[code-quality] Static checker for common Python programming errors

[Stefan Bucur]

I'm developing a Python static analysis tool that flags common programming
errors in Python programs. The tool is meant to complement other tools like
Pylint (which perform checks at lexical and AST level) by going deeper with
the code analysis and keeping track of the possible control flow paths in
the program (path-sensitive analysis).

For instance, a path-sensitive analysis detects that the following snippet
of code would raise an AttributeError exception:

if object is None: # If the True branch is taken, we know the object is None
  object.doSomething() # ... so this statement would always fail

I wanted first to tap into people's experience and get a sense of what
common pitfalls in the language & its standard library such a static
checker should look for. Just as an example of what I mean, here [1] is a
list of static checks for the C++ language, as part of the Clang static
analyzer project.

My preliminary list of Python checks is quite rudimentary, but maybe could
serve as a discussion starter:

* Proper Unicode handling (for 2.x)
  - encode() is not called on str object
  - decode() is not called on unicode object
* Check for integer division by zero
* Check for None object dereferences

Thanks a lot,
Stefan Bucur

[1] http://clang-analyzer.llvm.org/available_checks.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/code-quality/attachments/20141117/49d444f5/attachment-0001.html>