This is an archive of the discontinued LLVM Phabricator instance.

Differential D114427

[clang-tidy] Warn on functional C-style casts
ClosedPublic

Authored by carlosgalvezp on Nov 23 2021, 2:56 AM.

Details

Reviewers
aaron.ballman
whisperity
salman-javed-nz
Quuxplusone
Commits
rG5bbe50148f3b: [clang-tidy] Warn on functional C-style casts
Summary

The google-readability-casting check is meant to be on par with cpplint's
readability/casting check, according to the documentation. However it
currently does not diagnose functional casts, like:

float x = 1.5F;
int y = int(x);

This is detected by cpplint, however, and the guidelines are clear that such
a cast is only allowed when the type is a class type (constructor call):

You may use cast formats like T(x) only when T is a class type.

Therefore, update the clang-tidy check to check this case.

Diff Detail

Event Timeline

carlosgalvezp created this revision.Nov 23 2021, 2:56 AM
Herald added a subscriber: xazax.hun. · View Herald TranscriptNov 23 2021, 2:56 AM
carlosgalvezp requested review of this revision.Nov 23 2021, 2:56 AM
Herald added a project: Restricted Project. · View Herald TranscriptNov 23 2021, 2:56 AM
Herald added a subscriber: cfe-commits. · View Herald Transcript
carlosgalvezp edited the summary of this revision. (Show Details)Nov 23 2021, 2:56 AM
carlosgalvezp updated this revision to Diff 389157.Nov 23 2021, 4:02 AM

Fix numbering of variables.

carlosgalvezp added reviewers: aaron.ballman, whisperity, salman-javed-nz.Nov 23 2021, 4:02 AM
Herald added a subscriber: rnkovacs. · View Herald TranscriptNov 23 2021, 4:02 AM
carlosgalvezp updated this revision to Diff 389159.Nov 23 2021, 4:05 AM

Fix numbering in variables.

Harbormaster completed remote builds in B135601: Diff 389159.Nov 23 2021, 8:03 AM
salman-javed-nz added a comment.Nov 26 2021, 12:10 AM

Thanks for the patch.

Just a little bit of feedback but overall I'm happy with the approach taken.

clang-tools-extra/clang-tidy/google/AvoidCStyleCastsCheck.cpp
119–120

The majority of checkExpr()'s contents are common to both types, CStyleCastExpr and CXXFunctionalCastExpr.
Only the ReplaceRange = CharSourceRange::getCharRange... and the DestTypeString = Lexer::getSourceText... parts change depending on the Expr type.

What about breaking those two assignments out into their own functions, rather than templating the entire checkExpr() function?

For example, (note: untested code)

clang::CharSourceRange GetReplaceRange(const CStyleCastExpr *CastExpr) {
  return CharSourceRange::getCharRange(
      CastExpr->getLParenLoc(), CastExpr->getSubExprAsWritten()->getBeginLoc());
}

clang::CharSourceRange GetReplaceRange(const CXXFunctionalCastExpr *CastExpr) {
  return CharSourceRange::getCharRange(CastExpr->getBeginLoc(),
                                       CastExpr->getLParenLoc());
}

...

CharSourceRange ReplaceRange =
      isa<CStyleCastExpr>(CastExpr)
          ? GetReplaceRange(dyn_cast<const CStyleCastExpr>(CastExpr))
          : GetReplaceRange(dyn_cast<const CXXFunctionalCastExpr>(CastExpr));

Would something like that work?

164–175

See comment above.

clang-tools-extra/docs/ReleaseNotes.rst
139–140

Single back-ticks are used to do linking. Double back-ticks is probably what you're after.

clang-tools-extra/test/clang-tidy/checkers/google-readability-casting.cpp
335

Is a test to check new int(x) worth including? I see that the cpplint guys explicitly filter it out of their results.

salman-javed-nz added inline comments.Nov 26 2021, 12:15 AM
clang-tools-extra/clang-tidy/google/AvoidCStyleCastsCheck.cpp
120–124

Should this be an if ... else?

carlosgalvezp updated this revision to Diff 390165.Nov 27 2021, 9:00 AM
carlosgalvezp marked 5 inline comments as done.

Addressed comments.

clang-tools-extra/clang-tidy/google/AvoidCStyleCastsCheck.cpp
119–120

Thanks for the suggestion, much cleaner! I've made CastExpr become a ExplicitCastExpr instead (which is common base to both cast classes) to be able to handle only one object.

clang-tools-extra/test/clang-tidy/checkers/google-readability-casting.cpp
335

Sure, even though I think technically it's not a cast. At least it's not shown as such in the AST.

carlosgalvezp added inline comments.Nov 27 2021, 9:02 AM
clang-tools-extra/clang-tidy/google/AvoidCStyleCastsCheck.cpp
122

One problem I see here is in the future someone adds a 3rd class of casts - then this should become an if-else. That's why I had it like that before, but perhaps it's too "defensive" at this point.

