Bug 800126 - Bugs found in pylibacl-0.5.0-4.fc17 using gcc-with-cpychecker static analyzer
Summary: Bugs found in pylibacl-0.5.0-4.fc17 using gcc-with-cpychecker static analyzer
Alias: None
Product: Fedora
Classification: Fedora
Component: pylibacl
Version: rawhide
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
Assignee: Marcin Zajaczkowski
QA Contact: Fedora Extras Quality Assurance
URL: http://fedorapeople.org/~dmalcolm/gcc...
Depends On:
Blocks: cpychecker
TreeView+ depends on / blocked
Reported: 2012-03-05 19:32 UTC by Dave Malcolm
Modified: 2012-08-09 22:58 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2012-08-09 22:58:33 UTC
Type: ---

Attachments (Terms of Use)

Description Dave Malcolm 2012-03-05 19:32:40 UTC
Description of problem:
I've been writing an experimental static analysis tool to detect bugs commonly occurring within C Python extension modules:

I ran the latest version of the tool (in git master; post 0.9) on
pylibacl-0.5.0-4.fc17.src.rpm, and it reports various errors.

You can see a list of errors here, triaged into categories (from most significant to least significant):

I've manually reviewed the issues reported by the tool.

Within the category "Unclassified errors" the 1 issue reported looks like a genuine bug: the Py_DECREF(format) at line 746 appears to be wrong, and could lead to "format" being deallocated before returning it.

Within the category "Reference count too low" the 1 issue reported appears to be the same issue as above.

Within the category "Reference leaks" the 2 issues reported appear to be genuine bugs:
  acl.c:ACL_check:ob_refcnt of PyIntObject is 1 too high: suggest using:
Py_BuildValue("ii", result, eindex) instead, to avoid the leak (and the possibility of PyInt_FromLong failing).

  acl.c:Entry_str:ob_refcnt of '*format' is 1 too high: this is missing a Py_DECREF(format) in the final error-handling path.

Within the category "Segfaults within error-handling paths" the 5 issues reported appear to be genuine bugs.  Note that you can use Py_XDECREF() rather than Py_DECREF() if the pointer could be NULL.

Within the category "Possible reference leaks" the 1 issues reported looks like a memory leak, assuming that Permset_new() returns a new reference when it succeeds (rather than a borrowed reference).

There may of course be other bugs in my checker tool.

Hope this is helpful; let me know if you need help reading the logs that the tool generates - I know that it could use some improvement.

Version-Release number of selected component (if applicable):
gcc-python-plugin post-0.9 git 11462291a66c8db693c8884cb84b795bb5988ffb running the checker in an *f16* chroot

Comment 1 Marcin Zajaczkowski 2012-03-05 21:41:20 UTC
Hi Dave! Your tool looks very interesting. I will contact the author of pylibacl to allow him to take a look at the results.

Comment 2 Iustin Pop 2012-03-05 22:05:33 UTC
Thanks a lot for this, it's very useful. I'll see about fixing the bugs and making a new release.

I'll probably need to build myself the same environment first, though…

Comment 3 Iustin Pop 2012-05-14 20:17:10 UTC

I've released a new version; I believe it has fixed all reported issues.

Thanks Dave for this very nice tool!

Comment 4 Fedora Update System 2012-06-26 21:21:34 UTC
pylibacl-0.5.1-2.fc17 has been submitted as an update for Fedora 17.

Comment 5 Fedora Update System 2012-06-26 21:21:44 UTC
pylibacl-0.5.1-2.fc16 has been submitted as an update for Fedora 16.

Comment 6 Fedora Update System 2012-06-28 03:21:29 UTC
Package pylibacl-0.5.1-2.fc17:
* should fix your issue,
* was pushed to the Fedora 17 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing pylibacl-0.5.1-2.fc17'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).

Comment 7 Fedora Update System 2012-08-09 22:58:33 UTC
pylibacl-0.5.1-2.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.