Static psycopg checking: false positives?

[dvarrazzo]

Hello David, I'm here again checking psycopg with your invaluable tool! I'm using the master branch (7ae141068774ab2892287bd8c2e84cee76e6fae7).

It seems to me the static analysis tool is not detecting correctly the association of objects to structures attribute. For instance in this simple case:

https://github.com/psycopg/psycopg2/blob/a2b01cdf/psycopg/adapter_asis.c#L102

which can be simplified to:

static int
asis_setup(asisObject *self, PyObject *obj)
{
    Py_INCREF(obj);
    self->wrapped = obj;
    return 0;
}

the checker thinks we are leaking a reference to obj, whereas we have assigned ownership to self:

psycopg/adapter_asis.c: In function ‘asis_setup’:
psycopg/adapter_asis.c:117:12: warning: memory leak: ob_refcnt of '*obj' is 1 too high
     return 0;
            ^
psycopg/adapter_asis.c:117:12: note: was expecting final owned ob_refcnt of '*obj' to be 0 since nothing references it but final ob_refcnt is refs: 1 owned, 1 borrowed
In file included from /usr/include/python2.7/Python.h:80:0,
                 from ./psycopg/psycopg.h:34,
                 from psycopg/adapter_asis.c:27:
/usr/include/python2.7/object.h:769:33: note: ob_refcnt is now refs: 1 owned, 1 borrowed
     ((PyObject*)(op))->ob_refcnt++)
                                 ^
psycopg/adapter_asis.c:110:5: note: in expansion of macro ‘Py_INCREF’
     Py_INCREF(obj);
     ^
psycopg/adapter_asis.c:117:12: note: returning at:     return 0;
     return 0;
            ^

If I "inlne" the assignment into the asis_init() function instead no error is reported.

Am I doing something wrong or is it a bug?

[dvarrazzo]

I keep on tripping on this error. @davidmalcolm could you please give me your opinion about this problem? I believe in the past passing ownership to the object state was recognised, whereas now it is reported that nothing references the object. Is this a regression and can it be fixed easily?

Examples are such as this function resulting in the following trace: