-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathTODO
67 lines (54 loc) · 2.5 KB
/
TODO
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
DONE
TODO Replace isGlobalCFunction by something more efficient
1baedeccd6989bcf270f1fcd2e6b37d5dcb9f46e
[analyzer] Utility to match function calls.
http://reviews.llvm.org/D15921
DONE
TODO add pointer escape detection (hopefully fixes false positives)
4b6bb40b22877472d0b3d2961689f1f0ac23cc71
[analyzer] Convert SimpleStreamChecker to use the PointerEscape callback
DONE
TODO mark malloc/free nodes on path. See MallocChecker.cpp for example.
It probably needs implementation of a BugReporterVisitor (VisitNode) and a
corresponding R->addVisitor(llvm::make_unique<...BugVisitor>(Sym));
DONE
TODO handle identity functions that invalidate other symbols.
DONE
TODO fold multiple memleaks based on the allocation, not on the exit path.
Test case: ui/tap-rtp-common.c
From docs/analyzer/IPA.txt we learn that:
- LocationContext roughly represents the state of a new function call (including
stack frame).
TODO handle allocations from these types (U = Unused in Wireshark)
https://developer.gnome.org/glib/stable/glib-Doubly-Linked-Lists.html
https://developer.gnome.org/glib/stable/glib-Singly-Linked-Lists.html
https://developer.gnome.org/glib/stable/glib-Double-ended-Queues.html
https://developer.gnome.org/glib/stable/glib-Sequences.html (U)
https://developer.gnome.org/glib/stable/glib-Hash-Tables.html
https://developer.gnome.org/glib/stable/glib-Strings.html
https://developer.gnome.org/glib/stable/glib-String-Chunks.html
https://developer.gnome.org/glib/stable/glib-Balanced-Binary-Trees.html
https://developer.gnome.org/glib/stable/glib-N-ary-Trees.html
https://developer.gnome.org/glib/stable/glib-Datasets.html (U)
https://developer.gnome.org/glib/stable/glib-GVariantType.html (U)
https://developer.gnome.org/glib/stable/glib-GVariant.html (U)
TODO utility functions (U = Unused in Wireshark)
g_strnfill (U)
g_str_to_ascii (U, since 2.40, transfer semantics unclear)
g_str_tokenize_and_fold (U, since 2.40, free function unclear)
g_strescape (allocates new memory, but free function is not clear)
g_strcompress (U, allocates new memory, but free function is not clear)
TODO handle functions that return an address from a region:
g_stpcpy
g_strstr_len
g_strrstr
g_strrstr_len
TODO handle identity functions:
g_ascii_dtostr (U)
g_ascii_formatd (U)
TODO these for sure do not escape, the first argument is not freed:
g_strlcpy
g_strlcat
TODO check that arguments to g_printf, etc. do not cause a pointer to escape
TODO g_ascii_strtoll, etc. return a value from the region in an argument
(instead of returning as function return value)