|-> 		im = xmalloc(sizeof(*im));
#   78|   		if (!im)
#   79|   			goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def776]
criu-4.1.1/criu/sk-packet.c:81:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-packet.c:58:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:61:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:62:23: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:62:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:63:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:66:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-packet.c:67:49: branch_true: ...to here
criu-4.1.1/criu/sk-packet.c:70:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:75:17: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:77:22: acquire_memory: allocated here
criu-4.1.1/criu/sk-packet.c:77:22: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:81:17: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:81:17: danger: ‘___p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/10)
#   79|   			goto err;
#   80|   
#   81|-> 		packet_mclist__init(im);
#   82|   		psk->mclist[i] = im;
#   83|   		psk->n_mclist++;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def777]
criu-4.1.1/criu/sk-packet.c:81:17: warning[-Wanalyzer-malloc-leak]: leak of ‘psk.mclist’
criu-4.1.1/criu/sk-packet.c:150:12: enter_function: entry to ‘dump_one_packet_fd’
criu-4.1.1/criu/sk-packet.c:165:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:166:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:176:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:179:24: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:190:15: call_function: calling ‘dump_mreqs’ from ‘dump_one_packet_fd’
#   79|   			goto err;
#   80|   
#   81|-> 		packet_mclist__init(im);
#   82|   		psk->mclist[i] = im;
#   83|   		psk->n_mclist++;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def778]
criu-4.1.1/criu/sk-packet.c:92:41: warning[-Wanalyzer-malloc-leak]: leak of ‘psk.mclist’
criu-4.1.1/criu/sk-packet.c:150:12: enter_function: entry to ‘dump_one_packet_fd’
criu-4.1.1/criu/sk-packet.c:165:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:166:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:176:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:179:24: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:190:15: call_function: calling ‘dump_mreqs’ from ‘dump_one_packet_fd’
#   90|   		case PACKET_MR_UNICAST:
#   91|   			im->addr.len = m->pdmc_alen;
#   92|-> 			im->addr.data = xmalloc(m->pdmc_alen);
#   93|   			if (!im->addr.data)
#   94|   				goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def779]
criu-4.1.1/criu/sk-packet.c:102:25: warning[-Wanalyzer-malloc-leak]: leak of ‘psk.mclist’
criu-4.1.1/criu/sk-packet.c:150:12: enter_function: entry to ‘dump_one_packet_fd’
criu-4.1.1/criu/sk-packet.c:165:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:166:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:176:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:179:24: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:190:15: call_function: calling ‘dump_mreqs’ from ‘dump_one_packet_fd’
#  100|   			break;
#  101|   		default:
#  102|-> 			pr_err("Unknown mc membership type %d\n", m->pdmc_type);
#  103|   			goto err;
#  104|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def780]
criu-4.1.1/criu/sk-packet.c:120:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-packet.c:116:16: acquire_memory: allocated here
criu-4.1.1/criu/sk-packet.c:116:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:120:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:120:9: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
#  118|   		return NULL;
#  119|   
#  120|-> 	packet_ring__init(ring);
#  121|   
#  122|   	ring->block_size = dr->pdr_block_size;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def781]
criu-4.1.1/criu/sk-packet.c:165:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/sk-packet.c:150:12: enter_function: entry to ‘dump_one_packet_fd’
criu-4.1.1/criu/sk-packet.c:165:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-packet.c:165:9: branch_true: ...to here
criu-4.1.1/criu/sk-packet.c:165:9: danger: dereference of NULL ‘0’
#  163|   
#  164|   	pr_info("Dumping packet socket fd %d id %#x\n", lfd, id);
#  165|-> 	BUG_ON(sd->sd.already_dumped);
#  166|   	sd->sd.already_dumped = 1;
#  167|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def782]
criu-4.1.1/criu/sk-packet.c:245:22: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-packet.c:255:5: enter_function: entry to ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:265:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:270:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:270:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:275:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:279:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:286:13: call_function: calling ‘packet_save_mreqs’ from ‘packet_receive_one’
#  243|   static int packet_save_mreqs(struct packet_sock_desc *sd, struct nlattr *mc)
#  244|   {
#  245|-> 	sd->mreq_n = nla_len(mc) / sizeof(struct packet_diag_mclist);
#  246|   	pr_debug("\tGot %d mreqs\n", sd->mreq_n);
#  247|   	sd->mreqs = xmalloc(nla_len(mc));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def783]
criu-4.1.1/criu/sk-packet.c:246:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-packet.c:255:5: enter_function: entry to ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:265:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:270:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:270:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:275:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:279:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:286:13: call_function: calling ‘packet_save_mreqs’ from ‘packet_receive_one’
#  244|   {
#  245|   	sd->mreq_n = nla_len(mc) / sizeof(struct packet_diag_mclist);
#  246|-> 	pr_debug("\tGot %d mreqs\n", sd->mreq_n);
#  247|   	sd->mreqs = xmalloc(nla_len(mc));
#  248|   	if (!sd->mreqs)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def784]
criu-4.1.1/criu/sk-packet.c:247:21: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-packet.c:255:5: enter_function: entry to ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:265:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:270:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:270:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:275:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:279:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:286:13: call_function: calling ‘packet_save_mreqs’ from ‘packet_receive_one’
#  245|   	sd->mreq_n = nla_len(mc) / sizeof(struct packet_diag_mclist);
#  246|   	pr_debug("\tGot %d mreqs\n", sd->mreq_n);
#  247|-> 	sd->mreqs = xmalloc(nla_len(mc));
#  248|   	if (!sd->mreqs)
#  249|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def785]
criu-4.1.1/criu/sk-packet.c:251:27: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
criu-4.1.1/criu/sk-packet.c:255:5: enter_function: entry to ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:265:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:270:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:270:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:279:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:286:13: call_function: calling ‘packet_save_mreqs’ from ‘packet_receive_one’
#  249|   		return -1;
#  250|   
#  251|-> 	memcpy(sd->mreqs, nla_data(mc), nla_len(mc));
#  252|   	return 0;
#  253|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def786]
criu-4.1.1/criu/sk-packet.c:251:27: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-packet.c:255:5: enter_function: entry to ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:265:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:270:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:270:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:275:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:279:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:286:13: call_function: calling ‘packet_save_mreqs’ from ‘packet_receive_one’
#  249|   		return -1;
#  250|   
#  251|-> 	memcpy(sd->mreqs, nla_data(mc), nla_len(mc));
#  252|   	return 0;
#  253|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def787]
criu-4.1.1/criu/sk-packet.c:251:41: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
criu-4.1.1/criu/sk-packet.c:255:5: enter_function: entry to ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:265:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:270:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:270:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:279:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:286:13: call_function: calling ‘packet_save_mreqs’ from ‘packet_receive_one’
#  249|   		return -1;
#  250|   
#  251|-> 	memcpy(sd->mreqs, nla_data(mc), nla_len(mc));
#  252|   	return 0;
#  253|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def788]
criu-4.1.1/criu/sk-packet.c:251:41: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-packet.c:255:5: enter_function: entry to ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:265:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:270:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:270:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:275:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:279:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:286:13: call_function: calling ‘packet_save_mreqs’ from ‘packet_receive_one’
#  249|   		return -1;
#  250|   
#  251|-> 	memcpy(sd->mreqs, nla_data(mc), nla_len(mc));
#  252|   	return 0;
#  253|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def789]
criu-4.1.1/criu/sk-packet.c:284:26: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-packet.c:265:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:270:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:270:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:275:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:279:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:284:26: danger: ‘___p’ leaks here; was allocated at [(5)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/4)
#  282|   	sd->rx = NULL;
#  283|   	sd->tx = NULL;
#  284|-> 	memcpy(&sd->nli, nla_data(tb[PACKET_DIAG_INFO]), sizeof(sd->nli));
#  285|   
#  286|   	if (packet_save_mreqs(sd, tb[PACKET_DIAG_MCLIST]))

Error: GCC_ANALYZER_WARNING (CWE-401): [#def790]
criu-4.1.1/criu/sk-packet.c:295:26: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
criu-4.1.1/criu/sk-packet.c:255:5: enter_function: entry to ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:265:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:270:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:270:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:279:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:286:13: call_function: calling ‘packet_save_mreqs’ from ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:286:13: return_function: returning to ‘packet_receive_one’ from ‘packet_save_mreqs’
criu-4.1.1/criu/sk-packet.c:286:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:289:13: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:294:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-packet.c:295:26: branch_true: ...to here
criu-4.1.1/criu/sk-packet.c:295:26: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/sk-packet.c:295:26: branch_true: ...to here
criu-4.1.1/criu/sk-packet.c:295:26: danger: ‘<unknown>’ leaks here; was allocated at [(10)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/9)
#  293|   
#  294|   	if (tb[PACKET_DIAG_RX_RING]) {
#  295|-> 		sd->rx = xmalloc(sizeof(*sd->rx));
#  296|   		if (sd->rx == NULL)
#  297|   			goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def791]
criu-4.1.1/criu/sk-packet.c:295:26: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-packet.c:255:5: enter_function: entry to ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:265:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:270:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:270:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:275:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:279:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:286:13: call_function: calling ‘packet_save_mreqs’ from ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:286:13: return_function: returning to ‘packet_receive_one’ from ‘packet_save_mreqs’
criu-4.1.1/criu/sk-packet.c:286:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:289:13: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:294:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-packet.c:295:26: branch_true: ...to here
criu-4.1.1/criu/sk-packet.c:295:26: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/sk-packet.c:295:26: branch_true: ...to here
criu-4.1.1/criu/sk-packet.c:295:26: danger: ‘___p’ leaks here; was allocated at [(6)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/5)
#  293|   
#  294|   	if (tb[PACKET_DIAG_RX_RING]) {
#  295|-> 		sd->rx = xmalloc(sizeof(*sd->rx));
#  296|   		if (sd->rx == NULL)
#  297|   			goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def792]
criu-4.1.1/criu/sk-packet.c:302:26: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
criu-4.1.1/criu/sk-packet.c:255:5: enter_function: entry to ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:265:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:270:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:270:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:279:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:286:13: call_function: calling ‘packet_save_mreqs’ from ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:286:13: return_function: returning to ‘packet_receive_one’ from ‘packet_save_mreqs’
criu-4.1.1/criu/sk-packet.c:286:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:289:13: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:294:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:301:13: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:301:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-packet.c:302:26: branch_true: ...to here
criu-4.1.1/criu/sk-packet.c:302:26: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/sk-packet.c:302:26: branch_true: ...to here
criu-4.1.1/criu/sk-packet.c:302:26: danger: ‘<unknown>’ leaks here; was allocated at [(10)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/9)
#  300|   
#  301|   	if (tb[PACKET_DIAG_TX_RING]) {
#  302|-> 		sd->tx = xmalloc(sizeof(*sd->tx));
#  303|   		if (sd->tx == NULL)
#  304|   			goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def793]
criu-4.1.1/criu/sk-packet.c:302:26: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-packet.c:255:5: enter_function: entry to ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:265:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:270:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:270:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:279:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:286:13: call_function: calling ‘packet_save_mreqs’ from ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:286:13: return_function: returning to ‘packet_receive_one’ from ‘packet_save_mreqs’
criu-4.1.1/criu/sk-packet.c:286:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:289:13: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:294:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-packet.c:295:26: branch_true: ...to here
criu-4.1.1/criu/sk-packet.c:295:26: acquire_memory: allocated here
criu-4.1.1/criu/sk-packet.c:295:26: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:295:17: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:296:20: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:298:32: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:301:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-packet.c:302:26: branch_true: ...to here
criu-4.1.1/criu/sk-packet.c:302:26: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/sk-packet.c:302:26: branch_true: ...to here
criu-4.1.1/criu/sk-packet.c:302:26: danger: ‘___p’ leaks here; was allocated at [(19)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/18)
#  300|   
#  301|   	if (tb[PACKET_DIAG_TX_RING]) {
#  302|-> 		sd->tx = xmalloc(sizeof(*sd->tx));
#  303|   		if (sd->tx == NULL)
#  304|   			goto err;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def794]
criu-4.1.1/criu/sk-packet.c:308:16: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
criu-4.1.1/criu/sk-packet.c:255:5: enter_function: entry to ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:265:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:270:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:270:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:279:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:286:13: call_function: calling ‘packet_save_mreqs’ from ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:286:13: return_function: returning to ‘packet_receive_one’ from ‘packet_save_mreqs’
criu-4.1.1/criu/sk-packet.c:286:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:289:13: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:294:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:301:13: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:301:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:308:16: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:308:16: danger: ‘<unknown>’ leaks here; was allocated at [(10)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/9)
#  306|   	}
#  307|   
#  308|-> 	return sk_collect_one(m->pdiag_ino, PF_PACKET, &sd->sd, ns);
#  309|   err:
#  310|   	xfree(sd->tx);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def795]
criu-4.1.1/criu/sk-packet.c:308:16: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-packet.c:255:5: enter_function: entry to ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:265:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:270:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:270:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:275:14: acquire_memory: allocated here
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:279:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:286:13: call_function: calling ‘packet_save_mreqs’ from ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:286:13: return_function: returning to ‘packet_receive_one’ from ‘packet_save_mreqs’
criu-4.1.1/criu/sk-packet.c:286:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:289:13: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:294:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:301:13: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:301:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:308:16: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:308:16: danger: ‘___p’ leaks here; was allocated at [(6)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/5)
#  306|   	}
#  307|   
#  308|-> 	return sk_collect_one(m->pdiag_ino, PF_PACKET, &sd->sd, ns);
#  309|   err:
#  310|   	xfree(sd->tx);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def796]
criu-4.1.1/criu/sk-packet.c:312:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
criu-4.1.1/criu/sk-packet.c:255:5: enter_function: entry to ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:265:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:270:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:270:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:275:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-packet.c:279:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:286:13: call_function: calling ‘packet_save_mreqs’ from ‘packet_receive_one’
criu-4.1.1/criu/sk-packet.c:286:13: return_function: returning to ‘packet_receive_one’ from ‘packet_save_mreqs’
criu-4.1.1/criu/sk-packet.c:286:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:289:13: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:294:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-packet.c:295:26: branch_true: ...to here
criu-4.1.1/criu/sk-packet.c:295:26: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/sk-packet.c:295:26: branch_true: ...to here
criu-4.1.1/criu/sk-packet.c:296:20: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/sk-packet.c:297:25: branch_true: ...to here
criu-4.1.1/criu/sk-packet.c:312:9: danger: ‘<unknown>’ leaks here; was allocated at [(10)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/9)
#  310|   	xfree(sd->tx);
#  311|   	xfree(sd->rx);
#  312|-> 	xfree(sd);
#  313|   	return -1;
#  314|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def797]
criu-4.1.1/criu/sk-packet.c:343:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
criu-4.1.1/criu/sk-packet.c:324:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:329:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:329:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-packet.c:330:21: branch_true: ...to here
criu-4.1.1/criu/sk-packet.c:337:30: acquire_resource: opened here
criu-4.1.1/criu/sk-packet.c:338:28: branch_false: following ‘false’ branch (when ‘fd >= 0’)...
criu-4.1.1/criu/sk-packet.c:343:25: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:343:25: danger: ‘fd’ leaks here; was opened at [(5)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/4)
#  341|   			}
#  342|   
#  343|-> 			vma->fd = fd;
#  344|   			return 0;
#  345|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def798]
criu-4.1.1/criu/sk-packet.c:452:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/sk-packet.c:421:14: acquire_resource: socket created here
criu-4.1.1/criu/sk-packet.c:422:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/sk-packet.c:427:9: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:431:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-packet.c:452:44: branch_false: ...to here
criu-4.1.1/criu/sk-packet.c:452:13: danger: ‘sk’ leaks here
#  450|   	}
#  451|   
#  452|-> 	if (rst_file_params(sk, pse->fown, pse->flags))
#  453|   		goto err;
#  454|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def799]
criu-4.1.1/criu/sk-queue.c:95:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-queue.c:81:12: enter_function: entry to ‘dump_scm_rights’
criu-4.1.1/criu/sk-queue.c:90:15: acquire_memory: allocated here
criu-4.1.1/criu/sk-queue.c:90:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-queue.c:94:16: call_function: inlined call to ‘xptr_pull_s’ from ‘dump_scm_rights’
criu-4.1.1/criu/sk-queue.c:95:9: danger: ‘___p’ leaks here; was allocated at [(2)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/1)
#   93|   
#   94|   	scme = xptr_pull(&buf, ScmEntry);
#   95|-> 	scm_entry__init(scme);
#   96|   	scme->type = SCM_RIGHTS;
#   97|   	scme->n_rights = nr_fds;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def800]
criu-4.1.1/criu/sk-queue.c:206:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-queue.c:176:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-queue.c:183:9: branch_false: ...to here
criu-4.1.1/criu/sk-queue.c:186:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-queue.c:192:14: branch_false: ...to here
criu-4.1.1/criu/sk-queue.c:197:16: acquire_memory: allocated here
criu-4.1.1/criu/sk-queue.c:197:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-queue.c:204:15: branch_false: ...to here
criu-4.1.1/criu/sk-queue.c:205:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-queue.c:206:17: branch_true: ...to here
criu-4.1.1/criu/sk-queue.c:206:17: danger: ‘___p’ leaks here; was allocated at [(5)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/4)
#  204|   	ret = setsockopt(sock_fd, SOL_SOCKET, SO_PEEK_OFF, &ret, sizeof(int));
#  205|   	if (ret < 0) {
#  206|-> 		pr_perror("setsockopt fail");
#  207|   		goto err_brk;
#  208|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def801]
criu-4.1.1/criu/sk-queue.c:225:35: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-queue.c:176:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-queue.c:183:9: branch_false: ...to here
criu-4.1.1/criu/sk-queue.c:186:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-queue.c:192:14: branch_false: ...to here
criu-4.1.1/criu/sk-queue.c:197:16: acquire_memory: allocated here
criu-4.1.1/criu/sk-queue.c:197:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-queue.c:204:15: branch_false: ...to here
criu-4.1.1/criu/sk-queue.c:205:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-queue.c:210:9: branch_false: ...to here
criu-4.1.1/criu/sk-queue.c:225:35: danger: ‘___p’ leaks here; was allocated at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4)
#  223|   		};
#  224|   
#  225|-> 		ret = pe.length = recvmsg(sock_fd, &msg, MSG_DONTWAIT | MSG_PEEK);
#  226|   		if (!ret)
#  227|   			/*

Error: GCC_ANALYZER_WARNING (CWE-401): [#def802]
criu-4.1.1/criu/sk-tcp.c:277:13: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-tcp.c:273:15: acquire_memory: allocated here
criu-4.1.1/criu/sk-tcp.c:273:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-tcp.c:277:13: branch_false: ...to here
criu-4.1.1/criu/sk-tcp.c:277:13: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  275|   		return -1;
#  276|   
#  277|-> 	if (read_img_buf(img, buf, len) < 0)
#  278|   		goto err;
#  279|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def803]
criu-4.1.1/criu/sk-unix.c:1269:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘cwd_fd’
criu-4.1.1/criu/sk-unix.c:2004:12: enter_function: entry to ‘unlink_sk’
criu-4.1.1/criu/sk-unix.c:2009:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:2012:13: call_function: calling ‘prep_unix_sk_cwd’ from ‘unlink_sk’
# 1267|   
# 1268|   	if (prev_root_fd && (root_ns_mask & CLONE_NEWNS)) {
# 1269|-> 		*prev_root_fd = open("/", O_RDONLY);
# 1270|   		if (*prev_root_fd < 0) {
# 1271|   			pr_perror("Can't open current root");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def804]
criu-4.1.1/criu/sk-unix.c:1271:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘cwd_fd’
criu-4.1.1/criu/sk-unix.c:2004:12: enter_function: entry to ‘unlink_sk’
criu-4.1.1/criu/sk-unix.c:2009:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:2012:13: call_function: calling ‘prep_unix_sk_cwd’ from ‘unlink_sk’
# 1269|   		*prev_root_fd = open("/", O_RDONLY);
# 1270|   		if (*prev_root_fd < 0) {
# 1271|-> 			pr_perror("Can't open current root");
# 1272|   			goto err;
# 1273|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def805]
criu-4.1.1/criu/sk-unix.c:1277:39: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘cwd_fd’
criu-4.1.1/criu/sk-unix.c:1602:12: enter_function: entry to ‘bind_unix_sk’
criu-4.1.1/criu/sk-unix.c:1608:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:1611:14: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1626:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-unix.c:1626:28: branch_true: ...to here
criu-4.1.1/criu/sk-unix.c:1626:28: call_function: calling ‘prep_unix_sk_cwd’ from ‘bind_unix_sk’
# 1275|   
# 1276|   	if (prev_mntns_fd && ui->name[0] && ui->ue->mnt_id >= 0) {
# 1277|-> 		struct ns_id *mntns = lookup_nsid_by_mnt_id(ui->ue->mnt_id);
# 1278|   		int ns_fd;
# 1279|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def806]
criu-4.1.1/criu/sk-unix.c:1277:39: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘root_fd’
criu-4.1.1/criu/sk-unix.c:1602:12: enter_function: entry to ‘bind_unix_sk’
criu-4.1.1/criu/sk-unix.c:1608:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:1611:14: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1626:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-unix.c:1626:28: branch_true: ...to here
criu-4.1.1/criu/sk-unix.c:1626:28: call_function: calling ‘prep_unix_sk_cwd’ from ‘bind_unix_sk’
# 1275|   
# 1276|   	if (prev_mntns_fd && ui->name[0] && ui->ue->mnt_id >= 0) {
# 1277|-> 		struct ns_id *mntns = lookup_nsid_by_mnt_id(ui->ue->mnt_id);
# 1278|   		int ns_fd;
# 1279|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def807]
criu-4.1.1/criu/sk-unix.c:1281:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘cwd_fd’
criu-4.1.1/criu/sk-unix.c:1602:12: enter_function: entry to ‘bind_unix_sk’
criu-4.1.1/criu/sk-unix.c:1608:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:1611:14: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1626:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-unix.c:1626:28: branch_true: ...to here
criu-4.1.1/criu/sk-unix.c:1626:28: call_function: calling ‘prep_unix_sk_cwd’ from ‘bind_unix_sk’
# 1279|   
# 1280|   		if (mntns == NULL) {
# 1281|-> 			pr_err("Unable to find the %d mount\n", ui->ue->mnt_id);
# 1282|   			goto err;
# 1283|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def808]
criu-4.1.1/criu/sk-unix.c:1281:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘root_fd’
criu-4.1.1/criu/sk-unix.c:1602:12: enter_function: entry to ‘bind_unix_sk’
criu-4.1.1/criu/sk-unix.c:1608:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:1611:14: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1626:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-unix.c:1626:28: branch_true: ...to here
criu-4.1.1/criu/sk-unix.c:1626:28: call_function: calling ‘prep_unix_sk_cwd’ from ‘bind_unix_sk’
# 1279|   
# 1280|   		if (mntns == NULL) {
# 1281|-> 			pr_err("Unable to find the %d mount\n", ui->ue->mnt_id);
# 1282|   			goto err;
# 1283|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def809]
criu-4.1.1/criu/sk-unix.c:1299:30: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘cwd_fd’
criu-4.1.1/criu/sk-unix.c:2004:12: enter_function: entry to ‘unlink_sk’
criu-4.1.1/criu/sk-unix.c:2009:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:2012:13: call_function: calling ‘prep_unix_sk_cwd’ from ‘unlink_sk’
# 1297|   	if (prev_root_fd && (root_ns_mask & CLONE_NEWNS)) {
# 1298|   		if (ui->ue->mnt_id >= 0) {
# 1299|-> 			ns = lookup_nsid_by_mnt_id(ui->ue->mnt_id);
# 1300|   		} else {
# 1301|   			if (root == NULL)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def810]
criu-4.1.1/criu/sk-unix.c:1299:30: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘root_fd’
criu-4.1.1/criu/sk-unix.c:2004:12: enter_function: entry to ‘unlink_sk’
criu-4.1.1/criu/sk-unix.c:2009:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:2012:13: call_function: calling ‘prep_unix_sk_cwd’ from ‘unlink_sk’
# 1297|   	if (prev_root_fd && (root_ns_mask & CLONE_NEWNS)) {
# 1298|   		if (ui->ue->mnt_id >= 0) {
# 1299|-> 			ns = lookup_nsid_by_mnt_id(ui->ue->mnt_id);
# 1300|   		} else {
# 1301|   			if (root == NULL)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def811]
criu-4.1.1/criu/sk-unix.c:1302:40: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘cwd_fd’
criu-4.1.1/criu/sk-unix.c:2004:12: enter_function: entry to ‘unlink_sk’
criu-4.1.1/criu/sk-unix.c:2009:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:2012:13: call_function: calling ‘prep_unix_sk_cwd’ from ‘unlink_sk’
# 1300|   		} else {
# 1301|   			if (root == NULL)
# 1302|-> 				root = lookup_ns_by_id(root_item->ids->mnt_ns_id, &mnt_ns_desc);
# 1303|   			ns = root;
# 1304|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def812]
criu-4.1.1/criu/sk-unix.c:1302:40: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘root_fd’
criu-4.1.1/criu/sk-unix.c:2004:12: enter_function: entry to ‘unlink_sk’
criu-4.1.1/criu/sk-unix.c:2009:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:2012:13: call_function: calling ‘prep_unix_sk_cwd’ from ‘unlink_sk’
# 1300|   		} else {
# 1301|   			if (root == NULL)
# 1302|-> 				root = lookup_ns_by_id(root_item->ids->mnt_ns_id, &mnt_ns_desc);
# 1303|   			ns = root;
# 1304|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def813]
criu-4.1.1/criu/sk-unix.c:1308:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘cwd_fd’
criu-4.1.1/criu/sk-unix.c:2004:12: enter_function: entry to ‘unlink_sk’
criu-4.1.1/criu/sk-unix.c:2009:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:2012:13: call_function: calling ‘prep_unix_sk_cwd’ from ‘unlink_sk’
# 1306|   			goto err;
# 1307|   
# 1308|-> 		fd = fdstore_get(ns->mnt.root_fd_id);
# 1309|   		if (fd < 0) {
# 1310|   			pr_err("Can't get root fd\n");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def814]
criu-4.1.1/criu/sk-unix.c:1308:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘root_fd’
criu-4.1.1/criu/sk-unix.c:2004:12: enter_function: entry to ‘unlink_sk’
criu-4.1.1/criu/sk-unix.c:2009:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:2012:13: call_function: calling ‘prep_unix_sk_cwd’ from ‘unlink_sk’
# 1306|   			goto err;
# 1307|   
# 1308|-> 		fd = fdstore_get(ns->mnt.root_fd_id);
# 1309|   		if (fd < 0) {
# 1310|   			pr_err("Can't get root fd\n");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def815]
criu-4.1.1/criu/sk-unix.c:1310:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘cwd_fd’
criu-4.1.1/criu/sk-unix.c:2004:12: enter_function: entry to ‘unlink_sk’
criu-4.1.1/criu/sk-unix.c:2009:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:2012:13: call_function: calling ‘prep_unix_sk_cwd’ from ‘unlink_sk’
# 1308|   		fd = fdstore_get(ns->mnt.root_fd_id);
# 1309|   		if (fd < 0) {
# 1310|-> 			pr_err("Can't get root fd\n");
# 1311|   			goto err;
# 1312|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def816]
criu-4.1.1/criu/sk-unix.c:1310:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘root_fd’
criu-4.1.1/criu/sk-unix.c:2004:12: enter_function: entry to ‘unlink_sk’
criu-4.1.1/criu/sk-unix.c:2009:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:2012:13: call_function: calling ‘prep_unix_sk_cwd’ from ‘unlink_sk’
# 1308|   		fd = fdstore_get(ns->mnt.root_fd_id);
# 1309|   		if (fd < 0) {
# 1310|-> 			pr_err("Can't get root fd\n");
# 1311|   			goto err;
# 1312|   		}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def817]
criu-4.1.1/criu/sk-unix.c:1351:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
# 1349|   
# 1350|   	ui = container_of(d, struct unix_sk_info, d);
# 1351|-> 	BUG_ON((ui->flags & (USK_PAIR_MASTER | USK_PAIR_SLAVE)) || (ui->ue->uflags & (USK_CALLBACK | USK_INHERIT)));
# 1352|   
# 1353|   	if (chk_restored_scms(ui))

