search

facebook / pyre-check

Performant type-checking for python.
https://pyre-check.org/
MIT License
6.86k stars 437 forks source link

Pysa does not complete the analysis of a tutorial example #915

Closed yoann-marquer closed 2 months ago

yoann-marquer commented 2 months ago

Pysa Bug

Pre-submission checklist [✓] I've checked the list of common issues and mine does not appear

Bug description Pysa execution of a tutorial example does not terminate when done inside another project environment.

Reproduction steps I cloned the pyre-check repository and successfully executed on my machine the Pysa tutorial on a newly created virtual environment, following the instructions in the pysa_tutorial directory.

Then, I tried to reproduce example 1 using my project virtual environment. My project main directory (named SagaDatabase) has the following structure:

I installed the necessary requirements using: pip3 install pyre-check fb-sapp django-stubs then I moved to the first exercise: cd ./pyre-check-clean/documentation/pysa_tutorial/exercise1 in order to analyse the code snippet present in the directory: pyre --noninteractive analyze --no-verify

Expected behavior I expected Pysa execution to terminate after a few seconds, as for my initial test using a standalone instance of the pyre-check repository and a fresh virtual environment.

Logs

UNIC02FD1LPMD6V:~ yoann.marquer$ cd Gits/SagaDatabase/
UNIC02FD1LPMD6V:SagaDatabase yoann.marquer$ source venv/bin/activate
(venv) UNIC02FD1LPMD6V:SagaDatabase yoann.marquer$ pip3 install pyre-check fb-sapp django-stubs
Requirement already satisfied: pyre-check in ./venv/lib/python3.12/site-packages (0.9.22)
Requirement already satisfied: fb-sapp in ./venv/lib/python3.12/site-packages (0.5.6)
Requirement already satisfied: django-stubs in ./venv/lib/python3.12/site-packages (5.0.0)
Requirement already satisfied: click>=8.0 in ./venv/lib/python3.12/site-packages (from pyre-check) (8.1.3)
Requirement already satisfied: dataclasses-json==0.5.7 in ./venv/lib/python3.12/site-packages (from pyre-check) (0.5.7)
Requirement already satisfied: intervaltree in ./venv/lib/python3.12/site-packages (from pyre-check) (3.1.0)
Requirement already satisfied: libcst in ./venv/lib/python3.12/site-packages (from pyre-check) (1.4.0)
Requirement already satisfied: psutil in ./venv/lib/python3.12/site-packages (from pyre-check) (6.0.0)
Requirement already satisfied: pyre-extensions>=0.0.29 in ./venv/lib/python3.12/site-packages (from pyre-check) (0.0.30)
Requirement already satisfied: tabulate in ./venv/lib/python3.12/site-packages (from pyre-check) (0.9.0)
Requirement already satisfied: testslide>=2.7.0 in ./venv/lib/python3.12/site-packages (from pyre-check) (2.7.1)
Requirement already satisfied: typing-extensions in ./venv/lib/python3.12/site-packages (from pyre-check) (4.2.0)
Requirement already satisfied: typing-inspect in ./venv/lib/python3.12/site-packages (from pyre-check) (0.9.0)
Requirement already satisfied: marshmallow<4.0.0,>=3.3.0 in ./venv/lib/python3.12/site-packages (from dataclasses-json==0.5.7->pyre-check) (3.22.0)
Requirement already satisfied: marshmallow-enum<2.0.0,>=1.5.1 in ./venv/lib/python3.12/site-packages (from dataclasses-json==0.5.7->pyre-check) (1.5.1)
Requirement already satisfied: click-log==0.4.0 in ./venv/lib/python3.12/site-packages (from fb-sapp) (0.4.0)
Requirement already satisfied: Flask==2.3.3 in ./venv/lib/python3.12/site-packages (from fb-sapp) (2.3.3)
Requirement already satisfied: Flask-Cors==3.0.10 in ./venv/lib/python3.12/site-packages (from fb-sapp) (3.0.10)
Requirement already satisfied: Flask-GraphQL==2.0.1 in ./venv/lib/python3.12/site-packages (from fb-sapp) (2.0.1)
Requirement already satisfied: graphene<3.0 in ./venv/lib/python3.12/site-packages (from fb-sapp) (2.1.9)
Requirement already satisfied: graphene-sqlalchemy==2.3.0 in ./venv/lib/python3.12/site-packages (from fb-sapp) (2.3.0)
Requirement already satisfied: ipython<8.4.0 in ./venv/lib/python3.12/site-packages (from fb-sapp) (8.3.0)
Requirement already satisfied: munch==2.5.0 in ./venv/lib/python3.12/site-packages (from fb-sapp) (2.5.0)
Requirement already satisfied: prompt-toolkit==3.0.29 in ./venv/lib/python3.12/site-packages (from fb-sapp) (3.0.29)
