Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] zstd-1.5.7/lib//compress/zstdmt_compress.c:224:16: warning[-Wanalyzer-malloc-leak]: leak of ‘<return-value>.start’ zstd-1.5.7/lib//compress/zstdmt_compress.c:1403:15: enter_function: entry to ‘ZSTDMT_createCompressionJob’ zstd-1.5.7/lib//compress/zstdmt_compress.c:1408:8: branch_false: following ‘false’ branch... zstd-1.5.7/lib//compress/zstdmt_compress.c:1414:10: branch_false: ...to here zstd-1.5.7/lib//compress/zstdmt_compress.c:1414:8: branch_true: following ‘true’ branch... zstd-1.5.7/lib//compress/zstdmt_compress.c:1415:21: branch_true: ...to here zstd-1.5.7/lib//compress/zstdmt_compress.c:1443:12: branch_true: following ‘true’ branch (when ‘endOp != 2’)... zstd-1.5.7/lib//compress/zstdmt_compress.c:1444:42: branch_true: ...to here zstd-1.5.7/lib//compress/zstdmt_compress.c:1455:12: branch_true: following ‘true’ branch (when ‘srcSize == 0’)... zstd-1.5.7/lib//compress/zstdmt_compress.c:1455:14: branch_true: ...to here zstd-1.5.7/lib//compress/zstdmt_compress.c:1455:14: branch_true: following ‘true’ branch... zstd-1.5.7/lib//compress/zstdmt_compress.c:1459:13: branch_true: ...to here zstd-1.5.7/lib//compress/zstdmt_compress.c:1459:13: call_function: calling ‘ZSTDMT_writeLastEmptyBlock’ from ‘ZSTDMT_createCompressionJob’ # 222| DEBUGLOG(5, "ZSTDMT_getBuffer: created buffer of size %u", (U32)bSize); # 223| } # 224|-> return buffer; # 225| } # 226| } Error: GCC_ANALYZER_WARNING (CWE-835): [#def2] zstd-1.5.7/lib//compress/zstdmt_compress.c:1035:27: warning[-Wanalyzer-infinite-loop]: infinite loop zstd-1.5.7/lib//compress/zstdmt_compress.c:1488:15: enter_function: entry to ‘ZSTDMT_flushProduced’ # 1033| unsigned const jobID = mtctx->doneJobID & mtctx->jobIDMask; # 1034| ZSTD_PTHREAD_MUTEX_LOCK(&mtctx->jobs[jobID].job_mutex); # 1035|-> while (mtctx->jobs[jobID].consumed < mtctx->jobs[jobID].src.size) { # 1036| DEBUGLOG(4, "waiting for jobCompleted signal from job %u", mtctx->doneJobID); /* we want to block when waiting for data to flush */ # 1037| ZSTD_pthread_cond_wait(&mtctx->jobs[jobID].job_cond, &mtctx->jobs[jobID].job_mutex); Error: GCC_ANALYZER_WARNING (CWE-835): [#def3] zstd-1.5.7/lib//compress/zstdmt_compress.c:1499:27: warning[-Wanalyzer-infinite-loop]: infinite loop zstd-1.5.7/lib//compress/zstdmt_compress.c:1499:27: danger: infinite loop here zstd-1.5.7/lib//compress/zstdmt_compress.c:1499:16: branch_true: if it ever follows ‘true’ branch, it will always do so... zstd-1.5.7/lib//compress/zstdmt_compress.c:1500:17: branch_true: ...to here zstd-1.5.7/lib//compress/zstdmt_compress.c:1500:16: branch_false: if it ever follows ‘false’ branch, it will always do so... branch_false: ...to here # 1497| && (mtctx->doneJobID < mtctx->nextJobID) ) { # 1498| assert(mtctx->jobs[wJobID].dstFlushed <= mtctx->jobs[wJobID].cSize); # 1499|-> while (mtctx->jobs[wJobID].dstFlushed == mtctx->jobs[wJobID].cSize) { /* nothing to flush */ # 1500| if (mtctx->jobs[wJobID].consumed == mtctx->jobs[wJobID].src.size) { # 