openharmonyinsight/skills/oh-stability/memoryLeak/dynamic-memory-analyzer
skills/oh-stability/memoryLeak/dynamic-memory-analyzer/SKILL.md
--- name: dynamic-memory-analyzer description: Comprehensive dynamic memory management analysis for ace_engine codebase. Covers 17 critical scenarios: basic pairing, smart pointers (RefPtr/WeakPtr), exception safety, ownership transfer, container pointers, singletons, callbacks, multi-threading, cross-layer interaction, third-party libraries, special patterns, common leaks, nullptr handling, Register/Unregister, lifecycle binding, assignment updates, and function returns. Use when checking memor
$ install --global
skillsauthnpx skillsauth add openharmonyinsight/openharmony-skills skills/oh-stability/memoryLeak/dynamic-memory-analyzerInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 29, 2026, 6:35 AM248.2s4 files scanned
SKILL.md
- name:
- dynamic-memory-analyzer
- description:
- Comprehensive dynamic memory management analysis for ace_engine codebase. Covers 17 critical scenarios: basic pairing, smart pointers (RefPtr/WeakPtr), exception safety, ownership transfer, container pointers, singletons, callbacks, multi-threading, cross-layer interaction, third-party libraries, special patterns, common leaks, nullptr handling, Register/Unregister, lifecycle binding, assignment updates, and function returns. Use when checking memory leaks, verifying memory safety, or analyzing new/delete patterns in ace_engine.
Dynamic Memory Analyzer
Comprehensive memory management analysis for ace_engine codebase covering 17 critical scenarios.
Quick Start
Use this skill to analyze memory management in ace_engine codebase:
-
Statistical Analysis - Get overview metrics
- Run:
bash scripts/stats.sh <target-directory> - Review the output statistics
- Run:
-
Pattern Detection - Identify specific issues
- See PATTERNS.md for detection rules
- Execute relevant grep/awk commands from the patterns
-
Generate Report - Document findings
- Use REPORT_TEMPLATE.md as guide
- Apply recommendations from FIXES.md
Core Scenarios
1. Basic Pairing
new/deletepairingnew[]/delete[]pairing- Execution path coverage
2. Smart Pointers
- RefPtr usage patterns
- WeakPtr for cycles
- Raw/RefPtr mixing
3. Exception Safety
- Exception paths
- RAII patterns
- Try-catch coverage
4. Ownership Transfer
- Function returns
- Parameter passing
- Cross-module transfer
5. Container Pointers
- STL containers
- Cleanup logic
- Iterator safety
6. Singletons
- Singleton leaks
- Global pointers
- Static members
7. Callbacks
- EventHub callbacks
- Lambda captures
- Async cleanup
8. Multi-threading
- Cross-thread pointers
- Async tasks
- Thread-safe delete
9. Cross-layer
- Bridge layer
- FrameNode/UINode
- Pattern/RenderNode
10. Third-party
- Rosen pointers
- Skia pointers
- V8/ArkTS pointers
11. Special Patterns
- Factory pattern
- Builder pattern
- Observer pattern
12. Common Leaks
- Constructor/destructor
- Conditional branches
- Exception paths
- Loop issues
13. nullptr Handling
delete nullptrsafety- Unnecessary checks
new(std::nothrow)
14. Register/Unregister
- Registration pairing
- Exception safety
- Duplicate handling
15. Lifecycle Binding
- Parent/child cleanup
- Circular references
- FrameNode lifecycle
16. Assignment Updates
- Member assignment
- Exception safety
- Self-assignment
17. Function Returns
- Early returns
- Multiple paths
- CheckNull cleanup
Detailed Guidance
Statistical Analysis
See STATISTICS.md for comprehensive metrics and interpretation.
Pattern Detection
See PATTERNS.md for detection rules and examples.
Fix Recommendations
See FIXES.md for code examples and best practices.
Report Template
See REPORT_TEMPLATE.md for report structure.