Requirement already satisfied: Pygments==2.12.0 in ./venv/lib/python3.12/site-packages (from fb-sapp) (2.12.0)
Requirement already satisfied: SQLAlchemy==1.4.50 in ./venv/lib/python3.12/site-packages (from fb-sapp) (1.4.50)
Requirement already satisfied: traitlets==5.2.2.post1 in ./venv/lib/python3.12/site-packages (from fb-sapp) (5.2.2.post1)
Requirement already satisfied: xxhash==3.0.0 in ./venv/lib/python3.12/site-packages (from fb-sapp) (3.0.0)
Requirement already satisfied: zstandard==0.17.0 in ./venv/lib/python3.12/site-packages (from fb-sapp) (0.17.0)
Requirement already satisfied: Werkzeug==2.3.7 in ./venv/lib/python3.12/site-packages (from fb-sapp) (2.3.7)
Requirement already satisfied: Jinja2>=3.1.2 in ./venv/lib/python3.12/site-packages (from Flask==2.3.3->fb-sapp) (3.1.4)
Requirement already satisfied: itsdangerous>=2.1.2 in ./venv/lib/python3.12/site-packages (from Flask==2.3.3->fb-sapp) (2.2.0)
Requirement already satisfied: blinker>=1.6.2 in ./venv/lib/python3.12/site-packages (from Flask==2.3.3->fb-sapp) (1.8.2)
Requirement already satisfied: Six in ./venv/lib/python3.12/site-packages (from Flask-Cors==3.0.10->fb-sapp) (1.16.0)
Requirement already satisfied: graphql-core<3,>=2.1 in ./venv/lib/python3.12/site-packages (from Flask-GraphQL==2.0.1->fb-sapp) (2.3.2)
Requirement already satisfied: graphql-server-core<2,>=1.1 in ./venv/lib/python3.12/site-packages (from Flask-GraphQL==2.0.1->fb-sapp) (1.2.0)
Requirement already satisfied: promise>=2.3 in ./venv/lib/python3.12/site-packages (from graphene-sqlalchemy==2.3.0->fb-sapp) (2.3)
Requirement already satisfied: singledispatch<4,>=3.4.0.3 in ./venv/lib/python3.12/site-packages (from graphene-sqlalchemy==2.3.0->fb-sapp) (3.7.0)
Requirement already satisfied: wcwidth in ./venv/lib/python3.12/site-packages (from prompt-toolkit==3.0.29->fb-sapp) (0.2.13)
Requirement already satisfied: greenlet!=0.4.17 in ./venv/lib/python3.12/site-packages (from SQLAlchemy==1.4.50->fb-sapp) (3.0.3)
Requirement already satisfied: MarkupSafe>=2.1.1 in ./venv/lib/python3.12/site-packages (from Werkzeug==2.3.7->fb-sapp) (2.1.5)
Requirement already satisfied: django in ./venv/lib/python3.12/site-packages (from django-stubs) (5.1)
Requirement already satisfied: asgiref in ./venv/lib/python3.12/site-packages (from django-stubs) (3.8.1)
Requirement already satisfied: django-stubs-ext>=5.0.0 in ./venv/lib/python3.12/site-packages (from django-stubs) (5.0.4)
Requirement already satisfied: types-PyYAML in ./venv/lib/python3.12/site-packages (from django-stubs) (6.0.12.20240808)
Requirement already satisfied: graphql-relay<3,>=2 in ./venv/lib/python3.12/site-packages (from graphene<3.0->fb-sapp) (2.0.1)
Requirement already satisfied: aniso8601<=7,>=3 in ./venv/lib/python3.12/site-packages (from graphene<3.0->fb-sapp) (7.0.0)
Requirement already satisfied: backcall in ./venv/lib/python3.12/site-packages (from ipython<8.4.0->fb-sapp) (0.2.0)
Requirement already satisfied: decorator in ./venv/lib/python3.12/site-packages (from ipython<8.4.0->fb-sapp) (5.1.1)
Requirement already satisfied: jedi>=0.16 in ./venv/lib/python3.12/site-packages (from ipython<8.4.0->fb-sapp) (0.19.1)
Requirement already satisfied: matplotlib-inline in ./venv/lib/python3.12/site-packages (from ipython<8.4.0->fb-sapp) (0.1.7)
Requirement already satisfied: pickleshare in ./venv/lib/python3.12/site-packages (from ipython<8.4.0->fb-sapp) (0.7.5)
Requirement already satisfied: setuptools>=18.5 in ./venv/lib/python3.12/site-packages (from ipython<8.4.0->fb-sapp) (72.1.0)
Requirement already satisfied: stack-data in ./venv/lib/python3.12/site-packages (from ipython<8.4.0->fb-sapp) (0.6.3)
Requirement already satisfied: pexpect>4.3 in ./venv/lib/python3.12/site-packages (from ipython<8.4.0->fb-sapp) (4.9.0)
Requirement already satisfied: appnope in ./venv/lib/python3.12/site-packages (from ipython<8.4.0->fb-sapp) (0.1.4)
Requirement already satisfied: typeguard<3.0 in ./venv/lib/python3.12/site-packages (from testslide>=2.7.0->pyre-check) (2.13.3)
Requirement already satisfied: mypy-extensions>=0.3.0 in ./venv/lib/python3.12/site-packages (from typing-inspect->pyre-check) (1.0.0)
Requirement already satisfied: sqlparse>=0.3.1 in ./venv/lib/python3.12/site-packages (from django->django-stubs) (0.5.1)
