Examples¶
A first example¶
<?xml version="1.0" encoding="UTF-8"?> <analysis> <metadata> <generator name="cpychecker" version="0.11"/> <sut> <source-rpm name="python-ethtool" version="0.7" release="4.fc19" build-arch="x86_64"/> </sut> <file given-path="examples/python-src-example.c"> <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/> </file> <stats wall-clock-time="5"/> </metadata> <results> <!-- Example of a warning without a trace --> <issue cwe="681" test-id="mismatching-type-in-pyarg-format-string"> <message>Mismatching type in call to PyArg_ParseTuple with format code "i"</message> <notes> argument 3 ("&count") had type "long int *" (pointing to 64 bits) but was expecting "int *" (pointing to 32 bits) for format code "i"</notes> <location> <file given-path="examples/python-src-example.c"> <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/> </file> <function name="make_a_list_of_random_ints_badly"/> <point line="29" column="26"/> </location> <custom-fields> <str-field name="function">PyArg_ParseTuple</str-field> <str-field name="format-code">i</str-field> <str-field name="full-format-string">i</str-field> <str-field name="expected-type">"int *" (pointing to 32 bits)</str-field> <str-field name="actual-type">"long int *" (pointing to 64 bits)</str-field> <str-field name="expression">&count</str-field> <int-field name="argument-num">3</int-field> </custom-fields> </issue> </results> </analysis>
Example with a trace of activity¶
<?xml version="1.0" encoding="UTF-8"?> <analysis> <metadata> <generator name="cpychecker" version="0.11"/> <sut> <source-rpm name="python-ethtool" version="0.7" release="4.fc19" build-arch="x86_64"/> </sut> </metadata> <results> <issue cwe="401" test-id="refcount-too-high"> <!-- Example of a report with a trace --> <message>ob_refcnt of '*item' is 1 too high</message> <notes>was expecting final item->ob_refcnt to be N + 1 (for some unknown N) due to object being referenced by: PyListObject.ob_item[0] but final item->ob_refcnt is N + 2</notes> <location> <file given-path="examples/python-src-example.c"> <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/> </file> <function name="make_a_list_of_random_ints_badly"/> <point line="40" column="4"/> </location> <trace> <state> <location> <file given-path="examples/python-src-example.c"> <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/> </file> <function name="make_a_list_of_random_ints_badly"/> <point line="36" column="14"/> </location> <notes>PyLongObject allocated at: item = PyLong_FromLong(random());</notes> </state> <state> <location> <file given-path="examples/python-src-example.c"> <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/> </file> <function name="make_a_list_of_random_ints_badly"/> <point line="37" column="8"/> </location> <notes>when PyList_Append() succeeds</notes> </state> <state> <location> <file given-path="examples/python-src-example.c"> <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/> </file> <function name="make_a_list_of_random_ints_badly"/> <point line="40" column="4"/> </location> </state> </trace> </issue> </results> </analysis>
Example of analysis failures¶
<?xml version="1.0" encoding="UTF-8"?> <analysis> <metadata> <generator name="cpychecker" version="0.11"/> <sut> <source-rpm name="python-ethtool" version="0.7" release="4.fc19" build-arch="x86_64"/> </sut> <file given-path="examples/python-src-example.c"> <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/> </file> <stats wall-clock-time="5"/> </metadata> <results> <!-- Example of an analysis failure where we have nothing except the knowledge of a segfault: --> <failure failure-id='bad-exit-code'> <custom-fields> <int-field name="returncode">-11</int-field> </custom-fields> </failure> </results> </analysis><?xml version="1.0" encoding="UTF-8"?> <analysis> <metadata> <generator name="cpychecker" version="0.11"/> <sut> <source-rpm name="python-ethtool" version="0.7" release="4.fc19" build-arch="x86_64"/> </sut> <file given-path="wspy_register.c"> <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/> </file> <stats wall-clock-time="5"/> </metadata> <results> <!-- Example of an analysis failure where we have a traceback and the location of the code that broke the checker: --> <failure failure-id="python-exception"> <location> <file given-path="wspy_register.c"/> <function name="register_all_py_protocols_func"/> <point line="159" column="42"/> </location> <custom-fields> <str-field name="traceback">wspy_register.c: In function 'register_all_py_protocols_func': wspy_register.c:159:42: error: Unhandled Python exception raised calling 'execute' method Traceback (most recent call last): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/__init__.py", line 75, in execute self._check_refcounts(fun) File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/__init__.py", line 79, in _check_refcounts self.show_possible_null_derefs) File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/refcounts.py", line 3668, in check_refcounts limits=limits) File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces depth + 1): File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2893, in iter_traces transitions = curstate.get_transitions() File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2013, in get_transitions return self._get_transitions_for_stmt(stmt) File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2029, in _get_transitions_for_stmt return self._get_transitions_for_GimpleCall(stmt) File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2212, in _get_transitions_for_GimpleCall raise NotImplementedError('not yet implemented: %s' % fnname) NotImplementedError: not yet implemented: PySequence_Check </str-field></custom-fields> </failure> </results> </analysis><?xml version="1.0" encoding="UTF-8"?> <analysis> <metadata> <generator name="cpychecker"/> </metadata> <results> <!-- Example of a failure-to-analyze in which we have an error message and a location, but other failure fields (stdout, returncode) wouldn't make sense and so are omitted. The error message is a warning from cpychecker that the results are only a partial analysis; it's not achieving full coverage. (this was added to cpychecker in: http://git.fedorahosted.org/cgit/gcc-python-plugin.git/commit/?h=firehose&id=1fbb678bb121099a8161031aae9e39c75e3faea7 ) --> <failure failure-id="too-complicated"> <location> <file given-path="tests/cpychecker/refcounts/combinatorial-explosion/input.c"/> <function name="test_adding_module_objects"/> <point column="1" line="31"/> </location> <message>this function is too complicated for the reference-count checker to fully analyze: not all paths were analyzed</message> </failure> </results> </analysis>
Example of ranges¶
<?xml version="1.0" encoding="UTF-8"?> <analysis> <metadata> <generator name="cpychecker" version="0.11"/> <sut> <source-rpm name="python-ethtool" version="0.7" release="4.fc19" build-arch="x86_64"/> </sut> <file given-path="examples/python-src-example.c"> <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/> </file> <stats wall-clock-time="5"/> </metadata> <results> <!-- Example of a warning that uses a range --> <issue cwe="681" test-id="mismatching-type-in-pyarg-format-string"> <message>Mismatching type in call to PyArg_ParseTuple with format code "i"</message> <notes> argument 3 ("&count") had type "long int *" (pointing to 64 bits) but was expecting "int *" (pointing to 32 bits) for format code "i"</notes> <location> <file given-path="examples/python-src-example.c"> <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/> </file> <function name="make_a_list_of_random_ints_badly"/> <range> <point line="10" column="9"/> <point line="10" column="44"/> </range> </location> </issue> </results> </analysis>
Debian Examples¶
<?xml version="1.0" encoding="UTF-8"?> <analysis> <metadata> <generator name="handmade" version="0.1"/> <sut> <debian-source name="python-ethtool" version="0.7" release="4.1+b1" /> </sut> </metadata> <results> <!-- we check for results elsewhere, no need to populate this with senseless error messages. --> </results> </analysis><?xml version="1.0" encoding="UTF-8"?> <analysis> <metadata> <generator name="handmade" version="0.1"/> <sut> <debian-binary name="python-ethtool" version="0.7" release="1.1" build-arch="amd64" /> </sut> </metadata> <results> <!-- we check for results elsewhere, no need to populate this with senseless error messages. --> </results> </analysis>
etc