Harbormaster completed remote builds in B136308: Diff 390165.Nov 27 2021, 9:15 AM
salman-javed-nz accepted this revision.Nov 27 2021, 6:40 PM

LGTM, thanks!

clang-tools-extra/test/clang-tidy/checkers/google-readability-casting.cpp
335

It's not a cast in the AST, but it's nice to document in the unit test that we have considered it and that that intend to treat it no differently to how cpplint treats it.

This revision is now accepted and ready to land.Nov 27 2021, 6:40 PM
Quuxplusone added a subscriber: Quuxplusone.Nov 27 2021, 7:20 PM
Quuxplusone added inline comments.
clang-tools-extra/test/clang-tidy/checkers/google-readability-casting.cpp
342

What about

template<class T> T foo(int i) { return T(i); }
int main() {
    foo<std::vector<int>>(); // valid, OK(!)
    foo<double>(); // valid, not OK
}

What about

struct Widget { Widget(int); };
using T = Widget;
using U = Widget&;
int i = 42;
Widget t = T(i);  // valid, OK?
Widget u = U(i);  // valid C++, should definitely not be OK

https://quuxplusone.github.io/blog/2020/01/22/expression-list-in-functional-cast/

carlosgalvezp updated this revision to Diff 390191.Nov 28 2021, 4:03 AM

Add extra test for template functions that use the functional cast. It should only warn when T is not a class type.

carlosgalvezp added inline comments.Nov 28 2021, 4:07 AM
clang-tools-extra/test/clang-tidy/checkers/google-readability-casting.cpp
342

Good point, thanks! I've added the first one to the unit test.

Regarding the second check, I'm not sure if it's the scope of this check. This check does not care whether the constructor of the class is implicit or not - if you use a class type, then you are calling the constructor so it's fine. Same goes when it's a reference - in my opinion this check is not concerned with that.

I definitely see the problems that can arise from the example that you posted, but maybe it fits better as a separate check in the bugprone category? This check (google-readability-casting) is focused only about avoiding C-style casting, i.e. it's a readability/style/modernize matter IMO. If cpplint is not diagnosing that, I don't think this check should either.

Harbormaster completed remote builds in B136327: Diff 390191.Nov 28 2021, 4:20 AM
carlosgalvezp added inline comments.Nov 28 2021, 5:55 AM
clang-tools-extra/test/clang-tidy/checkers/google-readability-casting.cpp
342

It seems I should be able to just add the second example as a test and clang-tidy would warn but, what should be the fixit for it? A static_cast<U> would lead to compiler error (which I personally would gladly take, but I don't know in general if we want clang-tidy to "fix" code leading to compiler errors"). Adding an ad-hoc message for this particular error seems out of the scope of a "readability" check.

What do you guys think?

carlosgalvezp added a comment.Nov 28 2021, 6:08 AM

Personally I think it's best to merge this as is, allowing people to e.g. replace cpplint with clang-tidy (one static analyzer to rule them all!), and add more functionality in a separate, focused patch. Looking forward to hearing your thoughts :)

salman-javed-nz added inline comments.Nov 29 2021, 1:29 AM
clang-tools-extra/test/clang-tidy/checkers/google-readability-casting.cpp
342

It seems I should be able to just add the second example as a test and clang-tidy would warn but, what should be the fixit for it?

If I run the second example, but with old style C casts instead:

Input:

struct Widget { Widget(int); };
using T = Widget;
using U = Widget&;
int i = 42;
Widget t = (T)(i);
Widget u = (U)(i);

Output after fixits:

struct Widget { Widget(int); };
using T = Widget;
using U = Widget&;
int i = 42;
Widget t = T(i);
Widget u = (U)(i);

I guess the fix Widget t = T(i); is OK as it is covered by this exception:

You may use cast formats like T(x) only when T is a class type.

For the Widget u = (U)(i); line, clang-tidy has warned about it but not offered a fix.

salman-javed-nz added a comment.EditedNov 29 2021, 2:12 AM

I think the primary goal is satisfied - in all cases the cast is identified and a warning is generated.

For the Widget& case, a warning is generated but no fixit is offered, but that isn't any worse than the existing C-style cast fixits.
It does sound like a case where offering no fix is better than offering a fix that makes things worse.
If a fixit were to be implemented, a new check sounds like the best place to host it, along with other hidden reinterpret_cast scenarios that we can think of.

What would be the right fixit for that anyway?
Widget u = U(i); --> Widget u = static_cast<T>(i); ?

Quuxplusone added inline comments.Nov 29 2021, 6:06 AM
clang-tools-extra/test/clang-tidy/checkers/google-readability-casting.cpp
342

What would be the right fixit for that anyway?
Widget u = U(i); --> Widget u = static_cast<T>(i); ?