Requirement already satisfied: sortedcontainers<3.0,>=2.0 in ./venv/lib/python3.12/site-packages (from intervaltree->pyre-check) (2.4.0)
Requirement already satisfied: pyyaml>=5.2 in ./venv/lib/python3.12/site-packages (from libcst->pyre-check) (6.0.2)
Requirement already satisfied: rx<2,>=1.6 in ./venv/lib/python3.12/site-packages (from graphql-core<3,>=2.1->Flask-GraphQL==2.0.1->fb-sapp) (1.6.3)
Requirement already satisfied: parso<0.9.0,>=0.8.3 in ./venv/lib/python3.12/site-packages (from jedi>=0.16->ipython<8.4.0->fb-sapp) (0.8.4)
Requirement already satisfied: packaging>=17.0 in ./venv/lib/python3.12/site-packages (from marshmallow<4.0.0,>=3.3.0->dataclasses-json==0.5.7->pyre-check) (24.1)
Requirement already satisfied: ptyprocess>=0.5 in ./venv/lib/python3.12/site-packages (from pexpect>4.3->ipython<8.4.0->fb-sapp) (0.7.0)
Requirement already satisfied: executing>=1.2.0 in ./venv/lib/python3.12/site-packages (from stack-data->ipython<8.4.0->fb-sapp) (2.0.1)
Requirement already satisfied: asttokens>=2.1.0 in ./venv/lib/python3.12/site-packages (from stack-data->ipython<8.4.0->fb-sapp) (2.4.1)
Requirement already satisfied: pure-eval in ./venv/lib/python3.12/site-packages (from stack-data->ipython<8.4.0->fb-sapp) (0.2.3)
(venv) UNIC02FD1LPMD6V:SagaDatabase yoann.marquer$ cd ./pyre-check-clean/documentation/pysa_tutorial/exercise1
(venv) UNIC02FD1LPMD6V:exercise1 yoann.marquer$ pyre --noninteractive analyze --no-verify
2024-08-30 17:59:32,166 [PID 8122] INFO No binary specified, looking for `pyre.bin` in PATH
2024-08-30 17:59:32,167 [PID 8122] INFO Pyre binary is located at `/Users/yoann.marquer/Gits/SagaDatabase/venv/bin/pyre.bin`
2024-08-30 17:59:32,167 [PID 8122] INFO Could not determine the number of Pyre workers from configuration. Auto-set the value to 7.
2024-08-30 17:59:32,181 [PID 8122] INFO No typeshed specified, looking for it...
2024-08-30 17:59:32,181 [PID 8122] INFO Found: `/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed`
2024-08-30 17:59:32,182 [PID 8122] INFO Writing arguments into /var/folders/2t/0m7kkdn96c53_b1x4qdyj2qcb82hy_/T/pyre_arguments_77s0emf2.json...
2024-08-30 17:59:32,183 [PID 8122] DEBUG Arguments:
{
  "source_paths": {
    "kind": "simple",
    "paths": [
      "/Users/yoann.marquer/Gits/SagaDatabase/pyre-check-clean/documentation/pysa_tutorial/exercise1"
    ]
  },
  "search_paths": [
    "/Users/yoann.marquer/Gits/SagaDatabase/pyre-check-clean/documentation/pysa_tutorial/exercise1/../../../stubs",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$referencing",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$pip",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$marshmallow",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$testslide",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$graphql",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$markupsafe",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$numpy",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$git",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$flask",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$click_option_group",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$libcst",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$idna",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$tomli",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$stack_data",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$asgiref",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$zstandard",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$pure_eval",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$django-stubs",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$asttokens",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$attrs",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$markdown_it",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$dataclasses_json",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$executing",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$bracex",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$django_stubs_ext",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$promise",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$parso",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$blinker",