Static Analysis of CPython Extensions
I'm working on a static analysis tool that can detect common mistakes made in Python extension modules written in C. We'll run it on all such code in Fedora, fixing any problems we find, and send the patches to the appropriate upstream projects.
- Name: Dave Malcolm
- Email: email@example.com
- Targeted release: [[Releases/<number> | Fedora <number> ]]
- Last updated: 2011-04-25
- Percentage of completion: 5%
Python makes it relatively easy to write wrapper code for C and C++ libraries, acting as a "glue" layer to bind.
Unfortunately, there are various mistakes that are commonly made in such wrapper code, and these mistakes can lead to /usr/bin/python leaking memory, segfaulting, or failing when run on less common CPU architectures.
I'm working on static analysis code for C, to detect common errors in C extension modules for Python. The plan is to integrate this with Fedora's packaging, so that all C extension modules packaged for Python 2 and Python 3 can be guaranteed free of such errors (by adding hooks to the python-devel and python3-devel). We can also send fixes for this code as needed to upstream projects, when it reports problems. (Naturally this assumes a good signal:noise ratio from the tool).
Benefit to Fedora
Fedora is already a great environment for doing Python development - having a good-quality static analysis tool integrated into Fedora's build system for python extension modules will make Fedora even more compelling for Python developers.
The presence of the tool should also make it easier to fix certain awkward bugs, and make it easier to support secondary CPU architectures.
- writing the tool
- tuning it to achieve a good signal:noise ratio:
- testing it on a large number of different extension modules
- analyzing the issues that it reports; fixing bugs in the
- itegrating it into the python 2 and python 3 build of Fedora RPMs (python-devel and python3-devel)