No, this is a reinterpret_cast, so it would be

Widget u = reinterpret_cast<U>(i);

at least in C++. I don't know about C, but I imagine the problem doesn't come up.

(If the programmer looks at this line and says "oh geez, that's wrong," well, he'll either fix it or file a task to revisit weird reinterpret_casts in the codebase. If the programmer thinks the cast is correct, then personally I'd hope he rewrites it as Widget u = *reinterpret_cast<Widget*>(&i); for clarity, but that's not a clang-tidy issue.)

Relevant: "fixits versus suppression mechanisms" https://quuxplusone.github.io/blog/2020/09/02/wparentheses/ reinterpret_cast is a suppression mechanism; I infer that you're casting about for a fixit, which won't exist in this case.

carlosgalvezp updated this revision to Diff 390352.Nov 29 2021, 7:26 AM

Added Widget test case (reusing the S2 struct instead of adding a new struct Widget)

carlosgalvezp added inline comments.Nov 29 2021, 7:28 AM
clang-tools-extra/test/clang-tidy/checkers/google-readability-casting.cpp
342

Added test case, currently it provides a generic comment.

Thanks a lot for the explanation, this was eye-opening to me. I only thought of reinterpret casts when using pointers, but of course references are kind of the same thing :)

Let me know if you are happy with the patch!

Quuxplusone accepted this revision.Nov 29 2021, 7:48 AM

Marking "accepted" for the record; but my checkmark means merely "I'm not intending to block this," not "I claim the authority to say you should land this." :)

clang-tools-extra/clang-tidy/google/AvoidCStyleCastsCheck.cpp
166

IMO, this repeated conditional (compare lines 119–122) should be factored out into the body of the helper function getDestTypeString (rather than being repeated at every call-site), and getDestTypeString should take a const ExplicitCastExpr * instead of having two overloads. (Notice that you never use the overloading for anything: everywhere you call into the overload set, you do so with a non-dependent dyn_cast wrapped in a ?:, indicating that you don't really want overloading at all.)

StringRef DestTypeString = getDestTypeString(SM, getLangOpts(), CastExpr);
clang-tools-extra/test/clang-tidy/checkers/google-readability-casting.cpp
358–360

FWIW, I'd prefer to instantiate the same function template in both cases (because that's the interesting case for practical purposes — a template that's only instantiated once doesn't pose a problem for the programmer). But I get that you're doing this because it's easier to express the expected output.

369

It has also just now occurred to me that it might be interesting to see what happens with this warning in a SFINAE context, e.g.

template<class T> auto is_castable(int i) -> decltype(T(i), void(), true) { return true; }

but I suppose none of the things we could do there would be remotely sensible, so you'd just be testing basically that clang-tidy doesn't crash in that case. Anyway, no action needed.

carlosgalvezp updated this revision to Diff 390380.Nov 29 2021, 8:44 AM
carlosgalvezp marked 6 inline comments as done.

Moved conditionals inside function body.

clang-tools-extra/clang-tidy/google/AvoidCStyleCastsCheck.cpp
166

Updated to move the conditional into the function. I cannot avoid the casting though, because there is no common base class of CXXFunctionalCastExpr and CStyleCastExpr that has the methods getLParenLoc and so on, so that's why I need the type explicitly instead of invoking those methods from the base class.

The original solution used templates instead of overloading for this, but @salman-javed-nz suggested overloading instead. I think that's a bit easier to read IMO, with small functions having a single responsibility.

Let me know if you like the update :)

clang-tools-extra/test/clang-tidy/checkers/google-readability-casting.cpp
358–360

Yeah I'd prefer that too, but I wasn't sure how to set expectations on the same line for different inputs.

carlosgalvezp added a comment.Nov 29 2021, 8:46 AM
In D114427#3158405, @Quuxplusone wrote:

Marking "accepted" for the record; but my checkmark means merely "I'm not intending to block this," not "I claim the authority to say you should land this." :)

Thanks! I was recently told that this is not recommended, as the patch no longer shows the status "Needs review to proceed" and reviewers might not be able to see it immediately in their dashboards, thus delaying review.

Quuxplusone added inline comments.Nov 29 2021, 9:31 AM
clang-tools-extra/clang-tidy/google/AvoidCStyleCastsCheck.cpp
101–110

I actually meant to move the conditional inside the body, like this. ^
Now there's only one function, and the reader doesn't have to do mental overload resolution to figure out what the caller's behavior is intended to be.

clang-tools-extra/test/clang-tidy/checkers/google-readability-casting.cpp
318

Pre-existing: This looks accidental.