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$mdurl",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$prompt_toolkit",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$jinja2",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$mypy_django_plugin",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$charset_normalizer",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$typeguard",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$wcmatch",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$packaging",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$rich",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$werkzeug",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$certifi",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$click",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$pkg_resources",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$traitlets",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$itsdangerous",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$yaml-stubs",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$attr",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/python3.12/site-packages$rpds",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stdlib",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/ExifRead",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/Pillow",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/PyMySQL",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/PyYAML",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/aiofiles",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/boto",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/chevron",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/colorama",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/ldap3",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/mysqlclient",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/paramiko",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/psycopg2",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/pycurl",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/python-dateutil",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/pytz",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/regex",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/requests",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/retry",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/tqdm",
    "/Users/yoann.marquer/Gits/SagaDatabase/venv/lib/pyre_check/typeshed/stubs/ujson"
  ],
  "excludes": [
    ".*/integration_test/.*"
  ],
  "checked_directory_allowlist": [
    "/Users/yoann.marquer/Gits/SagaDatabase/pyre-check-clean/documentation/pysa_tutorial/exercise1"
  ],
  "checked_directory_blocklist": [],
  "extensions": [],
  "log_path": "/Users/yoann.marquer/Gits/SagaDatabase/pyre-check-clean/documentation/pysa_tutorial/exercise1/.pyre",
  "global_root": "/Users/yoann.marquer/Gits/SagaDatabase/pyre-check-clean/documentation/pysa_tutorial/exercise1",
  "debug": false,
  "python_version": {
    "major": 3,
    "minor": 12,
    "micro": 4
  },
  "shared_memory": {},
  "parallel": true,
  "number_of_workers": 7,
  "inline_decorators": false,
  "infer_self_tito": false,
  "infer_argument_tito": false,
  "no_verify": true,
  "verify_dsl": false,
  "verify_taint_config_only": false,
  "strict": false,
  "taint_model_paths": [
    "/Users/yoann.marquer/Gits/SagaDatabase/pyre-check-clean/documentation/pysa_tutorial/exercise1"
  ],
  "use_cache": false,
  "build_cache_only": false,
  "check_invariants": false,
  "limit_entrypoints": false,
  "compact_ocaml_heap": false,
  "saved_state": {
    "watchman_root": null,
    "project_name": null,
    "preset": null,
    "cache_critical_files": []
  },
  "compute_coverage": false
}
2024-08-30 17:59:32,229 [PID 8122] INFO  Initializing shared memory (heap_size: 8589934592, dep_table_pow: 1, hash_table_pow: 26)
2024-08-30 17:59:32,239 [PID 8122] INFO  Initializing and verifying taint configuration...
2024-08-30 17:59:32,240 [PID 8122] INFO  Initialized and verified taint configuration: 0.001s
2024-08-30 17:59:32,240 [PID 8122] PERFORMANCE  Initialized and verified taint configuration: 0.001s
2024-08-30 17:59:32,240 [PID 8122] INFO  Verifying model syntax...
