search

davidmalcolm / gcc-python-plugin

GCC plugin that embeds CPython inside the compiler
GNU General Public License v3.0
197 stars 58 forks source link

Crash checking a function's refcount #159

Open dvarrazzo opened 5 years ago

dvarrazzo commented 5 years ago

Testing with master (41f52bd3ff54847af5ecd878887ecb18e7bfed93)

Checking the function https://github.com/psycopg/psycopg2/blob/ddcf808d568e30d0d6b53cb0e1aec18e92ed915d/psycopg/cursor_type.c#L1981-L2013 the execution returns the following error:

piro@makkuro:~/dev/psycopg2$ CC_FOR_CPYCHECKER=gcc-6 /home/piro/dev/fs/gcc-python-plugin/gcc-with-cpychecker -pthread -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fno-strict-aliasing -Wdate-time -D_FORTIFY_SOURCE=2 -g -fdebug-prefix-map=/build/python2.7-3hk45v/python2.7-2.7.15~rc1=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -DHAVE_MXDATETIME=1 -DPSYCOPG_DEFAULT_PYDATETIME=1 -DPSYCOPG_VERSION="2.8.dev0 (dt dec mx pq3 ext lo64)" -DPG_VERSION_NUM=90611 -DHAVE_LO64=1 -I/usr/include/python2.7/mx -I/usr/include/python2.7 -I. -I/usr/include/postgresql -I/usr/include/postgresql/9.6/server -c psycopg/cursor_type.c -o build/temp.linux-x86_64-2.7/psycopg/cursor_type.o -Wdeclaration-after-statement

psycopg/cursor_type.c: In function ‘cursor_init’:
psycopg/cursor_type.c:1984:12: error: Unhandled Python exception raised calling 'execute' method
         if (!(bname = psycopg_ensure_bytes(name))) {
            ^
Traceback (most recent call last):
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/__init__.py", line 95, in execute
    self._check_refcounts(fun)
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/__init__.py", line 101, in _check_refcounts
    dump_json=self.dump_json)
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/refcounts.py", line 4393, in check_refcounts
    maxtrans)
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/refcounts.py", line 4248, in impl_check_refcounts
    limits=limits)
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/absinterp.py", line 3033, in iter_traces
    depth + 1):
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/absinterp.py", line 3033, in iter_traces
    depth + 1):
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/absinterp.py", line 3033, in iter_traces
    depth + 1):
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/absinterp.py", line 3033, in iter_traces
    depth + 1):
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/absinterp.py", line 3033, in iter_traces
    depth + 1):
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/absinterp.py", line 3033, in iter_traces
    depth + 1):
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/absinterp.py", line 3033, in iter_traces
    depth + 1):
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/absinterp.py", line 3033, in iter_traces
    depth + 1):
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/absinterp.py", line 3033, in iter_traces
    depth + 1):
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/absinterp.py", line 3033, in iter_traces
    depth + 1):
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/absinterp.py", line 3033, in iter_traces
    depth + 1):
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/absinterp.py", line 3033, in iter_traces
    depth + 1):
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/absinterp.py", line 3033, in iter_traces
    depth + 1):
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/absinterp.py", line 3033, in iter_traces
    depth + 1):
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/absinterp.py", line 2997, in iter_traces
    transitions = curstate.get_transitions()
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/absinterp.py", line 2049, in get_transitions
    return self._get_transitions_for_stmt(stmt)
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/absinterp.py", line 2065, in _get_transitions_for_stmt
    return self._get_transitions_for_GimpleCall(stmt)
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/absinterp.py", line 2268, in _get_transitions_for_GimpleCall
    stmt)
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/absinterp.py", line 2334, in apply_fncall_side_effects
    t_iter.dest.cpython.steal_reference(v_arg, stmt.loc)
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/refcounts.py", line 768, in steal_reference
    _steal_ref)
  File "/home/piro/dev/fs/gcc-python-plugin/libcpychecker/refcounts.py", line 572, in change_refcount
    check_isinstance(oldvalue, RefcountValue)
  File "/home/piro/dev/fs/gcc-python-plugin/gccutils/__init__.py", line 637, in check_isinstance
    raise TypeError('%s / %r is not an instance of %s' % (obj, obj, types))
TypeError: (long int)val [-0x7fffffffffffffff <= val <= 0x7fffffffffffffff] from psycopg/cursor_type.c:1983 / WithinRange(gcctype='long int', loc=gcc.Location(file='psycopg/cursor_type.c', line=1983), minvalue=-0x7fffffffffffffff, maxvalue=0x7fffffffffffffff) is not an instance of <class 'libcpychecker.refcounts.RefcountValue'>