Severity Levels
- 🔴 Critical: Definite leaks, double delete, use-after-free
- 🟠 High: Likely leaks, exception-unsafe, missing cleanup
- 🟡 Medium: Potential leaks, unclear ownership, inconsistent patterns
- 🟢 Low: Style issues, unnecessary checks, documentation gaps
Tools
Static Analysis
# clang-tidy
clang-tidy --checks=-*,clang-analyzer-* frameworks/**/*.cpp
# cppcheck
cppcheck --enable=all frameworks/
# Custom scripts
bash scripts/stats.sh
bash scripts/detect_patterns.sh
Runtime Detection
# AddressSanitizer
ASAN_OPTIONS=detect_leaks=1 ./test_executable
# LeakSanitizer
LSAN_OPTIONS=suppressions=lsan.supp ./test_executable
# Valgrind
valgrind --leak-check=full ./test_executable
Best Practices
✅ Always Do
- Use RefPtr/WeakPtr for ownership
- Use MakeRefPtr for creation
- Use CHECK_NULL_* macros
- Implement proper destructors
- Use RAII for resources
- Document ownership for returns
- Use WeakPtr to break cycles
❌ Never Do
- Delete RefPtr-managed pointers
- Forget to delete raw pointers
- Use delete instead of delete[]
- Mix raw/RefPtr without clear ownership
- Skip delete on exception paths
- Create RefPtr cycles
- Assume third-party ownership
⚠️ Be Careful
- Exception safety in new/delete pairs
- Ownership transfer across boundaries
- Callback memory management
- Cross-thread pointer sharing
- Container pointer cleanup
- Third-party library ownership
Related Skills
openharmonyinsight/oh-precommit-codecheck
development
VerifiedTrustedCommunity
Run local code quality checks covering a subset of OpenHarmony gate CI (copyright, CodeArts C/C++) plus additional local checks (pylint/flake8, shellcheck/bashate, gn format). Use before committing to reduce gate failures. Triggers on: /oh-precommit-codecheck, "门禁检查", "门禁预检", "检查代码", "run codecheck", "check code quality", "lint my code", "代码检查", or after completing code implementation. WHEN to use: before git commit, before creating PR, after modifying C/C++/Python/Shell/GN files, when gate CI fails with codecheck defects, or when you want to preview what gate will flag.
25SKILL.mdUpdated May 29, 2026
openharmonyinsight/oh-pr-workflow
development
VerifiedTrustedCommunity
OpenHarmony PR full lifecycle workflow. Five modes: - Commit: standardized commit with DCO sign-off and Issue linking - Create PR: commit + push to fork + create Issue + create PR on upstream - Fix Codecheck: fetch gate CI codecheck defects from a PR and auto-fix them - Review PR: fetch a PR's changes to local for code review - Fix Review: fetch unresolved review comments from a PR and auto-fix them Triggers on: /oh-pr-workflow, "提交代码", "创建PR", "提个PR", "commit", "修复告警", "修复门禁", "修复codecheck", "fix codecheck", "review pr", "review这个pr", "看下这个pr", "检视pr", "修复review", "修复检视意见", "fix review", or a GitCode PR URL with fix/review intent.
25SKILL.mdUpdated May 29, 2026
openharmonyinsight/oh-pdd-prd-analysis
testing
VerifiedTrustedCommunity
分析 HM Desktop PRD 文档,提取需求信息、验证完整性、检查章节顺序(需求来源→需求背景→需求价值分析→竞品分析→需求描述)、检查 KEP 定义、检测需求冲突并生成结构化分析报告。适用于用户请求:(1) 分析或审查 PRD 文档, (2) 从需求中提取 KEP 列表, (3) 检查 PRD 完整性或一致性, (4) 将需求映射到模块架构, (5) 验证 PRD 格式合规性, (6) 验证竞品分析章节完整性。关键词:PRD分析, requirement extraction, KEP验证, completeness check, chapter order validation, 竞品分析检查, analyze PRD, 需求提取, 完整性检查, 章节顺序验证
25SKILL.mdUpdated May 29, 2026
openharmonyinsight/oh-pdd-design-doc-generator
development
VerifiedTrustedCommunity
基于 PRD 文档自动生成鸿蒙系统设计文档,包括架构设计文档和功能设计文档。生成前会分析 OpenHarmony 存量代码结构,确保与现有架构兼容。架构设计文档第2章必须为竞品方案分析,位于需求背景之后。适用于用户请求:(1) 生成架构设计文档, (2) 生成功能设计文档, (3) 从 PRD 生成设计文档, (4) 创建系统架构设计, (5) 编写功能规格说明, (6) 分析 OH 代码结构。关键词:architecture design, functional design, design doc, 竞品方案分析, OpenHarmony code analysis, 架构设计, 功能设计, 设计文档生成, OH代码分析, analyze codebase, competitor analysis
25SKILL.mdUpdated May 29, 2026