This is an archive of the discontinued LLVM Phabricator instance.

Differential D108893

clang-tidy: introduce readability-containter-data-pointer check
ClosedPublic

Authored by compnerd on Aug 29 2021, 10:43 AM.

Details

Reviewers
aaron.ballman
Commits
rGd249200fa7d5: Revert "Re-Revert "clang-tidy: introduce readability-containter-data-pointer…
rGd0d9e6f0849b: clang-tidy: introduce readability-containter-data-pointer check
Summary

This introduces a new check, readability-containter-data-pointer. This
check is meant to catch the cases where the user may be trying to
materialize the data pointer by taking the address of the 0-th member of
a container. With C++11 or newer, the data member should be used for
this. This provides the following benefits:

  • .data() is easier to read than &[0]
  • it avoids an unnecessary re-materialization of the pointer
    • this doesn't matter in the case of optimized code, but in the case of unoptimized code, this will be visible
  • it avoids a potential invalid memory de-reference caused by the indexing when the container is empty (in debug mode, clang will normally optimize away the re-materialization in optimized builds).

The small potential behavioural change raises the question of where the
check should belong. A reasoning of defense in depth applies here, and
this does an unchecked conversion, with the assumption that users can
use the static analyzer to catch cases where we can statically identify
an invalid memory de-reference. For the cases where the static analysis
is unable to prove the size of the container, UBSan can be used to track
the invalid access.

Special thanks to Aaron Ballman for the discussion on whether this
check would be useful and where to place it.

This partially resolves PR26817!

Diff Detail

Event Timeline

compnerd created this revision.Aug 29 2021, 10:43 AM
Herald added a subscriber: mgorny. · View Herald TranscriptAug 29 2021, 10:43 AM
compnerd requested review of this revision.Aug 29 2021, 10:43 AM
Herald added a project: Restricted Project. · View Herald TranscriptAug 29 2021, 10:43 AM
compnerd updated this revision to Diff 369331.Aug 29 2021, 10:47 AM

Reflow the text using clang-format.

Harbormaster completed remote builds in B121663: Diff 369331.Aug 29 2021, 11:24 AM
Eugene.Zelenko added a subscriber: Eugene.Zelenko.Aug 29 2021, 1:58 PM

Thank you for implementing 26817! But shouldn't this check belong to modernize module?

Please add documentation and mention new check in Release Notes.

clang-tools-extra/clang-tidy/readability/ContainerDataPointerCheck.cpp
19

Please separate with empty line.

118

Please separate with empty line.

clang-tools-extra/clang-tidy/readability/ContainerDataPointerCheck.h
18

Please separate with empty line.

41

Please separate with empty line.

46

Please add inclusion guard in comment.

compnerd updated this revision to Diff 369340.Aug 29 2021, 1:58 PM
compnerd added a comment.Aug 29 2021, 2:04 PM
In D108893#2971410, @Eugene.Zelenko wrote:

Thank you for implementing 26817! But shouldn't this check belong to modernize module?

Oh, I was unaware of the PR, I'll tag that in the commit message, thanks!

Hmm, I'm somewhat on the fence, but I wouldn't be against the reorganization to modernize, only I would prefer that we get that settled before I do the actual rename/move.

Please add documentation and mention new check in Release Notes.

Ah, good idea, I'll add that as well.

clang-tools-extra/clang-tidy/readability/ContainerDataPointerCheck.cpp
19

Hmm, this is what clang-format does, which should be unambiguously correct. Is there something that needs to be changed in clang-format or .clang-format?

Eugene.Zelenko added inline comments.Aug 29 2021, 2:09 PM
clang-tools-extra/clang-tidy/readability/ContainerDataPointerCheck.cpp
19

Hard to tell about current state of clang-format, but you could take a look on existing checks code.

compnerd added inline comments.Aug 29 2021, 2:44 PM
clang-tools-extra/clang-tidy/readability/ContainerDataPointerCheck.cpp
19

I would prefer that we fix the clang-format configuration rather than manually change the formatting here. This is introducing a new set of files, so it isn't resulting in inconsistency in a single file. I don't mind reformatting the code with clang-format, but generally, that is considered the definitive arbiter for formatting.

Harbormaster completed remote builds in B121671: Diff 369340.Aug 29 2021, 2:59 PM
compnerd added a comment.EditedAug 29 2021, 3:04 PM

Hmm, one case that doesn't currently get handled properly is the following test case:

template <typename T> void f(const T *);
void g(const std::vector<unsigned char> **v) {
  f(&(**v)[0]);
}
compnerd updated this revision to Diff 369343.Aug 29 2021, 3:10 PM
compnerd edited the summary of this revision. (Show Details)

Add some documentation and release notes.