Error: GCC_ANALYZER_WARNING (CWE-775): [#def818]
criu-4.1.1/criu/sk-unix.c:1459:26: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(*ui.name, 2097152)’
criu-4.1.1/criu/sk-unix.c:1454:18: acquire_resource: opened here
criu-4.1.1/criu/sk-unix.c:1455:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:1459:26: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1459:26: danger: ‘open(*ui.name, 2097152)’ leaks here; was opened at [(1)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/0)
# 1457|   		return -1;
# 1458|   	}
# 1459|-> 	ui->fdstore_id = fdstore_add(fd);
# 1460|   	pr_debug("ghost: id %#x %d fdstore_id %d %s\n", ui->ue->id, ui->ue->ino, ui->fdstore_id, ui->name);
# 1461|   	close(fd);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def819]
criu-4.1.1/criu/sk-unix.c:1674:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/sk-unix.c:1674:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-unix.c:1674:9: branch_true: ...to here
criu-4.1.1/criu/sk-unix.c:1674:9: danger: dereference of NULL ‘0’
# 1672|   	fle = file_master(&ui->d);
# 1673|   	fle_peer = file_master(&peer->d);
# 1674|-> 	BUG_ON(fle->task != fle_peer->task); /* See interconnected_pair() */
# 1675|   
# 1676|   	if (chk_restored_scms(ui) || chk_restored_scms(peer))

Error: GCC_ANALYZER_WARNING (CWE-476): [#def820]
criu-4.1.1/criu/sk-unix.c:1713:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/sk-unix.c:1708:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:1711:20: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1713:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-unix.c:1713:9: branch_true: ...to here
criu-4.1.1/criu/sk-unix.c:1713:9: danger: dereference of NULL ‘0’
# 1711|   	fle_peer = file_master(&peer->d);
# 1712|   
# 1713|-> 	BUG_ON(fle->task != fle_peer->task); /* See interconnected_pair() */
# 1714|   
# 1715|   	if (set_netns(ui->ue->ns_id))

Error: GCC_ANALYZER_WARNING (CWE-775): [#def821]
criu-4.1.1/criu/sk-unix.c:1733:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘tmp’
criu-4.1.1/criu/sk-unix.c:1708:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:1711:20: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1713:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:1715:23: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1715:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:1718:33: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1718:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:1723:13: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1723:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-unix.c:1728:23: branch_true: ...to here
criu-4.1.1/criu/sk-unix.c:1728:23: acquire_resource: opened here
criu-4.1.1/criu/sk-unix.c:1729:20: branch_false: following ‘false’ branch (when ‘tmp >= 0’)...
criu-4.1.1/criu/sk-unix.c:1733:17: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1733:17: danger: ‘tmp’ leaks here; was opened at [(11)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/10)
# 1731|   			return -1;
# 1732|   		}
# 1733|-> 		close(sk[0]);
# 1734|   		sk[0] = tmp;
# 1735|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def822]
criu-4.1.1/criu/sk-unix.c:1737:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘tmp’
criu-4.1.1/criu/sk-unix.c:1708:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:1711:20: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1713:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:1715:23: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1715:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:1718:33: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1718:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:1723:13: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1723:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-unix.c:1728:23: branch_true: ...to here
criu-4.1.1/criu/sk-unix.c:1728:23: acquire_resource: opened here
criu-4.1.1/criu/sk-unix.c:1729:20: branch_false: following ‘false’ branch (when ‘tmp >= 0’)...
criu-4.1.1/criu/sk-unix.c:1733:17: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1737:13: danger: ‘tmp’ leaks here; was opened at [(11)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/10)
# 1735|   	}
# 1736|   
# 1737|-> 	if (setup_and_serve_out(fle_peer, sk[1])) {
# 1738|   		pr_err("Can't send pair slave\n");
# 1739|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def823]
criu-4.1.1/criu/sk-unix.c:1785:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘ret’
criu-4.1.1/criu/sk-unix.c:1775:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-unix.c:1780:23: branch_true: ...to here
criu-4.1.1/criu/sk-unix.c:1780:23: acquire_resource: opened here
criu-4.1.1/criu/sk-unix.c:1781:20: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/sk-unix.c:1785:17: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1785:17: danger: ‘ret’ leaks here; was opened at [(3)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/2)
# 1783|   			return -1;
# 1784|   		}
# 1785|-> 		close(sks[0]);
# 1786|   		sks[0] = ret;
# 1787|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def824]
criu-4.1.1/criu/sk-unix.c:1789:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sks[0]’
criu-4.1.1/criu/sk-unix.c:1796:12: enter_function: entry to ‘open_unixsk_standalone’
criu-4.1.1/criu/sk-unix.c:1822:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:1826:15: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1829:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:1837:13: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1837:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:1850:21: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1850:19: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-unix.c:1854:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:1859:23: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1860:20: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/sk-unix.c:1865:21: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:1865:21: call_function: calling ‘setup_second_end’ from ‘open_unixsk_standalone’
# 1787|   	}
# 1788|   
# 1789|-> 	if (setup_and_serve_out(second_end, sks[1])) {
# 1790|   		pr_err("Can't send pair slave\n");
# 1791|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def825]
criu-4.1.1/criu/sk-unix.c:2135:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘uname’
criu-4.1.1/criu/sk-unix.c:2124:12: enter_function: entry to ‘collect_one_unixsk’
criu-4.1.1/criu/sk-unix.c:2130:13: call_function: calling ‘init_unix_sk_info’ from ‘collect_one_unixsk’
criu-4.1.1/criu/sk-unix.c:2130:13: return_function: returning to ‘collect_one_unixsk’ from ‘init_unix_sk_info’
criu-4.1.1/criu/sk-unix.c:2130:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:2133:9: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:2133:9: release_memory: ‘uname’ is NULL
criu-4.1.1/criu/sk-unix.c:2135:12: branch_true: following ‘true’ branch (when ‘ulen > 0’)...
criu-4.1.1/criu/sk-unix.c:2135:25: branch_true: ...to here
criu-4.1.1/criu/sk-unix.c:2135:25: danger: dereference of NULL ‘uname’
# 2133|   	uname = ui->name;
# 2134|   	ulen = ui->ue->name.len;
# 2135|-> 	if (ulen > 0 && uname[0] == 0) {
# 2136|   		prefix = "@";
# 2137|   		uname++;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def826]
criu-4.1.1/criu/sk-unix.c:2225:23: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sk-unix.c:2195:12: enter_function: entry to ‘add_fake_queuer’
criu-4.1.1/criu/sk-unix.c:2203:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:2206:16: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:2206:16: acquire_memory: allocated here
criu-4.1.1/criu/sk-unix.c:2206:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sk-unix.c:2210:9: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:2222:13: call_function: calling ‘init_unix_sk_info’ from ‘add_fake_queuer’
criu-4.1.1/criu/sk-unix.c:2222:13: return_function: returning to ‘add_fake_queuer’ from ‘init_unix_sk_info’
criu-4.1.1/criu/sk-unix.c:2222:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:2225:23: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:2225:23: danger: ‘___p’ leaks here; was allocated at [(4)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/3)
# 2223|   		return -1;
# 2224|   
# 2225|-> 	peer_ue->id = find_unused_file_desc_id();
# 2226|   	set_peer(peer, ui);
# 2227|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def827]
criu-4.1.1/criu/sk-unix.c:2306:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/sk-unix.c:2303:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sk-unix.c:2306:9: branch_false: ...to here
criu-4.1.1/criu/sk-unix.c:2306:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sk-unix.c:2306:9: branch_true: ...to here
criu-4.1.1/criu/sk-unix.c:2306:9: danger: dereference of NULL ‘0’
# 2304|   		return;
# 2305|   
# 2306|-> 	BUG_ON(!ui->ue->peer);
# 2307|   
# 2308|   	if (ui->ue->peer == ui->ue->ino) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def828]
criu-4.1.1/criu/sockets.c:177:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  175|   
#  176|   	pr_err("Unknown pair family %d proto %d\n", family, proto);
#  177|-> 	BUG();
#  178|   	return -1;
#  179|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def829]
criu-4.1.1/criu/sockets.c:425:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  423|   	for (sd = sockets[ino % SK_HASH_SIZE]; sd; sd = sd->next) {
#  424|   		if (sd->ino == ino) {
#  425|-> 			BUG_ON(sd->family != family);
#  426|   			return sd;
#  427|   		}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def830]
criu-4.1.1/criu/sockets.c:777:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
#  775|   		break;
#  776|   	default:
#  777|-> 		BUG_ON(1);
#  778|   		return -1;
#  779|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def831]
criu-4.1.1/criu/stats.c:35:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/stats.c:34:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/stats.c:35:17: branch_true: ...to here
criu-4.1.1/criu/stats.c:35:17: branch_true: following ‘true’ branch (when ‘c > 8’)...
criu-4.1.1/criu/stats.c:35:17: branch_true: ...to here
criu-4.1.1/criu/stats.c:35:17: danger: dereference of NULL ‘0’
#   33|   {
#   34|   	if (dstats != NULL) {
#   35|-> 		BUG_ON(c >= DUMP_CNT_NR_STATS);
#   36|   		dstats->counts[c] += val;
#   37|   	} else if (rstats != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def832]
criu-4.1.1/criu/stats.c:38:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/stats.c:34:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/stats.c:37:20: branch_false: ...to here
criu-4.1.1/criu/stats.c:37:19: branch_true: following ‘true’ branch...
criu-4.1.1/criu/stats.c:38:17: branch_true: ...to here
criu-4.1.1/criu/stats.c:38:17: branch_true: following ‘true’ branch (when ‘c > 2’)...
criu-4.1.1/criu/stats.c:38:17: branch_true: ...to here
criu-4.1.1/criu/stats.c:38:17: danger: dereference of NULL ‘0’
#   36|   		dstats->counts[c] += val;
#   37|   	} else if (rstats != NULL) {
#   38|-> 		BUG_ON(c >= RESTORE_CNT_NR_STATS);
#   39|   		atomic_add(val, &rstats->counts[c]);
#   40|   	} else

Error: GCC_ANALYZER_WARNING (CWE-476): [#def833]
criu-4.1.1/criu/stats.c:41:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/stats.c:34:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/stats.c:37:20: branch_false: ...to here
criu-4.1.1/criu/stats.c:37:19: branch_false: following ‘false’ branch...
criu-4.1.1/criu/stats.c:41:17: branch_false: ...to here
criu-4.1.1/criu/stats.c:41:17: danger: dereference of NULL ‘0’
#   39|   		atomic_add(val, &rstats->counts[c]);
#   40|   	} else
#   41|-> 		BUG();
#   42|   }
#   43|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def834]
criu-4.1.1/criu/stats.c:47:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/stats.c:46:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/stats.c:47:17: branch_true: ...to here
criu-4.1.1/criu/stats.c:47:17: branch_true: following ‘true’ branch (when ‘c > 8’)...
criu-4.1.1/criu/stats.c:47:17: branch_true: ...to here
criu-4.1.1/criu/stats.c:47:17: danger: dereference of NULL ‘0’
#   45|   {
#   46|   	if (dstats != NULL) {
#   47|-> 		BUG_ON(c >= DUMP_CNT_NR_STATS);
#   48|   		dstats->counts[c] -= val;
#   49|   	} else if (rstats != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def835]
criu-4.1.1/criu/stats.c:50:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/stats.c:46:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/stats.c:49:20: branch_false: ...to here
criu-4.1.1/criu/stats.c:49:19: branch_true: following ‘true’ branch...
criu-4.1.1/criu/stats.c:50:17: branch_true: ...to here
criu-4.1.1/criu/stats.c:50:17: branch_true: following ‘true’ branch (when ‘c > 2’)...
criu-4.1.1/criu/stats.c:50:17: branch_true: ...to here
criu-4.1.1/criu/stats.c:50:17: danger: dereference of NULL ‘0’
#   48|   		dstats->counts[c] -= val;
#   49|   	} else if (rstats != NULL) {
#   50|-> 		BUG_ON(c >= RESTORE_CNT_NR_STATS);
#   51|   		atomic_add(-val, &rstats->counts[c]);
#   52|   	} else

Error: GCC_ANALYZER_WARNING (CWE-476): [#def836]
criu-4.1.1/criu/stats.c:53:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/stats.c:46:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/stats.c:49:20: branch_false: ...to here
criu-4.1.1/criu/stats.c:49:19: branch_false: following ‘false’ branch...
criu-4.1.1/criu/stats.c:53:17: branch_false: ...to here
criu-4.1.1/criu/stats.c:53:17: danger: dereference of NULL ‘0’
#   51|   		atomic_add(-val, &rstats->counts[c]);
#   52|   	} else
#   53|-> 		BUG();
#   54|   }
#   55|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def837]
criu-4.1.1/criu/stats.c:76:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/stats.c:75:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/stats.c:76:17: branch_true: ...to here
criu-4.1.1/criu/stats.c:76:17: branch_true: following ‘true’ branch (when ‘t > 4’)...
criu-4.1.1/criu/stats.c:76:17: branch_true: ...to here
criu-4.1.1/criu/stats.c:76:17: danger: dereference of NULL ‘0’
#   74|   {
#   75|   	if (dstats != NULL) {
#   76|-> 		BUG_ON(t >= DUMP_TIME_NR_STATS);
#   77|   		return &dstats->timings[t];
#   78|   	} else if (rstats != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def838]
criu-4.1.1/criu/stats.c:83:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/stats.c:78:19: branch_true: following ‘true’ branch...
criu-4.1.1/criu/stats.c:83:17: branch_true: ...to here
criu-4.1.1/criu/stats.c:83:17: branch_true: following ‘true’ branch (when ‘t > 1’)...
criu-4.1.1/criu/stats.c:83:17: branch_true: ...to here
criu-4.1.1/criu/stats.c:83:17: danger: dereference of NULL ‘0’
#   81|   		 * from different tasks.
#   82|   		 */
#   83|-> 		BUG_ON(t >= RESTORE_TIME_NS_STATS);
#   84|   		return &rstats->timings[t];
#   85|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def839]
criu-4.1.1/criu/stats.c:87:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/stats.c:78:19: branch_false: following ‘false’ branch...
criu-4.1.1/criu/stats.c:87:9: branch_false: ...to here
criu-4.1.1/criu/stats.c:87:9: danger: dereference of NULL ‘0’
#   85|   	}
#   86|   
#   87|-> 	BUG();
#   88|   	return NULL;
#   89|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def840]
criu-4.1.1/criu/sysctl.c:147:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sysctl.c:183:12: enter_function: entry to ‘__userns_sysctl_op’
criu-4.1.1/criu/sysctl.c:219:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sysctl.c:224:15: branch_false: ...to here
criu-4.1.1/criu/sysctl.c:224:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sysctl.c:228:16: branch_false: ...to here
criu-4.1.1/criu/sysctl.c:228:16: acquire_memory: allocated here
criu-4.1.1/criu/sysctl.c:228:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sysctl.c:232:9: branch_false: ...to here
criu-4.1.1/criu/sysctl.c:234:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sysctl.c:235:31: branch_true: ...to here
criu-4.1.1/criu/sysctl.c:235:31: call_function: calling ‘sysctl_userns_arg_size’ from ‘__userns_sysctl_op’
#  145|   		return sizeof(char) * CTL_LEN(type) + 1;
#  146|   	default:
#  147|-> 		pr_err("unknown arg type %d\n", type);
#  148|   
#  149|   		/* Ensure overflow to cause an error */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def841]
criu-4.1.1/criu/sysctl.c:228:16: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sysctl.c:219:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sysctl.c:224:15: branch_false: ...to here
criu-4.1.1/criu/sysctl.c:224:15: acquire_memory: allocated here
criu-4.1.1/criu/sysctl.c:224:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sysctl.c:228:16: branch_false: ...to here
criu-4.1.1/criu/sysctl.c:228:16: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/sysctl.c:228:16: branch_true: ...to here
criu-4.1.1/criu/sysctl.c:228:16: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  226|   		goto out;
#  227|   
#  228|-> 	reqs = xmalloc(sizeof(struct sysctl_req *) * userns_req->nr_req);
#  229|   	if (!reqs)
#  230|   		goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def842]
criu-4.1.1/criu/sysctl.c:245:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sysctl.c:219:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sysctl.c:224:15: branch_false: ...to here
criu-4.1.1/criu/sysctl.c:224:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sysctl.c:228:16: branch_false: ...to here
criu-4.1.1/criu/sysctl.c:228:16: acquire_memory: allocated here
criu-4.1.1/criu/sysctl.c:228:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sysctl.c:232:9: branch_false: ...to here
criu-4.1.1/criu/sysctl.c:234:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sysctl.c:235:31: branch_true: ...to here
criu-4.1.1/criu/sysctl.c:244:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sysctl.c:245:25: branch_true: ...to here
criu-4.1.1/criu/sysctl.c:245:25: danger: ‘___p’ leaks here; was allocated at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4)
#  243|   
#  244|   		if (((char *)req) + total_len >= ((char *)userns_req) + MAX_UNSFD_MSG_SIZE) {
#  245|-> 			pr_err("bad sysctl req %s, too big: %d\n", req->name, total_len);
#  246|   			goto out;
#  247|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def843]
criu-4.1.1/criu/sysctl.c:254:22: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/sysctl.c:219:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sysctl.c:224:15: branch_false: ...to here
criu-4.1.1/criu/sysctl.c:224:15: acquire_memory: allocated here
criu-4.1.1/criu/sysctl.c:224:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sysctl.c:228:16: branch_false: ...to here
criu-4.1.1/criu/sysctl.c:228:16: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/sysctl.c:232:9: branch_false: ...to here
criu-4.1.1/criu/sysctl.c:234:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/sysctl.c:235:31: branch_true: ...to here
criu-4.1.1/criu/sysctl.c:244:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sysctl.c:249:20: branch_false: ...to here
criu-4.1.1/criu/sysctl.c:249:20: branch_true: following ‘true’ branch (when ‘op == 0’)...
criu-4.1.1/criu/sysctl.c:254:22: branch_true: ...to here
criu-4.1.1/criu/sysctl.c:254:22: danger: ‘___p’ leaks here; was allocated at [(3)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/2)
#  252|   			flags = O_WRONLY;
#  253|   
#  254|-> 		fd = openat(dir, req->name, flags);
#  255|   		if (fd < 0) {
#  256|   			if (errno == ENOENT && (req->flags & CTL_FLAGS_OPTIONAL))

