Examples

A first example

<?xml version="1.0" encoding="UTF-8"?>
<analysis>
  <metadata>
    <generator name="cpychecker" version="0.11"/>
    <sut>
      <source-rpm name="python-ethtool" version="0.7" release="4.fc19" build-arch="x86_64"/>
    </sut>
    <file given-path="examples/python-src-example.c">
      <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/>
    </file>
    <stats wall-clock-time="5"/>
  </metadata>

  <results>
    <!-- Example of a warning without a trace -->
    <issue cwe="681" test-id="mismatching-type-in-pyarg-format-string">
      <message>Mismatching type in call to PyArg_ParseTuple with format code "i"</message>
      <notes>  argument 3 ("&amp;count") had type
    "long int *" (pointing to 64 bits)
  but was expecting
    "int *" (pointing to 32 bits)
  for format code "i"</notes>
      <location>
        <file given-path="examples/python-src-example.c">
          <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/>
        </file>
        <function name="make_a_list_of_random_ints_badly"/>
        <point line="29" column="26"/>
      </location>
      <custom-fields>
        <str-field name="function">PyArg_ParseTuple</str-field>
        <str-field name="format-code">i</str-field>
        <str-field name="full-format-string">i</str-field>
        <str-field name="expected-type">"int *" (pointing to 32 bits)</str-field>
        <str-field name="actual-type">"long int *" (pointing to 64 bits)</str-field>
        <str-field name="expression">&amp;count</str-field>
        <int-field name="argument-num">3</int-field>
      </custom-fields>
    </issue>
  </results>
</analysis>

Example with a trace of activity

<?xml version="1.0" encoding="UTF-8"?>
<analysis>
  <metadata>
    <generator name="cpychecker" version="0.11"/>
    <sut>
      <source-rpm name="python-ethtool" version="0.7"
                  release="4.fc19" build-arch="x86_64"/>
    </sut>
  </metadata>

  <results>
    <issue cwe="401" test-id="refcount-too-high">

  <!-- Example of a report with a trace -->

  <message>ob_refcnt of '*item' is 1 too high</message>
  <notes>was expecting final item->ob_refcnt to be N + 1 (for some unknown N)
due to object being referenced by: PyListObject.ob_item[0]
but final item->ob_refcnt is N + 2</notes>

  <location>
    <file given-path="examples/python-src-example.c">
      <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/>
    </file>
    <function name="make_a_list_of_random_ints_badly"/>
    <point line="40" column="4"/>
  </location>

  <trace>
    <state>
      <location>
        <file given-path="examples/python-src-example.c">
          <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/>
        </file>
        <function name="make_a_list_of_random_ints_badly"/>
        <point line="36" column="14"/>
      </location>
      <notes>PyLongObject allocated at:         item = PyLong_FromLong(random());</notes>
    </state>

    <state>
      <location>
        <file given-path="examples/python-src-example.c">
          <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/>
        </file>
        <function name="make_a_list_of_random_ints_badly"/>
        <point line="37" column="8"/>
      </location>
      <notes>when PyList_Append() succeeds</notes>
    </state>

    <state>
      <location>
        <file given-path="examples/python-src-example.c">
          <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/>
        </file>
        <function name="make_a_list_of_random_ints_badly"/>
        <point line="40" column="4"/>
      </location>
    </state>
  </trace>
    </issue>
  </results>
</analysis>

Example of analysis failures

<?xml version="1.0" encoding="UTF-8"?>
<analysis>
  <metadata>
    <generator name="cpychecker" version="0.11"/>
    <sut>
      <source-rpm name="python-ethtool" version="0.7" release="4.fc19" build-arch="x86_64"/>
    </sut>
    <file given-path="examples/python-src-example.c">
      <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/>
    </file>
    <stats wall-clock-time="5"/>
  </metadata>

  <results>
    <!-- Example of an analysis failure where we have nothing except the
         knowledge of a segfault: -->
    <failure failure-id='bad-exit-code'>
      <custom-fields>
        <int-field name="returncode">-11</int-field>
      </custom-fields>
    </failure>
  </results>
</analysis>
<?xml version="1.0" encoding="UTF-8"?>
<analysis>
  <metadata>
    <generator name="cpychecker" version="0.11"/>
    <sut>
      <source-rpm name="python-ethtool" version="0.7" release="4.fc19" build-arch="x86_64"/>
    </sut>
    <file given-path="wspy_register.c">
      <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/>
    </file>
    <stats wall-clock-time="5"/>
  </metadata>