Harbormaster completed remote builds in B121674: Diff 369343.Aug 29 2021, 3:48 PM
Eugene.Zelenko added inline comments.Aug 29 2021, 8:09 PM
clang-tools-extra/docs/ReleaseNotes.rst
96

It'll be good idea to mention containers and that data is method.

clang-tools-extra/docs/clang-tidy/checks/readability-data-pointer.rst
7

Please make first statement same as in Release Notes.

compnerd marked 2 inline comments as done.Aug 30 2021, 8:44 AM
compnerd added inline comments.
clang-tools-extra/docs/ReleaseNotes.rst
96

That was dumb, you're right. Thanks!

clang-tools-extra/docs/clang-tidy/checks/readability-data-pointer.rst
7

That was a good idea. I find that the updated text reads much better too.

compnerd updated this revision to Diff 369453.Aug 30 2021, 8:46 AM
compnerd marked 2 inline comments as done.

Update release notes to incorporate feedback.

Harbormaster completed remote builds in B121749: Diff 369453.Aug 30 2021, 9:21 AM
compnerd added a comment.Aug 30 2021, 10:37 AM

@Eugene.Zelenko I'd like to have @aaron.ballman weigh in on the naming, and assuming that he's okay with modernize.container-data-pointer, I'll change it to that.

Eugene.Zelenko added a comment.Aug 30 2021, 10:44 AM
In D108893#2972634, @compnerd wrote:

@Eugene.Zelenko I'd like to have @aaron.ballman weigh in on the naming, and assuming that he's okay with modernize.container-data-pointer, I'll change it to that.

Sure, Aaron has much broader vision than me.

aaron.ballman added a comment.Aug 30 2021, 11:14 AM
In D108893#2972651, @Eugene.Zelenko wrote:
In D108893#2972634, @compnerd wrote:

@Eugene.Zelenko I'd like to have @aaron.ballman weigh in on the naming, and assuming that he's okay with modernize.container-data-pointer, I'll change it to that.

Sure, Aaron has much broader vision than me.

Lies! I just wear glasses, that's all. ;-)

I can see a case being made for either modernize or readability. For modernize, data() was newly added in C++11, so you could argue that this is used to modernize C++98 code. For readability, data() makes the semantics of the underlying code more clear. Also, bugprone makes sense too because doing &v[0] is UB if v is empty, but v.data() is not (immediately) UB.

I think bugprone would be a tough place to put it because of false positive concerns. This is more of a blanket code rewriting utility than it is trying to catch bugs (the static analyzer and UBSan are better tools for that in that case).
I think modernize would be reasonable, but given that C++11 is already over ten years old, I feel like this is losing its "modernization" aspects in some ways. Also, this only covers converting &vec[0] into a call to data(); for modernize, I'd expect it to convert &vec[N] into vec.data() + N more broadly.
I think readability makes slightly more sense because then we can position this as a rewriting tool to make the code more readable (so there are no false positives -- it transforms all &vec[0] calls to data()).

However, if someone wants to make a strong case for modernize, I think it'd be defensible. Also, if someone wanted to suggest we add it to both readability and modernize, that could also make sense (perhaps with an option to convert &vec[N] that's on by default for modernize and off by default for readability).

aaron.ballman added inline comments.Sep 13 2021, 6:20 AM
clang-tools-extra/clang-tidy/readability/ContainerDataPointerCheck.cpp
57

Is this pointsTo() correct? IIRC, that would be trying to capture something like:

std::vector<int> *container;
&container[0];

but this wouldn't call the operator[] overload, it'd be using the builtin array subscripting, so I'm not certain this would match anything.

64

Same question here about pointsTo().

76

Here too.

89

And here.

103–106
clang-tools-extra/clang-tidy/readability/ContainerDataPointerCheck.h
24
46
compnerd marked 7 inline comments as done.Sep 13 2021, 9:58 AM
compnerd added inline comments.
clang-tools-extra/clang-tidy/readability/ContainerDataPointerCheck.cpp
64

This is actually meant to catch cases such as references to UnOp(DRE).

compnerd updated this revision to Diff 372285.Sep 13 2021, 9:59 AM

Address review feedback

aaron.ballman accepted this revision.Sep 13 2021, 10:41 AM
aaron.ballman added inline comments.
clang-tools-extra/clang-tidy/readability/ContainerDataPointerCheck.cpp
64

Good catch and thank you for all the off-list discussion on this point!

clang-tools-extra/test/clang-tidy/checkers/readability-container-data-pointer.cpp
105

Can you add one more test for how this behaves on uninstantiated templates?

template <typename Ty>
void func(const std::vector<Ty> &Vec) {
  const Ty *Ptr = &Vec[0]; // Should diagnose and provide a fix-it despite not instantiating func()
}
This revision is now accepted and ready to land.Sep 13 2021, 10:41 AM
Harbormaster completed remote builds in B123699: Diff 372285.Sep 13 2021, 10:58 AM
compnerd marked an inline comment as done.Sep 13 2021, 1:14 PM
compnerd added inline comments.
clang-tools-extra/test/clang-tidy/checkers/readability-container-data-pointer.cpp
105

Absolutely! Thanks for the additional test case.

aaron.ballman added a comment.Sep 14 2021, 5:09 AM

LGTM modulo the testing request (I forgot to mention that when marking it yesterday, oops!).