Quuxplusone added inline comments.Nov 29 2021, 9:35 AM
clang-tools-extra/clang-tidy/google/AvoidCStyleCastsCheck.cpp
63–79

Ditto here:

static clang::CharSourceRange
getReplaceRange(const ExplicitCastExpr *Expr) {
  if (const auto *CastExpr = dyn_cast<CStyleCastExpr>(Expr)) {
    return CharSourceRange::getCharRange(
        CastExpr->getLParenLoc(), CastExpr->getSubExprAsWritten()->getBeginLoc());
  } else if (const auto *CastExpr = dyn_cast<CXXFunctionalCastExpr>(Expr)) {
    return CharSourceRange::getCharRange(CastExpr->getBeginLoc(),
                                         CastExpr->getLParenLoc());
  } else {
    // however Clang spells "unreachable"
  }
}

Besides saving some reader-brain-cells, this also makes it clearer that there's a potential null dereference in the old code (if both dyn_casts fail) that we're hoping is unreachable. This way, we have a place we can annotate that with assert(false) or whatever, instead of just dereferencing null.

carlosgalvezp updated this revision to Diff 390394.Nov 29 2021, 9:49 AM

Move logic into single functions.

carlosgalvezp marked 2 inline comments as done.Nov 29 2021, 9:49 AM
Harbormaster completed remote builds in B136476: Diff 390394.Nov 29 2021, 11:04 AM
salman-javed-nz added inline comments.Nov 29 2021, 12:11 PM
clang-tools-extra/clang-tidy/google/AvoidCStyleCastsCheck.cpp
63–73

Looks much better than my suggested change. Good stuff.

clang-tools-extra/docs/ReleaseNotes.rst
139

Should this be like the

:doc:`bugprone-suspicious-memory-comparison
  <clang-tidy/checks/bugprone-suspicious-memory-comparison>`

a few lines above.

salman-javed-nz added a comment.Nov 29 2021, 12:32 PM

Nothing else that comes to mind that I want to see.
@Quuxplusone are you OK with the latest round of diffs?

clang-tools-extra/test/clang-tidy/checkers/google-readability-casting.cpp
318

Isn't this intentional? Isn't it saying what the CHECK-MESSAGES should look like in the future once the FIXME is done?

Quuxplusone added a comment.Nov 29 2021, 12:41 PM

LGTM!

clang-tools-extra/test/clang-tidy/checkers/google-readability-casting.cpp
318

Ah, I guess that must be it.
(C HECK-FIXES: ... is a really subtle idiom for FIXME the line above should become: ..., but OK!)

carlosgalvezp updated this revision to Diff 390580.Nov 29 2021, 11:21 PM
carlosgalvezp marked an inline comment as done.

Fixed doc.

carlosgalvezp added a comment.Nov 29 2021, 11:23 PM

Thanks a lot for the review! I've fixed the last comment by @salman-javed-nz . Since that was the last standing comment I'll push :)

This revision was landed with ongoing or failed builds.Nov 29 2021, 11:31 PM
Closed by commit rG5bbe50148f3b: [clang-tidy] Warn on functional C-style casts (authored by carlosgalvezp). · Explain Why
This revision was automatically updated to reflect the committed changes.
carlosgalvezp added a commit: rG5bbe50148f3b: [clang-tidy] Warn on functional C-style casts.
Harbormaster completed remote builds in B136609: Diff 390580.Nov 29 2021, 11:42 PM

Revision Contents

PathSize
clang-tools-extra/
clang-tidy/
google/
49 lines
docs/
5 lines
test/
clang-tidy/
checkers/
54 lines