  <results>
    <!-- Example of an analysis failure where we have a traceback
         and the location of the code that broke the checker: -->
    <failure failure-id="python-exception">
      <location>
        <file given-path="wspy_register.c"/>
        <function name="register_all_py_protocols_func"/>
        <point line="159" column="42"/>
      </location>
      <custom-fields>
        <str-field name="traceback">wspy_register.c: In function 'register_all_py_protocols_func':
wspy_register.c:159:42: error: Unhandled Python exception raised calling 'execute' method
Traceback (most recent call last):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/__init__.py", line 75, in execute
    self._check_refcounts(fun)
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/__init__.py", line 79, in _check_refcounts
    self.show_possible_null_derefs)
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/refcounts.py", line 3668, in check_refcounts
    limits=limits)
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2929, in iter_traces
    depth + 1):
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2893, in iter_traces
    transitions = curstate.get_transitions()
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2013, in get_transitions
    return self._get_transitions_for_stmt(stmt)
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2029, in _get_transitions_for_stmt
    return self._get_transitions_for_GimpleCall(stmt)
  File "/usr/lib/gcc/x86_64-redhat-linux/4.6.2/plugin/python2/libcpychecker/absinterp.py", line 2212, in _get_transitions_for_GimpleCall
    raise NotImplementedError('not yet implemented: %s' % fnname)
NotImplementedError: not yet implemented: PySequence_Check
</str-field></custom-fields>
    </failure>
  </results>
</analysis>
<?xml version="1.0" encoding="UTF-8"?>
<analysis>
  <metadata>
    <generator name="cpychecker"/>
  </metadata>
  <results>
    <!--
       Example of a failure-to-analyze in which we have an error message
       and a location, but other failure fields (stdout, returncode)
       wouldn't make sense and so are omitted.

       The error message is a warning from cpychecker that the results
       are only a partial analysis; it's not achieving full coverage.

       (this was added to cpychecker in:
          http://git.fedorahosted.org/cgit/gcc-python-plugin.git/commit/?h=firehose&id=1fbb678bb121099a8161031aae9e39c75e3faea7 )
    -->
    <failure failure-id="too-complicated">
      <location>
        <file given-path="tests/cpychecker/refcounts/combinatorial-explosion/input.c"/>
        <function name="test_adding_module_objects"/>
        <point column="1" line="31"/>
      </location>
      <message>this function is too complicated for the reference-count checker to fully analyze: not all paths were analyzed</message>
    </failure>
  </results>
</analysis>

Example of ranges

<?xml version="1.0" encoding="UTF-8"?>
<analysis>
  <metadata>
    <generator name="cpychecker" version="0.11"/>
    <sut>
      <source-rpm name="python-ethtool" version="0.7" release="4.fc19" build-arch="x86_64"/>
    </sut>
    <file given-path="examples/python-src-example.c">
      <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/>
    </file>
    <stats wall-clock-time="5"/>
  </metadata>

  <results>
    <!-- Example of a warning that uses a range -->
    <issue cwe="681" test-id="mismatching-type-in-pyarg-format-string">
      <message>Mismatching type in call to PyArg_ParseTuple with format code "i"</message>
      <notes>  argument 3 ("&amp;count") had type
    "long int *" (pointing to 64 bits)
  but was expecting
    "int *" (pointing to 32 bits)
  for format code "i"</notes>
      <location>
        <file given-path="examples/python-src-example.c">
          <hash alg="sha1" hexdigest="6ba29daa94d64b48071e299a79f2a00dcd99eeb1"/>
        </file>
        <function name="make_a_list_of_random_ints_badly"/>
        <range>
          <point line="10" column="9"/>
          <point line="10" column="44"/>
        </range>
      </location>
    </issue>
  </results>
</analysis>

Debian Examples

<?xml version="1.0" encoding="UTF-8"?>
<analysis>
  <metadata>
    <generator name="handmade" version="0.1"/>
    <sut>
      <debian-source name="python-ethtool" version="0.7" release="4.1+b1" />
    </sut>
  </metadata>

  <results>
      <!-- we check for results elsewhere, no need to populate this with
           senseless error messages. -->
  </results>
</analysis>
<?xml version="1.0" encoding="UTF-8"?>
<analysis>
  <metadata>
    <generator name="handmade" version="0.1"/>
    <sut>
        <debian-binary name="python-ethtool" version="0.7" release="1.1"
            build-arch="amd64" />
    </sut>
  </metadata>

  <results>
      <!-- we check for results elsewhere, no need to populate this with
           senseless error messages. -->
  </results>
</analysis>

etc