Error: GCC_ANALYZER_WARNING (CWE-401): [#def844]
criu-4.1.1/criu/sysfs_parse.c:178:27: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(&path)’
criu-4.1.1/criu/sysfs_parse.c:136:5: enter_function: entry to ‘parse_aufs_branches’
criu-4.1.1/criu/sysfs_parse.c:150:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sysfs_parse.c:155:13: branch_false: ...to here
criu-4.1.1/criu/sysfs_parse.c:155:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sysfs_parse.c:160:12: branch_false: ...to here
criu-4.1.1/criu/sysfs_parse.c:160:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sysfs_parse.c:163:9: branch_false: ...to here
criu-4.1.1/criu/sysfs_parse.c:164:13: call_function: calling ‘parse_aufs_sbinfo’ from ‘parse_aufs_branches’
criu-4.1.1/criu/sysfs_parse.c:164:13: return_function: returning to ‘parse_aufs_branches’ from ‘parse_aufs_sbinfo’
criu-4.1.1/criu/sysfs_parse.c:164:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/sysfs_parse.c:166:19: branch_false: ...to here
criu-4.1.1/criu/sysfs_parse.c:166:19: acquire_memory: allocated here
criu-4.1.1/criu/sysfs_parse.c:166:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/sysfs_parse.c:178:27: danger: ‘opendir(&path)’ leaks here; was allocated at [(22)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/21)
#  176|   	while (1) {
#  177|   		errno = 0;
#  178|-> 		if ((de = readdir(dp)) == NULL) {
#  179|   			if (errno) {
#  180|   				pr_perror("Cannot readdir %s", path);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def845]
criu-4.1.1/criu/tls.c:65:15: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tls.c:94:5: enter_function: entry to ‘tls_send_data_from_fd’
criu-4.1.1/criu/tls.c:98:21: acquire_memory: allocated here
criu-4.1.1/criu/tls.c:98:21: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tls.c:100:12: branch_false: ...to here
criu-4.1.1/criu/tls.c:100:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/tls.c:103:16: branch_true: following ‘true’ branch (when ‘len != 0’)...
criu-4.1.1/criu/tls.c:106:40: branch_true: ...to here
criu-4.1.1/criu/tls.c:107:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/tls.c:112:32: branch_true: following ‘true’ branch...
criu-4.1.1/criu/tls.c:113:54: branch_true: ...to here
criu-4.1.1/criu/tls.c:113:31: call_function: calling ‘tls_send’ from ‘tls_send_data_from_fd’
#   63|   
#   64|   	tls_sk_flags = flags;
#   65|-> 	ret = gnutls_record_send(session, buf, len);
#   66|   	tls_sk_flags = 0;
#   67|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def846]
criu-4.1.1/criu/tls.c:80:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tls.c:94:5: enter_function: entry to ‘tls_send_data_from_fd’
criu-4.1.1/criu/tls.c:98:21: acquire_memory: allocated here
criu-4.1.1/criu/tls.c:98:21: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tls.c:100:12: branch_false: ...to here
criu-4.1.1/criu/tls.c:100:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/tls.c:103:16: branch_true: following ‘true’ branch (when ‘len != 0’)...
criu-4.1.1/criu/tls.c:106:40: branch_true: ...to here
criu-4.1.1/criu/tls.c:107:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/tls.c:112:32: branch_true: following ‘true’ branch...
criu-4.1.1/criu/tls.c:113:54: branch_true: ...to here
criu-4.1.1/criu/tls.c:113:31: call_function: calling ‘tls_send’ from ‘tls_send_data_from_fd’
#   78|   			break;
#   79|   		default:
#   80|-> 			tls_perror("Failed to send data", ret);
#   81|   			errno = EIO;
#   82|   			break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def847]
criu-4.1.1/criu/tls.c:108:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tls.c:98:21: acquire_memory: allocated here
criu-4.1.1/criu/tls.c:98:21: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tls.c:100:12: branch_false: ...to here
criu-4.1.1/criu/tls.c:100:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/tls.c:103:16: branch_true: following ‘true’ branch (when ‘len != 0’)...
criu-4.1.1/criu/tls.c:106:40: branch_true: ...to here
criu-4.1.1/criu/tls.c:107:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/tls.c:108:25: branch_true: ...to here
criu-4.1.1/criu/tls.c:108:25: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  106|   		copied = read(fd, buf, min(len, buf_size));
#  107|   		if (copied <= 0) {
#  108|-> 			pr_perror("Can't read from pipe");
#  109|   			goto err;
#  110|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def848]
criu-4.1.1/criu/tls.c:115:33: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tls.c:98:21: acquire_memory: allocated here
criu-4.1.1/criu/tls.c:98:21: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tls.c:100:12: branch_false: ...to here
criu-4.1.1/criu/tls.c:100:12: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
 branch_false: ...to here
criu-4.1.1/criu/tls.c:103:16: branch_true: following ‘true’ branch (when ‘len != 0’)...
criu-4.1.1/criu/tls.c:106:40: branch_true: ...to here
criu-4.1.1/criu/tls.c:107:20: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/tls.c:112:32: branch_true: following ‘true’ branch...
criu-4.1.1/criu/tls.c:113:54: branch_true: ...to here
criu-4.1.1/criu/tls.c:114:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/tls.c:115:33: branch_true: ...to here
criu-4.1.1/criu/tls.c:115:33: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  113|   			ret = tls_send((buf + sent), (copied - sent), 0);
#  114|   			if (ret < 0) {
#  115|-> 				tls_perror("Failed sending data", ret);
#  116|   				goto err;
#  117|   			}

Error: GCC_ANALYZER_WARNING (CWE-457): [#def849]
criu-4.1.1/criu/tls.c:195:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘packet’
criu-4.1.1/criu/tls.c:171:16: branch_false: following ‘false’ branch (when ‘len == 0’)...
criu-4.1.1/criu/tls.c:194:1: branch_false: ...to here
criu-4.1.1/criu/tls.c:195:9: danger: use of uninitialized value ‘packet’ here
#  193|   	}
#  194|   err:
#  195|-> 	gnutls_packet_deinit(packet);
#  196|   	return (len > 0);
#  197|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def850]
criu-4.1.1/criu/tty.c:457:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tty.c:974:12: enter_function: entry to ‘pty_open_unpaired_slave’
criu-4.1.1/criu/tty.c:984:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1022:24: branch_false: ...to here
criu-4.1.1/criu/tty.c:1022:24: call_function: calling ‘pty_alloc_fake_reg’ from ‘pty_open_unpaired_slave’
#  455|   
#  456|   	r->rfe = (void *)r + sizeof(*r);
#  457|-> 	reg_file_entry__init(r->rfe);
#  458|   
#  459|   	r->rfe->name = (void *)r + sizeof(*r) + sizeof(*r->rfe);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def851]
criu-4.1.1/criu/tty.c:499:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/tty.c:974:12: enter_function: entry to ‘pty_open_unpaired_slave’
criu-4.1.1/criu/tty.c:984:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1022:24: branch_false: ...to here
criu-4.1.1/criu/tty.c:1022:24: call_function: calling ‘pty_alloc_fake_reg’ from ‘pty_open_unpaired_slave’
#  497|   	pr_debug("Allocating fake descriptor for %#x (reg_d %p)\n", info->tfe->id, info->reg_d);
#  498|   
#  499|-> 	BUG_ON(!info->reg_d);
#  500|   	BUG_ON(!is_pty(info->driver));
#  501|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def852]
criu-4.1.1/criu/tty.c:500:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/tty.c:974:12: enter_function: entry to ‘pty_open_unpaired_slave’
criu-4.1.1/criu/tty.c:984:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1022:24: branch_false: ...to here
criu-4.1.1/criu/tty.c:1022:24: call_function: calling ‘pty_alloc_fake_reg’ from ‘pty_open_unpaired_slave’
#  498|   
#  499|   	BUG_ON(!info->reg_d);
#  500|-> 	BUG_ON(!is_pty(info->driver));
#  501|   
#  502|   	fake_desc = pty_alloc_reg(info, false);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def853]
criu-4.1.1/criu/tty.c:519:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tty.c:974:12: enter_function: entry to ‘pty_open_unpaired_slave’
criu-4.1.1/criu/tty.c:984:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1022:24: branch_false: ...to here
criu-4.1.1/criu/tty.c:1022:24: call_function: calling ‘pty_alloc_fake_reg’ from ‘pty_open_unpaired_slave’
#  517|   		char *inverted_path = xmalloc(len + 32);
#  518|   
#  519|-> 		BUG_ON(!pos || !inverted_path);
#  520|   
#  521|   		memcpy(inverted_path, orig->rfe->name, slash_at + 1);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def854]
criu-4.1.1/criu/tty.c:519:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/tty.c:974:12: enter_function: entry to ‘pty_open_unpaired_slave’
criu-4.1.1/criu/tty.c:984:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1022:24: branch_false: ...to here
criu-4.1.1/criu/tty.c:1022:24: call_function: calling ‘pty_alloc_fake_reg’ from ‘pty_open_unpaired_slave’
#  517|   		char *inverted_path = xmalloc(len + 32);
#  518|   
#  519|-> 		BUG_ON(!pos || !inverted_path);
#  520|   
#  521|   		memcpy(inverted_path, orig->rfe->name, slash_at + 1);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def855]
criu-4.1.1/criu/tty.c:925:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/tty.c:919:12: enter_function: entry to ‘pty_open_slaves’
criu-4.1.1/criu/tty.c:924:9: branch_true: following ‘true’ branch (when ‘slave != info’)...
criu-4.1.1/criu/tty.c:925:17: call_function: inlined call to ‘tty_is_master’ from ‘pty_open_slaves’
criu-4.1.1/criu/tty.c:925:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/tty.c:925:17: branch_true: ...to here
criu-4.1.1/criu/tty.c:925:17: danger: dereference of NULL ‘0’
#  923|   
#  924|   	list_for_each_entry(slave, &info->sibling, sibling) {
#  925|-> 		BUG_ON(tty_is_master(slave));
#  926|   
#  927|   		fd = open_tty_reg(slave->reg_d, slave->tfe->flags);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def856]
criu-4.1.1/criu/tty.c:1248:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tty.c:1244:13: acquire_memory: allocated here
criu-4.1.1/criu/tty.c:1244:13: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1248:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1248:9: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/0)
# 1246|   		return -1;
# 1247|   
# 1248|-> 	fdinfo_entry__init(e);
# 1249|   
# 1250|   	e->id = desc_id;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def857]
criu-4.1.1/criu/tty.c:1323:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/tty.c:1305:12: enter_function: entry to ‘prepare_ctl_tty’
criu-4.1.1/criu/tty.c:1312:12: branch_false: following ‘false’ branch (when ‘ctl_tty_id != 0’)...
criu-4.1.1/criu/tty.c:1315:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1318:14: call_function: calling ‘add_fake_fle’ from ‘prepare_ctl_tty’
criu-4.1.1/criu/tty.c:1318:14: return_function: returning to ‘prepare_ctl_tty’ from ‘add_fake_fle’
criu-4.1.1/criu/tty.c:1319:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1322:15: branch_false: ...to here
criu-4.1.1/criu/tty.c:1323:9: branch_true: following ‘true’ branch...
criu-4.1.1/criu/tty.c:1323:9: branch_true: ...to here
criu-4.1.1/criu/tty.c:1323:9: danger: dereference of NULL ‘0’
# 1321|   
# 1322|   	fle = find_used_fd(item, fd);
# 1323|-> 	BUG_ON(!fle);
# 1324|   	/*
# 1325|   	 * Add a fake ctl_tty depending on the above fake fle, which will

Error: GCC_ANALYZER_WARNING (CWE-401): [#def858]
criu-4.1.1/criu/tty.c:1329:13: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tty.c:1305:12: enter_function: entry to ‘prepare_ctl_tty’
criu-4.1.1/criu/tty.c:1312:12: branch_false: following ‘false’ branch (when ‘ctl_tty_id != 0’)...
criu-4.1.1/criu/tty.c:1315:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1318:14: call_function: calling ‘add_fake_fle’ from ‘prepare_ctl_tty’
criu-4.1.1/criu/tty.c:1318:14: return_function: returning to ‘prepare_ctl_tty’ from ‘add_fake_fle’
criu-4.1.1/criu/tty.c:1319:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1322:15: branch_false: ...to here
criu-4.1.1/criu/tty.c:1323:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1328:19: branch_false: ...to here
criu-4.1.1/criu/tty.c:1328:19: acquire_memory: allocated here
criu-4.1.1/criu/tty.c:1328:19: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1329:13: branch_false: ...to here
criu-4.1.1/criu/tty.c:1329:13: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/tty.c:1329:13: branch_true: ...to here
criu-4.1.1/criu/tty.c:1329:13: danger: ‘___p’ leaks here; was allocated at [(15)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/14)
# 1327|   	 */
# 1328|   	ctl_tty = xmalloc(sizeof(*ctl_tty));
# 1329|-> 	e = xmalloc(sizeof(*e));
# 1330|   
# 1331|   	if (!ctl_tty || !e)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def859]
criu-4.1.1/criu/tty.c:1340:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tty.c:1305:12: enter_function: entry to ‘prepare_ctl_tty’
criu-4.1.1/criu/tty.c:1312:12: branch_false: following ‘false’ branch (when ‘ctl_tty_id != 0’)...
criu-4.1.1/criu/tty.c:1315:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1318:14: call_function: calling ‘add_fake_fle’ from ‘prepare_ctl_tty’
criu-4.1.1/criu/tty.c:1318:14: return_function: returning to ‘prepare_ctl_tty’ from ‘add_fake_fle’
criu-4.1.1/criu/tty.c:1319:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1322:15: branch_false: ...to here
criu-4.1.1/criu/tty.c:1323:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1328:19: branch_false: ...to here
criu-4.1.1/criu/tty.c:1328:19: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1329:13: branch_false: ...to here
criu-4.1.1/criu/tty.c:1329:13: acquire_memory: allocated here
criu-4.1.1/criu/tty.c:1329:13: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1331:13: branch_false: ...to here
criu-4.1.1/criu/tty.c:1331:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1334:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1340:9: danger: ‘___p’ leaks here; was allocated at [(17)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/16)
# 1338|   	 * FD_TYPES__CTL_TTY (as it's unique for FD_TYPES__TTY type).
# 1339|   	 */
# 1340|-> 	file_desc_add(&ctl_tty->desc, ctl_tty_id, &ctl_tty_desc_ops);
# 1341|   
# 1342|   	fdinfo_entry__init(e);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def860]
criu-4.1.1/criu/tty.c:1342:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tty.c:1305:12: enter_function: entry to ‘prepare_ctl_tty’
criu-4.1.1/criu/tty.c:1312:12: branch_false: following ‘false’ branch (when ‘ctl_tty_id != 0’)...
criu-4.1.1/criu/tty.c:1315:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1318:14: call_function: calling ‘add_fake_fle’ from ‘prepare_ctl_tty’
criu-4.1.1/criu/tty.c:1318:14: return_function: returning to ‘prepare_ctl_tty’ from ‘add_fake_fle’
criu-4.1.1/criu/tty.c:1319:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1322:15: branch_false: ...to here
criu-4.1.1/criu/tty.c:1323:9: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1328:19: branch_false: ...to here
criu-4.1.1/criu/tty.c:1328:19: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1329:13: branch_false: ...to here
criu-4.1.1/criu/tty.c:1329:13: acquire_memory: allocated here
criu-4.1.1/criu/tty.c:1329:13: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1331:13: branch_false: ...to here
criu-4.1.1/criu/tty.c:1331:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1334:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1342:9: danger: ‘___p’ leaks here; was allocated at [(17)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/16)
# 1340|   	file_desc_add(&ctl_tty->desc, ctl_tty_id, &ctl_tty_desc_ops);
# 1341|   
# 1342|-> 	fdinfo_entry__init(e);
# 1343|   
# 1344|   	e->id = ctl_tty_id;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def861]
criu-4.1.1/criu/tty.c:1897:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tty.c:1864:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1877:51: branch_false: ...to here
criu-4.1.1/criu/tty.c:1878:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1881:17: branch_false: ...to here
criu-4.1.1/criu/tty.c:1881:17: acquire_memory: allocated here
criu-4.1.1/criu/tty.c:1881:17: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1885:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1894:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/tty.c:1895:30: branch_true: ...to here
criu-4.1.1/criu/tty.c:1896:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/tty.c:1897:25: branch_true: ...to here
criu-4.1.1/criu/tty.c:1897:25: danger: ‘___p’ leaks here; was allocated at [(5)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/4)
# 1895|   		dinfo->lfd = dup(lfd);
# 1896|   		if (dinfo->lfd < 0) {
# 1897|-> 			pr_perror("Can't dup local fd on %#x", id);
# 1898|   			xfree(dinfo);
# 1899|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def862]
criu-4.1.1/criu/tty.c:1956:31: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tty.c:1864:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1877:51: branch_false: ...to here
criu-4.1.1/criu/tty.c:1878:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1881:17: branch_false: ...to here
criu-4.1.1/criu/tty.c:1881:17: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1885:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1925:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1935:13: branch_false: ...to here
criu-4.1.1/criu/tty.c:1935:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1945:12: branch_false: ...to here
criu-4.1.1/criu/tty.c:1953:24: acquire_memory: allocated here
criu-4.1.1/criu/tty.c:1953:24: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1953:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1956:31: branch_true: following ‘true’ branch (when ‘___p’ is NULL)...
criu-4.1.1/criu/tty.c:1956:31: branch_true: ...to here
criu-4.1.1/criu/tty.c:1956:31: danger: ‘___p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/10)
# 1954|   
# 1955|   	termios_locked.n_c_cc = TERMIOS_NCC;
# 1956|-> 	termios_locked.c_cc = xmalloc(pb_repeated_size(&termios_locked, c_cc));
# 1957|   
# 1958|   	if (!termios.c_cc || !termios_locked.c_cc)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def863]
criu-4.1.1/criu/tty.c:1963:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tty.c:1864:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1877:51: branch_false: ...to here
criu-4.1.1/criu/tty.c:1878:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1881:17: branch_false: ...to here
criu-4.1.1/criu/tty.c:1881:17: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1885:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1925:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1935:13: branch_false: ...to here
criu-4.1.1/criu/tty.c:1935:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1945:12: branch_false: ...to here
criu-4.1.1/criu/tty.c:1953:24: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1953:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1956:31: acquire_memory: allocated here
criu-4.1.1/criu/tty.c:1956:31: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1956:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1958:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1962:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/tty.c:1963:17: branch_true: ...to here
criu-4.1.1/criu/tty.c:1963:17: danger: ‘___p’ leaks here; was allocated at [(13)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/12)
# 1961|   	memzero(&t, sizeof(t));
# 1962|   	if (ioctl(lfd, TCGETS, &t) < 0) {
# 1963|-> 		pr_perror("Can't get tty params on %#x", id);
# 1964|   		goto out;
# 1965|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def864]
criu-4.1.1/criu/tty.c:1970:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tty.c:1864:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1877:51: branch_false: ...to here
criu-4.1.1/criu/tty.c:1878:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1881:17: branch_false: ...to here
criu-4.1.1/criu/tty.c:1881:17: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1885:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1925:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1935:13: branch_false: ...to here
criu-4.1.1/criu/tty.c:1935:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1945:12: branch_false: ...to here
criu-4.1.1/criu/tty.c:1953:24: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1953:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1956:31: acquire_memory: allocated here
criu-4.1.1/criu/tty.c:1956:31: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1956:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1958:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1962:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1966:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1969:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/tty.c:1970:17: branch_true: ...to here
criu-4.1.1/criu/tty.c:1970:17: danger: ‘___p’ leaks here; was allocated at [(13)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/12)
# 1968|   	memzero(&t, sizeof(t));
# 1969|   	if (ioctl(lfd, TIOCGLCKTRMIOS, &t) < 0) {
# 1970|-> 		pr_perror("Can't get tty locked params on %#x", id);
# 1971|   		goto out;
# 1972|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def865]
criu-4.1.1/criu/tty.c:1977:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tty.c:1864:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1877:51: branch_false: ...to here
criu-4.1.1/criu/tty.c:1878:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1881:17: branch_false: ...to here
criu-4.1.1/criu/tty.c:1881:17: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1885:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1925:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1935:13: branch_false: ...to here
criu-4.1.1/criu/tty.c:1935:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1945:12: branch_false: ...to here
criu-4.1.1/criu/tty.c:1953:24: acquire_memory: allocated here
criu-4.1.1/criu/tty.c:1953:24: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1953:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1956:31: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1956:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1958:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1962:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1966:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1969:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1973:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1976:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/tty.c:1977:17: branch_true: ...to here
criu-4.1.1/criu/tty.c:1977:17: danger: ‘___p’ leaks here; was allocated at [(11)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/10)
# 1975|   	memzero(&w, sizeof(w));
# 1976|   	if (ioctl(lfd, TIOCGWINSZ, &w) < 0) {
# 1977|-> 		pr_perror("Can't get tty window params on %#x", id);
# 1978|   		goto out;
# 1979|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def866]
criu-4.1.1/criu/tty.c:1982:15: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tty.c:1849:12: enter_function: entry to ‘dump_tty_info’
criu-4.1.1/criu/tty.c:1864:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1877:51: branch_false: ...to here
criu-4.1.1/criu/tty.c:1878:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1881:17: branch_false: ...to here
criu-4.1.1/criu/tty.c:1881:17: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1885:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1925:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1935:13: branch_false: ...to here
criu-4.1.1/criu/tty.c:1935:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1945:12: branch_false: ...to here
criu-4.1.1/criu/tty.c:1953:24: acquire_memory: allocated here
criu-4.1.1/criu/tty.c:1953:24: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1953:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1956:31: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:1956:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1958:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1962:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1966:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1969:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1973:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1976:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:1980:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:1982:15: call_function: calling ‘img_from_set’ from ‘dump_tty_info’
criu-4.1.1/criu/tty.c:1982:15: return_function: returning to ‘dump_tty_info’ from ‘img_from_set’
criu-4.1.1/criu/tty.c:1982:15: danger: ‘___p’ leaks here; was allocated at [(12)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/11)
# 1980|   	winsize_copy(&winsize, &w);
# 1981|   
# 1982|-> 	ret = pb_write_one(img_from_set(glob_imgset, CR_FD_TTY_INFO), &info, PB_TTY_INFO);
# 1983|   out:
# 1984|   	xfree(termios.c_cc);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def867]
criu-4.1.1/criu/tty.c:2092:21: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tty.c:2102:12: enter_function: entry to ‘tty_do_dump_queued_data’
criu-4.1.1/criu/tty.c:2109:15: acquire_memory: allocated here
criu-4.1.1/criu/tty.c:2109:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:2113:15: branch_false: ...to here
criu-4.1.1/criu/tty.c:2113:15: call_function: calling ‘tty_unblock’ from ‘tty_do_dump_queued_data’
# 2090|   
# 2091|   	if ((flags & fmask) != fmask) {
# 2092|-> 		if (fcntl(lfd, F_SETFL, fmask)) {
# 2093|   			ret = -errno;
# 2094|   			pr_perror("Can't change mode to %o on (%#x)", fmask, id);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def868]
criu-4.1.1/criu/tty.c:2094:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tty.c:2102:12: enter_function: entry to ‘tty_do_dump_queued_data’
criu-4.1.1/criu/tty.c:2109:15: acquire_memory: allocated here
criu-4.1.1/criu/tty.c:2109:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:2113:15: branch_false: ...to here
criu-4.1.1/criu/tty.c:2113:15: call_function: calling ‘tty_unblock’ from ‘tty_do_dump_queued_data’
# 2092|   		if (fcntl(lfd, F_SETFL, fmask)) {
# 2093|   			ret = -errno;
# 2094|-> 			pr_perror("Can't change mode to %o on (%#x)", fmask, id);
# 2095|   			return ret;
# 2096|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def869]
criu-4.1.1/criu/tty.c:2122:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tty.c:2109:15: acquire_memory: allocated here
criu-4.1.1/criu/tty.c:2109:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:2113:15: branch_false: ...to here
criu-4.1.1/criu/tty.c:2114:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/tty.c:2121:20: branch_true: following ‘true’ branch (when ‘ret == 0’)...
criu-4.1.1/criu/tty.c:2122:25: branch_true: ...to here
criu-4.1.1/criu/tty.c:2122:25: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/0)
# 2120|   		ret = read(dinfo->lfd, &buf[off], size - off);
# 2121|   		if (ret == 0) {
# 2122|-> 			pr_debug("No more data on tty (%s %#x)\n", dinfo->driver->name, dinfo->id);
# 2123|   			break;
# 2124|   		} else if (ret < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def870]
criu-4.1.1/criu/tty.c:2126:33: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tty.c:2109:15: acquire_memory: allocated here
criu-4.1.1/criu/tty.c:2109:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:2113:15: branch_false: ...to here
criu-4.1.1/criu/tty.c:2114:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/tty.c:2121:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/tty.c:2124:27: branch_false: ...to here
criu-4.1.1/criu/tty.c:2124:27: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/tty.c:2125:29: branch_true: ...to here
criu-4.1.1/criu/tty.c:2125:28: branch_true: following ‘true’ branch...
criu-4.1.1/criu/tty.c:2126:33: branch_true: ...to here
criu-4.1.1/criu/tty.c:2126:33: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/0)
# 2124|   		} else if (ret < 0) {
# 2125|   			if (errno == EAGAIN) {
# 2126|-> 				pr_debug("Not waiting data tty (%s %#x)\n", dinfo->driver->name, dinfo->id);
# 2127|   				break;
# 2128|   			} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def871]
criu-4.1.1/criu/tty.c:2130:33: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tty.c:2109:15: acquire_memory: allocated here
criu-4.1.1/criu/tty.c:2109:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:2113:15: branch_false: ...to here
criu-4.1.1/criu/tty.c:2114:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/tty.c:2121:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/tty.c:2124:27: branch_false: ...to here
criu-4.1.1/criu/tty.c:2125:28: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:2129:33: branch_false: ...to here
criu-4.1.1/criu/tty.c:2130:33: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/0)
# 2128|   			} else {
# 2129|   				ret = -errno;
# 2130|-> 				pr_perror("Can't read data from tty (%s %#x)", dinfo->driver->name, dinfo->id);
# 2131|   				xfree(buf);
# 2132|   				return ret;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def872]
criu-4.1.1/criu/tty.c:2137:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tty.c:2109:15: acquire_memory: allocated here
criu-4.1.1/criu/tty.c:2109:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:2113:15: branch_false: ...to here
criu-4.1.1/criu/tty.c:2114:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/tty.c:2121:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/tty.c:2124:27: branch_false: ...to here
criu-4.1.1/criu/tty.c:2124:27: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/tty.c:2136:21: branch_false: ...to here
criu-4.1.1/criu/tty.c:2137:17: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/0)
# 2135|   
# 2136|   		off += ret;
# 2137|-> 		pr_debug("Read %d bytes (%d) from tty (%s %#x)\n", ret, (int)off, dinfo->driver->name, dinfo->id);
# 2138|   
# 2139|   		if (off >= size) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def873]
criu-4.1.1/criu/tty.c:2140:25: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tty.c:2109:15: acquire_memory: allocated here
criu-4.1.1/criu/tty.c:2109:15: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tty.c:2113:15: branch_false: ...to here
criu-4.1.1/criu/tty.c:2114:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/tty.c:2121:20: branch_false: following ‘false’ branch (when ‘ret != 0’)...
criu-4.1.1/criu/tty.c:2124:27: branch_false: ...to here
criu-4.1.1/criu/tty.c:2124:27: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/tty.c:2136:21: branch_false: ...to here
criu-4.1.1/criu/tty.c:2140:25: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/0)
# 2138|   
# 2139|   		if (off >= size) {
# 2140|-> 			pr_err("The tty (%s %#x) queued data overflow %zu bytes limit\n", dinfo->driver->name,
# 2141|   			       dinfo->id, size);
# 2142|   			off = size;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def874]
criu-4.1.1/criu/tty.c:2450:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(service_mountpoint(pm), 0)’
criu-4.1.1/criu/tty.c:2427:15: acquire_resource: opened here
criu-4.1.1/criu/tty.c:2428:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tty.c:2433:9: branch_false: ...to here
criu-4.1.1/criu/tty.c:2450:9: danger: ‘open(service_mountpoint(pm), 0)’ leaks here; was opened at [(1)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/0)
# 2448|   	exit_code = 0;
# 2449|   err:
# 2450|-> 	close(dfd);
# 2451|   	return exit_code;
# 2452|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def875]
criu-4.1.1/criu/tun.c:88:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/net/tun", 0)’
criu-4.1.1/criu/tun.c:83:15: acquire_resource: opened here
criu-4.1.1/criu/tun.c:84:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tun.c:88:9: branch_false: ...to here
criu-4.1.1/criu/tun.c:88:9: danger: ‘open("/dev/net/tun", 0)’ leaks here; was opened at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#   86|   		goto out;
#   87|   	}
#   88|-> 	check_has_netns_ioc(tun, &val, "tun");
#   89|   	close(tun);
#   90|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def876]
criu-4.1.1/criu/tun.c:124:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tun.c:120:14: acquire_memory: allocated here
criu-4.1.1/criu/tun.c:120:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tun.c:124:29: branch_false: ...to here
criu-4.1.1/criu/tun.c:124:9: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  122|   		return -1;
#  123|   
#  124|-> 	__strlcpy(tl->name, nde->name, sizeof(tl->name));
#  125|   	/*
#  126|   	 * Keep tun-flags not only for persistency fixup (see