Diff 390581

clang-tools-extra/clang-tidy/google/AvoidCStyleCastsCheck.cpp

Show All 25 Lines Finder->addMatcher(
// Filter out (EnumType)IntegerLiteral construct, which is generated // Filter out (EnumType)IntegerLiteral construct, which is generated
// for non-type template arguments of enum types. // for non-type template arguments of enum types.
// FIXME: Remove this once this is fixed in the AST. // FIXME: Remove this once this is fixed in the AST.
unless(hasParent(substNonTypeTemplateParmExpr())), unless(hasParent(substNonTypeTemplateParmExpr())),
// Avoid matches in template instantiations. // Avoid matches in template instantiations.
unless(isInTemplateInstantiation())) unless(isInTemplateInstantiation()))
.bind("cast"), .bind("cast"),
this); this);
Finder->addMatcher(
cxxFunctionalCastExpr(unless(hasDescendant(cxxConstructExpr())),
unless(hasDescendant(initListExpr())))
.bind("cast"),
this);
} }
static bool needsConstCast(QualType SourceType, QualType DestType) { static bool needsConstCast(QualType SourceType, QualType DestType) {
while ((SourceType->isPointerType() && DestType->isPointerType()) || while ((SourceType->isPointerType() && DestType->isPointerType()) ||
(SourceType->isReferenceType() && DestType->isReferenceType())) { (SourceType->isReferenceType() && DestType->isReferenceType())) {
SourceType = SourceType->getPointeeType(); SourceType = SourceType->getPointeeType();
DestType = DestType->getPointeeType(); DestType = DestType->getPointeeType();
if (SourceType.isConstQualified() && !DestType.isConstQualified()) { if (SourceType.isConstQualified() && !DestType.isConstQualified()) {
return (SourceType->isPointerType() == DestType->isPointerType()) && return (SourceType->isPointerType() == DestType->isPointerType()) &&
(SourceType->isReferenceType() == DestType->isReferenceType()); (SourceType->isReferenceType() == DestType->isReferenceType());
} }
} }
return false; return false;
} }
static bool pointedUnqualifiedTypesAreEqual(QualType T1, QualType T2) { static bool pointedUnqualifiedTypesAreEqual(QualType T1, QualType T2) {
while ((T1->isPointerType() && T2->isPointerType()) || while ((T1->isPointerType() && T2->isPointerType()) ||
(T1->isReferenceType() && T2->isReferenceType())) { (T1->isReferenceType() && T2->isReferenceType())) {
T1 = T1->getPointeeType(); T1 = T1->getPointeeType();
T2 = T2->getPointeeType(); T2 = T2->getPointeeType();
} }
return T1.getUnqualifiedType() == T2.getUnqualifiedType(); return T1.getUnqualifiedType() == T2.getUnqualifiedType();
} }
static clang::CharSourceRange getReplaceRange(const ExplicitCastExpr *Expr) {
if (const auto *CastExpr = dyn_cast<CStyleCastExpr>(Expr)) {
return CharSourceRange::getCharRange(
CastExpr->getLParenLoc(),
CastExpr->getSubExprAsWritten()->getBeginLoc());
} else if (const auto *CastExpr = dyn_cast<CXXFunctionalCastExpr>(Expr)) {
return CharSourceRange::getCharRange(CastExpr->getBeginLoc(),
CastExpr->getLParenLoc());
} else
llvm_unreachable("Unsupported CastExpr");
}
salman-javed-nzUnsubmitted
Not Done
ReplyInline Actions

Looks much better than my suggested change. Good stuff.

salman-javed-nz: Looks much better than my suggested change. Good stuff.
static StringRef getDestTypeString(const SourceManager &SM,
const LangOptions &LangOpts,
const ExplicitCastExpr *Expr) {
SourceLocation BeginLoc;
SourceLocation EndLoc;
QuuxplusoneUnsubmitted
Done
ReplyInline Actions

Ditto here:

static clang::CharSourceRange
getReplaceRange(const ExplicitCastExpr *Expr) {
  if (const auto *CastExpr = dyn_cast<CStyleCastExpr>(Expr)) {
    return CharSourceRange::getCharRange(
        CastExpr->getLParenLoc(), CastExpr->getSubExprAsWritten()->getBeginLoc());
  } else if (const auto *CastExpr = dyn_cast<CXXFunctionalCastExpr>(Expr)) {
    return CharSourceRange::getCharRange(CastExpr->getBeginLoc(),
                                         CastExpr->getLParenLoc());
  } else {
    // however Clang spells "unreachable"
  }
}

Besides saving some reader-brain-cells, this also makes it clearer that there's a potential null dereference in the old code (if both dyn_casts fail) that we're hoping is unreachable. This way, we have a place we can annotate that with assert(false) or whatever, instead of just dereferencing null.