Eugene.Zelenko added a comment.Sep 14 2021, 7:01 AM

What about adding modernize/bugprone aliases?

aaron.ballman added a comment.Sep 14 2021, 7:07 AM
In D108893#2999645, @Eugene.Zelenko wrote:

What about adding modernize/bugprone aliases?

I'd be fine if we wanted to add aliases, but I'd sort of expect some extra functionality out of a check in those modules. I think it's fine to land this now, and we can add aliases in a follow-up. WDYT?

Eugene.Zelenko added a comment.Sep 14 2021, 7:17 AM
In D108893#2999654, @aaron.ballman wrote:
In D108893#2999645, @Eugene.Zelenko wrote:

What about adding modernize/bugprone aliases?

I'd be fine if we wanted to add aliases, but I'd sort of expect some extra functionality out of a check in those modules. I think it's fine to land this now, and we can add aliases in a follow-up. WDYT?

Aliases code is trivial comparing with check itself, so it make sense to add it in this patch.

aaron.ballman added a comment.Sep 14 2021, 7:31 AM
In D108893#2999681, @Eugene.Zelenko wrote:
In D108893#2999654, @aaron.ballman wrote:
In D108893#2999645, @Eugene.Zelenko wrote:

What about adding modernize/bugprone aliases?

I'd be fine if we wanted to add aliases, but I'd sort of expect some extra functionality out of a check in those modules. I think it's fine to land this now, and we can add aliases in a follow-up. WDYT?

Aliases code is trivial comparing with check itself, so it make sense to add it in this patch.

So you'd like to see that extra functionality added now? (I don't think it makes sense to have the check as-is in both readability and modernize.)

Eugene.Zelenko added a comment.Sep 14 2021, 7:35 AM

So you'd like to see that extra functionality added now? (I don't think it makes sense to have the check as-is in both readability and modernize.)

There are plenty of other cross-module aliases already.

aaron.ballman added a comment.Sep 14 2021, 7:38 AM
In D108893#2999698, @Eugene.Zelenko wrote:

So you'd like to see that extra functionality added now? (I don't think it makes sense to have the check as-is in both readability and modernize.)

There are plenty of other cross-module aliases already.

Those are most often checks shared with coding guidelines or they have configurable differences between the modules. I do not think we commonly share identical checks between modules that are not coding standards.

Closed by commit rGd0d9e6f0849b: clang-tidy: introduce readability-containter-data-pointer check (authored by compnerd). · Explain WhySep 14 2021, 8:12 AM
This revision was automatically updated to reflect the committed changes.
compnerd marked an inline comment as done.
compnerd added a commit: rGd0d9e6f0849b: clang-tidy: introduce readability-containter-data-pointer check.
compnerd added a comment.Sep 14 2021, 8:15 AM

@Eugene.Zelenko - sorry, I didn't see the additional comments before the commit. I'm happy to do a follow up depending on the resolution.

aaron.ballman added a comment.Sep 14 2021, 8:21 AM
In D108893#2999763, @compnerd wrote:

@Eugene.Zelenko - sorry, I didn't see the additional comments before the commit. I'm happy to do a follow up depending on the resolution.

If there's a follow-up to add this to modernize, I would say that version of the check should transition &v[N] to v.data() + N (perhaps optionally). I don't think a follow-up to add this to bugprone makes a lot of sense because of the high potential for false positive diagnostics (I think the bugprone one should be a static analyzer check that looks for a preceding predicate that checks the size of the container or whether it's empty).

thakis added a subscriber: thakis.Sep 14 2021, 8:57 AM

This breaks tests: http://45.33.8.238/linux/55784/step_8.txt

Please take a look and revert for now if it takes a while to fix.

thakis added a reverting change: rG76dc8ac36d07: Revert "clang-tidy: introduce readability-containter-data-pointer check".Sep 14 2021, 9:37 AM
thakis added a comment.Sep 14 2021, 9:37 AM

Reverted in 76dc8ac36d07 for now.

compnerd added a comment.Sep 14 2021, 10:44 AM

@thakis - thanks, seems that I had a part of the change sitting in my stash ... I had added a -NOT to verify the behaviour, and forgot to remove it. I'll revert the revert with the fix.