Error: GCC_ANALYZER_WARNING (CWE-401): [#def877]
criu-4.1.1/criu/tun.c:156:9: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/tun.c:153:14: acquire_memory: allocated here
criu-4.1.1/criu/tun.c:153:14: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/tun.c:156:19: branch_false: ...to here
criu-4.1.1/criu/tun.c:156:9: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  154|   	if (!tl)
#  155|   		goto err;
#  156|-> 	__strlcpy(tl->name, name, sizeof(tl->name));
#  157|   	tl->ns_id = ns_id;
#  158|   	INIT_LIST_HEAD(&tl->l);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def878]
criu-4.1.1/criu/tun.c:236:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/net/tun", 2)’
criu-4.1.1/criu/tun.c:229:14: acquire_resource: opened here
criu-4.1.1/criu/tun.c:230:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tun.c:235:13: branch_false: ...to here
criu-4.1.1/criu/tun.c:235:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/tun.c:236:17: branch_true: ...to here
criu-4.1.1/criu/tun.c:236:17: danger: ‘open("/dev/net/tun", 2)’ leaks here; was opened at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  234|   
#  235|   	if (idx) {
#  236|-> 		pr_debug("  restoring %u for %s tun\n", idx, name);
#  237|   		if (ioctl(fd, TUNSETIFINDEX, &idx) < 0) {
#  238|   			pr_perror("Can't restore tun's index");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def879]
criu-4.1.1/criu/tun.c:244:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/net/tun", 2)’
criu-4.1.1/criu/tun.c:229:14: acquire_resource: opened here
criu-4.1.1/criu/tun.c:230:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tun.c:235:13: branch_false: ...to here
criu-4.1.1/criu/tun.c:235:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/tun.c:243:9: branch_false: ...to here
criu-4.1.1/criu/tun.c:244:9: danger: ‘open("/dev/net/tun", 2)’ leaks here; was opened at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#  242|   
#  243|   	memset(&ifr, 0, sizeof(ifr));
#  244|-> 	__strlcpy(ifr.ifr_name, name, sizeof(ifr.ifr_name));
#  245|   	ifr.ifr_flags = flags;
#  246|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def880]
criu-4.1.1/criu/uffd.c:388:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
criu-4.1.1/criu/uffd.c:1314:12: enter_function: entry to ‘prepare_lazy_socket’
criu-4.1.1/criu/uffd.c:1319:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/uffd.c:1322:9: branch_false: ...to here
criu-4.1.1/criu/uffd.c:1323:23: call_function: calling ‘server_listen’ from ‘prepare_lazy_socket’
#  386|   
#  387|   out:
#  388|-> 	close(fd);
#  389|   	return -1;
#  390|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def881]
criu-4.1.1/criu/uffd.c:745:15: warning[-Wanalyzer-malloc-leak]: leak of ‘lpi_init()’
criu-4.1.1/criu/uffd.c:1369:12: enter_function: entry to ‘prepare_uffds’
criu-4.1.1/criu/uffd.c:1378:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/uffd.c:1384:21: branch_true: following ‘true’ branch...
criu-4.1.1/criu/uffd.c:1385:41: branch_true: ...to here
criu-4.1.1/criu/uffd.c:1386:21: call_function: calling ‘ud_open’ from ‘prepare_uffds’
#  743|   	/* The "transfer protocol" is first the pid as int and then
#  744|   	 * the FD for UFFD */
#  745|-> 	ret = recv(client, &lpi->pid, sizeof(lpi->pid), 0);
#  746|   	if (ret != sizeof(lpi->pid)) {
#  747|   		if (ret < 0)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def882]
criu-4.1.1/criu/uffd.c:1427:23: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘prepare_lazy_socket()’
criu-4.1.1/criu/uffd.c:1409:5: enter_function: entry to ‘cr_lazy_pages’
criu-4.1.1/criu/uffd.c:1416:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/uffd.c:1419:13: branch_true: ...to here
criu-4.1.1/criu/uffd.c:1419:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/uffd.c:1422:19: branch_false: ...to here
criu-4.1.1/criu/uffd.c:1422:19: call_function: calling ‘prepare_lazy_socket’ from ‘cr_lazy_pages’
criu-4.1.1/criu/uffd.c:1422:19: return_function: returning to ‘cr_lazy_pages’ from ‘prepare_lazy_socket’
criu-4.1.1/criu/uffd.c:1423:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/uffd.c:1426:12: branch_false: ...to here
criu-4.1.1/criu/uffd.c:1426:12: branch_true: following ‘true’ branch (when ‘daemon != 0’)...
criu-4.1.1/criu/uffd.c:1427:23: branch_true: ...to here
criu-4.1.1/criu/uffd.c:1427:23: danger: ‘prepare_lazy_socket()’ leaks here
# 1425|   
# 1426|   	if (daemon) {
# 1427|-> 		ret = cr_daemon(1, 0, -1);
# 1428|   		if (ret == -1) {
# 1429|   			pr_err("Can't run in the background\n");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def883]
criu-4.1.1/criu/uffd.c:1446:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘prepare_lazy_socket()’
criu-4.1.1/criu/uffd.c:1409:5: enter_function: entry to ‘cr_lazy_pages’
criu-4.1.1/criu/uffd.c:1416:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/uffd.c:1419:13: branch_true: ...to here
criu-4.1.1/criu/uffd.c:1419:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/uffd.c:1422:19: branch_false: ...to here
criu-4.1.1/criu/uffd.c:1422:19: call_function: calling ‘prepare_lazy_socket’ from ‘cr_lazy_pages’
criu-4.1.1/criu/uffd.c:1422:19: return_function: returning to ‘cr_lazy_pages’ from ‘prepare_lazy_socket’
criu-4.1.1/criu/uffd.c:1423:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/uffd.c:1426:12: branch_false: ...to here
criu-4.1.1/criu/uffd.c:1446:13: danger: ‘prepare_lazy_socket()’ leaks here
# 1444|   	}
# 1445|   
# 1446|-> 	if (status_ready())
# 1447|   		return -1;
# 1448|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def884]
criu-4.1.1/criu/uffd.c:1455:19: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘prepare_lazy_socket()’
criu-4.1.1/criu/uffd.c:1409:5: enter_function: entry to ‘cr_lazy_pages’
criu-4.1.1/criu/uffd.c:1416:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/uffd.c:1419:13: branch_true: ...to here
criu-4.1.1/criu/uffd.c:1419:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/uffd.c:1422:19: branch_false: ...to here
criu-4.1.1/criu/uffd.c:1422:19: call_function: calling ‘prepare_lazy_socket’ from ‘cr_lazy_pages’
criu-4.1.1/criu/uffd.c:1422:19: return_function: returning to ‘cr_lazy_pages’ from ‘prepare_lazy_socket’
criu-4.1.1/criu/uffd.c:1423:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/uffd.c:1426:12: branch_false: ...to here
criu-4.1.1/criu/uffd.c:1446:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/uffd.c:1454:30: branch_false: ...to here
criu-4.1.1/criu/uffd.c:1455:19: danger: ‘prepare_lazy_socket()’ leaks here
# 1453|   	 */
# 1454|   	nr_fds = task_entries->nr_tasks + (opts.use_page_server ? 2 : 1);
# 1455|-> 	epollfd = epoll_prepare(nr_fds, &events);
# 1456|   	if (epollfd < 0)
# 1457|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def885]
criu-4.1.1/criu/uffd.c:1459:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘prepare_lazy_socket()’
criu-4.1.1/criu/uffd.c:1409:5: enter_function: entry to ‘cr_lazy_pages’
criu-4.1.1/criu/uffd.c:1416:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/uffd.c:1419:13: branch_true: ...to here
criu-4.1.1/criu/uffd.c:1419:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/uffd.c:1422:19: branch_false: ...to here
criu-4.1.1/criu/uffd.c:1422:19: call_function: calling ‘prepare_lazy_socket’ from ‘cr_lazy_pages’
criu-4.1.1/criu/uffd.c:1422:19: return_function: returning to ‘cr_lazy_pages’ from ‘prepare_lazy_socket’
criu-4.1.1/criu/uffd.c:1423:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/uffd.c:1426:12: branch_false: ...to here
criu-4.1.1/criu/uffd.c:1446:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/uffd.c:1454:30: branch_false: ...to here
criu-4.1.1/criu/uffd.c:1456:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/uffd.c:1459:13: branch_false: ...to here
criu-4.1.1/criu/uffd.c:1459:13: call_function: calling ‘prepare_uffds’ from ‘cr_lazy_pages’
# 1457|   		return -1;
# 1458|   
# 1459|-> 	if (prepare_uffds(lazy_sk, epollfd)) {
# 1460|   		xfree(events);
# 1461|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-404): [#def886]
criu-4.1.1/criu/util.c:123:23: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
criu-4.1.1/criu/util.c:163:7: enter_function: entry to ‘xsprintf’
criu-4.1.1/criu/util.c:168:9: acquire_resource: ‘va_start’ called here
criu-4.1.1/criu/util.c:169:15: call_function: calling ‘xvstrcat’ from ‘xsprintf’
#  121|   
#  122|   	do {
#  123|-> 		new = xrealloc(str, offset + delta);
#  124|   		if (!new) {
#  125|   			/* realloc failed. We must release former string */

Error: GCC_ANALYZER_WARNING (CWE-404): [#def887]
criu-4.1.1/criu/util.c:127:25: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
criu-4.1.1/criu/util.c:163:7: enter_function: entry to ‘xsprintf’
criu-4.1.1/criu/util.c:168:9: acquire_resource: ‘va_start’ called here
criu-4.1.1/criu/util.c:169:15: call_function: calling ‘xvstrcat’ from ‘xsprintf’
#  125|   			/* realloc failed. We must release former string */
#  126|   			xfree(str);
#  127|-> 			pr_err("Failed to allocate string\n");
#  128|   			return new;
#  129|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def888]
criu-4.1.1/criu/util.c:145:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/util.c:123:23: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/util.c:131:17: branch_false: ...to here
criu-4.1.1/criu/util.c:134:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:143:12: branch_true: ...to here
criu-4.1.1/criu/util.c:143:12: branch_true: following ‘true’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/util.c:145:17: branch_true: ...to here
criu-4.1.1/criu/util.c:145:17: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  143|   	if (ret < 0) {
#  144|   		/* vsnprintf failed */
#  145|-> 		pr_err("Failed to print string\n");
#  146|   		xfree(new);
#  147|   		new = NULL;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def889]
criu-4.1.1/criu/util.c:223:23: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘tmp’
criu-4.1.1/criu/util.c:233:5: enter_function: entry to ‘reopen_fd_as_safe’
criu-4.1.1/criu/util.c:237:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:238:20: branch_true: ...to here
criu-4.1.1/criu/util.c:238:20: branch_true: following ‘true’ branch (when ‘allow_reuse_fd != 0’)...
criu-4.1.1/criu/util.c:241:31: branch_true: ...to here
criu-4.1.1/criu/util.c:241:31: acquire_resource: opened here
criu-4.1.1/criu/util.c:242:20: branch_false: following ‘false’ branch (when ‘tmp >= 0’)...
criu-4.1.1/criu/util.c:245:27: branch_false: ...to here
criu-4.1.1/criu/util.c:245:27: branch_false: following ‘false’ branch (when ‘tmp == new_fd’)...
criu-4.1.1/criu/util.c:252:17: branch_false: ...to here
criu-4.1.1/criu/util.c:252:17: call_function: calling ‘close_safe’ from ‘reopen_fd_as_safe’
#  221|   
#  222|   	if (*fd > -1) {
#  223|-> 		ret = close(*fd);
#  224|   		if (!ret)
#  225|   			*fd = -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def890]
criu-4.1.1/criu/util.c:227:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘tmp’
criu-4.1.1/criu/util.c:233:5: enter_function: entry to ‘reopen_fd_as_safe’
criu-4.1.1/criu/util.c:237:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:238:20: branch_true: ...to here
criu-4.1.1/criu/util.c:238:20: branch_true: following ‘true’ branch (when ‘allow_reuse_fd != 0’)...
criu-4.1.1/criu/util.c:241:31: branch_true: ...to here
criu-4.1.1/criu/util.c:241:31: acquire_resource: opened here
criu-4.1.1/criu/util.c:242:20: branch_false: following ‘false’ branch (when ‘tmp >= 0’)...
criu-4.1.1/criu/util.c:245:27: branch_false: ...to here
criu-4.1.1/criu/util.c:245:27: branch_false: following ‘false’ branch (when ‘tmp == new_fd’)...
criu-4.1.1/criu/util.c:252:17: branch_false: ...to here
criu-4.1.1/criu/util.c:252:17: call_function: calling ‘close_safe’ from ‘reopen_fd_as_safe’
#  225|   			*fd = -1;
#  226|   		else
#  227|-> 			pr_perror("Unable to close fd %d", *fd);
#  228|   	}
#  229|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def891]
criu-4.1.1/criu/util.c:230:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘tmp’
criu-4.1.1/criu/util.c:237:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:238:20: branch_true: ...to here
criu-4.1.1/criu/util.c:238:20: branch_true: following ‘true’ branch (when ‘allow_reuse_fd != 0’)...
criu-4.1.1/criu/util.c:241:31: branch_true: ...to here
criu-4.1.1/criu/util.c:241:31: acquire_resource: opened here
criu-4.1.1/criu/util.c:242:20: branch_false: following ‘false’ branch (when ‘tmp >= 0’)...
criu-4.1.1/criu/util.c:245:27: branch_false: ...to here
criu-4.1.1/criu/util.c:245:27: branch_false: following ‘false’ branch (when ‘tmp == new_fd’)...
criu-4.1.1/criu/util.c:252:17: branch_false: ...to here
criu-4.1.1/criu/util.c:230:16: danger: ‘tmp’ leaks here; was opened at [(5)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/4)
#  228|   	}
#  229|   
#  230|-> 	return ret;
#  231|   }
#  232|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def892]
criu-4.1.1/criu/util.c:246:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘tmp’
criu-4.1.1/criu/util.c:237:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:238:20: branch_true: ...to here
criu-4.1.1/criu/util.c:238:20: branch_true: following ‘true’ branch (when ‘allow_reuse_fd != 0’)...
criu-4.1.1/criu/util.c:241:31: branch_true: ...to here
criu-4.1.1/criu/util.c:241:31: acquire_resource: opened here
criu-4.1.1/criu/util.c:242:20: branch_false: following ‘false’ branch (when ‘tmp >= 0’)...
criu-4.1.1/criu/util.c:245:27: branch_false: ...to here
criu-4.1.1/criu/util.c:245:27: branch_true: following ‘true’ branch (when ‘tmp != new_fd’)...
criu-4.1.1/criu/util.c:246:25: branch_true: ...to here
criu-4.1.1/criu/util.c:246:25: danger: ‘tmp’ leaks here; was opened at [(5)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/4)
#  244|   			return tmp;
#  245|   		} else if (tmp != new_fd) {
#  246|-> 			close(tmp);
#  247|   			pr_err("fd %d already in use (called at %s:%d)\n", new_fd, file, line);
#  248|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def893]
criu-4.1.1/criu/util.c:265:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘err’
criu-4.1.1/criu/util.c:569:5: enter_function: entry to ‘cr_system_userns’
criu-4.1.1/criu/util.c:577:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:582:15: branch_false: ...to here
criu-4.1.1/criu/util.c:583:12: branch_false: following ‘false’ branch (when ‘pid != -1’)...
criu-4.1.1/criu/util.c:586:19: branch_false: ...to here
criu-4.1.1/criu/util.c:586:19: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/util.c:587:17: branch_true: ...to here
criu-4.1.1/criu/util.c:588:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:593:20: branch_false: ...to here
criu-4.1.1/criu/util.c:602:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:604:21: branch_false: ...to here
criu-4.1.1/criu/util.c:604:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:611:21: branch_false: ...to here
criu-4.1.1/criu/util.c:611:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:612:31: branch_true: ...to here
criu-4.1.1/criu/util.c:612:31: acquire_resource: opened here
criu-4.1.1/criu/util.c:612:31: branch_false: following ‘false’ branch (when ‘ret__ != -1’)...
criu-4.1.1/criu/util.c:612:25: branch_false: ...to here
criu-4.1.1/criu/util.c:614:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:617:21: branch_false: ...to here
criu-4.1.1/criu/util.c:617:21: call_function: calling ‘move_fd_from’ from ‘cr_system_userns’
#  263|   		tmp = dup(*img_fd);
#  264|   		if (tmp < 0) {
#  265|-> 			pr_perror("Can't dup file");
#  266|   			return -1;
#  267|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def894]
criu-4.1.1/criu/util.c:265:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘out’
criu-4.1.1/criu/util.c:569:5: enter_function: entry to ‘cr_system_userns’
criu-4.1.1/criu/util.c:577:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:582:15: branch_false: ...to here
criu-4.1.1/criu/util.c:583:12: branch_false: following ‘false’ branch (when ‘pid != -1’)...
criu-4.1.1/criu/util.c:586:19: branch_false: ...to here
criu-4.1.1/criu/util.c:586:19: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/util.c:587:17: branch_true: ...to here
criu-4.1.1/criu/util.c:588:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:593:20: branch_false: ...to here
criu-4.1.1/criu/util.c:602:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:603:31: branch_true: ...to here
criu-4.1.1/criu/util.c:603:31: acquire_resource: opened here
criu-4.1.1/criu/util.c:603:31: branch_false: following ‘false’ branch (when ‘ret__ != -1’)...
criu-4.1.1/criu/util.c:603:25: branch_false: ...to here
criu-4.1.1/criu/util.c:604:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:611:21: branch_false: ...to here
criu-4.1.1/criu/util.c:611:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:614:20: branch_false: ...to here
criu-4.1.1/criu/util.c:614:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:617:21: branch_false: ...to here
criu-4.1.1/criu/util.c:617:21: call_function: calling ‘move_fd_from’ from ‘cr_system_userns’
#  263|   		tmp = dup(*img_fd);
#  264|   		if (tmp < 0) {
#  265|-> 			pr_perror("Can't dup file");
#  266|   			return -1;
#  267|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def895]
criu-4.1.1/criu/util.c:265:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘ret__’
criu-4.1.1/criu/util.c:1709:12: enter_function: entry to ‘is_iptables_nft’
criu-4.1.1/criu/util.c:1715:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1720:15: branch_false: ...to here
criu-4.1.1/criu/util.c:1720:15: call_function: inlined call to ‘cr_system’ from ‘is_iptables_nft’
#  263|   		tmp = dup(*img_fd);
#  264|   		if (tmp < 0) {
#  265|-> 			pr_perror("Can't dup file");
#  266|   			return -1;
#  267|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def896]
criu-4.1.1/criu/util.c:269:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘err’
criu-4.1.1/criu/util.c:569:5: enter_function: entry to ‘cr_system_userns’
criu-4.1.1/criu/util.c:577:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:582:15: branch_false: ...to here
criu-4.1.1/criu/util.c:583:12: branch_false: following ‘false’ branch (when ‘pid != -1’)...
criu-4.1.1/criu/util.c:586:19: branch_false: ...to here
criu-4.1.1/criu/util.c:586:19: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/util.c:587:17: branch_true: ...to here
criu-4.1.1/criu/util.c:588:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:593:20: branch_false: ...to here
criu-4.1.1/criu/util.c:602:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:604:21: branch_false: ...to here
criu-4.1.1/criu/util.c:604:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:611:21: branch_false: ...to here
criu-4.1.1/criu/util.c:611:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:612:31: branch_true: ...to here
criu-4.1.1/criu/util.c:612:31: acquire_resource: opened here
criu-4.1.1/criu/util.c:612:31: branch_false: following ‘false’ branch (when ‘ret__ != -1’)...
criu-4.1.1/criu/util.c:612:25: branch_false: ...to here
criu-4.1.1/criu/util.c:614:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:617:21: branch_false: ...to here
criu-4.1.1/criu/util.c:617:21: call_function: calling ‘move_fd_from’ from ‘cr_system_userns’
#  267|   		}
#  268|   
#  269|-> 		close(*img_fd);
#  270|   
#  271|   		*img_fd = tmp;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def897]
criu-4.1.1/criu/util.c:269:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘out’
criu-4.1.1/criu/util.c:569:5: enter_function: entry to ‘cr_system_userns’
criu-4.1.1/criu/util.c:577:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:582:15: branch_false: ...to here
criu-4.1.1/criu/util.c:583:12: branch_false: following ‘false’ branch (when ‘pid != -1’)...
criu-4.1.1/criu/util.c:586:19: branch_false: ...to here
criu-4.1.1/criu/util.c:586:19: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/util.c:587:17: branch_true: ...to here
criu-4.1.1/criu/util.c:588:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:593:20: branch_false: ...to here
criu-4.1.1/criu/util.c:602:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:603:31: branch_true: ...to here
criu-4.1.1/criu/util.c:603:31: acquire_resource: opened here
criu-4.1.1/criu/util.c:603:31: branch_false: following ‘false’ branch (when ‘ret__ != -1’)...
criu-4.1.1/criu/util.c:603:25: branch_false: ...to here
criu-4.1.1/criu/util.c:604:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:611:21: branch_false: ...to here
criu-4.1.1/criu/util.c:611:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:614:20: branch_false: ...to here
criu-4.1.1/criu/util.c:614:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:617:21: branch_false: ...to here
criu-4.1.1/criu/util.c:617:21: call_function: calling ‘move_fd_from’ from ‘cr_system_userns’
#  267|   		}
#  268|   
#  269|-> 		close(*img_fd);
#  270|   
#  271|   		*img_fd = tmp;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def898]
criu-4.1.1/criu/util.c:269:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘ret__’
criu-4.1.1/criu/util.c:1709:12: enter_function: entry to ‘is_iptables_nft’
criu-4.1.1/criu/util.c:1715:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1720:15: branch_false: ...to here
criu-4.1.1/criu/util.c:1720:15: call_function: inlined call to ‘cr_system’ from ‘is_iptables_nft’
#  267|   		}
#  268|   
#  269|-> 		close(*img_fd);
#  270|   
#  271|   		*img_fd = tmp;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def899]
criu-4.1.1/criu/util.c:269:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘tmp’
criu-4.1.1/criu/util.c:260:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:263:23: branch_true: ...to here
criu-4.1.1/criu/util.c:263:23: acquire_resource: opened here
criu-4.1.1/criu/util.c:264:20: branch_false: following ‘false’ branch (when ‘tmp >= 0’)...
criu-4.1.1/criu/util.c:269:17: branch_false: ...to here
criu-4.1.1/criu/util.c:269:17: danger: ‘tmp’ leaks here; was opened at [(3)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/2)
#  267|   		}
#  268|   
#  269|-> 		close(*img_fd);
#  270|   
#  271|   		*img_fd = tmp;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def900]
criu-4.1.1/criu/util.c:356:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘_fd’
criu-4.1.1/criu/util.c:351:15: acquire_resource: opened here
criu-4.1.1/criu/util.c:352:12: branch_false: following ‘false’ branch (when ‘_fd >= 0’)...
criu-4.1.1/criu/util.c:356:13: branch_false: ...to here
criu-4.1.1/criu/util.c:356:13: danger: ‘_fd’ leaks here; was opened at [(1)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/0)
#  354|   		return -1;
#  355|   	}
#  356|-> 	if (install_service_fd(PROC_FD_OFF, _fd) < 0)
#  357|   		return -1;
#  358|   	return 0;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def901]
criu-4.1.1/criu/util.c:373:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(path, 2162688)’
criu-4.1.1/criu/util.c:366:14: acquire_resource: opened here
criu-4.1.1/criu/util.c:367:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:372:15: branch_false: ...to here
criu-4.1.1/criu/util.c:373:12: danger: ‘open(path, 2162688)’ leaks here; was opened at [(1)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/0)
#  371|   
#  372|   	ret = install_service_fd(PROC_FD_OFF, fd);
#  373|-> 	if (ret < 0)
#  374|   		return -1;
#  375|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def902]
criu-4.1.1/criu/util.c:578:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/util.c:1709:12: enter_function: entry to ‘is_iptables_nft’
criu-4.1.1/criu/util.c:1715:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1720:15: branch_false: ...to here
criu-4.1.1/criu/util.c:1720:15: call_function: inlined call to ‘cr_system’ from ‘is_iptables_nft’
#  576|   	sigaddset(&blockmask, SIGCHLD);
#  577|   	if (sigprocmask(SIG_BLOCK, &blockmask, &oldmask) == -1) {
#  578|-> 		pr_perror("Cannot set mask of blocked signals");
#  579|   		return -1;
#  580|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def903]
criu-4.1.1/criu/util.c:578:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/util.c:1709:12: enter_function: entry to ‘is_iptables_nft’
criu-4.1.1/criu/util.c:1715:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1720:15: branch_false: ...to here
criu-4.1.1/criu/util.c:1720:15: call_function: inlined call to ‘cr_system’ from ‘is_iptables_nft’
#  576|   	sigaddset(&blockmask, SIGCHLD);
#  577|   	if (sigprocmask(SIG_BLOCK, &blockmask, &oldmask) == -1) {
#  578|-> 		pr_perror("Cannot set mask of blocked signals");
#  579|   		return -1;
#  580|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def904]
criu-4.1.1/criu/util.c:584:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/util.c:1709:12: enter_function: entry to ‘is_iptables_nft’
criu-4.1.1/criu/util.c:1715:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1720:15: branch_false: ...to here
criu-4.1.1/criu/util.c:1720:15: call_function: inlined call to ‘cr_system’ from ‘is_iptables_nft’
#  582|   	pid = fork();
#  583|   	if (pid == -1) {
#  584|-> 		pr_perror("fork() failed");
#  585|   		goto out;
#  586|   	} else if (pid == 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def905]
criu-4.1.1/criu/util.c:584:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/util.c:1709:12: enter_function: entry to ‘is_iptables_nft’
criu-4.1.1/criu/util.c:1715:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1720:15: branch_false: ...to here
criu-4.1.1/criu/util.c:1720:15: call_function: inlined call to ‘cr_system’ from ‘is_iptables_nft’
#  582|   	pid = fork();
#  583|   	if (pid == -1) {
#  584|-> 		pr_perror("fork() failed");
#  585|   		goto out;
#  586|   	} else if (pid == 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def906]
criu-4.1.1/criu/util.c:589:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/util.c:1709:12: enter_function: entry to ‘is_iptables_nft’
criu-4.1.1/criu/util.c:1715:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1720:15: branch_false: ...to here
criu-4.1.1/criu/util.c:1720:15: call_function: inlined call to ‘cr_system’ from ‘is_iptables_nft’
#  587|   		sigemptyset(&blockmask);
#  588|   		if (sigprocmask(SIG_SETMASK, &blockmask, NULL) == -1) {
#  589|-> 			pr_perror("Cannot clear blocked signals");
#  590|   			goto out_chld;
#  591|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def907]
criu-4.1.1/criu/util.c:589:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/util.c:1709:12: enter_function: entry to ‘is_iptables_nft’
criu-4.1.1/criu/util.c:1715:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1720:15: branch_false: ...to here
criu-4.1.1/criu/util.c:1720:15: call_function: inlined call to ‘cr_system’ from ‘is_iptables_nft’
#  587|   		sigemptyset(&blockmask);
#  588|   		if (sigprocmask(SIG_SETMASK, &blockmask, NULL) == -1) {
#  589|-> 			pr_perror("Cannot clear blocked signals");
#  590|   			goto out_chld;
#  591|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def908]
criu-4.1.1/criu/util.c:603:31: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/util.c:1709:12: enter_function: entry to ‘is_iptables_nft’
criu-4.1.1/criu/util.c:1715:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1720:15: branch_false: ...to here
criu-4.1.1/criu/util.c:1720:15: call_function: inlined call to ‘cr_system’ from ‘is_iptables_nft’
#  601|   
#  602|   		if (out < 0)
#  603|-> 			out = DUP_SAFE(log_get_fd(), out_chld);
#  604|   		if (err < 0)
#  605|   			err = DUP_SAFE(log_get_fd(), out_chld);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def909]
criu-4.1.1/criu/util.c:603:31: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/util.c:1709:12: enter_function: entry to ‘is_iptables_nft’
criu-4.1.1/criu/util.c:1715:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1720:15: branch_false: ...to here
criu-4.1.1/criu/util.c:1720:15: call_function: inlined call to ‘cr_system’ from ‘is_iptables_nft’
#  601|   
#  602|   		if (out < 0)
#  603|-> 			out = DUP_SAFE(log_get_fd(), out_chld);
#  604|   		if (err < 0)
#  605|   			err = DUP_SAFE(log_get_fd(), out_chld);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def910]
criu-4.1.1/criu/util.c:605:31: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘out’
criu-4.1.1/criu/util.c:577:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:582:15: branch_false: ...to here
criu-4.1.1/criu/util.c:583:12: branch_false: following ‘false’ branch (when ‘pid != -1’)...
criu-4.1.1/criu/util.c:586:19: branch_false: ...to here
criu-4.1.1/criu/util.c:586:19: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/util.c:587:17: branch_true: ...to here
criu-4.1.1/criu/util.c:588:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:593:20: branch_false: ...to here
criu-4.1.1/criu/util.c:602:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:603:31: branch_true: ...to here
criu-4.1.1/criu/util.c:603:31: acquire_resource: opened here
criu-4.1.1/criu/util.c:603:31: branch_false: following ‘false’ branch (when ‘ret__ != -1’)...
criu-4.1.1/criu/util.c:603:25: branch_false: ...to here
criu-4.1.1/criu/util.c:604:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:605:31: branch_true: ...to here
criu-4.1.1/criu/util.c:605:31: danger: ‘out’ leaks here; was opened at [(11)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/10)
#  603|   			out = DUP_SAFE(log_get_fd(), out_chld);
#  604|   		if (err < 0)
#  605|-> 			err = DUP_SAFE(log_get_fd(), out_chld);
#  606|   
#  607|   		/*

