================
@@ -198,73 +198,147 @@ raw_ostream &operator<<(raw_ostream &OS, const
MCInstReference &);
namespace PAuthGadgetScanner {
+// The report classes are designed to be used in an immutable manner.
+// When an issue report is constructed in multiple steps, an attempt is made
+// to distinguish intermediate and final results at the type level.
+//
+// Here is an overview of issue life-cycle:
+// * an analysis (SrcSafetyAnalysis at now, DstSafetyAnalysis will be added
+// later to support the detection of authentication oracles) computes
register
+// state for each instruction in the function.
+// * each instruction is checked to be a gadget of some kind, taking the
+// computed state into account. If a gadget is found, its kind and location
+// are stored into a subclass of Diagnostic wrapped into BriefReport<ReqT>.
+// * if any issue is to be reported for the function, the same analysis is
+// re-run to collect extra information to provide to the user. Which extra
+// information can be requested depends on the particular analysis (for
----------------
kbeyls wrote:
nitpick: maybe it's simpler and still correct to just phrase this as "Which
extra information depends on the particular analysis"?
https://github.com/llvm/llvm-project/pull/135662
_______________________________________________
llvm-branch-commits mailing list
llvm-branch-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-branch-commits