Quuxplusone: Ditto here: ``` static clang::CharSourceRange getReplaceRange(const ExplicitCastExpr *Expr) {…
if (const auto *CastExpr = dyn_cast<CStyleCastExpr>(Expr)) {
BeginLoc = CastExpr->getLParenLoc().getLocWithOffset(1);
EndLoc = CastExpr->getRParenLoc().getLocWithOffset(-1);
} else if (const auto *CastExpr = dyn_cast<CXXFunctionalCastExpr>(Expr)) {
BeginLoc = CastExpr->getBeginLoc();
EndLoc = CastExpr->getLParenLoc().getLocWithOffset(-1);
} else
llvm_unreachable("Unsupported CastExpr");
return Lexer::getSourceText(CharSourceRange::getTokenRange(BeginLoc, EndLoc),
SM, LangOpts);
}
void AvoidCStyleCastsCheck::check(const MatchFinder::MatchResult &Result) { void AvoidCStyleCastsCheck::check(const MatchFinder::MatchResult &Result) {
const auto *CastExpr = Result.Nodes.getNodeAs<CStyleCastExpr>("cast"); const auto *CastExpr = Result.Nodes.getNodeAs<ExplicitCastExpr>("cast");
// Ignore casts in macros. // Ignore casts in macros.
if (CastExpr->getExprLoc().isMacroID()) if (CastExpr->getExprLoc().isMacroID())
return; return;
// Casting to void is an idiomatic way to mute "unused variable" and similar // Casting to void is an idiomatic way to mute "unused variable" and similar
// warnings. // warnings.
if (CastExpr->getCastKind() == CK_ToVoid) if (CastExpr->getCastKind() == CK_ToVoid)
return; return;
auto IsFunction = [](QualType T) { auto IsFunction = [](QualType T) {
T = T.getCanonicalType().getNonReferenceType(); T = T.getCanonicalType().getNonReferenceType();
return T->isFunctionType() || T->isFunctionPointerType() || return T->isFunctionType() || T->isFunctionPointerType() ||
T->isMemberFunctionPointerType(); T->isMemberFunctionPointerType();
}; };
QuuxplusoneUnsubmitted
Done
ReplyInline Actions
SM, LangOpts);
}
static StringRef getDestTypeString(const SourceManager &SM,
const LangOptions &LangOpts,
- const ExplicitCastExpr *CastExpr) {
- return isa<CStyleCastExpr>(CastExpr)
- ? getDestTypeString(SM, LangOpts,
- dyn_cast<const CStyleCastExpr>(CastExpr))
- : getDestTypeString(
- SM, LangOpts,
- dyn_cast<const CXXFunctionalCastExpr>(CastExpr));
+ const ExplicitCastExpr *Expr) {
+ SourceLocation BeginLoc = isa<CStyleCastExpr>(Expr)
+ ? dyn_cast<const CStyleCastExpr>(Expr)->getLParenLoc().getLocWithOffset(1)
+ : Expr->getBeginLoc();
+ SourceLocation EndLoc = isa<CStyleCastExpr>(Expr)
+ ? dyn_cast<const CStyleCastExpr>(Expr)->getRParenLoc().getLocWithOffset(-1)
+ : Expr->getEndLoc();
+ return Lexer::getSourceText(
+ CharSourceRange::getTokenRange(BeginLoc, EndLoc),
+ SM, LangOpts);
}
void AvoidCStyleCastsCheck::check(const MatchFinder::MatchResult &Result) {

I actually meant to move the conditional inside the body, like this. ^
Now there's only one function, and the reader doesn't have to do mental overload resolution to figure out what the caller's behavior is intended to be.

Quuxplusone: I actually meant to move the conditional //inside// the body, like this. ^ Now there's only one…
const QualType DestTypeAsWritten = const QualType DestTypeAsWritten =
CastExpr->getTypeAsWritten().getUnqualifiedType(); CastExpr->getTypeAsWritten().getUnqualifiedType();
const QualType SourceTypeAsWritten = const QualType SourceTypeAsWritten =
CastExpr->getSubExprAsWritten()->getType().getUnqualifiedType(); CastExpr->getSubExprAsWritten()->getType().getUnqualifiedType();
const QualType SourceType = SourceTypeAsWritten.getCanonicalType(); const QualType SourceType = SourceTypeAsWritten.getCanonicalType();
const QualType DestType = DestTypeAsWritten.getCanonicalType(); const QualType DestType = DestTypeAsWritten.getCanonicalType();
auto ReplaceRange = CharSourceRange::getCharRange( CharSourceRange ReplaceRange = getReplaceRange(CastExpr);
CastExpr->getLParenLoc(), CastExpr->getSubExprAsWritten()->getBeginLoc());
salman-javed-nzUnsubmitted
Done
ReplyInline Actions

The majority of checkExpr()'s contents are common to both types, CStyleCastExpr and CXXFunctionalCastExpr.
Only the ReplaceRange = CharSourceRange::getCharRange... and the DestTypeString = Lexer::getSourceText... parts change depending on the Expr type.

What about breaking those two assignments out into their own functions, rather than templating the entire checkExpr() function?

For example, (note: untested code)

clang::CharSourceRange GetReplaceRange(const CStyleCastExpr *CastExpr) {
  return CharSourceRange::getCharRange(
      CastExpr->getLParenLoc(), CastExpr->getSubExprAsWritten()->getBeginLoc());
}

clang::CharSourceRange GetReplaceRange(const CXXFunctionalCastExpr *CastExpr) {
  return CharSourceRange::getCharRange(CastExpr->getBeginLoc(),
                                       CastExpr->getLParenLoc());
}

...

