[Python-Dev] Coverity Open Source Defect Scan of Python

Thomas Wouters thomas at python.org
Sat Mar 11 23:16:08 CET 2006


On 3/7/06, Ben Chelf <ben at coverity.com> wrote:

> Putting on my idealistic hat and remembering back my grad school days, I
> think we're on to something very new in the world of source code
> analysis. I really just want every developer to use source code analysis
> while they write code (remember, idealistic :)). We got a lot of the
> good publicity in the research lab because there existed this big open
> source OS that we could test our theories on. So from that angle, I
> think it makes sense for Coverity to have a strong relationship with the
> open source community since that community has been helping us pretty
> much since day 1. This project is just the next step in that...it's
> certainly not the last.
>
> There's plenty more to do to target every developer.


Well, as long as we're talking idealistically, I wonder how easy it would be
to add reference-counting tracking to Coverity Prevent. Python, Perl and (I
believe) PHP all have their own kind of refcounting, but the base semantics
are pretty much the same: a function can return a new or a borrowed
reference, and it can borrow or steal references passed to it. Without
having seen how Prevent works, it feels to me like it would be a small
addition to keep track of these application-specific details. Or, perhaps
more generic, add a few markers to keep track of them; in Python, you'd only
have to mark Py_INCREF and Py_DECREF, and possibly manual fidgeting with an
objects' refcount (which is hopefully extremely rare.)

I say 'idealistically', though, because I don't know how much business sense
it makes to cater to refcounting mechanisms.

--
Thomas Wouters <thomas at python.org>

Hi! I'm a .signature virus! copy me into your .signature file to help me
spread!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.python.org/pipermail/python-dev/attachments/20060311/398bdff5/attachment.htm 


More information about the Python-Dev mailing list