2024-08-30 17:59:32,240 [PID 8122] INFO  Finding taint models in `/Users/yoann.marquer/Gits/SagaDatabase/pyre-check-clean/documentation/pysa_tutorial/exercise1`.
2024-08-30 17:59:32,240 [PID 8122] INFO  Verified model syntax: 0.001s
2024-08-30 17:59:32,240 [PID 8122] PERFORMANCE  Verified model syntax: 0.001s
2024-08-30 17:59:32,240 [PID 8122] INFO  Parsing taint models modes...
2024-08-30 17:59:32,240 [PID 8122] INFO  Finding taint models in `/Users/yoann.marquer/Gits/SagaDatabase/pyre-check-clean/documentation/pysa_tutorial/exercise1`.
2024-08-30 17:59:32,240 [PID 8122] INFO  Parsed taint models modes: 0.000s
2024-08-30 17:59:32,241 [PID 8122] PERFORMANCE  Parsed taint models modes: 0.000s
2024-08-30 17:59:32,241 [PID 8122] INFO  Building module tracker...
2024-08-30 17:59:32,519 [PID 8122] PERFORMANCE  Module tracker built: 0.277s
2024-08-30 17:59:32,602 [PID 8122] PERFORMANCE  Full environment built: 0.364s
2024-08-30 17:59:32,602 [PID 8122] INFO  Starting type checking...
2024-08-30 17:59:32,602 [PID 8122] INFO  Found 4865 modules
2024-08-30 17:59:32,602 [PID 8122] INFO  Collecting all definitions...
2024-08-30 17:59:35,099 [PID 8122] WARNING  Parser error in module `numpy.core.tests.test_regression`: CPython runtime raised a non-syntax exception
2024-08-30 17:59:37,652 [PID 8122] PERFORMANCE  Collected definitions (defines: 92232): 5.046s
2024-08-30 17:59:37,652 [PID 8122] INFO  Found 92232 functions
2024-08-30 17:59:37,652 [PID 8122] INFO  Checking 92232 functions...
2024-08-30 17:59:48,313 [PID 8122] INFO  Processed 4855 of 92232 functions
2024-08-30 17:59:58,250 [PID 8122] INFO  Processed 9710 of 92232 functions
2024-08-30 18:00:01,541 [PID 8122] INFO  Processed 14565 of 92232 functions
2024-08-30 18:00:07,379 [PID 8122] INFO  Processed 19420 of 92232 functions
2024-08-30 18:00:15,493 [PID 8122] INFO  Processed 24275 of 92232 functions
2024-08-30 18:00:20,181 [PID 8122] INFO  Processed 29130 of 92232 functions
2024-08-30 18:00:22,211 [PID 8122] INFO  Processed 33985 of 92232 functions
2024-08-30 18:00:27,413 [PID 8122] INFO  Processed 38840 of 92232 functions
2024-08-30 18:00:27,559 [PID 8122] INFO  Processed 43695 of 92232 functions
2024-08-30 18:00:29,770 [PID 8122] INFO  Processed 48550 of 92232 functions
2024-08-30 18:00:31,352 [PID 8122] INFO  Processed 53405 of 92232 functions
2024-08-30 18:00:34,375 [PID 8122] INFO  Processed 58260 of 92232 functions
2024-08-30 18:00:35,530 [PID 8122] INFO  Processed 63115 of 92232 functions
2024-08-30 18:00:44,486 [PID 8122] PERFORMANCE  Long type check of callable (cutoff time: 60, callable: numpy.lib.tests.test_format.$toplevel)
2024-08-30 18:00:44,486 [PID 8122] INFO  The type check of numpy.lib.tests.test_format.$toplevel is taking more than 60 seconds (pid = 8141)
2024-08-30 18:00:46,130 [PID 8122] INFO  Processed 67970 of 92232 functions
2024-08-30 18:00:46,380 [PID 8122] INFO  Processed 72825 of 92232 functions
2024-08-30 18:00:46,751 [PID 8122] INFO  Processed 77680 of 92232 functions
2024-08-30 18:00:48,694 [PID 8122] INFO  Processed 82522 of 92232 functions
2024-08-30 18:00:50,055 [PID 8122] INFO  Processed 87377 of 92232 functions
2024-08-30 18:01:44,483 [PID 8122] PERFORMANCE  Long type check of callable (cutoff time: 120, callable: numpy.lib.tests.test_format.$toplevel)
2024-08-30 18:01:44,483 [PID 8122] INFO  The type check of numpy.lib.tests.test_format.$toplevel is taking more than 120 seconds (pid = 8141)
2024-08-30 18:03:44,488 [PID 8122] PERFORMANCE  Long type check of callable (cutoff time: 240, callable: numpy.lib.tests.test_format.$toplevel)
2024-08-30 18:03:44,488 [PID 8122] INFO  The type check of numpy.lib.tests.test_format.$toplevel is taking more than 240 seconds (pid = 8141)
2024-08-30 18:07:44,492 [PID 8122] PERFORMANCE  Long type check of callable (cutoff time: 480, callable: numpy.lib.tests.test_format.$toplevel)
2024-08-30 18:07:44,492 [PID 8122] INFO  The type check of numpy.lib.tests.test_format.$toplevel is taking more than 480 seconds (pid = 8141)
2024-08-30 18:15:44,501 [PID 8122] PERFORMANCE  Long type check of callable (cutoff time: 960, callable: numpy.lib.tests.test_format.$toplevel)
2024-08-30 18:15:44,501 [PID 8122] INFO  The type check of numpy.lib.tests.test_format.$toplevel is taking more than 960 seconds (pid = 8141)

