Bug 790979

Summary: Memory leaks and crashers found in python bindings in rpm-4.9.1.2-12.fc17 using gcc-with-cpychecker static analyzer
Product: [Fedora] Fedora Reporter: Dave Malcolm <dmalcolm>
Component: rpmAssignee: Fedora Packaging Toolset Team <packaging-team>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: ffesti, jnovy, pmatilai
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
URL: http://fedorapeople.org/~dmalcolm/gcc-python-plugin/2012-02-15/rpm-4.9.1.2-12.fc17/
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-05-08 12:10:05 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 789472    

Description Dave Malcolm 2012-02-15 21:02:07 UTC 
Description of problem:
I've been writing an experimental static analysis tool to detect bugs commonly occurring within C Python extension modules:
  https://fedorahosted.org/gcc-python-plugin/
  http://gcc-python-plugin.readthedocs.org/en/latest/cpychecker.html
  http://fedoraproject.org/wiki/Features/StaticAnalysisOfPythonRefcounts

I ran the latest version of the tool (in git master; post 0.9) on
rpm-4.9.1.2-12.fc17.src.rpm, and it reports various errors.

You can see a list of errors here, triaged into categories (from most significant to least significant):
http://fedorapeople.org/~dmalcolm/gcc-python-plugin/2012-02-15/rpm-4.9.1.2-12.fc17/

Although the two bugs in the final category ("Returning (PyObject*)NULL without setting an exception") are false positives, I believe that all of the other bugs reported there are true errors.

There may of course be other bugs in my checker tool.

I submitted patches for these problems to rpm-maint in December 2011; see:
 http://lists.rpm.org/pipermail/rpm-maint/2011-December/003138.html
 http://lists.rpm.org/pipermail/rpm-maint/2011-December/003139.html
 http://lists.rpm.org/pipermail/rpm-maint/2011-December/003145.html
 http://lists.rpm.org/pipermail/rpm-maint/2011-December/003152.html
 http://lists.rpm.org/pipermail/rpm-maint/2011-December/003153.html
but I'm filing this here to ensure that the fixes make it into Fedora (and eventually RHEL).

Hope this is helpful; let me know if you need help reading the logs that the tool generates - I know that it could use some improvement.

Version-Release number of selected component (if applicable):
rpm-4.9.1.2-12.fc17
gcc-python-plugin post-0.9 git 073d390de53ef52136bd90e5ac06f1ef833d047d running the checker in an *f16* chroot
Comment 1 Fedora Admin XMLRPC Client 2012-04-13 23:07:55 UTC 
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.
Comment 2 Fedora Admin XMLRPC Client 2012-04-13 23:11:16 UTC 
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.
Comment 3 Panu Matilainen 2012-05-08 12:10:05 UTC 
The entire patch set is part of rpm >= 4.10, in rawhide since late March, and the worser memleaks got backported to rpm 4.9.x in older Fedoras as well.