Error: GCC_ANALYZER_WARNING (CWE-775): [#def911]
criu-4.1.1/criu/util.c:605:31: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
criu-4.1.1/criu/util.c:1709:12: enter_function: entry to ‘is_iptables_nft’
criu-4.1.1/criu/util.c:1715:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1720:15: branch_false: ...to here
criu-4.1.1/criu/util.c:1720:15: call_function: inlined call to ‘cr_system’ from ‘is_iptables_nft’
#  603|   			out = DUP_SAFE(log_get_fd(), out_chld);
#  604|   		if (err < 0)
#  605|-> 			err = DUP_SAFE(log_get_fd(), out_chld);
#  606|   
#  607|   		/*

Error: GCC_ANALYZER_WARNING (CWE-775): [#def912]
criu-4.1.1/criu/util.c:605:31: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
criu-4.1.1/criu/util.c:1709:12: enter_function: entry to ‘is_iptables_nft’
criu-4.1.1/criu/util.c:1715:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1720:15: branch_false: ...to here
criu-4.1.1/criu/util.c:1720:15: call_function: inlined call to ‘cr_system’ from ‘is_iptables_nft’
#  603|   			out = DUP_SAFE(log_get_fd(), out_chld);
#  604|   		if (err < 0)
#  605|-> 			err = DUP_SAFE(log_get_fd(), out_chld);
#  606|   
#  607|   		/*

Error: GCC_ANALYZER_WARNING (CWE-775): [#def913]
criu-4.1.1/criu/util.c:612:31: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘err’
criu-4.1.1/criu/util.c:577:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:582:15: branch_false: ...to here
criu-4.1.1/criu/util.c:583:12: branch_false: following ‘false’ branch (when ‘pid != -1’)...
criu-4.1.1/criu/util.c:586:19: branch_false: ...to here
criu-4.1.1/criu/util.c:586:19: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/util.c:587:17: branch_true: ...to here
criu-4.1.1/criu/util.c:588:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:593:20: branch_false: ...to here
criu-4.1.1/criu/util.c:602:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:604:21: branch_false: ...to here
criu-4.1.1/criu/util.c:604:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:605:31: branch_true: ...to here
criu-4.1.1/criu/util.c:605:31: acquire_resource: opened here
criu-4.1.1/criu/util.c:605:31: branch_false: following ‘false’ branch (when ‘ret__ != -1’)...
criu-4.1.1/criu/util.c:605:25: branch_false: ...to here
criu-4.1.1/criu/util.c:611:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:612:31: branch_true: ...to here
criu-4.1.1/criu/util.c:612:31: branch_true: following ‘true’ branch (when ‘ret__ == -1’)...
criu-4.1.1/criu/util.c:612:31: branch_true: ...to here
criu-4.1.1/criu/util.c:612:31: danger: ‘err’ leaks here; was opened at [(13)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/12)
#  610|   		 */
#  611|   		if (err == out || err == in)
#  612|-> 			err = DUP_SAFE(err, out_chld);
#  613|   
#  614|   		if (out == in)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def914]
criu-4.1.1/criu/util.c:612:31: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘out’
criu-4.1.1/criu/util.c:577:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:582:15: branch_false: ...to here
criu-4.1.1/criu/util.c:583:12: branch_false: following ‘false’ branch (when ‘pid != -1’)...
criu-4.1.1/criu/util.c:586:19: branch_false: ...to here
criu-4.1.1/criu/util.c:586:19: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/util.c:587:17: branch_true: ...to here
criu-4.1.1/criu/util.c:588:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:593:20: branch_false: ...to here
criu-4.1.1/criu/util.c:602:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:603:31: branch_true: ...to here
criu-4.1.1/criu/util.c:603:31: acquire_resource: opened here
criu-4.1.1/criu/util.c:603:31: branch_false: following ‘false’ branch (when ‘ret__ != -1’)...
criu-4.1.1/criu/util.c:603:25: branch_false: ...to here
criu-4.1.1/criu/util.c:604:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:611:21: branch_false: ...to here
criu-4.1.1/criu/util.c:611:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:612:31: branch_true: ...to here
criu-4.1.1/criu/util.c:612:31: branch_true: following ‘true’ branch (when ‘ret__ == -1’)...
criu-4.1.1/criu/util.c:612:31: branch_true: ...to here
criu-4.1.1/criu/util.c:612:31: danger: ‘out’ leaks here; was opened at [(11)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/10)
#  610|   		 */
#  611|   		if (err == out || err == in)
#  612|-> 			err = DUP_SAFE(err, out_chld);
#  613|   
#  614|   		if (out == in)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def915]
criu-4.1.1/criu/util.c:615:31: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘err’
criu-4.1.1/criu/util.c:577:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:582:15: branch_false: ...to here
criu-4.1.1/criu/util.c:583:12: branch_false: following ‘false’ branch (when ‘pid != -1’)...
criu-4.1.1/criu/util.c:586:19: branch_false: ...to here
criu-4.1.1/criu/util.c:586:19: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/util.c:587:17: branch_true: ...to here
criu-4.1.1/criu/util.c:588:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:593:20: branch_false: ...to here
criu-4.1.1/criu/util.c:602:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:604:21: branch_false: ...to here
criu-4.1.1/criu/util.c:604:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:611:21: branch_false: ...to here
criu-4.1.1/criu/util.c:611:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:612:31: branch_true: ...to here
criu-4.1.1/criu/util.c:612:31: acquire_resource: opened here
criu-4.1.1/criu/util.c:612:31: branch_false: following ‘false’ branch (when ‘ret__ != -1’)...
criu-4.1.1/criu/util.c:612:25: branch_false: ...to here
criu-4.1.1/criu/util.c:614:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:615:31: branch_true: ...to here
criu-4.1.1/criu/util.c:615:31: branch_true: following ‘true’ branch (when ‘ret__ == -1’)...
criu-4.1.1/criu/util.c:615:31: branch_true: ...to here
criu-4.1.1/criu/util.c:615:31: danger: ‘err’ leaks here; was opened at [(15)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/14)
#  613|   
#  614|   		if (out == in)
#  615|-> 			out = DUP_SAFE(out, out_chld);
#  616|   
#  617|   		if (move_fd_from(&out, STDIN_FILENO) || move_fd_from(&err, STDIN_FILENO))

Error: GCC_ANALYZER_WARNING (CWE-775): [#def916]
criu-4.1.1/criu/util.c:615:31: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘out’
criu-4.1.1/criu/util.c:577:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:582:15: branch_false: ...to here
criu-4.1.1/criu/util.c:583:12: branch_false: following ‘false’ branch (when ‘pid != -1’)...
criu-4.1.1/criu/util.c:586:19: branch_false: ...to here
criu-4.1.1/criu/util.c:586:19: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/util.c:587:17: branch_true: ...to here
criu-4.1.1/criu/util.c:588:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:593:20: branch_false: ...to here
criu-4.1.1/criu/util.c:602:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:603:31: branch_true: ...to here
criu-4.1.1/criu/util.c:603:31: acquire_resource: opened here
criu-4.1.1/criu/util.c:603:31: branch_false: following ‘false’ branch (when ‘ret__ != -1’)...
criu-4.1.1/criu/util.c:603:25: branch_false: ...to here
criu-4.1.1/criu/util.c:604:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:611:21: branch_false: ...to here
criu-4.1.1/criu/util.c:611:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:614:20: branch_false: ...to here
criu-4.1.1/criu/util.c:614:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:615:31: branch_true: ...to here
criu-4.1.1/criu/util.c:615:31: branch_true: following ‘true’ branch (when ‘ret__ == -1’)...
criu-4.1.1/criu/util.c:615:31: branch_true: ...to here
criu-4.1.1/criu/util.c:615:31: danger: ‘out’ leaks here; was opened at [(11)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/10)
#  613|   
#  614|   		if (out == in)
#  615|-> 			out = DUP_SAFE(out, out_chld);
#  616|   
#  617|   		if (move_fd_from(&out, STDIN_FILENO) || move_fd_from(&err, STDIN_FILENO))

Error: GCC_ANALYZER_WARNING (CWE-476): [#def917]
criu-4.1.1/criu/util.c:672:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/util.c:577:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:582:15: branch_false: ...to here
criu-4.1.1/criu/util.c:670:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:671:17: branch_true: ...to here
criu-4.1.1/criu/util.c:672:17: danger: dereference of NULL ‘0’
#  670|   	if (sigprocmask(SIG_SETMASK, &oldmask, NULL) == -1) {
#  671|   		pr_perror("Can not unset mask of blocked signals");
#  672|-> 		BUG();
#  673|   	}
#  674|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def918]
criu-4.1.1/criu/util.c:800:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 2)’
criu-4.1.1/criu/util.c:774:12: branch_false: following ‘false’ branch (when ‘pid >= 0’)...
criu-4.1.1/criu/util.c:779:12: branch_false: ...to here
criu-4.1.1/criu/util.c:779:12: branch_false: following ‘false’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/util.c:782:9: branch_false: ...to here
criu-4.1.1/criu/util.c:786:12: branch_true: following ‘true’ branch (when ‘noclose == 0’)...
criu-4.1.1/criu/util.c:789:20: branch_true: ...to here
criu-4.1.1/criu/util.c:789:20: branch_false: following ‘false’ branch (when ‘close_fd == -1’)...
criu-4.1.1/criu/util.c:792:22: branch_false: ...to here
criu-4.1.1/criu/util.c:792:22: acquire_resource: opened here
criu-4.1.1/criu/util.c:793:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:797:17: branch_false: ...to here
criu-4.1.1/criu/util.c:800:17: danger: ‘open("/dev/null", 2)’ leaks here; was opened at [(9)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/8)
#  798|   		dup2(fd, 1);
#  799|   		dup2(fd, 2);
#  800|-> 		close(fd);
#  801|   	}
#  802|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def919]
criu-4.1.1/criu/util.c:839:22: warning[-Wanalyzer-malloc-leak]: leak of ‘fdopendir(dirfd)’
criu-4.1.1/criu/util.c:832:16: acquire_memory: allocated here
criu-4.1.1/criu/util.c:833:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/util.c:839:22: danger: ‘fdopendir(dirfd)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/39/codeFlows/0/threadFlows/0/locations/0)
#  837|   	}
#  838|   
#  839|-> 	while ((de = readdir(fdir))) {
#  840|   		if (dir_dots(de))
#  841|   			continue;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def920]
criu-4.1.1/criu/util.c:897:17: warning[-Wanalyzer-malloc-leak]: leak of ‘___p’
criu-4.1.1/criu/util.c:894:13: acquire_memory: allocated here
criu-4.1.1/criu/util.c:894:13: branch_false: following ‘false’ branch (when ‘___p’ is non-NULL)...
criu-4.1.1/criu/util.c:896:36: branch_false: ...to here
criu-4.1.1/criu/util.c:897:17: danger: ‘___p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/40/codeFlows/0/threadFlows/0/locations/0)
#  895|   	if (p) {
#  896|   		p->e = (VmaEntry *)(p + 1);
#  897|-> 		vma_entry__init(p->e);
#  898|   		p->e->fd = -1;
#  899|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def921]
criu-4.1.1/criu/util.c:1243:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/util.c:1212:5: enter_function: entry to ‘setup_tcp_server’
criu-4.1.1/criu/util.c:1219:13: call_function: calling ‘get_sockaddr_in’ from ‘setup_tcp_server’
criu-4.1.1/criu/util.c:1219:13: return_function: returning to ‘setup_tcp_server’ from ‘get_sockaddr_in’
criu-4.1.1/criu/util.c:1219:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1223:9: branch_false: ...to here
criu-4.1.1/criu/util.c:1225:14: acquire_resource: stream socket created here
criu-4.1.1/criu/util.c:1227:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/util.c:1232:13: branch_false: ...to here
criu-4.1.1/criu/util.c:1232:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1237:13: branch_false: ...to here
criu-4.1.1/criu/util.c:1237:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1242:13: branch_false: ...to here
criu-4.1.1/criu/util.c:1242:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:1243:17: branch_true: ...to here
criu-4.1.1/criu/util.c:1243:17: danger: ‘sk’ leaks here
# 1241|   
# 1242|   	if (listen(sk, 1)) {
# 1243|-> 		pr_perror("Can't listen on %s server socket", type);
# 1244|   		goto out;
# 1245|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def922]
criu-4.1.1/criu/util.c:1265:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/util.c:1212:5: enter_function: entry to ‘setup_tcp_server’
criu-4.1.1/criu/util.c:1219:13: call_function: calling ‘get_sockaddr_in’ from ‘setup_tcp_server’
criu-4.1.1/criu/util.c:1219:13: return_function: returning to ‘setup_tcp_server’ from ‘get_sockaddr_in’
criu-4.1.1/criu/util.c:1219:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1223:9: branch_false: ...to here
criu-4.1.1/criu/util.c:1225:14: acquire_resource: stream socket created here
criu-4.1.1/criu/util.c:1227:12: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/util.c:1232:13: branch_false: ...to here
criu-4.1.1/criu/util.c:1232:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1237:13: branch_false: ...to here
criu-4.1.1/criu/util.c:1237:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1242:13: branch_false: ...to here
criu-4.1.1/criu/util.c:1242:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:1243:17: branch_true: ...to here
criu-4.1.1/criu/util.c:1265:9: danger: ‘sk’ leaks here
# 1263|   	return sk;
# 1264|   out:
# 1265|-> 	close(sk);
# 1266|   	return -1;
# 1267|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def923]
criu-4.1.1/criu/util.c:1370:21: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sk’
criu-4.1.1/criu/util.c:1323:5: enter_function: entry to ‘setup_tcp_client’
criu-4.1.1/criu/util.c:1340:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1349:14: branch_false: ...to here
criu-4.1.1/criu/util.c:1349:29: branch_true: following ‘true’ branch (when ‘p’ is non-NULL)...
criu-4.1.1/criu/util.c:1350:21: branch_true: ...to here
criu-4.1.1/criu/util.c:1361:21: call_function: calling ‘get_sockaddr_in’ from ‘setup_tcp_client’
criu-4.1.1/criu/util.c:1361:21: return_function: returning to ‘setup_tcp_client’ from ‘get_sockaddr_in’
criu-4.1.1/criu/util.c:1361:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1364:29: branch_false: ...to here
criu-4.1.1/criu/util.c:1364:22: acquire_resource: stream socket created here
criu-4.1.1/criu/util.c:1365:20: branch_false: following ‘false’ branch (when ‘sk >= 0’)...
criu-4.1.1/criu/util.c:1370:21: branch_false: ...to here
criu-4.1.1/criu/util.c:1370:21: danger: ‘sk’ leaks here
# 1368|   		}
# 1369|   
# 1370|-> 		if (connect(sk, (struct sockaddr *)&saddr, sizeof(saddr)) < 0) {
# 1371|   			pr_info("Can't connect to server %s:%u\n", ipstr, opts.port);
# 1372|   			close(sk);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def924]
criu-4.1.1/criu/util.c:1954:15: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[0]’
criu-4.1.1/criu/util.c:1971:5: enter_function: entry to ‘run_command’
criu-4.1.1/criu/util.c:1981:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1984:17: branch_false: ...to here
criu-4.1.1/criu/util.c:1984:17: call_function: calling ‘raw_clone’ from ‘run_command’
criu-4.1.1/criu/util.c:1984:17: return_function: returning to ‘run_command’ from ‘raw_clone’
criu-4.1.1/criu/util.c:1985:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1991:12: branch_false: ...to here
criu-4.1.1/criu/util.c:1991:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:2014:9: branch_false: ...to here
criu-4.1.1/criu/util.c:2022:16: call_function: calling ‘wait_for_pid’ from ‘run_command’
# 1952|   
# 1953|   again:
# 1954|-> 	ret = waitpid(pid, &status, 0);
# 1955|   	if (ret == -1) {
# 1956|   		if (errno == EINTR)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def925]
criu-4.1.1/criu/util.c:1986:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[0]’
criu-4.1.1/criu/util.c:1971:5: enter_function: entry to ‘run_command’
criu-4.1.1/criu/util.c:1981:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1984:17: branch_false: ...to here
criu-4.1.1/criu/util.c:1984:17: call_function: calling ‘raw_clone’ from ‘run_command’
criu-4.1.1/criu/util.c:1984:17: return_function: returning to ‘run_command’ from ‘raw_clone’
criu-4.1.1/criu/util.c:1985:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:1986:17: branch_true: ...to here
criu-4.1.1/criu/util.c:1986:17: danger: ‘pipefd[0]’ leaks here
# 1984|   	child = raw_clone(0, NULL);
# 1985|   	if (child < 0) {
# 1986|-> 		close(pipefd[0]);
# 1987|   		close(pipefd[1]);
# 1988|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def926]
criu-4.1.1/criu/util.c:1986:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[1]’
criu-4.1.1/criu/util.c:1971:5: enter_function: entry to ‘run_command’
criu-4.1.1/criu/util.c:1981:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1984:17: branch_false: ...to here
criu-4.1.1/criu/util.c:1984:17: call_function: calling ‘raw_clone’ from ‘run_command’
criu-4.1.1/criu/util.c:1984:17: return_function: returning to ‘run_command’ from ‘raw_clone’
criu-4.1.1/criu/util.c:1985:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:1986:17: branch_true: ...to here
criu-4.1.1/criu/util.c:1986:17: danger: ‘pipefd[1]’ leaks here
# 1984|   	child = raw_clone(0, NULL);
# 1985|   	if (child < 0) {
# 1986|-> 		close(pipefd[0]);
# 1987|   		close(pipefd[1]);
# 1988|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def927]
criu-4.1.1/criu/util.c:1987:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[1]’
criu-4.1.1/criu/util.c:1971:5: enter_function: entry to ‘run_command’
criu-4.1.1/criu/util.c:1981:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1984:17: branch_false: ...to here
criu-4.1.1/criu/util.c:1984:17: call_function: calling ‘raw_clone’ from ‘run_command’
criu-4.1.1/criu/util.c:1984:17: return_function: returning to ‘run_command’ from ‘raw_clone’
criu-4.1.1/criu/util.c:1985:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:1986:17: branch_true: ...to here
criu-4.1.1/criu/util.c:1987:17: danger: ‘pipefd[1]’ leaks here
# 1985|   	if (child < 0) {
# 1986|   		close(pipefd[0]);
# 1987|-> 		close(pipefd[1]);
# 1988|   		return -1;
# 1989|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def928]
criu-4.1.1/criu/util.c:1993:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[0]’
criu-4.1.1/criu/util.c:1971:5: enter_function: entry to ‘run_command’
criu-4.1.1/criu/util.c:1981:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1984:17: branch_false: ...to here
criu-4.1.1/criu/util.c:1984:17: call_function: calling ‘raw_clone’ from ‘run_command’
criu-4.1.1/criu/util.c:1984:17: return_function: returning to ‘run_command’ from ‘raw_clone’
criu-4.1.1/criu/util.c:1985:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1991:12: branch_false: ...to here
criu-4.1.1/criu/util.c:1991:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:1993:17: branch_true: ...to here
criu-4.1.1/criu/util.c:1993:17: danger: ‘pipefd[0]’ leaks here
# 1991|   	if (child == 0) {
# 1992|   		/* Close the read-end of the pipe. */
# 1993|-> 		close(pipefd[0]);
# 1994|   
# 1995|   		/* Redirect std{err,out} to write-end of the