MaskRay added a subscriber: MaskRay.Sep 14 2021, 11:50 AM

49992c04148e5327bef9bd2dff53a0d46004b4b4 relanded the change. It is useful to attach the original Differential Revision: so that it is connected to this Differential.

thakis added a comment.Sep 14 2021, 7:27 PM

The test is still failing on Windows, see e.g. http://45.33.8.238/win/45205/step_8.txt or https://logs.chromium.org/logs/chromium/buildbucket/cr-buildbucket/8836086236638553313/+/u/package_clang/stdout?format=raw or https://lab.llvm.org/buildbot/#/builders/123/builds/6072

thakis mentioned this in rG626586fc253c: Re-Revert "clang-tidy: introduce readability-containter-data-pointer check".Sep 14 2021, 7:28 PM
compnerd added a commit: rGd249200fa7d5: Revert "Re-Revert "clang-tidy: introduce readability-containter-data-pointer….Sep 15 2021, 1:53 PM
steakhal added subscribers: whisperity, steakhal.Nov 5 2021, 7:28 AM

It seems like the checker is documented as readability-data-pointer but in the tests it reports issues under the readability-container-data-pointer name.
Shouldn't they be the same? I think it will confuse the users.
@aaron.ballman @whisperity @compnerd

Herald added a subscriber: carlosgalvezp. · View Herald TranscriptNov 5 2021, 7:28 AM
whisperity added a comment.Nov 9 2021, 6:42 AM
In D108893#3111674, @steakhal wrote:

It seems like the checker is documented as readability-data-pointer but in the tests it reports issues under the readability-container-data-pointer name.
Shouldn't they be the same? I think it will confuse the users.
@aaron.ballman @whisperity @compnerd

Sounds like a typo or an intermittent rebase or rename missing something. Definitely should be consistent.

whisperity added a comment.Nov 10 2021, 1:26 AM
In D108893#3118389, @whisperity wrote:
In D108893#3111674, @steakhal wrote:

It seems like the checker is documented as readability-data-pointer but in the tests it reports issues under the readability-container-data-pointer name.
Shouldn't they be the same? I think it will confuse the users.

Sounds like a typo or an intermittent rebase or rename missing something. Definitely should be consistent.

@steakhal Fixed in rG164ee457a04daf727ead99b43ad490ea05523652.

Revision Contents

PathSize
clang-tools-extra/
clang-tidy/
readability/
1 line
45 lines
117 lines
3 lines
docs/
5 lines
clang-tidy/
checks/
13 lines
test/
clang-tidy/
checkers/
110 lines

Diff 372485

clang-tools-extra/clang-tidy/readability/CMakeLists.txt

set(LLVM_LINK_COMPONENTS set(LLVM_LINK_COMPONENTS
FrontendOpenMP FrontendOpenMP
Support Support
) )
add_clang_library(clangTidyReadabilityModule add_clang_library(clangTidyReadabilityModule
AvoidConstParamsInDecls.cpp AvoidConstParamsInDecls.cpp
BracesAroundStatementsCheck.cpp BracesAroundStatementsCheck.cpp
ConstReturnTypeCheck.cpp ConstReturnTypeCheck.cpp
ContainerDataPointerCheck.cpp
ContainerSizeEmptyCheck.cpp ContainerSizeEmptyCheck.cpp
ConvertMemberFunctionsToStatic.cpp ConvertMemberFunctionsToStatic.cpp
DeleteNullPointerCheck.cpp DeleteNullPointerCheck.cpp
ElseAfterReturnCheck.cpp ElseAfterReturnCheck.cpp
FunctionCognitiveComplexityCheck.cpp FunctionCognitiveComplexityCheck.cpp
FunctionSizeCheck.cpp FunctionSizeCheck.cpp
IdentifierLengthCheck.cpp IdentifierLengthCheck.cpp
IdentifierNamingCheck.cpp IdentifierNamingCheck.cpp
▲ Show 20 LinesShow All 48 LinesShow Last 20 Lines

clang-tools-extra/clang-tidy/readability/ContainerDataPointerCheck.h

  • This file was added.
//===--- ContainerDataPointerCheck.h - clang-tidy ---------------*- C++ -*-===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_READABILITY_CONTAINERDATAPOINTERCHECK_H
#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_READABILITY_CONTAINERDATAPOINTERCHECK_H
#include "../ClangTidyCheck.h"
namespace clang {
namespace tidy {
namespace readability {
/// Checks whether a call to `operator[]` and `&` can be replaced with a call to
/// `data()`.
Eugene.ZelenkoUnsubmitted
Not Done
ReplyInline Actions

Please separate with empty line.