1501| DEBUGLOG(5, "job %u is completely consumed (%u == %u) => don't wait for cond, there will be none", Error: GCC_ANALYZER_WARNING (CWE-835): [#def4] zstd-1.5.7/lib//dictBuilder/cover.c:914:10: warning[-Wanalyzer-infinite-loop]: infinite loop zstd-1.5.7/lib//dictBuilder/cover.c:914:10: danger: infinite loop here zstd-1.5.7/lib//dictBuilder/cover.c:914:10: branch_true: if it ever follows ‘true’ branch, it will always do so... branch_true: ...to here # 912| } # 913| ZSTD_pthread_mutex_lock(&best->mutex); # 914|-> while (best->liveJobs != 0) { # 915| ZSTD_pthread_cond_wait(&best->cond, &best->mutex); # 916| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] zstd-1.5.7/lib//dictBuilder/cover.c:976:12: warning[-Wanalyzer-malloc-leak]: leak of ‘*best.dict’ zstd-1.5.7/lib//dictBuilder/cover.c:1122:13: enter_function: entry to ‘COVER_tryParameters’ zstd-1.5.7/lib//dictBuilder/cover.c:1135:8: call_function: calling ‘COVER_map_init’ from ‘COVER_tryParameters’ zstd-1.5.7/lib//dictBuilder/cover.c:1135:8: return_function: returning to ‘COVER_tryParameters’ from ‘COVER_map_init’ zstd-1.5.7/lib//dictBuilder/cover.c:1135:6: branch_true: following ‘true’ branch... zstd-1.5.7/lib//dictBuilder/cover.c:1136:5: branch_true: ...to here zstd-1.5.7/lib//dictBuilder/cover.c:1160:3: call_function: calling ‘COVER_best_finish’ from ‘COVER_tryParameters’ # 974| } # 975| best->dict = malloc(dictSize); # 976|-> if (!best->dict) { # 977| best->compressedSize = ERROR(GENERIC); # 978| best->dictSize = 0; Error: GCC_ANALYZER_WARNING (CWE-401): [#def6] zstd-1.5.7/programs/util.c:1233:5: warning[-Wanalyzer-malloc-leak]: leak of ‘srcFileNames’ zstd-1.5.7/programs/util.c:1267:6: enter_function: entry to ‘UTIL_mirrorSourceFilesDirectories’ zstd-1.5.7/programs/util.c:1270:37: acquire_memory: allocated here zstd-1.5.7/programs/util.c:1271:5: branch_false: following ‘false’ branch (when ‘srcFileNames’ is non-NULL)... branch_false: ...to here zstd-1.5.7/programs/util.c:1274:17: branch_true: following ‘true’ branch (when ‘i < nbFile’)... zstd-1.5.7/programs/util.c:1275:57: branch_true: ...to here zstd-1.5.7/programs/util.c:1275:13: call_function: inlined call to ‘isFileNameValidForMirroredOutput’ from ‘UTIL_mirrorSourceFilesDirectories’ zstd-1.5.7/programs/util.c:1275:13: call_function: inlined call to ‘isFileNameValidForMirroredOutput’ from ‘UTIL_mirrorSourceFilesDirectories’ zstd-1.5.7/programs/util.c:1277:13: branch_false: following ‘false’ branch (when ‘fname’ is non-NULL)... zstd-1.5.7/programs/util.c:1278:26: branch_false: ...to here zstd-1.5.7/programs/util.c:1282:8: branch_true: following ‘true’ branch (when ‘validFilenamesNr != 0’)... zstd-1.5.7/programs/util.c:1283:9: branch_true: ...to here zstd-1.5.7/programs/util.c:1284:9: call_function: calling ‘makeMirroredDestDirs’ from ‘UTIL_mirrorSourceFilesDirectories’ # 1231| /* if dirs is "a/b/c" and "a/b/c/d", we only need call: # 1232| * we just need "a/b/c/d" */ # 1233|-> qsort((void *)srcDirNames, nbFile, sizeof(char*), compareDir); # 1234| # 