[issue30287] cpython and Clang Static Analyzer

2017-05-11 Thread Mark Dickinson 

Mark Dickinson added the comment:

> I guess return -1 instead of bits=0 will silent both gcc and the static 
> analyzer warning.

That's a possibility, though we should also set an exception in that case 
(since returning an error value without setting an exception is also something 
that might be picked up by a CPython-oriented static analyser in the future).

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue30287] cpython and Clang Static Analyzer

2017-05-10 Thread STINNER Victor 

Changes by STINNER Victor :


--
nosy: +haypo

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue30287] cpython and Clang Static Analyzer

2017-05-07 Thread Дилян Палаузов 

Дилян Палаузов added the comment:

I forgot to pass --with-pydebug to ./configure in order to consider also the 
asserts.  Here we go:

scan-build ./configure --enable-loadable-sqlite-extensions --enable-ipv6 
--with-system-expat --with-system-libmpdec --with-pydebug
scan-build -o /home/didopalauzov/public_html/scan-build-python-3763ea865c make

The output, which has now 9 hints less, is at
  https://mail.aegee.org/dpa/scan-build-python-3763ea865c/

The assignments in Modules/socketmodule.c:1456 and 
Modules/_datetimemodule.c:2232 are correctly detected as superfluous.

In Objects/longobject.c/long_format_binary:

default:
assert(0); /* shouldn't ever get here*/
bits = 0; /* to silence gcc warning */

I guess return -1 instead of bits=0 will silent both gcc and the static 
analyzer warning.

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue30287] cpython and Clang Static Analyzer

2017-05-07 Thread Mark Dickinson 

Mark Dickinson added the comment:

Thanks for this. I took a look at the 5 reports for Objects/longobject.c, and I 
don't think there's any action to be taken on any of them. (Two false 
positives; two "dead assignments" that are used when asserts are enabled, and 
one division-by-zero that depends on a function being called in a way that 
never happens in practice.)

* Objects/longobject.c:2823 Assigned value is garbage or undefined

This is a false positive. Here we have:

a_bits <= a_size * PyLongShift
shift_digits = (a_bits - DBL_MANT_DIG - 2) / PyLong_SHIFT;

and then we call v_rshift(x_digits, ..., a_size - shift_digits, ...), which 
fills the first a_size - shift_digits entries of x_digits. Since DBL_MANT_DIG 
>= PyLong_SHIFT, we have shift_digits < a_size, so x_digits[0] is always 
initialised by v_rshift.

* Objects/longobject.c:2723 Dead assignment

The value of the assignment is used in a following assert statement; I don't 
think this should be changed.

* Objects/longobject.c:2463 Dead assignment

Again, the value of the assignment is used in an assert.

* Objects/longobject.c:1828 Division by zero

This function will never get called with bits=0. There are asserts to check 
this.

* Objects/longobject.c:2830 Assigned value is garbage or undefined

This is another false positive, similar to the first one. Analysing the 
arithmetic shows that x_digits[0] is always defined.

--
nosy: +mark.dickinson

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue30287] cpython and Clang Static Analyzer

2017-05-05 Thread Дилян Палаузов 

New submission from Дилян Палаузов:

I compiled cpython using Clang 4.0 Static Analyzer with 
scan-build ./configure --enable-loadable-sqlite-extensions --enable-ipv6 
--with-system-expat --with-system-ffi --with-system-libmpdec
scan-build make

and here are the results
  https://mail.aegee.org/dpa/scan-build-python-a1054c3b00/

Please note, that the information is only about what gets actually compiled, 
code disabled by #if .. #endif is not considered (e.g. when determining whether 
a variable assignment is useless).  There are probably some false-positives.

Consider this as information, I do not pretend there are any bugs found by the 
static analyzer.

--
messages: 293145
nosy: dilyan.palauzov
priority: normal
severity: normal
status: open
title: cpython and Clang Static Analyzer
type: enhancement
versions: Python 3.7

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com