Eugene.Zelenko: Please separate with empty line.
///
/// This only replaces the case where the offset being accessed through the
/// subscript operation is a known constant 0. This avoids a potential invalid
/// memory access when the container is empty. Cases where the constant is not
/// explictly zero can be addressed through the clang static analyzer, and those
/// which cannot be statically identified can be caught using UBSan.
aaron.ballmanUnsubmitted
Done
ReplyInline Actions
/// memory access when the container is empty. Cases where the constant is not
- /// explictly zero can be addressed through teh clang static analyzer, and those
+ /// explicitly zero can be addressed through the clang static analyzer, and those
/// which cannot be statically identified can be caught using UBSan.
aaron.ballman:
class ContainerDataPointerCheck : public ClangTidyCheck {
public:
ContainerDataPointerCheck(StringRef Name, ClangTidyContext *Context);
bool isLanguageVersionSupported(const LangOptions &LO) const override {
return LO.CPlusPlus11;
}
void registerMatchers(ast_matchers::MatchFinder *Finder) override;
void check(const ast_matchers::MatchFinder::MatchResult &Result) override;
llvm::Optional<TraversalKind> getCheckTraversalKind() const override {
return TK_IgnoreUnlessSpelledInSource;
}
};
} // namespace readability
Eugene.ZelenkoUnsubmitted
Not Done
ReplyInline Actions

Please separate with empty line.

Eugene.Zelenko: Please separate with empty line.
} // namespace tidy
} // namespace clang
#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_READABILITY_CONTAINERDATAPOINTERCHECK_H
Eugene.ZelenkoUnsubmitted
Done
ReplyInline Actions

Please add inclusion guard in comment.

Eugene.Zelenko: Please add inclusion guard in comment.
aaron.ballmanUnsubmitted
Done
ReplyInline Actions
} // namespace clang
- #endif
+ #endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_READABILITY_CONTAINERDATAPOINTERCHECK_H
aaron.ballman:

clang-tools-extra/clang-tidy/readability/ContainerDataPointerCheck.cpp

  • This file was added.
//===--- ContainerDataPointerCheck.cpp - clang-tidy -----------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//
#include "ContainerDataPointerCheck.h"
#include "clang/Lex/Lexer.h"
#include "llvm/ADT/StringRef.h"
using namespace clang::ast_matchers;
namespace clang {
namespace tidy {
namespace readability {
ContainerDataPointerCheck::ContainerDataPointerCheck(StringRef Name,
Eugene.ZelenkoUnsubmitted
Not Done
ReplyInline Actions

Please separate with empty line.

Eugene.Zelenko: Please separate with empty line.
compnerdAuthorUnsubmitted
Done
ReplyInline Actions

Hmm, this is what clang-format does, which should be unambiguously correct. Is there something that needs to be changed in clang-format or .clang-format?

compnerd: Hmm, this is what clang-format does, which should be unambiguously correct. Is there something…
Eugene.ZelenkoUnsubmitted
Not Done
ReplyInline Actions

Hard to tell about current state of clang-format, but you could take a look on existing checks code.

Eugene.Zelenko: Hard to tell about current state of clang-format, but you could take a look on existing checks…
compnerdAuthorUnsubmitted
Done
ReplyInline Actions

I would prefer that we fix the clang-format configuration rather than manually change the formatting here. This is introducing a new set of files, so it isn't resulting in inconsistency in a single file. I don't mind reformatting the code with clang-format, but generally, that is considered the definitive arbiter for formatting.

compnerd: I would prefer that we fix the clang-format configuration rather than manually change the…
ClangTidyContext *Context)
: ClangTidyCheck(Name, Context) {}
void ContainerDataPointerCheck::registerMatchers(MatchFinder *Finder) {
const auto Record =
cxxRecordDecl(
isSameOrDerivedFrom(
namedDecl(
has(cxxMethodDecl(isPublic(), hasName("data")).bind("data")))
.bind("container")))
.bind("record");
const auto NonTemplateContainerType =
qualType(hasUnqualifiedDesugaredType(recordType(hasDeclaration(Record))));
const auto TemplateContainerType =
qualType(hasUnqualifiedDesugaredType(templateSpecializationType(
hasDeclaration(classTemplateDecl(has(Record))))));
const auto Container =
qualType(anyOf(NonTemplateContainerType, TemplateContainerType));
Finder->addMatcher(
unaryOperator(
unless(isExpansionInSystemHeader()), hasOperatorName("&"),
hasUnaryOperand(anyOf(
ignoringParenImpCasts(
cxxOperatorCallExpr(
callee(cxxMethodDecl(hasName("operator[]"))
.bind("operator[]")),
argumentCountIs(2),
hasArgument(
0,
anyOf(ignoringParenImpCasts(
declRefExpr(
to(varDecl(anyOf(
hasType(Container),
hasType(references(Container))))))
.bind("var")),
aaron.ballmanUnsubmitted
Done
ReplyInline Actions