1235| uniqueDirNr = 1; Error: GCC_ANALYZER_WARNING (CWE-401): [#def7] zstd-1.5.7/programs/util.c:1233:5: warning[-Wanalyzer-malloc-leak]: leak of ‘uniqueDirNames’ zstd-1.5.7/programs/util.c:1267:6: enter_function: entry to ‘UTIL_mirrorSourceFilesDirectories’ zstd-1.5.7/programs/util.c:1271:5: branch_false: following ‘false’ branch (when ‘srcFileNames’ is non-NULL)... branch_false: ...to here zstd-1.5.7/programs/util.c:1274:17: branch_true: following ‘true’ branch (when ‘i < nbFile’)... zstd-1.5.7/programs/util.c:1275:57: branch_true: ...to here zstd-1.5.7/programs/util.c:1275:13: call_function: inlined call to ‘isFileNameValidForMirroredOutput’ from ‘UTIL_mirrorSourceFilesDirectories’ zstd-1.5.7/programs/util.c:1275:13: call_function: inlined call to ‘isFileNameValidForMirroredOutput’ from ‘UTIL_mirrorSourceFilesDirectories’ zstd-1.5.7/programs/util.c:1277:13: branch_false: following ‘false’ branch (when ‘fname’ is non-NULL)... zstd-1.5.7/programs/util.c:1278:26: branch_false: ...to here zstd-1.5.7/programs/util.c:1282:8: branch_true: following ‘true’ branch (when ‘validFilenamesNr != 0’)... zstd-1.5.7/programs/util.c:1283:9: branch_true: ...to here zstd-1.5.7/programs/util.c:1284:9: call_function: calling ‘makeMirroredDestDirs’ from ‘UTIL_mirrorSourceFilesDirectories’ # 1231| /* if dirs is "a/b/c" and "a/b/c/d", we only need call: # 1232| * we just need "a/b/c/d" */ # 1233|-> qsort((void *)srcDirNames, nbFile, sizeof(char*), compareDir); # 1234| # 1235| uniqueDirNr = 1;
| analyzer-version-clippy | 1.90.0 |
| analyzer-version-cppcheck | 2.18.3 |
| analyzer-version-gcc | 15.2.1 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.90.0 |
| diffbase-analyzer-version-cppcheck | 2.18.3 |
| diffbase-analyzer-version-gcc | 15.2.1 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-161.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-gcc-latest-x86_64 |
| diffbase-project-name | zstd-1.5.7-3.fc44 |
| diffbase-store-results-to | /tmp/tmp0yt2tcl4/zstd-1.5.7-3.fc44.tar.xz |
| diffbase-time-created | 2025-10-28 20:51:32 |
| diffbase-time-finished | 2025-10-28 20:56:53 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'gcc,cppcheck,shellcheck,clippy,unicontrol' '-o' '/tmp/tmp0yt2tcl4/zstd-1.5.7-3.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmp0yt2tcl4/zstd-1.5.7-3.fc44.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251027.143044.ge6b947b-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-161.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-gcc-latest-x86_64 |
| project-name | zstd-1.5.7-2.fc43 |
| store-results-to | /tmp/tmp1v7if93q/zstd-1.5.7-2.fc43.tar.xz |
| time-created | 2025-10-28 20:45:21 |
| time-finished | 2025-10-28 20:50:55 |
| title | Fixed findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'gcc,cppcheck,shellcheck,clippy,unicontrol' '-o' '/tmp/tmp1v7if93q/zstd-1.5.7-2.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmp1v7if93q/zstd-1.5.7-2.fc43.src.rpm' |
| tool-version | csmock-3.8.3.20251027.143044.ge6b947b-1.el9 |