Error: GCC_ANALYZER_WARNING (CWE-775): [#def929]
criu-4.1.1/criu/util.c:1993:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[1]’
criu-4.1.1/criu/util.c:1971:5: enter_function: entry to ‘run_command’
criu-4.1.1/criu/util.c:1981:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1984:17: branch_false: ...to here
criu-4.1.1/criu/util.c:1984:17: call_function: calling ‘raw_clone’ from ‘run_command’
criu-4.1.1/criu/util.c:1984:17: return_function: returning to ‘run_command’ from ‘raw_clone’
criu-4.1.1/criu/util.c:1985:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1991:12: branch_false: ...to here
criu-4.1.1/criu/util.c:1991:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:1993:17: branch_true: ...to here
criu-4.1.1/criu/util.c:1993:17: danger: ‘pipefd[1]’ leaks here
# 1991|   	if (child == 0) {
# 1992|   		/* Close the read-end of the pipe. */
# 1993|-> 		close(pipefd[0]);
# 1994|   
# 1995|   		/* Redirect std{err,out} to write-end of the

Error: GCC_ANALYZER_WARNING (CWE-775): [#def930]
criu-4.1.1/criu/util.c:2003:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[1]’
criu-4.1.1/criu/util.c:1971:5: enter_function: entry to ‘run_command’
criu-4.1.1/criu/util.c:1981:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1984:17: branch_false: ...to here
criu-4.1.1/criu/util.c:1984:17: call_function: calling ‘raw_clone’ from ‘run_command’
criu-4.1.1/criu/util.c:1984:17: return_function: returning to ‘run_command’ from ‘raw_clone’
criu-4.1.1/criu/util.c:1985:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1991:12: branch_false: ...to here
criu-4.1.1/criu/util.c:1991:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:1993:17: branch_true: ...to here
criu-4.1.1/criu/util.c:1999:20: branch_false: following ‘false’ branch (when ‘ret < 0’)...
criu-4.1.1/criu/util.c:2003:17: branch_false: ...to here
criu-4.1.1/criu/util.c:2003:17: danger: ‘pipefd[1]’ leaks here
# 2001|   
# 2002|   		/* Close the write-end of the pipe. */
# 2003|-> 		close(pipefd[1]);
# 2004|   
# 2005|   		if (ret < 0)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def931]
criu-4.1.1/criu/util.c:2003:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘ret’
criu-4.1.1/criu/util.c:1971:5: enter_function: entry to ‘run_command’
criu-4.1.1/criu/util.c:1981:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1984:17: branch_false: ...to here
criu-4.1.1/criu/util.c:1984:17: call_function: calling ‘raw_clone’ from ‘run_command’
criu-4.1.1/criu/util.c:1984:17: return_function: returning to ‘run_command’ from ‘raw_clone’
criu-4.1.1/criu/util.c:1985:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1991:12: branch_false: ...to here
criu-4.1.1/criu/util.c:1991:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:1993:17: branch_true: ...to here
criu-4.1.1/criu/util.c:1999:20: branch_true: following ‘true’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/util.c:2000:31: branch_true: ...to here
criu-4.1.1/criu/util.c:2000:31: acquire_resource: opened here
criu-4.1.1/criu/util.c:2003:17: danger: ‘ret’ leaks here; was opened at [(18)](sarif:/runs/0/results/51/codeFlows/0/threadFlows/0/locations/17)
# 2001|   
# 2002|   		/* Close the write-end of the pipe. */
# 2003|-> 		close(pipefd[1]);
# 2004|   
# 2005|   		if (ret < 0)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def932]
criu-4.1.1/criu/util.c:2009:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘ret’
criu-4.1.1/criu/util.c:1971:5: enter_function: entry to ‘run_command’
criu-4.1.1/criu/util.c:1981:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1984:17: branch_false: ...to here
criu-4.1.1/criu/util.c:1984:17: call_function: calling ‘raw_clone’ from ‘run_command’
criu-4.1.1/criu/util.c:1984:17: return_function: returning to ‘run_command’ from ‘raw_clone’
criu-4.1.1/criu/util.c:1985:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1991:12: branch_false: ...to here
criu-4.1.1/criu/util.c:1991:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/util.c:1993:17: branch_true: ...to here
criu-4.1.1/criu/util.c:1999:20: branch_true: following ‘true’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/util.c:2000:31: branch_true: ...to here
criu-4.1.1/criu/util.c:2000:31: acquire_resource: opened here
criu-4.1.1/criu/util.c:2005:20: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/criu/util.c:2009:17: branch_false: ...to here
criu-4.1.1/criu/util.c:2009:17: danger: ‘ret’ leaks here; was opened at [(18)](sarif:/runs/0/results/53/codeFlows/0/threadFlows/0/locations/17)
# 2007|   
# 2008|   		/* Does not return. */
# 2009|-> 		child_fn(args);
# 2010|   		_exit(EXIT_FAILURE);
# 2011|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def933]
criu-4.1.1/criu/util.c:2014:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[0]’
criu-4.1.1/criu/util.c:1971:5: enter_function: entry to ‘run_command’
criu-4.1.1/criu/util.c:1981:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1984:17: branch_false: ...to here
criu-4.1.1/criu/util.c:1984:17: call_function: calling ‘raw_clone’ from ‘run_command’
criu-4.1.1/criu/util.c:1984:17: return_function: returning to ‘run_command’ from ‘raw_clone’
criu-4.1.1/criu/util.c:1985:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1991:12: branch_false: ...to here
criu-4.1.1/criu/util.c:1991:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:2014:9: branch_false: ...to here
criu-4.1.1/criu/util.c:2014:9: danger: ‘pipefd[0]’ leaks here
# 2012|   
# 2013|   	/* close the write-end of the pipe */
# 2014|-> 	close(pipefd[1]);
# 2015|   
# 2016|   	if (buf && buf_size > 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def934]
criu-4.1.1/criu/util.c:2014:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[1]’
criu-4.1.1/criu/util.c:1971:5: enter_function: entry to ‘run_command’
criu-4.1.1/criu/util.c:1981:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1984:17: branch_false: ...to here
criu-4.1.1/criu/util.c:1984:17: call_function: calling ‘raw_clone’ from ‘run_command’
criu-4.1.1/criu/util.c:1984:17: return_function: returning to ‘run_command’ from ‘raw_clone’
criu-4.1.1/criu/util.c:1985:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1991:12: branch_false: ...to here
criu-4.1.1/criu/util.c:1991:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:2014:9: branch_false: ...to here
criu-4.1.1/criu/util.c:2014:9: danger: ‘pipefd[1]’ leaks here
# 2012|   
# 2013|   	/* close the write-end of the pipe */
# 2014|-> 	close(pipefd[1]);
# 2015|   
# 2016|   	if (buf && buf_size > 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def935]
criu-4.1.1/criu/util.c:2025:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipefd[0]’
criu-4.1.1/criu/util.c:1971:5: enter_function: entry to ‘run_command’
criu-4.1.1/criu/util.c:1981:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1984:17: branch_false: ...to here
criu-4.1.1/criu/util.c:1984:17: call_function: calling ‘raw_clone’ from ‘run_command’
criu-4.1.1/criu/util.c:1984:17: return_function: returning to ‘run_command’ from ‘raw_clone’
criu-4.1.1/criu/util.c:1985:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:1991:12: branch_false: ...to here
criu-4.1.1/criu/util.c:1991:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/util.c:2014:9: branch_false: ...to here
criu-4.1.1/criu/util.c:2025:9: danger: ‘pipefd[0]’ leaks here
# 2023|   
# 2024|   	/* close the read-end of the pipe */
# 2025|-> 	close(pipefd[0]);
# 2026|   
# 2027|   	return fret;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def936]
criu-4.1.1/criu/vdso.c:155:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/vdso.c:132:12: branch_false: following ‘false’ branch (when ‘rt_vdso_marked’ is non-NULL)...
criu-4.1.1/criu/vdso.c:139:9: branch_false: ...to here
criu-4.1.1/criu/vdso.c:147:9: branch_true: following ‘true’ branch (when ‘vma != vma_area_list’)...
criu-4.1.1/criu/vdso.c:148:21: branch_true: ...to here
criu-4.1.1/criu/vdso.c:155:25: branch_false: following ‘false’ branch (when ‘rt_vvar_marked’ is NULL)...
criu-4.1.1/criu/vdso.c:156:29: branch_false: ...to here
criu-4.1.1/criu/vdso.c:147:9: branch_true: following ‘true’ branch (when ‘vma != vma_area_list’)...
criu-4.1.1/criu/vdso.c:148:21: branch_true: ...to here
criu-4.1.1/criu/vdso.c:155:25: danger: dereference of NULL ‘0’
#  153|   			pr_debug("vdso: Restore orig VVAR status at %lx\n", (long)vma->e->start);
#  154|   		} else if (addr->rt_vvar != VVAR_BAD_ADDR && addr->rt_vvar == vma->e->start) {
#  155|-> 			BUG_ON(rt_vvar_marked);
#  156|   			if (not_vvar_or_vdso(vma)) {
#  157|   				pr_warn("Mark in rt-vdso points to vma, that doesn't look like vvar - skipping unmap\n");

Error: GCC_ANALYZER_WARNING (CWE-476): [#def937]
criu-4.1.1/criu/vdso.c:272:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/vdso.c:267:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:270:18: branch_false: ...to here
criu-4.1.1/criu/vdso.c:271:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/vdso.c:272:17: branch_true: ...to here
criu-4.1.1/criu/vdso.c:272:17: branch_true: following ‘true’ branch...
criu-4.1.1/criu/vdso.c:272:17: branch_true: ...to here
criu-4.1.1/criu/vdso.c:272:17: danger: dereference of NULL ‘0’
#  270|   	vcheck = get_vdso_check_type(ctl);
#  271|   	if (vcheck == VDSO_CHECK_PFN) {
#  272|-> 		BUG_ON(vdso_pfn == VDSO_BAD_PFN);
#  273|   		fd = open_proc(pid, "pagemap");
#  274|   		if (fd < 0)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def938]
criu-4.1.1/criu/vdso.c:304:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
criu-4.1.1/criu/vdso.c:425:12: enter_function: entry to ‘vdso_mmap_compat’
criu-4.1.1/criu/vdso.c:431:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:436:15: branch_false: ...to here
criu-4.1.1/criu/vdso.c:437:12: branch_false: following ‘false’ branch (when ‘pid != 0’)...
criu-4.1.1/criu/vdso.c:448:13: branch_false: ...to here
criu-4.1.1/criu/vdso.c:448:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:452:9: branch_false: ...to here
criu-4.1.1/criu/vdso.c:454:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:459:14: branch_false: ...to here
criu-4.1.1/criu/vdso.c:459:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:464:13: branch_false: ...to here
criu-4.1.1/criu/vdso.c:464:13: call_function: calling ‘vdso_parse_maps’ from ‘vdso_mmap_compat’
#  302|   	*s = (struct vdso_maps)VDSO_MAPS_INIT;
#  303|   
#  304|-> 	f.fd = open_proc(pid, "maps");
#  305|   	if (f.fd < 0)
#  306|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def939]
criu-4.1.1/criu/vdso.c:308:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
criu-4.1.1/criu/vdso.c:425:12: enter_function: entry to ‘vdso_mmap_compat’
criu-4.1.1/criu/vdso.c:431:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:436:15: branch_false: ...to here
criu-4.1.1/criu/vdso.c:437:12: branch_false: following ‘false’ branch (when ‘pid != 0’)...
criu-4.1.1/criu/vdso.c:448:13: branch_false: ...to here
criu-4.1.1/criu/vdso.c:448:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:452:9: branch_false: ...to here
criu-4.1.1/criu/vdso.c:454:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:459:14: branch_false: ...to here
criu-4.1.1/criu/vdso.c:459:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:464:13: branch_false: ...to here
criu-4.1.1/criu/vdso.c:464:13: call_function: calling ‘vdso_parse_maps’ from ‘vdso_mmap_compat’
#  306|   		return -1;
#  307|   
#  308|-> 	if (bfdopenr(&f))
#  309|   		goto err;
#  310|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def940]
criu-4.1.1/criu/vdso.c:315:23: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
criu-4.1.1/criu/vdso.c:425:12: enter_function: entry to ‘vdso_mmap_compat’
criu-4.1.1/criu/vdso.c:431:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:436:15: branch_false: ...to here
criu-4.1.1/criu/vdso.c:437:12: branch_false: following ‘false’ branch (when ‘pid != 0’)...
criu-4.1.1/criu/vdso.c:448:13: branch_false: ...to here
criu-4.1.1/criu/vdso.c:448:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:452:9: branch_false: ...to here
criu-4.1.1/criu/vdso.c:454:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:459:14: branch_false: ...to here
criu-4.1.1/criu/vdso.c:459:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:464:13: branch_false: ...to here
criu-4.1.1/criu/vdso.c:464:13: call_function: calling ‘vdso_parse_maps’ from ‘vdso_mmap_compat’
#  313|   		char *has_vdso, *has_vvar, *has_vvar_vclock;
#  314|   
#  315|-> 		buf = breadline(&f);
#  316|   		if (buf == NULL)
#  317|   			break;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def941]
criu-4.1.1/criu/vdso.c:337:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
criu-4.1.1/criu/vdso.c:425:12: enter_function: entry to ‘vdso_mmap_compat’
criu-4.1.1/criu/vdso.c:431:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:436:15: branch_false: ...to here
criu-4.1.1/criu/vdso.c:437:12: branch_false: following ‘false’ branch (when ‘pid != 0’)...
criu-4.1.1/criu/vdso.c:448:13: branch_false: ...to here
criu-4.1.1/criu/vdso.c:448:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:452:9: branch_false: ...to here
criu-4.1.1/criu/vdso.c:454:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:459:14: branch_false: ...to here
criu-4.1.1/criu/vdso.c:459:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:464:13: branch_false: ...to here
criu-4.1.1/criu/vdso.c:464:13: call_function: calling ‘vdso_parse_maps’ from ‘vdso_mmap_compat’
#  335|   
#  336|   		if (sscanf(buf, "%lx-%lx", &start, &end) != 2) {
#  337|-> 			pr_err("Can't find vDSO/VVAR bounds\n");
#  338|   			goto err;
#  339|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def942]
criu-4.1.1/criu/vdso.c:343:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
criu-4.1.1/criu/vdso.c:425:12: enter_function: entry to ‘vdso_mmap_compat’
criu-4.1.1/criu/vdso.c:431:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:436:15: branch_false: ...to here
criu-4.1.1/criu/vdso.c:437:12: branch_false: following ‘false’ branch (when ‘pid != 0’)...
criu-4.1.1/criu/vdso.c:448:13: branch_false: ...to here
criu-4.1.1/criu/vdso.c:448:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:452:9: branch_false: ...to here
criu-4.1.1/criu/vdso.c:454:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:459:14: branch_false: ...to here
criu-4.1.1/criu/vdso.c:459:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:464:13: branch_false: ...to here
criu-4.1.1/criu/vdso.c:464:13: call_function: calling ‘vdso_parse_maps’ from ‘vdso_mmap_compat’
#  341|   		if (has_vdso) {
#  342|   			if (s->vdso_start != VDSO_BAD_ADDR) {
#  343|-> 				pr_err("Got second vDSO entry\n");
#  344|   				goto err;
#  345|   			}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def943]
criu-4.1.1/criu/vdso.c:350:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
criu-4.1.1/criu/vdso.c:425:12: enter_function: entry to ‘vdso_mmap_compat’
criu-4.1.1/criu/vdso.c:431:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:436:15: branch_false: ...to here
criu-4.1.1/criu/vdso.c:437:12: branch_false: following ‘false’ branch (when ‘pid != 0’)...
criu-4.1.1/criu/vdso.c:448:13: branch_false: ...to here
criu-4.1.1/criu/vdso.c:448:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:452:9: branch_false: ...to here
criu-4.1.1/criu/vdso.c:454:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:459:14: branch_false: ...to here
criu-4.1.1/criu/vdso.c:459:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:464:13: branch_false: ...to here
criu-4.1.1/criu/vdso.c:464:13: call_function: calling ‘vdso_parse_maps’ from ‘vdso_mmap_compat’
#  348|   		} else if (has_vvar) {
#  349|   			if (s->vvar_start != VVAR_BAD_ADDR) {
#  350|-> 				pr_err("Got second VVAR entry\n");
#  351|   				goto err;
#  352|   			}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def944]
criu-4.1.1/criu/vdso.c:438:21: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[0]’
criu-4.1.1/criu/vdso.c:431:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:436:15: branch_false: ...to here
criu-4.1.1/criu/vdso.c:437:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/vdso.c:438:21: branch_true: ...to here
criu-4.1.1/criu/vdso.c:438:21: danger: ‘fds[0]’ leaks here
#  436|   	pid = fork();
#  437|   	if (pid == 0) {
#  438|-> 		if (close(fds[1])) {
#  439|   			pr_perror("Failed to close pipe");
#  440|   			syscall(__NR_exit, 1);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def945]
criu-4.1.1/criu/vdso.c:438:21: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
criu-4.1.1/criu/vdso.c:431:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:436:15: branch_false: ...to here
criu-4.1.1/criu/vdso.c:437:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/vdso.c:438:21: branch_true: ...to here
criu-4.1.1/criu/vdso.c:438:21: danger: ‘fds[1]’ leaks here
#  436|   	pid = fork();
#  437|   	if (pid == 0) {
#  438|-> 		if (close(fds[1])) {
#  439|   			pr_perror("Failed to close pipe");
#  440|   			syscall(__NR_exit, 1);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def946]
criu-4.1.1/criu/vdso.c:439:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[0]’
criu-4.1.1/criu/vdso.c:431:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:436:15: branch_false: ...to here
criu-4.1.1/criu/vdso.c:437:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/vdso.c:438:21: branch_true: ...to here
criu-4.1.1/criu/vdso.c:438:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/vdso.c:439:25: branch_true: ...to here
criu-4.1.1/criu/vdso.c:439:25: danger: ‘fds[0]’ leaks here
#  437|   	if (pid == 0) {
#  438|   		if (close(fds[1])) {
#  439|-> 			pr_perror("Failed to close pipe");
#  440|   			syscall(__NR_exit, 1);
#  441|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def947]
criu-4.1.1/criu/vdso.c:443:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[0]’
criu-4.1.1/criu/vdso.c:431:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:436:15: branch_false: ...to here
criu-4.1.1/criu/vdso.c:437:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/vdso.c:438:21: branch_true: ...to here
criu-4.1.1/criu/vdso.c:443:17: danger: ‘fds[0]’ leaks here
#  441|   		}
#  442|   
#  443|-> 		compat_vdso_helper(native, fds[0], log_get_fd(), vdso_buf, buf_size);
#  444|   
#  445|   		BUG();