Is this pointsTo() correct? IIRC, that would be trying to capture something like:

std::vector<int> *container;
&container[0];

but this wouldn't call the operator[] overload, it'd be using the builtin array subscripting, so I'm not certain this would match anything.

aaron.ballman: Is this `pointsTo()` correct? IIRC, that would be trying to capture something like: ``` std…
ignoringParenImpCasts(hasDescendant(
declRefExpr(
to(varDecl(anyOf(
hasType(Container),
hasType(pointsTo(Container)),
hasType(references(Container))))))
.bind("var"))))),
aaron.ballmanUnsubmitted
Not Done
ReplyInline Actions

Same question here about pointsTo().

aaron.ballman: Same question here about `pointsTo()`.
compnerdAuthorUnsubmitted
Done
ReplyInline Actions

This is actually meant to catch cases such as references to UnOp(DRE).

compnerd: This is actually meant to catch cases such as references to UnOp(DRE).
aaron.ballmanUnsubmitted
Done
ReplyInline Actions

Good catch and thank you for all the off-list discussion on this point!

aaron.ballman: Good catch and thank you for all the off-list discussion on this point!
hasArgument(1,
ignoringParenImpCasts(
integerLiteral(equals(0)).bind("zero"))))
.bind("operator-call")),
ignoringParenImpCasts(
cxxMemberCallExpr(
hasDescendant(
declRefExpr(to(varDecl(anyOf(
hasType(Container),
hasType(references(Container))))))
.bind("var")),
argumentCountIs(1),
aaron.ballmanUnsubmitted
Done
ReplyInline Actions

Here too.

aaron.ballman: Here too.
hasArgument(0,
ignoringParenImpCasts(
integerLiteral(equals(0)).bind("zero"))))
.bind("member-call")),
ignoringParenImpCasts(
arraySubscriptExpr(
hasLHS(ignoringParenImpCasts(
declRefExpr(to(varDecl(anyOf(
hasType(Container),
hasType(references(Container))))))
.bind("var"))),
hasRHS(ignoringParenImpCasts(
integerLiteral(equals(0)).bind("zero"))))
aaron.ballmanUnsubmitted
Done
ReplyInline Actions

And here.

aaron.ballman: And here.
.bind("array-subscript")))))
.bind("address-of"),
this);
}
void ContainerDataPointerCheck::check(const MatchFinder::MatchResult &Result) {
const auto *UO = Result.Nodes.getNodeAs<UnaryOperator>("address-of");
const auto *DRE = Result.Nodes.getNodeAs<DeclRefExpr>("var");
std::string ReplacementText;
ReplacementText = std::string(Lexer::getSourceText(
CharSourceRange::getTokenRange(DRE->getSourceRange()),
*Result.SourceManager, getLangOpts()));
if (DRE->getType()->isPointerType())
ReplacementText += "->data()";
else
ReplacementText += ".data()";
aaron.ballmanUnsubmitted
Done
ReplyInline Actions
const auto *DRE = Result.Nodes.getNodeAs<DeclRefExpr>("var");
- std::string ReplacementText;
- ReplacementText = std::string(Lexer::getSourceText(
+ std::string ReplacementText = Lexer::getSourceText(
CharSourceRange::getTokenRange(DRE->getSourceRange()),
- *Result.SourceManager, getLangOpts()));
+ *Result.SourceManager, getLangOpts()).str();
if (DRE->getType()->isPointerType())
aaron.ballman:
FixItHint Hint =
FixItHint::CreateReplacement(UO->getSourceRange(), ReplacementText);
diag(UO->getBeginLoc(),
"'data' should be used for accessing the data pointer instead of taking "
"the address of the 0-th element")
<< Hint;
}
} // namespace readability
} // namespace tidy
} // namespace clang
Eugene.ZelenkoUnsubmitted
Not Done
ReplyInline Actions

Please separate with empty line.

Eugene.Zelenko: Please separate with empty line.

