New python PIDL checks cause 2221 new Coverity warnings
abartlet at samba.org
Tue Aug 25 22:24:37 UTC 2015
On Tue, 2015-08-25 at 07:57 +0200, Volker Lendecke wrote:
> Hi, Andrew!
> The new PIDL checks for generated python code cause tons of new
> in Coverity.
> One random example pasted after this message, please take a look at
> lines with CID. The web interface is much more usable, I'm pasting
> example here for easy access.
> Is there anything we can do about this? Filtering out all generated
> python code would be one possibility, but I would rather not do it.
Yes, we expected the compiler to optimise this out. That was a
deliberate design pattern to avoid trying to teach PIDL the size and
maximum values of 'long' and all the IDL types (both classes of which
change size depending on the architecture), and instead chose to rely
on the compiler to handle that.
The idea was that consistent code across all the types and
architectures (duplicated only for signed/unsigned in one area), and so
relying on the compiler to do it's work would be smarter than encoding
the compiler's knowledge in PIDL, and risking getting that wrong.
We were aware of the left-shift of 64 bits, which is why that specific
case is hard-coded at the start of the conditional expression, and rely
on the undefined left-shift result never being used.
The biggest challenge is that a number of cases only really come up on
32 bit system, where a python long can't hold a uint32_t (on 64 bit it
can), and so PyInt_FromLong can fail.
In short, when writing it we didn't consider Coverity giving warnings
about this, we just expected the compiler to optimise it.
Authentication Developer, Samba Team https://samba.org
Samba Development and Support, Catalyst IT
More information about the samba-technical