On 2016-07-22 17:31, Chris Angelico wrote:
On Sat, Jul 23, 2016 at 12:36 AM, Guido van Rossum <guido@python.org> wrote:
Somebody did some research and found some bugs in CPython (IIUC). The published some questionable fragments. If there's a volunteer we could probably easily fix these. (I know we already have occasional Coverity scans and there are other tools too (anybody try lgtm yet?) But this seems honest research (also Python leaves Ruby in the dust :-):
First and foremost: All of these purported bugs appear to have been found by compiling on Windows. Does Coverity test a Windows build? If not, can we get it to? These look like the exact types of errors that Coverity *would* discover.
No, it doesn't. The Coverity Scan builds only run on X86_64 Linux platforms. When I took over Coverity Scan for CPython many years ago it was not possible to support multiple platforms and target with the free edition. I never tried to upload builds from different platforms because I feared that it might play havoc with the scan history. Should I check with Coverity again? Some of these issues have been found by Coverity and I even have patches for them, e.g. N6 is CID#1299595. I have 13 patches that I haven't published and merged yet. None of the issues is critical, though. Since I forgot how to use hg I have been waiting for the github migration. Christian