clang-tools-extra/clang-tidy/readability/ReadabilityTidyModule.cpp

//===--- ReadabilityTidyModule.cpp - clang-tidy ---------------------------===// //===--- ReadabilityTidyModule.cpp - clang-tidy ---------------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#include "../ClangTidy.h" #include "../ClangTidy.h"
#include "../ClangTidyModule.h" #include "../ClangTidyModule.h"
#include "../ClangTidyModuleRegistry.h" #include "../ClangTidyModuleRegistry.h"
#include "AvoidConstParamsInDecls.h" #include "AvoidConstParamsInDecls.h"
#include "BracesAroundStatementsCheck.h" #include "BracesAroundStatementsCheck.h"
#include "ConstReturnTypeCheck.h" #include "ConstReturnTypeCheck.h"
#include "ContainerDataPointerCheck.h"
#include "ContainerSizeEmptyCheck.h" #include "ContainerSizeEmptyCheck.h"
#include "ConvertMemberFunctionsToStatic.h" #include "ConvertMemberFunctionsToStatic.h"
#include "DeleteNullPointerCheck.h" #include "DeleteNullPointerCheck.h"
#include "ElseAfterReturnCheck.h" #include "ElseAfterReturnCheck.h"
#include "FunctionCognitiveComplexityCheck.h" #include "FunctionCognitiveComplexityCheck.h"
#include "FunctionSizeCheck.h" #include "FunctionSizeCheck.h"
#include "IdentifierLengthCheck.h" #include "IdentifierLengthCheck.h"
#include "IdentifierNamingCheck.h" #include "IdentifierNamingCheck.h"
Show All 34 Lines
public: public:
void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override { void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override {
CheckFactories.registerCheck<AvoidConstParamsInDecls>( CheckFactories.registerCheck<AvoidConstParamsInDecls>(
"readability-avoid-const-params-in-decls"); "readability-avoid-const-params-in-decls");
CheckFactories.registerCheck<BracesAroundStatementsCheck>( CheckFactories.registerCheck<BracesAroundStatementsCheck>(
"readability-braces-around-statements"); "readability-braces-around-statements");
CheckFactories.registerCheck<ConstReturnTypeCheck>( CheckFactories.registerCheck<ConstReturnTypeCheck>(
"readability-const-return-type"); "readability-const-return-type");
CheckFactories.registerCheck<ContainerDataPointerCheck>(
"readability-container-data-pointer");
CheckFactories.registerCheck<ContainerSizeEmptyCheck>( CheckFactories.registerCheck<ContainerSizeEmptyCheck>(
"readability-container-size-empty"); "readability-container-size-empty");
CheckFactories.registerCheck<ConvertMemberFunctionsToStatic>( CheckFactories.registerCheck<ConvertMemberFunctionsToStatic>(
"readability-convert-member-functions-to-static"); "readability-convert-member-functions-to-static");
CheckFactories.registerCheck<DeleteNullPointerCheck>( CheckFactories.registerCheck<DeleteNullPointerCheck>(
"readability-delete-null-pointer"); "readability-delete-null-pointer");
CheckFactories.registerCheck<ElseAfterReturnCheck>( CheckFactories.registerCheck<ElseAfterReturnCheck>(
"readability-else-after-return"); "readability-else-after-return");
▲ Show 20 LinesShow All 79 LinesShow Last 20 Lines

clang-tools-extra/docs/ReleaseNotes.rst

Show First 20 LinesShow All 85 Lines▼ Show 20 Lines
- New :doc:`readability-identifier-length - New :doc:`readability-identifier-length
<clang-tidy/checks/readability-identifier-length>` check. <clang-tidy/checks/readability-identifier-length>` check.
Reports identifiers whose names are too short. Currently checks local Reports identifiers whose names are too short. Currently checks local
variables and function parameters only. variables and function parameters only.
- New :doc:`readability-data-pointer <clang-tidy/checks/readability-data-pointer` check.
Finds cases where code could use ``data()`` rather than the address of the
Eugene.ZelenkoUnsubmitted
Done
ReplyInline Actions

It'll be good idea to mention containers and that data is method.

Eugene.Zelenko: It'll be good idea to mention containers and that `data` is method.
compnerdAuthorUnsubmitted
Done
ReplyInline Actions

That was dumb, you're right. Thanks!

compnerd: That was dumb, you're right. Thanks!
element at index 0 in a container.
New check aliases New check aliases
^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^
- New alias :doc:`cert-exp42-c - New alias :doc:`cert-exp42-c
<clang-tidy/checks/cert-exp42-c>` to <clang-tidy/checks/cert-exp42-c>` to
:doc:`bugprone-suspicious-memory-comparison :doc:`bugprone-suspicious-memory-comparison
<clang-tidy/checks/bugprone-suspicious-memory-comparison>` was added. <clang-tidy/checks/bugprone-suspicious-memory-comparison>` was added.
Show All 33 Lines

clang-tools-extra/docs/clang-tidy/checks/readability-data-pointer.rst

  • This file was added.
.. title:: clang-tidy - readability-data-pointer
readability-data-pointer
========================
Finds cases where code could use ``data()`` rather than the address of the
element at index 0 in a container. This pattern is commonly used to materialize
Eugene.ZelenkoUnsubmitted
Done
ReplyInline Actions

Please make first statement same as in Release Notes.