CharSourceRange ReplaceRange =
      isa<CStyleCastExpr>(CastExpr)
          ? GetReplaceRange(dyn_cast<const CStyleCastExpr>(CastExpr))
          : GetReplaceRange(dyn_cast<const CXXFunctionalCastExpr>(CastExpr));

Would something like that work?

salman-javed-nz: The majority of `checkExpr()`'s contents are common to both types, `CStyleCastExpr` and…
carlosgalvezpAuthorUnsubmitted
Done
ReplyInline Actions

Thanks for the suggestion, much cleaner! I've made CastExpr become a ExplicitCastExpr instead (which is common base to both cast classes) to be able to handle only one object.

carlosgalvezp: Thanks for the suggestion, much cleaner! I've made `CastExpr` become a `ExplicitCastExpr`…
bool FnToFnCast = bool FnToFnCast =
IsFunction(SourceTypeAsWritten) && IsFunction(DestTypeAsWritten); IsFunction(SourceTypeAsWritten) && IsFunction(DestTypeAsWritten);
carlosgalvezpAuthorUnsubmitted
Done
ReplyInline Actions

One problem I see here is in the future someone adds a 3rd class of casts - then this should become an if-else. That's why I had it like that before, but perhaps it's too "defensive" at this point.

carlosgalvezp: One problem I see here is in the future someone adds a 3rd class of casts - then this should…
const bool ConstructorCast = !CastExpr->getTypeAsWritten().hasQualifiers() && const bool ConstructorCast = !CastExpr->getTypeAsWritten().hasQualifiers() &&
salman-javed-nzUnsubmitted
Done
ReplyInline Actions

Should this be an if ... else?

salman-javed-nz: Should this be an `if ... else`?
DestTypeAsWritten->isRecordType() && DestTypeAsWritten->isRecordType() &&
!DestTypeAsWritten->isElaboratedTypeSpecifier(); !DestTypeAsWritten->isElaboratedTypeSpecifier();
if (CastExpr->getCastKind() == CK_NoOp && !FnToFnCast) { if (CastExpr->getCastKind() == CK_NoOp && !FnToFnCast) {
// Function pointer/reference casts may be needed to resolve ambiguities in // Function pointer/reference casts may be needed to resolve ambiguities in
// case of overloaded functions, so detection of redundant casts is trickier // case of overloaded functions, so detection of redundant casts is trickier
// in this case. Don't emit "redundant cast" warnings for function // in this case. Don't emit "redundant cast" warnings for function
// pointer/reference types. // pointer/reference types.
Show All 21 Linesvoid AvoidCStyleCastsCheck::check(const MatchFinder::MatchResult &Result) {
// Ignore code in .c files #included in other files (which shouldn't be done, // Ignore code in .c files #included in other files (which shouldn't be done,
// but people still do this for test and other purposes). // but people still do this for test and other purposes).
if (SM.getFilename(SM.getSpellingLoc(CastExpr->getBeginLoc())).endswith(".c")) if (SM.getFilename(SM.getSpellingLoc(CastExpr->getBeginLoc())).endswith(".c"))
return; return;
// Leave type spelling exactly as it was (unlike // Leave type spelling exactly as it was (unlike
// getTypeAsWritten().getAsString() which would spell enum types 'enum X'). // getTypeAsWritten().getAsString() which would spell enum types 'enum X').
StringRef DestTypeString = StringRef DestTypeString = getDestTypeString(SM, getLangOpts(), CastExpr);
Lexer::getSourceText(CharSourceRange::getTokenRange(
CastExpr->getLParenLoc().getLocWithOffset(1),
CastExpr->getRParenLoc().getLocWithOffset(-1)),
SM, getLangOpts());
auto Diag = auto Diag =
diag(CastExpr->getBeginLoc(), "C-style casts are discouraged; use %0"); diag(CastExpr->getBeginLoc(), "C-style casts are discouraged; use %0");
QuuxplusoneUnsubmitted
Done
ReplyInline Actions

IMO, this repeated conditional (compare lines 119–122) should be factored out into the body of the helper function getDestTypeString (rather than being repeated at every call-site), and getDestTypeString should take a const ExplicitCastExpr * instead of having two overloads. (Notice that you never use the overloading for anything: everywhere you call into the overload set, you do so with a non-dependent dyn_cast wrapped in a ?:, indicating that you don't really want overloading at all.)

StringRef DestTypeString = getDestTypeString(SM, getLangOpts(), CastExpr);
Quuxplusone: IMO, this repeated conditional (compare lines 119–122) should be factored out into the //body//…
carlosgalvezpAuthorUnsubmitted
Done
ReplyInline Actions

Updated to move the conditional into the function. I cannot avoid the casting though, because there is no common base class of CXXFunctionalCastExpr and CStyleCastExpr that has the methods getLParenLoc and so on, so that's why I need the type explicitly instead of invoking those methods from the base class.

The original solution used templates instead of overloading for this, but @salman-javed-nz suggested overloading instead. I think that's a bit easier to read IMO, with small functions having a single responsibility.