Error: GCC_ANALYZER_WARNING (CWE-476): [#def948]
criu-4.1.1/criu/vdso.c:445:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/criu/vdso.c:431:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:436:15: branch_false: ...to here
criu-4.1.1/criu/vdso.c:437:12: branch_true: following ‘true’ branch (when ‘pid == 0’)...
criu-4.1.1/criu/vdso.c:438:21: branch_true: ...to here
criu-4.1.1/criu/vdso.c:445:17: danger: dereference of NULL ‘0’
#  443|   		compat_vdso_helper(native, fds[0], log_get_fd(), vdso_buf, buf_size);
#  444|   
#  445|-> 		BUG();
#  446|   	}
#  447|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def949]
criu-4.1.1/criu/vdso.c:448:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[0]’
criu-4.1.1/criu/vdso.c:431:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:436:15: branch_false: ...to here
criu-4.1.1/criu/vdso.c:437:12: branch_false: following ‘false’ branch (when ‘pid != 0’)...
criu-4.1.1/criu/vdso.c:448:13: branch_false: ...to here
criu-4.1.1/criu/vdso.c:448:13: danger: ‘fds[0]’ leaks here
#  446|   	}
#  447|   
#  448|-> 	if (close(fds[0])) {
#  449|   		pr_perror("Failed to close pipe");
#  450|   		goto out_kill;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def950]
criu-4.1.1/criu/vdso.c:448:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
criu-4.1.1/criu/vdso.c:431:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:436:15: branch_false: ...to here
criu-4.1.1/criu/vdso.c:437:12: branch_false: following ‘false’ branch (when ‘pid != 0’)...
criu-4.1.1/criu/vdso.c:448:13: branch_false: ...to here
criu-4.1.1/criu/vdso.c:448:13: danger: ‘fds[1]’ leaks here
#  446|   	}
#  447|   
#  448|-> 	if (close(fds[0])) {
#  449|   		pr_perror("Failed to close pipe");
#  450|   		goto out_kill;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def951]
criu-4.1.1/criu/vdso.c:449:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
criu-4.1.1/criu/vdso.c:431:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:436:15: branch_false: ...to here
criu-4.1.1/criu/vdso.c:437:12: branch_false: following ‘false’ branch (when ‘pid != 0’)...
criu-4.1.1/criu/vdso.c:448:13: branch_false: ...to here
criu-4.1.1/criu/vdso.c:448:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/vdso.c:449:17: branch_true: ...to here
criu-4.1.1/criu/vdso.c:449:17: danger: ‘fds[1]’ leaks here
#  447|   
#  448|   	if (close(fds[0])) {
#  449|-> 		pr_perror("Failed to close pipe");
#  450|   		goto out_kill;
#  451|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def952]
criu-4.1.1/criu/vdso.c:452:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
criu-4.1.1/criu/vdso.c:431:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:436:15: branch_false: ...to here
criu-4.1.1/criu/vdso.c:437:12: branch_false: following ‘false’ branch (when ‘pid != 0’)...
criu-4.1.1/criu/vdso.c:448:13: branch_false: ...to here
criu-4.1.1/criu/vdso.c:448:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:452:9: branch_false: ...to here
criu-4.1.1/criu/vdso.c:452:9: danger: ‘fds[1]’ leaks here
#  450|   		goto out_kill;
#  451|   	}
#  452|-> 	waitpid(pid, &status, WUNTRACED);
#  453|   
#  454|   	if (WIFEXITED(status)) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def953]
criu-4.1.1/criu/vdso.c:455:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
criu-4.1.1/criu/vdso.c:431:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:436:15: branch_false: ...to here
criu-4.1.1/criu/vdso.c:437:12: branch_false: following ‘false’ branch (when ‘pid != 0’)...
criu-4.1.1/criu/vdso.c:448:13: branch_false: ...to here
criu-4.1.1/criu/vdso.c:448:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:452:9: branch_false: ...to here
criu-4.1.1/criu/vdso.c:454:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/vdso.c:455:17: branch_true: ...to here
criu-4.1.1/criu/vdso.c:455:17: danger: ‘fds[1]’ leaks here
#  453|   
#  454|   	if (WIFEXITED(status)) {
#  455|-> 		pr_err("Compat vdso helper exited with %d\n", WEXITSTATUS(status));
#  456|   		goto out_kill;
#  457|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def954]
criu-4.1.1/criu/vdso.c:460:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
criu-4.1.1/criu/vdso.c:431:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:436:15: branch_false: ...to here
criu-4.1.1/criu/vdso.c:437:12: branch_false: following ‘false’ branch (when ‘pid != 0’)...
criu-4.1.1/criu/vdso.c:448:13: branch_false: ...to here
criu-4.1.1/criu/vdso.c:448:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:452:9: branch_false: ...to here
criu-4.1.1/criu/vdso.c:454:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:459:14: branch_false: ...to here
criu-4.1.1/criu/vdso.c:459:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/vdso.c:460:17: branch_true: ...to here
criu-4.1.1/criu/vdso.c:460:17: danger: ‘fds[1]’ leaks here
#  458|   
#  459|   	if (!WIFSTOPPED(status)) {
#  460|-> 		pr_err("Compat vdso helper isn't stopped\n");
#  461|   		goto out_kill;
#  462|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def955]
criu-4.1.1/criu/vdso.c:491:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
criu-4.1.1/criu/vdso.c:431:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/vdso.c:436:15: branch_false: ...to here
criu-4.1.1/criu/vdso.c:437:12: branch_false: following ‘false’ branch (when ‘pid != 0’)...
criu-4.1.1/criu/vdso.c:448:13: branch_false: ...to here
criu-4.1.1/criu/vdso.c:491:13: danger: ‘fds[1]’ leaks here
#  489|   	kill(pid, SIGKILL);
#  490|   out_close:
#  491|-> 	if (close(fds[1]))
#  492|   		pr_perror("Failed to close pipe");
#  493|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def956]
criu-4.1.1/include/common/err.h:31:16: warning[-Wanalyzer-malloc-leak]: leak of ‘fdopendir(do_open_proc(pid, 0, "map_files"))’
criu-4.1.1/criu/proc_parse.c:773:5: enter_function: entry to ‘parse_smaps’
criu-4.1.1/criu/proc_parse.c:788:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:791:13: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:791:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:794:25: acquire_memory: allocated here
criu-4.1.1/criu/proc_parse.c:794:25: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:795:12: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:795:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:804:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:808:20: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:808:20: branch_true: following ‘true’ branch...
criu-4.1.1/criu/proc_parse.c:808:30: branch_true: ...to here
criu-4.1.1/criu/proc_parse.c:808:30: call_function: calling ‘__is_vma_range_fmt’ from ‘parse_smaps’
criu-4.1.1/criu/proc_parse.c:808:30: return_function: returning to ‘parse_smaps’ from ‘__is_vma_range_fmt’
criu-4.1.1/criu/proc_parse.c:808:21: branch_false: following ‘false’ branch...
criu-4.1.1/criu/proc_parse.c:809:30: branch_false: ...to here
criu-4.1.1/criu/proc_parse.c:804:21: call_function: inlined call to ‘IS_ERR’ from ‘parse_smaps’
#   29|   static inline long IS_ERR(const void *ptr)
#   30|   {
#   31|-> 	return IS_ERR_VALUE((unsigned long)ptr);
#   32|   }
#   33|   

Error: CPPCHECK_WARNING (CWE-476): [#def957]
criu-4.1.1/include/common/lock.h:82: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#   80|   {
#   81|   	atomic_set(&f->raw, (int)v);
#   82|-> 	LOCK_BUG_ON(sys_futex((uint32_t *)&f->raw.counter, FUTEX_WAKE, INT_MAX, NULL, NULL, 0) < 0);
#   83|   }
#   84|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def958]
criu-4.1.1/include/common/lock.h:82:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/compel/plugins/std/infect.c:151:38: enter_function: entry to ‘parasite_init_daemon’
criu-4.1.1/compel/plugins/std/infect.c:187:9: call_function: calling ‘futex_set_and_wake’ from ‘parasite_init_daemon’
#   80|   {
#   81|   	atomic_set(&f->raw, (int)v);
#   82|-> 	LOCK_BUG_ON(sys_futex((uint32_t *)&f->raw.counter, FUTEX_WAKE, INT_MAX, NULL, NULL, 0) < 0);
#   83|   }
#   84|   

Error: CPPCHECK_WARNING (CWE-476): [#def959]
criu-4.1.1/include/common/lock.h:88: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#   86|   static inline void futex_wake(futex_t *f)
#   87|   {
#   88|-> 	LOCK_BUG_ON(sys_futex((uint32_t *)&f->raw.counter, FUTEX_WAKE, INT_MAX, NULL, NULL, 0) < 0);
#   89|   }
#   90|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def960]
criu-4.1.1/include/common/lock.h:88:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/include/common/lock.h:88:9: branch_true: following ‘true’ branch...
criu-4.1.1/include/common/lock.h:88:9: branch_true: ...to here
criu-4.1.1/include/common/lock.h:88:9: danger: dereference of NULL ‘0’
#   86|   static inline void futex_wake(futex_t *f)
#   87|   {
#   88|-> 	LOCK_BUG_ON(sys_futex((uint32_t *)&f->raw.counter, FUTEX_WAKE, INT_MAX, NULL, NULL, 0) < 0);
#   89|   }
#   90|   

Error: CPPCHECK_WARNING (CWE-476): [#def961]
criu-4.1.1/include/common/lock.h:102: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#  100|   {
#  101|   	atomic_dec(&f->raw);
#  102|-> 	LOCK_BUG_ON(sys_futex((uint32_t *)&f->raw.counter, FUTEX_WAKE, INT_MAX, NULL, NULL, 0) < 0);
#  103|   }
#  104|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def962]
criu-4.1.1/include/common/lock.h:102:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/include/common/lock.h:102:9: branch_true: following ‘true’ branch...
criu-4.1.1/include/common/lock.h:102:9: branch_true: ...to here
criu-4.1.1/include/common/lock.h:102:9: danger: dereference of NULL ‘0’
#  100|   {
#  101|   	atomic_dec(&f->raw);
#  102|-> 	LOCK_BUG_ON(sys_futex((uint32_t *)&f->raw.counter, FUTEX_WAKE, INT_MAX, NULL, NULL, 0) < 0);
#  103|   }
#  104|   

Error: CPPCHECK_WARNING (CWE-476): [#def963]
criu-4.1.1/include/common/lock.h:109: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#  107|   {
#  108|   	atomic_inc(&f->raw);
#  109|-> 	LOCK_BUG_ON(sys_futex((uint32_t *)&f->raw.counter, FUTEX_WAKE, INT_MAX, NULL, NULL, 0) < 0);
#  110|   }
#  111|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def964]
criu-4.1.1/include/common/lock.h:109:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/include/common/lock.h:109:9: branch_true: following ‘true’ branch...
criu-4.1.1/include/common/lock.h:109:9: branch_true: ...to here
criu-4.1.1/include/common/lock.h:109:9: danger: dereference of NULL ‘0’
#  107|   {
#  108|   	atomic_inc(&f->raw);
#  109|-> 	LOCK_BUG_ON(sys_futex((uint32_t *)&f->raw.counter, FUTEX_WAKE, INT_MAX, NULL, NULL, 0) < 0);
#  110|   }
#  111|   

Error: CPPCHECK_WARNING (CWE-476): [#def965]
criu-4.1.1/include/common/lock.h:141: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#  139|   	while ((uint32_t)atomic_read(&f->raw) == v) {
#  140|   		int ret = sys_futex((uint32_t *)&f->raw.counter, FUTEX_WAIT, v, NULL, NULL, 0);
#  141|-> 		LOCK_BUG_ON(ret < 0 && ret != -EWOULDBLOCK);
#  142|   	}
#  143|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def966]
criu-4.1.1/include/common/lock.h:141:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/include/common/lock.h:139:16: branch_true: following ‘true’ branch...
criu-4.1.1/include/common/lock.h:140:49: branch_true: ...to here
criu-4.1.1/include/common/lock.h:141:17: danger: dereference of NULL ‘0’
#  139|   	while ((uint32_t)atomic_read(&f->raw) == v) {
#  140|   		int ret = sys_futex((uint32_t *)&f->raw.counter, FUTEX_WAIT, v, NULL, NULL, 0);
#  141|-> 		LOCK_BUG_ON(ret < 0 && ret != -EWOULDBLOCK);
#  142|   	}
#  143|   }

Error: CPPCHECK_WARNING (CWE-476): [#def967]
criu-4.1.1/include/common/lock.h:162: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#  160|   	while ((c = (uint32_t)atomic_inc_return(&m->raw)) != 1) {
#  161|   		ret = sys_futex((uint32_t *)&m->raw.counter, FUTEX_WAIT, c, NULL, NULL, 0);
#  162|-> 		LOCK_BUG_ON(ret < 0 && ret != -EWOULDBLOCK);
#  163|   	}
#  164|   }

Error: GCC_ANALYZER_WARNING (CWE-476): [#def968]
criu-4.1.1/include/common/lock.h:162:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/include/common/lock.h:160:16: branch_true: following ‘true’ branch (when ‘c != 1’)...
criu-4.1.1/include/common/lock.h:161:45: branch_true: ...to here
criu-4.1.1/include/common/lock.h:162:17: danger: dereference of NULL ‘0’
#  160|   	while ((c = (uint32_t)atomic_inc_return(&m->raw)) != 1) {
#  161|   		ret = sys_futex((uint32_t *)&m->raw.counter, FUTEX_WAIT, c, NULL, NULL, 0);
#  162|-> 		LOCK_BUG_ON(ret < 0 && ret != -EWOULDBLOCK);
#  163|   	}
#  164|   }

Error: CPPCHECK_WARNING (CWE-476): [#def969]
criu-4.1.1/include/common/lock.h:175: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#  173|   	uint32_t c = 0;
#  174|   	atomic_set(&m->raw, (int)c);
#  175|-> 	LOCK_BUG_ON(sys_futex((uint32_t *)&m->raw.counter, FUTEX_WAKE, 1, NULL, NULL, 0) < 0);
#  176|   }
#  177|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def970]
criu-4.1.1/include/common/lock.h:175:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/include/common/lock.h:175:9: branch_true: following ‘true’ branch...
criu-4.1.1/include/common/lock.h:175:9: branch_true: ...to here
criu-4.1.1/include/common/lock.h:175:9: danger: dereference of NULL ‘0’
#  173|   	uint32_t c = 0;
#  174|   	atomic_set(&m->raw, (int)c);
#  175|-> 	LOCK_BUG_ON(sys_futex((uint32_t *)&m->raw.counter, FUTEX_WAKE, 1, NULL, NULL, 0) < 0);
#  176|   }
#  177|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def971]
criu-4.1.1/include/common/scm-code.c:13:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘cmsg’
criu-4.1.1/include/common/scm-code.c:48:5: enter_function: entry to ‘send_fds’
criu-4.1.1/include/common/scm-code.c:56:21: branch_true: following ‘true’ branch (when ‘i < nr_fds’)...
criu-4.1.1/include/common/scm-code.c:57:26: branch_true: ...to here
criu-4.1.1/include/common/scm-code.c:58:17: call_function: inlined call to ‘scm_fdset_init_chunk’ from ‘send_fds’
#   11|   
#   12|   	cmsg = CMSG_FIRSTHDR(&fdset->hdr);
#   13|-> 	cmsg->cmsg_len = fdset->hdr.msg_controllen;
#   14|   
#   15|   	if (data) {

Error: CPPCHECK_WARNING (CWE-476): [#def972]
criu-4.1.1/include/common/scm-code.c:106: error[nullPointer]: Null pointer dereference: (volatile unsigned long*)NULL
#  104|   		 * sys_write_ helpers. Meawhile opencoded BUG_ON here.
#  105|   		 */
#  106|-> 		BUG_ON(min_fd > CR_SCM_MAX_FD);
#  107|   
#  108|   		if (unlikely(min_fd <= 0))

Error: GCC_ANALYZER_WARNING (CWE-476): [#def973]
criu-4.1.1/include/common/scm-code.c:106:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
criu-4.1.1/include/common/scm-code.c:82:21: branch_true: following ‘true’ branch (when ‘i < nr_fds’)...
criu-4.1.1/include/common/scm-code.c:83:26: branch_true: ...to here
criu-4.1.1/include/common/scm-code.c:87:20: branch_false: following ‘false’ branch (when ‘ret > 0’)...
criu-4.1.1/include/common/scm-code.c:90:24: branch_false: ...to here
criu-4.1.1/include/common/scm-code.c:90:24: branch_true: following ‘true’ branch...
criu-4.1.1/include/common/scm-code.c:90:17: branch_true: ...to here
criu-4.1.1/include/common/scm-code.c:91:20: branch_false: following ‘false’ branch...
criu-4.1.1/include/common/scm-code.c:93:20: branch_false: following ‘false’ branch...
criu-4.1.1/include/common/scm-code.c:96:27: branch_false: ...to here
criu-4.1.1/include/common/scm-code.c:106:17: danger: dereference of NULL ‘0’
#  104|   		 * sys_write_ helpers. Meawhile opencoded BUG_ON here.
#  105|   		 */
#  106|-> 		BUG_ON(min_fd > CR_SCM_MAX_FD);
#  107|   
#  108|   		if (unlikely(min_fd <= 0))