Eugene.Zelenko: Please make first statement same as in Release Notes.
compnerdAuthorUnsubmitted
Done
ReplyInline Actions

That was a good idea. I find that the updated text reads much better too.

compnerd: That was a good idea. I find that the updated text reads much better too.
a pointer to the backing data of a container. ``std::vector`` and
``std::string`` provide a ``data()`` accessor to retrieve the data pointer which
should be preferred.
This also ensures that in the case that the container is empty, the data pointer
access does not perform an errant memory access.

clang-tools-extra/test/clang-tidy/checkers/readability-container-data-pointer.cpp

  • This file was added.
// RUN: %check_clang_tidy %s readability-container-data-pointer %t
typedef __SIZE_TYPE__ size_t;
namespace std {
template <typename T>
struct vector {
using size_type = size_t;
vector();
explicit vector(size_type);
T *data();
const T *data() const;
T &operator[](size_type);
const T &operator[](size_type) const;
};
template <typename T>
struct basic_string {
using size_type = size_t;
basic_string();
T *data();
const T *data() const;
T &operator[](size_t);
const T &operator[](size_type) const;
};
typedef basic_string<char> string;
typedef basic_string<wchar_t> wstring;
template <typename T>
struct is_integral;
template <>
struct is_integral<size_t> {
static const bool value = true;
};
template <bool, typename T = void>
struct enable_if { };
template <typename T>
struct enable_if<true, T> {
typedef T type;
};
}
template <typename T>
void f(const T *);
#define z (0)
void g(size_t s) {
std::vector<unsigned char> b(s);
f(&((b)[(z)]));
// CHECK-MESSAGES: :[[@LINE-1]]:5: warning: 'data' should be used for accessing the data pointer instead of taking the address of the 0-th element [readability-container-data-pointer]
// CHECK-FIXES: {{^ }}f(b.data());{{$}}
}
void h() {
std::string s;
f(&((s).operator[]((z))));
// CHECK-MESSAGES: :[[@LINE-1]]:5: warning: 'data' should be used for accessing the data pointer instead of taking the address of the 0-th element [readability-container-data-pointer]
// CHECK-FIXES: {{^ }}f(s.data());{{$}}
std::wstring w;
f(&((&(w))->operator[]((z))));
// CHECK-MESSAGES: :[[@LINE-1]]:5: warning: 'data' should be used for accessing the data pointer instead of taking the address of the 0-th element [readability-container-data-pointer]
// CHECK-FIXES: {{^ }}f(w.data());{{$}}
}
template <typename T, typename U,
typename = typename std::enable_if<std::is_integral<U>::value>::type>
void i(U s) {
std::vector<T> b(s);
f(&b[0]);
// CHECK-MESSAGES: :[[@LINE-1]]:5: warning: 'data' should be used for accessing the data pointer instead of taking the address of the 0-th element [readability-container-data-pointer]
// CHECK-FIXES: {{^ }}f(b.data());{{$}}
}
template void i<unsigned char, size_t>(size_t);
void j(std::vector<unsigned char> * const v) {
f(&(*v)[0]);
// CHECK-MESSAGES: :[[@LINE-1]]:5: warning: 'data' should be used for accessing the data pointer instead of taking the address of the 0-th element [readability-container-data-pointer]
// CHECK-FIXES: {{^ }}f(v->data());{{$}}
}
void k(const std::vector<unsigned char> &v) {
f(&v[0]);
// CHECK-MESSAGES: :[[@LINE-1]]:5: warning: 'data' should be used for accessing the data pointer instead of taking the address of the 0-th element [readability-container-data-pointer]
// CHECK-FIXES: {{^ }}f(v.data());{{$}}
}
void l() {
unsigned char b[32];
f(&b[0]);
// CHECK-MESSAGES-NOT: :[[@LINE-1]]:5: warning: 'data' should be used for accessing the data pointer instead of taking the address of the 0-th element [readability-container-data-pointer]
}
aaron.ballmanUnsubmitted
Done
ReplyInline Actions

Can you add one more test for how this behaves on uninstantiated templates?

template <typename Ty>
void func(const std::vector<Ty> &Vec) {
  const Ty *Ptr = &Vec[0]; // Should diagnose and provide a fix-it despite not instantiating func()
}
aaron.ballman: Can you add one more test for how this behaves on uninstantiated templates? ``` template…
compnerdAuthorUnsubmitted
Done
ReplyInline Actions

Absolutely! Thanks for the additional test case.

compnerd: Absolutely! Thanks for the additional test case.
template <typename T>
void m(const std::vector<T> &v) {
const T *p = &v[0];
// CHECK-MESSAGES-NOT: :[[@LINE-1]]:16: warning: 'data' should be used for accessing the data pointer instead of taking the address of the 0-th element [readability-container-data-pointer]
}