search

aaronkaplan / py-radix

Automatically exported from code.google.com/p/py-radix
Other
0 stars 0 forks source link

Memory leaks found in py-radix-0.5-9.fc17 #5

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
[Bug 800085] New: Memory leaks found in py-radix-0.5-9.fc17 using 
gcc-with-cpychecker static analyzer
bugzilla@redhat.com [bugzilla@redhat.com]
Sent:    Monday, March 05, 2012 11:40 AM

Summary: Memory leaks found in py-radix-0.5-9.fc17 using gcc-with-cpychecker 
static analyzer

https://bugzilla.redhat.com/show_bug.cgi?id=800085

           Summary: Memory leaks found in py-radix-0.5-9.fc17 using
                    gcc-with-cpychecker static analyzer
           Product: Fedora
           Version: rawhide
          Platform: Unspecified
               URL: http://fedorapeople.org/~dmalcolm/gcc-python-plugin/20
                    12-03-05/py-radix-0.5-9.fc17/
        OS/Version: Unspecified
            Status: NEW
          Severity: unspecified
          Priority: unspecified
         Component: py-radix
        AssignedTo: matt_domsch@dell.com
        ReportedBy: dmalcolm@redhat.com
         QAContact: extras-qa@fedoraproject.org
                CC: matt_domsch@dell.com
            Blocks: 789472
   Estimated Hours: 0.0
    Classification: Fedora
      Story Points: ---
              Type: ---
        Regression: ---
        Mount Type: ---
     Documentation: ---

Description of problem:
I've been writing an experimental static analysis tool to detect bugs commonly
occurring within C Python extension modules:
  https://fedorahosted.org/gcc-python-plugin/
  http://gcc-python-plugin.readthedocs.org/en/latest/cpychecker.html
  http://fedoraproject.org/wiki/Features/StaticAnalysisOfPythonRefcounts

I ran the latest version of the tool (in git master; post 0.9) on
py-radix-0.5-9.fc17.src.rpm, and it reports various errors.

You can see a list of errors here, triaged into categories (from most
significant to least significant):
http://fedorapeople.org/~dmalcolm/gcc-python-plugin/2012-03-05/py-radix-0.5-9.fc
17/

I've manually reviewed the issues reported by the tool.

Within the category "Reference leaks" the 2 issues reported appear to reflect
genuine memory leaks within the code:
PyList_Append adds a new reference to the item passed it, it doesn't steal a
reference, hence:
   PyList_Append(list, Py_BuildValue())
will leak a reference to the built value.

Also, Py_BuildValue("O") adds a new reference for the result to the input
object, rather than stealing one.  The subsequent Py_INCREF on the inputs is
thus erroneous.  (also Py_BuildValue("(OO)" could fail if the 2-tuple can't be
allocated when under low memory conditions).

Within the category "Reference count too low within an initialization routine"
the 1 issue reported is inconsequential.

Within the category "Possible reference leaks" the 1 issue reported may or may
not be a bug, depending on whether radix_getstate() returns a borrowed
reference or a new one.  The Py_INCREF following a Py_BuildValue("O") looks
incorrect also.

Within the category "Returning (PyObject*)NULL without setting an exception"
the 3 issues reported may well be false positives: the checker doesn't know
whether or now args_to_prefix sets an exception when it returns NULL.

There may of course be other bugs in my checker tool.

Hope this is helpful; let me know if you need help reading the logs that the
tool generates - I know that it could use some improvement.

Version-Release number of selected component (if applicable):
py-radix-0.5-9.fc17
gcc-python-plugin post-0.9 git 11462291a66c8db693c8884cb84b795bb5988ffb running
the checker in an *f16* chroot

Original issue reported on code.google.com by mdom...@gmail.com on 6 Mar 2012 at 5:11

GoogleCodeExporter commented 9 years ago 
annual ping...

Original comment by mdom...@gmail.com on 8 Mar 2013 at 4:27