Report author here [LWN.net]

Report author here

Posted Apr 22, 2026 11:31 UTC (Wed) by mathstuf (subscriber, #69389)
In reply to: Report author here by devdanzin
Parent article: Using LLMs to find Python C-extension bugs

Thanks! There is also the GCC project of a CPython API analyzer as well. How feasible would it be to reify the rules into the GCC scanner itself so that we can offload detection of many things from the cloud models and instead make detection "cheap" again?

I'd selfishly request a review of VTK's generated Python bindings, but I don't want to waste cycles on it as I have a(n unscheduled) plan to update them to be abi3-compliant anyways. It is a "critical" package on PyPI if you want to do a scan; just don't put it at the top of a list because of the planned work likely obviating much of it (unless checkpointing for a before/after comparison is also diable).

to post comments

Report author here

Posted Apr 23, 2026 9:02 UTC (Thu) by devdanzin (subscriber, #183390) [Link]

> There is also the GCC project of a CPython API analyzer as well. How feasible would it be to reify the rules into the GCC scanner itself so that we can offload detection of many things from the cloud models and instead make detection "cheap" again?

I was going to say that I don't believe it would be feasible, but decided to ask Claude for confirmation and actually got a response[0] indicating it would be very feasible and pretty useful for my analysis project! Thank you for asking, it may well be our main future goal.

> I'd selfishly request a review of VTK's generated Python bindings,

Thank you for taking the offer! :)

The main consumable of the review is the list of actionable items[1], but I include all reports and appendices in case you want to see the detailed findings, methodology and other context. Feel free to not act on any of these, we can re-run the tools after your update to abi3.

> I don't want to waste cycles on it as I have a(n unscheduled) plan to update them to be abi3-compliant anyways.

Good news is one of the agents specializes in checking abi3 compliance and migration feasibility, and it generated a report[2] for you. I hope it helps you when you update to abi3.

[0] https://gist.github.com/devdanzin/06c2e34dac411d9a5f3cf45...
[1] https://gist.github.com/devdanzin/bb73cbfce9e421fd853c536...
[2] https://gist.github.com/devdanzin/bb73cbfce9e421fd853c536...