[Python-Dev] Should we fix these errors?

Christian Heimes christian at python.org
Fri Jul 22 18:39:37 EDT 2016

On 2016-07-22 17:31, Chris Angelico wrote:
> On Sat, Jul 23, 2016 at 12:36 AM, Guido van Rossum <guido at python.org> wrote:
>> Somebody did some research and found some bugs in CPython (IIUC). The
>> published some questionable fragments. If there's a volunteer we could
>> probably easily fix these. (I know we already have occasional Coverity
>> scans and there are other tools too (anybody try lgtm yet?) But this
>> seems honest research (also Python leaves Ruby in the dust :-):
>> http://www.viva64.com/en/b/0414/
> First and foremost: All of these purported bugs appear to have been
> found by compiling on Windows. Does Coverity test a Windows build? If
> not, can we get it to? These look like the exact types of errors that
> Coverity *would* discover.

No, it doesn't. The Coverity Scan builds only run on X86_64 Linux
platforms. When I took over Coverity Scan for CPython many years ago it
was not possible to support multiple platforms and target with the free
edition. I never tried to upload builds from different platforms because
I feared that it might play havoc with the scan history. Should I check
with Coverity again?

Some of these issues have been found by Coverity and I even have patches
for them, e.g. N6 is CID#1299595. I have 13 patches that I haven't
published and merged yet. None of the issues is critical, though. Since
I forgot how to use hg I have been waiting for the github migration.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0004-Fix-dereferencing-before-NULL-check-in-_PyState_AddM.patch
Type: text/x-patch
Size: 1366 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/python-dev/attachments/20160723/51b353d6/attachment.bin>

More information about the Python-Dev mailing list