Hello llvm,
I am a first year PhD student at “Politehnica” University of Timisoara, Romania. I am a part of the LOOSE Research group (http://www.loose.upt.ro) and until now I have been involved in several research projects in reverse-engineering object oriented software.
Currently I am using llvm to statically check C/C++ programs for memory leaks. What I have until now is a llvm FunctionPass that tries to find a CFG path from each malloc or new to a corresponding free or delete. This is achieved by first doing a quick intra-procedural search for leaking paths and then inter-procedurally double checking the results. Further improvements would include a path viability check with a solver and some shape analysis.
This summer however, I plan to create an “optimization” that automatically fixes memory leaks in programs - obviously only those that can be fixed with the available information, for example:
int addAndFree(int *x, int y) {
y += *x; free(x);
return y;
}
int functionCalled10MTimesInSomeLoop(int index, int data) {
int x = (int)malloc(sizeof(int));
if(index < 3) { // do stuff with x, index and data
*x = data[index];
return addAndFree(x,index);
} else
return -1;
}
the function would not leak if that free instruction was copied in bb2: before ret (see bellow: -O4 version of above)
define i32 @_Z32functionCalled10MTimesInSomeLoopiPi(i32 %index, i32* nocapture %data) nounwind {
entry:
%0 = malloc i32 ; <i32*> [#uses=1]
%1 = icmp sgt i32 %index, 2 ; [#uses=1]
br i1 %1, label %bb2, label %bb
bb: ; preds = %entry
%2 = getelementptr i32* %data, i32 %index ; <i32*> [#uses=1]
%3 = load i32* %2, align 4 ; [#uses=1]
%4 = add i32 %3, %index ; [#uses=1]
free i32* %0
ret i32 %4
bb2: ; preds = %entry
; would be nice to insert: free i32* %0 ; here
ret i32 -1
}
So seeing as this is not on the open projects list, is it even worth applying for SummerOfCode?
best wishes,
Mihai.