[Python-Dev] Coverity Scan
Eli Bendersky
eliben at gmail.com
Fri Jul 26 17:13:03 CEST 2013
On Fri, Jul 26, 2013 at 7:29 AM, Christian Heimes <christian at python.org>wrote:
> Am 26.07.2013 14:56, schrieb Eli Bendersky:
> > Just a quick question - is there a chance to convince Coverity to detect
> > Python refcounting leaks in C API code :-) ? This could be useful not
> > only for Python but for extensions too. As it stands now, Coverity's
> > leak detection is Python must be pretty weak because almost everything
> > is done via PyObject refcounts.
>
> Coverity is able to detect some cases of refcount leaks. I don't know if
> the software is able to keep track of all reference counts. But it
> understands missing Py_DECREF() in error branches.
>
> For example:
>
> PyObject *n = PyLong_FromLong(0);
> PyObject *u = PyUnicode_FromString("example");
>
> if (u == NULL) {
> return NULL;
> /* Coverity detects that 'n' leaks memory */
> }
>
Interesting.
I was thinking of something more general though. Especially if we can mark
function arguments and return values as stealing references / creating new
ones / etc, many many common refcount bugs can be detected with static
analysis. This is definitely research-y, probably too much for our current
stage of relationship with Coverity :)
Eli
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20130726/0ac43d6f/attachment.html>
More information about the Python-Dev
mailing list