Additional context I'm interested only in analyzing small code snippets (like the views.py file in the first exercise), not whole projects. The error indicates that The type check of numpy.lib.tests.test_format.$toplevel is taking more than 960 seconds which is unrelated to the first example of the tutorial. Is there a way to restrict the type check to code snippets at given paths or in a given directory?

arthaud commented 2 months ago

Hi @yoann-marquer, thanks for reaching out.

There are multiple problems here.

First, pysa finds your virtual environment and includes it in its analysis. This is usually the desired behavior. Then, while type checking numpy (in your virtual environment), it seems to hit a performance regression or worse, an infinite loop. This is quite surprising but could simply be a bug in pyre. cc @stroxler and @grievejia in case this is known or if they want to look at it (but usually this is unfortunately low priority for us, unless we have the same problem internally).

so, first of, make sure you are using the latest version of pyre. I would even recommend trying with the pyre-check-nightly pypi package.

Then, to prevent pysa from looking at your virtual environment, you should be able to add "site_package_search_strategy": "none" in the .pyre_configuration file, which should be located in pyre-check-clean/documentation/pysa_tutorial/exercise1/.pyre_configuration. See https://pyre-check.org/docs/configuration/ for more information about the pyre configuration file.

An alternative would be to simply exclude numpy.lib.tests.test_format.$toplevel from the analysis. This could be done by adding the following lines in a pysa model file (.pysa):

@SkipAnalysis
def numpy.lib.tests.test_format.__top_level__(): ...

For instance, you could add this to pyre-check-clean/documentation/pysa_tutorial/exercise1/sources_sinks.pysa.

EDIT: Fixed missing : ... in the SkipAnalysis model.

yoann-marquer commented 2 months ago

Thank you very much @arthaud for your help!

If it can help your team, my version numbers were:

pyre-check==0.9.22
fb-sapp==0.5.6
django-stubs==5.0.0
numpy==1.26.4

I tried the "site_package_search_strategy": "none" solution. In that case, indeed, Pysa manages to terminate the analysis, but without detecting the expected vulnerabilities. I guess this is because necessary source/sink definitions are in django-stubs or fb-sapp.

Using your second solution, I encountered a Syntax error, that I fixed by adding the necessary : ... at the end of the definition. This indeed solved my issue, and I was able to analyze the code snippet from the tutorial, and other code snippets from my own dataset as well :)