Error: GCC_ANALYZER_WARNING (CWE-775): [#def974]
criu-4.1.1/include/common/scm.h:39:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[0]’
criu-4.1.1/criu/img-streamer.c:169:12: enter_function: entry to ‘establish_streamer_file_pipe’
criu-4.1.1/criu/img-streamer.c:181:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:186:13: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:186:13: call_function: inlined call to ‘send_fd’ from ‘establish_streamer_file_pipe’
#   37|   static inline int send_fd(int sock, struct sockaddr_un *saddr, int saddr_len, int fd)
#   38|   {
#   39|-> 	return send_fds(sock, saddr, saddr_len, &fd, 1, NULL, 0);
#   40|   }
#   41|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def975]
criu-4.1.1/include/common/scm.h:39:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[1]’
criu-4.1.1/criu/img-streamer.c:169:12: enter_function: entry to ‘establish_streamer_file_pipe’
criu-4.1.1/criu/img-streamer.c:181:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:186:13: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:186:13: call_function: inlined call to ‘send_fd’ from ‘establish_streamer_file_pipe’
#   37|   static inline int send_fd(int sock, struct sockaddr_un *saddr, int saddr_len, int fd)
#   38|   {
#   39|-> 	return send_fds(sock, saddr, saddr_len, &fd, 1, NULL, 0);
#   40|   }
#   41|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def976]
criu-4.1.1/include/common/scm.h:39:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fds[criu_pipe_direction]’
criu-4.1.1/criu/img-streamer.c:196:12: enter_function: entry to ‘_img_streamer_open’
criu-4.1.1/criu/img-streamer.c:198:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:201:13: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:201:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/img-streamer.c:204:21: branch_true: ...to here
criu-4.1.1/criu/img-streamer.c:204:21: call_function: calling ‘recv_file_reply’ from ‘_img_streamer_open’
criu-4.1.1/criu/img-streamer.c:204:21: return_function: returning to ‘_img_streamer_open’ from ‘recv_file_reply’
criu-4.1.1/criu/img-streamer.c:204:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:207:21: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:207:20: branch_true: following ‘true’ branch...
 branch_true: ...to here
criu-4.1.1/criu/img-streamer.c:219:16: call_function: calling ‘establish_streamer_file_pipe’ from ‘_img_streamer_open’
#   37|   static inline int send_fd(int sock, struct sockaddr_un *saddr, int saddr_len, int fd)
#   38|   {
#   39|-> 	return send_fds(sock, saddr, saddr_len, &fd, 1, NULL, 0);
#   40|   }
#   41|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def977]
criu-4.1.1/include/common/scm.h:39:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
criu-4.1.1/criu/img-streamer.c:196:12: enter_function: entry to ‘_img_streamer_open’
criu-4.1.1/criu/img-streamer.c:198:12: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:201:13: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:201:12: branch_true: following ‘true’ branch...
criu-4.1.1/criu/img-streamer.c:204:21: branch_true: ...to here
criu-4.1.1/criu/img-streamer.c:204:21: call_function: calling ‘recv_file_reply’ from ‘_img_streamer_open’
criu-4.1.1/criu/img-streamer.c:204:21: return_function: returning to ‘_img_streamer_open’ from ‘recv_file_reply’
criu-4.1.1/criu/img-streamer.c:204:20: branch_false: following ‘false’ branch...
criu-4.1.1/criu/img-streamer.c:207:21: branch_false: ...to here
criu-4.1.1/criu/img-streamer.c:207:20: branch_true: following ‘true’ branch...
 branch_true: ...to here
criu-4.1.1/criu/img-streamer.c:219:16: call_function: calling ‘establish_streamer_file_pipe’ from ‘_img_streamer_open’
#   37|   static inline int send_fd(int sock, struct sockaddr_un *saddr, int saddr_len, int fd)
#   38|   {
#   39|-> 	return send_fds(sock, saddr, saddr_len, &fd, 1, NULL, 0);
#   40|   }
#   41|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def978]
criu-4.1.1/lib/c/criu.c:263:9: warning[-Wanalyzer-malloc-leak]: leak of ‘rpc’
criu-4.1.1/lib/c/criu.c:290:5: enter_function: entry to ‘criu_init_opts’
criu-4.1.1/lib/c/criu.c:292:16: call_function: calling ‘criu_local_init_opts’ from ‘criu_init_opts’
#  261|   	}
#  262|   
#  263|-> 	criu_opts__init(rpc);
#  264|   
#  265|   	opts = malloc(sizeof(criu_opts));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def979]
criu-4.1.1/lib/c/criu.c:280:17: warning[-Wanalyzer-malloc-leak]: leak of ‘opts’
criu-4.1.1/lib/c/criu.c:290:5: enter_function: entry to ‘criu_init_opts’
criu-4.1.1/lib/c/criu.c:292:16: call_function: calling ‘criu_local_init_opts’ from ‘criu_init_opts’
#  278|   
#  279|   	if (opts->service_binary == NULL) {
#  280|-> 		perror("Can't allocate memory for criu service setting");
#  281|   		criu_local_free_opts(opts);
#  282|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def980]
criu-4.1.1/lib/c/criu.c:467:9: warning[-Wanalyzer-malloc-leak]: leak of ‘u’
criu-4.1.1/lib/c/criu.c:456:13: branch_false: following ‘false’ branch...
criu-4.1.1/lib/c/criu.c:464:13: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:464:13: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:465:12: branch_false: following ‘false’ branch (when ‘u’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:467:9: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:467:9: danger: ‘u’ leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  465|   	if (!u)
#  466|   		goto er;
#  467|-> 	unix_sk__init(u);
#  468|   
#  469|   	u->inode = inode;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def981]
criu-4.1.1/lib/c/criu.c:772:33: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
criu-4.1.1/lib/c/criu.c:785:5: enter_function: entry to ‘criu_set_exec_cmd’
criu-4.1.1/lib/c/criu.c:787:16: call_function: calling ‘criu_local_set_exec_cmd’ from ‘criu_set_exec_cmd’
#  770|   				while (i > 0)
#  771|   					free(opts->rpc->exec_cmd[i--]);
#  772|-> 				free(opts->rpc->exec_cmd);
#  773|   				opts->rpc->n_exec_cmd = 0;
#  774|   				opts->rpc->exec_cmd = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def982]
criu-4.1.1/lib/c/criu.c:798:9: warning[-Wanalyzer-malloc-leak]: leak of ‘m’
criu-4.1.1/lib/c/criu.c:795:13: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:796:12: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:798:9: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:798:9: danger: ‘m’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  796|   	if (!m)
#  797|   		goto er;
#  798|-> 	ext_mount_map__init(m);
#  799|   
#  800|   	m->key = strdup(key);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def983]
criu-4.1.1/lib/c/criu.c:840:9: warning[-Wanalyzer-malloc-leak]: leak of ‘root’
criu-4.1.1/lib/c/criu.c:837:16: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:838:12: branch_false: following ‘false’ branch (when ‘root’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:840:9: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:840:9: danger: ‘root’ leaks here; was allocated at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#  838|   	if (!root)
#  839|   		goto er;
#  840|-> 	cgroup_root__init(root);
#  841|   
#  842|   	if (ctrl) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def984]
criu-4.1.1/lib/c/criu.c:886:9: warning[-Wanalyzer-malloc-leak]: leak of ‘p’
criu-4.1.1/lib/c/criu.c:883:13: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:884:12: branch_false: following ‘false’ branch (when ‘p’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:886:9: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:886:9: danger: ‘p’ leaks here; was allocated at [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0)
#  884|   	if (!p)
#  885|   		goto er;
#  886|-> 	criu_veth_pair__init(p);
#  887|   
#  888|   	p->if_in = strdup(in);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def985]
criu-4.1.1/lib/c/criu.c:1111:9: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
criu-4.1.1/lib/c/criu.c:1105:12: branch_false: following ‘false’ branch...
criu-4.1.1/lib/c/criu.c:1108:13: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1108:13: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:1109:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1111:9: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1111:9: danger: ‘f’ leaks here; was allocated at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
# 1109|   	if (!f)
# 1110|   		goto er;
# 1111|-> 	inherit_fd__init(f);
# 1112|   
# 1113|   	f->fd = fd;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def986]
criu-4.1.1/lib/c/criu.c:1176:20: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(address)’
criu-4.1.1/lib/c/criu.c:1190:5: enter_function: entry to ‘criu_set_page_server_address_port’
criu-4.1.1/lib/c/criu.c:1192:16: call_function: calling ‘criu_local_set_page_server_address_port’ from ‘criu_set_page_server_address_port’
# 1174|   
# 1175|   		opts->rpc->ps->address = strdup(address);
# 1176|-> 		if (!opts->rpc->ps->address) {
# 1177|   			free(opts->rpc->ps);
# 1178|   			opts->rpc->ps = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def987]
criu-4.1.1/lib/c/criu.c:1242:15: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
criu-4.1.1/lib/c/criu.c:1218:12: branch_false: following ‘false’ branch (when ‘len != -1’)...
criu-4.1.1/lib/c/criu.c:1229:22: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1229:15: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:1230:12: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1236:9: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1242:15: danger: ‘buf’ leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
# 1240|   	msg_hdr.msg_control = buf + len;
# 1241|   	msg_hdr.msg_controllen = cmsg_len;
# 1242|-> 	len = recvmsg(socket_fd, &msg_hdr, MSG_TRUNC);
# 1243|   
# 1244|   	if (len == -1) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def988]
criu-4.1.1/lib/c/criu.c:1302:13: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
criu-4.1.1/lib/c/criu.c:1295:15: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:1296:12: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1302:13: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1302:13: danger: ‘buf’ leaks here; was allocated at [(1)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/0)
# 1300|   	}
# 1301|   
# 1302|-> 	if (criu_req__pack(req, buf) != len) {
# 1303|   		perror("Failed packing request");
# 1304|   		goto err;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def989]
criu-4.1.1/lib/c/criu.c:1447:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
criu-4.1.1/lib/c/criu.c:1434:14: acquire_resource: socket created here
criu-4.1.1/lib/c/criu.c:1435:12: branch_false: following ‘false’ branch (when ‘fd >= 0’)...
criu-4.1.1/lib/c/criu.c:1441:9: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1445:12: branch_true: following ‘true’ branch (when ‘addr_len > 107’)...
criu-4.1.1/lib/c/criu.c:1446:17: branch_true: ...to here
criu-4.1.1/lib/c/criu.c:1447:17: danger: ‘fd’ leaks here
# 1445|   	if (addr_len >= sizeof(addr.sun_path)) {
# 1446|   		fprintf(stderr, "The service address %s is too long", opts->service_address);
# 1447|-> 		close(fd);
# 1448|   		return -1;
# 1449|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def990]
criu-4.1.1/lib/c/criu.c:1454:15: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
criu-4.1.1/lib/c/criu.c:1434:14: acquire_resource: socket created here
criu-4.1.1/lib/c/criu.c:1435:12: branch_false: following ‘false’ branch (when ‘fd >= 0’)...
criu-4.1.1/lib/c/criu.c:1441:9: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1445:12: branch_false: following ‘false’ branch (when ‘addr_len <= 107’)...
criu-4.1.1/lib/c/criu.c:1450:9: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1454:15: danger: ‘fd’ leaks here
# 1452|   	addr_len += sizeof(addr.sun_family);
# 1453|   
# 1454|-> 	ret = connect(fd, (struct sockaddr *)&addr, addr_len);
# 1455|   	if (ret < 0) {
# 1456|   		saved_errno = errno;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def991]
criu-4.1.1/lib/c/criu.c:1907:17: warning[-Wanalyzer-malloc-leak]: leak of ‘_ns’
criu-4.1.1/lib/c/criu.c:1889:12: branch_false: following ‘false’ branch (when ‘ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1894:15: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1894:15: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:1895:12: branch_false: following ‘false’ branch (when ‘_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: following ‘false’ branch (when ‘ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1905:20: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1906:12: branch_true: following ‘true’ branch (when ‘_ns_file’ is NULL)...
criu-4.1.1/lib/c/criu.c:1907:17: branch_true: ...to here
criu-4.1.1/lib/c/criu.c:1907:17: danger: ‘_ns’ leaks here; was allocated at [(3)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/2)
# 1905|   	_ns_file = strdup(ns_file);
# 1906|   	if (!_ns_file) {
# 1907|-> 		perror("Can't allocate memory for ns_file");
# 1908|   		goto err;
# 1909|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def992]
criu-4.1.1/lib/c/criu.c:1914:25: warning[-Wanalyzer-malloc-leak]: leak of ‘_ns_file’
criu-4.1.1/lib/c/criu.c:1889:12: branch_false: following ‘false’ branch (when ‘ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1894:15: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1895:12: branch_false: following ‘false’ branch (when ‘_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: following ‘false’ branch (when ‘ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1905:20: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1905:20: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:1906:12: branch_false: following ‘false’ branch (when ‘_ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1911:12: branch_true: following ‘true’ branch (when ‘extra_opt’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1912:30: branch_true: ...to here
criu-4.1.1/lib/c/criu.c:1913:20: branch_true: following ‘true’ branch (when ‘_extra_opt’ is NULL)...
criu-4.1.1/lib/c/criu.c:1914:25: branch_true: ...to here
criu-4.1.1/lib/c/criu.c:1914:25: danger: ‘_ns_file’ leaks here; was allocated at [(7)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/6)
# 1912|   		_extra_opt = strdup(extra_opt);
# 1913|   		if (!_extra_opt) {
# 1914|-> 			perror("Can't allocate memory for extra_opt");
# 1915|   			goto err;
# 1916|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def993]
criu-4.1.1/lib/c/criu.c:1914:25: warning[-Wanalyzer-malloc-leak]: leak of ‘_ns’
criu-4.1.1/lib/c/criu.c:1889:12: branch_false: following ‘false’ branch (when ‘ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1894:15: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1894:15: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:1895:12: branch_false: following ‘false’ branch (when ‘_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: following ‘false’ branch (when ‘ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1905:20: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1906:12: branch_false: following ‘false’ branch (when ‘_ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1911:12: branch_true: following ‘true’ branch (when ‘extra_opt’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1912:30: branch_true: ...to here
criu-4.1.1/lib/c/criu.c:1913:20: branch_true: following ‘true’ branch (when ‘_extra_opt’ is NULL)...
criu-4.1.1/lib/c/criu.c:1914:25: branch_true: ...to here
criu-4.1.1/lib/c/criu.c:1914:25: danger: ‘_ns’ leaks here; was allocated at [(3)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/2)
# 1912|   		_extra_opt = strdup(extra_opt);
# 1913|   		if (!_extra_opt) {
# 1914|-> 			perror("Can't allocate memory for extra_opt");
# 1915|   			goto err;
# 1916|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def994]
criu-4.1.1/lib/c/criu.c:1921:17: warning[-Wanalyzer-malloc-leak]: leak of ‘_extra_opt’
criu-4.1.1/lib/c/criu.c:1889:12: branch_false: following ‘false’ branch (when ‘ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1894:15: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1895:12: branch_false: following ‘false’ branch (when ‘_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: following ‘false’ branch (when ‘ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1905:20: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1906:12: branch_false: following ‘false’ branch (when ‘_ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1911:12: branch_true: following ‘true’ branch (when ‘extra_opt’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1912:30: branch_true: ...to here
criu-4.1.1/lib/c/criu.c:1912:30: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:1913:20: branch_false: following ‘false’ branch (when ‘_extra_opt’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1919:19: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1920:12: branch_true: following ‘true’ branch (when ‘join_ns’ is NULL)...
criu-4.1.1/lib/c/criu.c:1921:17: branch_true: ...to here
criu-4.1.1/lib/c/criu.c:1921:17: danger: ‘_extra_opt’ leaks here; was allocated at [(11)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/10)
# 1919|   	join_ns = malloc(sizeof(JoinNamespace));
# 1920|   	if (!join_ns) {
# 1921|-> 		perror("Can't allocate memory for join_ns");
# 1922|   		goto err;
# 1923|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def995]
criu-4.1.1/lib/c/criu.c:1921:17: warning[-Wanalyzer-malloc-leak]: leak of ‘_ns_file’
criu-4.1.1/lib/c/criu.c:1889:12: branch_false: following ‘false’ branch (when ‘ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1894:15: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1895:12: branch_false: following ‘false’ branch (when ‘_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: following ‘false’ branch (when ‘ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1905:20: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1905:20: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:1906:12: branch_false: following ‘false’ branch (when ‘_ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: following ‘false’ branch (when ‘extra_opt’ is NULL)...
criu-4.1.1/lib/c/criu.c:1919:19: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1920:12: branch_true: following ‘true’ branch (when ‘join_ns’ is NULL)...
criu-4.1.1/lib/c/criu.c:1921:17: branch_true: ...to here
criu-4.1.1/lib/c/criu.c:1921:17: danger: ‘_ns_file’ leaks here; was allocated at [(7)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/6)
# 1919|   	join_ns = malloc(sizeof(JoinNamespace));
# 1920|   	if (!join_ns) {
# 1921|-> 		perror("Can't allocate memory for join_ns");
# 1922|   		goto err;
# 1923|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def996]
criu-4.1.1/lib/c/criu.c:1921:17: warning[-Wanalyzer-malloc-leak]: leak of ‘_ns’
criu-4.1.1/lib/c/criu.c:1889:12: branch_false: following ‘false’ branch (when ‘ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1894:15: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1894:15: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:1895:12: branch_false: following ‘false’ branch (when ‘_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: following ‘false’ branch (when ‘ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1905:20: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1906:12: branch_false: following ‘false’ branch (when ‘_ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: following ‘false’ branch (when ‘extra_opt’ is NULL)...
criu-4.1.1/lib/c/criu.c:1919:19: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1920:12: branch_true: following ‘true’ branch (when ‘join_ns’ is NULL)...
criu-4.1.1/lib/c/criu.c:1921:17: branch_true: ...to here
criu-4.1.1/lib/c/criu.c:1921:17: danger: ‘_ns’ leaks here; was allocated at [(3)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/2)
# 1919|   	join_ns = malloc(sizeof(JoinNamespace));
# 1920|   	if (!join_ns) {
# 1921|-> 		perror("Can't allocate memory for join_ns");
# 1922|   		goto err;
# 1923|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def997]
criu-4.1.1/lib/c/criu.c:1928:17: warning[-Wanalyzer-malloc-leak]: leak of ‘_extra_opt’
criu-4.1.1/lib/c/criu.c:1889:12: branch_false: following ‘false’ branch (when ‘ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1894:15: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1895:12: branch_false: following ‘false’ branch (when ‘_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: following ‘false’ branch (when ‘ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1905:20: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1906:12: branch_false: following ‘false’ branch (when ‘_ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1911:12: branch_true: following ‘true’ branch (when ‘extra_opt’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1912:30: branch_true: ...to here
criu-4.1.1/lib/c/criu.c:1912:30: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:1913:20: branch_false: following ‘false’ branch (when ‘_extra_opt’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1919:19: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1920:12: branch_false: following ‘false’ branch (when ‘join_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1925:21: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1927:12: branch_true: following ‘true’ branch (when ‘join_ns_arr’ is NULL)...
criu-4.1.1/lib/c/criu.c:1928:17: branch_true: ...to here
criu-4.1.1/lib/c/criu.c:1928:17: danger: ‘_extra_opt’ leaks here; was allocated at [(11)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/10)
# 1926|   	join_ns_arr = realloc(opts->rpc->join_ns, n_join_ns * sizeof(join_ns));
# 1927|   	if (!join_ns_arr) {
# 1928|-> 		perror("Can't allocate memory for join_ns_arr");
# 1929|   		goto err;
# 1930|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def998]
criu-4.1.1/lib/c/criu.c:1928:17: warning[-Wanalyzer-malloc-leak]: leak of ‘_ns_file’
criu-4.1.1/lib/c/criu.c:1889:12: branch_false: following ‘false’ branch (when ‘ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1894:15: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1895:12: branch_false: following ‘false’ branch (when ‘_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: following ‘false’ branch (when ‘ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1905:20: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1905:20: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:1906:12: branch_false: following ‘false’ branch (when ‘_ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: following ‘false’ branch (when ‘extra_opt’ is NULL)...
criu-4.1.1/lib/c/criu.c:1919:19: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1920:12: branch_false: following ‘false’ branch (when ‘join_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1925:21: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1927:12: branch_true: following ‘true’ branch (when ‘join_ns_arr’ is NULL)...
criu-4.1.1/lib/c/criu.c:1928:17: branch_true: ...to here
criu-4.1.1/lib/c/criu.c:1928:17: danger: ‘_ns_file’ leaks here; was allocated at [(7)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/6)
# 1926|   	join_ns_arr = realloc(opts->rpc->join_ns, n_join_ns * sizeof(join_ns));
# 1927|   	if (!join_ns_arr) {
# 1928|-> 		perror("Can't allocate memory for join_ns_arr");
# 1929|   		goto err;
# 1930|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def999]
criu-4.1.1/lib/c/criu.c:1928:17: warning[-Wanalyzer-malloc-leak]: leak of ‘_ns’
criu-4.1.1/lib/c/criu.c:1889:12: branch_false: following ‘false’ branch (when ‘ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1894:15: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1894:15: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:1895:12: branch_false: following ‘false’ branch (when ‘_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: following ‘false’ branch (when ‘ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1905:20: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1906:12: branch_false: following ‘false’ branch (when ‘_ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: following ‘false’ branch (when ‘extra_opt’ is NULL)...
criu-4.1.1/lib/c/criu.c:1919:19: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1920:12: branch_false: following ‘false’ branch (when ‘join_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1925:21: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1927:12: branch_true: following ‘true’ branch (when ‘join_ns_arr’ is NULL)...
criu-4.1.1/lib/c/criu.c:1928:17: branch_true: ...to here
criu-4.1.1/lib/c/criu.c:1928:17: danger: ‘_ns’ leaks here; was allocated at [(3)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/2)
# 1926|   	join_ns_arr = realloc(opts->rpc->join_ns, n_join_ns * sizeof(join_ns));
# 1927|   	if (!join_ns_arr) {
# 1928|-> 		perror("Can't allocate memory for join_ns_arr");
# 1929|   		goto err;
# 1930|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1000]
criu-4.1.1/lib/c/criu.c:1928:17: warning[-Wanalyzer-malloc-leak]: leak of ‘join_ns’
criu-4.1.1/lib/c/criu.c:1889:12: branch_false: following ‘false’ branch (when ‘ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1894:15: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1895:12: branch_false: following ‘false’ branch (when ‘_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: following ‘false’ branch (when ‘ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1905:20: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1906:12: branch_false: following ‘false’ branch (when ‘_ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: following ‘false’ branch (when ‘extra_opt’ is NULL)...
criu-4.1.1/lib/c/criu.c:1919:19: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1919:19: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:1920:12: branch_false: following ‘false’ branch (when ‘join_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1925:21: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1927:12: branch_true: following ‘true’ branch (when ‘join_ns_arr’ is NULL)...
criu-4.1.1/lib/c/criu.c:1928:17: branch_true: ...to here
criu-4.1.1/lib/c/criu.c:1928:17: danger: ‘join_ns’ leaks here; was allocated at [(11)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/10)
# 1926|   	join_ns_arr = realloc(opts->rpc->join_ns, n_join_ns * sizeof(join_ns));
# 1927|   	if (!join_ns_arr) {
# 1928|-> 		perror("Can't allocate memory for join_ns_arr");
# 1929|   		goto err;
# 1930|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1001]
criu-4.1.1/lib/c/criu.c:1932:9: warning[-Wanalyzer-malloc-leak]: leak of ‘_extra_opt’
criu-4.1.1/lib/c/criu.c:1889:12: branch_false: following ‘false’ branch (when ‘ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1894:15: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1895:12: branch_false: following ‘false’ branch (when ‘_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: following ‘false’ branch (when ‘ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1905:20: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1906:12: branch_false: following ‘false’ branch (when ‘_ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1911:12: branch_true: following ‘true’ branch (when ‘extra_opt’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1912:30: branch_true: ...to here
criu-4.1.1/lib/c/criu.c:1912:30: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:1913:20: branch_false: following ‘false’ branch (when ‘_extra_opt’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1919:19: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1920:12: branch_false: following ‘false’ branch (when ‘join_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1925:21: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1927:12: branch_false: following ‘false’ branch (when ‘join_ns_arr’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1932:9: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1932:9: danger: ‘_extra_opt’ leaks here; was allocated at [(11)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/10)
# 1930|   	}
# 1931|   
# 1932|-> 	join_namespace__init(join_ns);
# 1933|   	join_ns->ns = _ns;
# 1934|   	join_ns->ns_file = _ns_file;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1002]
criu-4.1.1/lib/c/criu.c:1932:9: warning[-Wanalyzer-malloc-leak]: leak of ‘_ns_file’
criu-4.1.1/lib/c/criu.c:1889:12: branch_false: following ‘false’ branch (when ‘ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1894:15: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1895:12: branch_false: following ‘false’ branch (when ‘_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: following ‘false’ branch (when ‘ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1905:20: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1905:20: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:1906:12: branch_false: following ‘false’ branch (when ‘_ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: following ‘false’ branch (when ‘extra_opt’ is NULL)...
criu-4.1.1/lib/c/criu.c:1919:19: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1920:12: branch_false: following ‘false’ branch (when ‘join_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1925:21: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1927:12: branch_false: following ‘false’ branch (when ‘join_ns_arr’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1932:9: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1932:9: danger: ‘_ns_file’ leaks here; was allocated at [(7)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/6)
# 1930|   	}
# 1931|   
# 1932|-> 	join_namespace__init(join_ns);
# 1933|   	join_ns->ns = _ns;
# 1934|   	join_ns->ns_file = _ns_file;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1003]
criu-4.1.1/lib/c/criu.c:1932:9: warning[-Wanalyzer-malloc-leak]: leak of ‘_ns’
criu-4.1.1/lib/c/criu.c:1889:12: branch_false: following ‘false’ branch (when ‘ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1894:15: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1894:15: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:1895:12: branch_false: following ‘false’ branch (when ‘_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: following ‘false’ branch (when ‘ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1905:20: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1906:12: branch_false: following ‘false’ branch (when ‘_ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: following ‘false’ branch (when ‘extra_opt’ is NULL)...
criu-4.1.1/lib/c/criu.c:1919:19: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1920:12: branch_false: following ‘false’ branch (when ‘join_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1925:21: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1927:12: branch_false: following ‘false’ branch (when ‘join_ns_arr’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1932:9: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1932:9: danger: ‘_ns’ leaks here; was allocated at [(3)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/2)
# 1930|   	}
# 1931|   
# 1932|-> 	join_namespace__init(join_ns);
# 1933|   	join_ns->ns = _ns;
# 1934|   	join_ns->ns_file = _ns_file;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1004]
criu-4.1.1/lib/c/criu.c:1932:9: warning[-Wanalyzer-malloc-leak]: leak of ‘join_ns_arr’
criu-4.1.1/lib/c/criu.c:1889:12: branch_false: following ‘false’ branch (when ‘ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1894:15: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1895:12: branch_false: following ‘false’ branch (when ‘_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: following ‘false’ branch (when ‘ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1905:20: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1906:12: branch_false: following ‘false’ branch (when ‘_ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: following ‘false’ branch (when ‘extra_opt’ is NULL)...
criu-4.1.1/lib/c/criu.c:1919:19: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1920:12: branch_false: following ‘false’ branch (when ‘join_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1925:21: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1927:12: branch_false: following ‘false’ branch (when ‘join_ns_arr’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1932:9: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1932:9: danger: ‘join_ns_arr’ leaks here; was allocated at [(13)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/12)
# 1930|   	}
# 1931|   
# 1932|-> 	join_namespace__init(join_ns);
# 1933|   	join_ns->ns = _ns;
# 1934|   	join_ns->ns_file = _ns_file;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1005]
criu-4.1.1/lib/c/criu.c:1932:9: warning[-Wanalyzer-malloc-leak]: leak of ‘join_ns’
criu-4.1.1/lib/c/criu.c:1889:12: branch_false: following ‘false’ branch (when ‘ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1894:15: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1895:12: branch_false: following ‘false’ branch (when ‘_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1900:12: branch_false: following ‘false’ branch (when ‘ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1905:20: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1906:12: branch_false: following ‘false’ branch (when ‘_ns_file’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1911:12: branch_false: following ‘false’ branch (when ‘extra_opt’ is NULL)...
criu-4.1.1/lib/c/criu.c:1919:19: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1919:19: acquire_memory: allocated here
criu-4.1.1/lib/c/criu.c:1920:12: branch_false: following ‘false’ branch (when ‘join_ns’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1925:21: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1927:12: branch_false: following ‘false’ branch (when ‘join_ns_arr’ is non-NULL)...
criu-4.1.1/lib/c/criu.c:1932:9: branch_false: ...to here
criu-4.1.1/lib/c/criu.c:1932:9: danger: ‘join_ns’ leaks here; was allocated at [(11)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/10)
# 1930|   	}
# 1931|   
# 1932|-> 	join_namespace__init(join_ns);
# 1933|   	join_ns->ns = _ns;
# 1934|   	join_ns->ns_file = _ns_file;

Error: COMPILER_WARNING: [#def1006] [important]
criu-4.1.1/plugins/cuda/cuda_plugin.c:1:10: error[fatal error]: criu-log.h: No such file or directory
#    1|-> #include "criu-log.h"
#    2|   #include "plugin.h"
#    3|   #include "util.h"

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1007]
criu-4.1.1/soccr/soccr.c:94:17: warning[-Wanalyzer-malloc-leak]: leak of ‘ret’
criu-4.1.1/soccr/soccr.c:124:21: enter_function: entry to ‘libsoccr_pause’
criu-4.1.1/soccr/soccr.c:128:15: acquire_memory: allocated here
criu-4.1.1/soccr/soccr.c:129:12: branch_false: following ‘false’ branch (when ‘ret’ is non-NULL)...
criu-4.1.1/soccr/soccr.c:134:13: branch_false: ...to here
criu-4.1.1/soccr/soccr.c:134:13: call_function: calling ‘tcp_repair_on’ from ‘libsoccr_pause’
#   92|   	ret = setsockopt(fd, SOL_TCP, TCP_REPAIR, &aux, sizeof(aux));
#   93|   	if (ret < 0)
#   94|-> 		logerr("Can't turn TCP repair mode ON");
#   95|   
#   96|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1008]
criu-4.1.1/soccr/soccr.c:356:23: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
criu-4.1.1/soccr/soccr.c:337:12: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/soccr/soccr.c:340:9: branch_false: ...to here
criu-4.1.1/soccr/soccr.c:342:12: branch_false: following ‘false’ branch (when ‘ret >= 0’)...
criu-4.1.1/soccr/soccr.c:345:12: branch_false: ...to here
criu-4.1.1/soccr/soccr.c:345:12: branch_true: following ‘true’ branch (when ‘len != 0’)...
criu-4.1.1/soccr/soccr.c:350:30: branch_true: ...to here
criu-4.1.1/soccr/soccr.c:350:23: acquire_memory: allocated here
criu-4.1.1/soccr/soccr.c:351:20: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
criu-4.1.1/soccr/soccr.c:356:23: branch_false: ...to here
criu-4.1.1/soccr/soccr.c:356:23: danger: ‘buf’ leaks here; was allocated at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#  354|   		}
#  355|   
#  356|-> 		ret = recv(sk, buf, len + 1, MSG_PEEK | MSG_DONTWAIT);
#  357|   		if (ret != len)
#  358|   			goto err_recv;