Let me know if you like the update :)

carlosgalvezp: Updated to move the conditional into the function. I cannot avoid the casting though, because…
auto ReplaceWithCast = [&](std::string CastText) { auto ReplaceWithCast = [&](std::string CastText) {
const Expr *SubExpr = CastExpr->getSubExprAsWritten()->IgnoreImpCasts(); const Expr *SubExpr = CastExpr->getSubExprAsWritten()->IgnoreImpCasts();
if (!isa<ParenExpr>(SubExpr)) { if (!isa<ParenExpr>(SubExpr) && !isa<CXXFunctionalCastExpr>(CastExpr)) {
CastText.push_back('('); CastText.push_back('(');
Diag << FixItHint::CreateInsertion( Diag << FixItHint::CreateInsertion(
Lexer::getLocForEndOfToken(SubExpr->getEndLoc(), 0, SM, Lexer::getLocForEndOfToken(SubExpr->getEndLoc(), 0, SM,
getLangOpts()), getLangOpts()),
")"); ")");
} }
salman-javed-nzUnsubmitted
Done
ReplyInline Actions

See comment above.

salman-javed-nz: See comment above.
Diag << FixItHint::CreateReplacement(ReplaceRange, CastText); Diag << FixItHint::CreateReplacement(ReplaceRange, CastText);
}; };
auto ReplaceWithNamedCast = [&](StringRef CastType) { auto ReplaceWithNamedCast = [&](StringRef CastType) {
Diag << CastType; Diag << CastType;
ReplaceWithCast((CastType + "<" + DestTypeString + ">").str()); ReplaceWithCast((CastType + "<" + DestTypeString + ">").str());
}; };
auto ReplaceWithConstructorCall = [&]() { auto ReplaceWithConstructorCall = [&]() {
Diag << "constructor call syntax"; Diag << "constructor call syntax";
▲ Show 20 LinesShow All 76 LinesShow Last 20 Lines

clang-tools-extra/docs/ReleaseNotes.rst

Show First 20 LinesShow All 127 Lines▼ Show 20 Lines
- New alias :doc:`cert-flp37-c - New alias :doc:`cert-flp37-c
<clang-tidy/checks/cert-flp37-c>` to <clang-tidy/checks/cert-flp37-c>` to
:doc:`bugprone-suspicious-memory-comparison :doc:`bugprone-suspicious-memory-comparison
<clang-tidy/checks/bugprone-suspicious-memory-comparison>` was added. <clang-tidy/checks/bugprone-suspicious-memory-comparison>` was added.
Changes in existing checks Changes in existing checks
^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^
- Removed default setting `cppcoreguidelines-explicit-virtual-functions.IgnoreDestructors = "true"`, - Removed default setting ``cppcoreguidelines-explicit-virtual-functions.IgnoreDestructors = "true"``,
to match the current state of the C++ Core Guidelines. to match the current state of the C++ Core Guidelines.
- Updated :doc:`google-readability-casting
salman-javed-nzUnsubmitted
Done
ReplyInline Actions

Should this be like the

:doc:`bugprone-suspicious-memory-comparison
  <clang-tidy/checks/bugprone-suspicious-memory-comparison>`

a few lines above.

salman-javed-nz: Should this be like the ``` :doc:`bugprone-suspicious-memory-comparison <clang…
<clang-tidy/checks/google-readability-casting>` to diagnose and fix functional
salman-javed-nzUnsubmitted
Done
ReplyInline Actions

Single back-ticks are used to do linking. Double back-ticks is probably what you're after.

salman-javed-nz: Single back-ticks are used to do linking. Double back-ticks is probably what you're after.
casts, to achieve feature parity with the corresponding ``cpplint.py`` check.
Removed checks Removed checks
^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^
Improvements to include-fixer Improvements to include-fixer
----------------------------- -----------------------------
The improvements are... The improvements are...
Show All 18 Lines

clang-tools-extra/test/clang-tidy/checkers/google-readability-casting.cpp

Show First 20 LinesShow All 137 Lines▼ Show 20 Linesvoid f(int a, double b, const char *cpc, const void *cpv, X *pX) {
// CHECK-MESSAGES: :[[@LINE-1]]:7: warning: redundant cast to the same type // CHECK-MESSAGES: :[[@LINE-1]]:7: warning: redundant cast to the same type
// CHECK-FIXES: {{^}} e = (e); // CHECK-FIXES: {{^}} e = (e);
static const int kZero = 0; static const int kZero = 0;
(int)kZero; (int)kZero;
// CHECK-MESSAGES: :[[@LINE-1]]:3: warning: redundant cast to the same type // CHECK-MESSAGES: :[[@LINE-1]]:3: warning: redundant cast to the same type
// CHECK-FIXES: {{^}} kZero; // CHECK-FIXES: {{^}} kZero;
int b2 = int(b); int b2 = static_cast<double>(b);
int b3 = static_cast<double>(b); int b3 = b;
int b4 = b;
double aa = a; double aa = a;
(void)b2; (void)aa;
return (void)g(); return (void)g();
} }
template <typename T> template <typename T>
void template_function(T t, int n) { void template_function(T t, int n) {
int i = (int)t; int i = (int)t;
// CHECK-MESSAGES: :[[@LINE-1]]:11: warning: {{.*}}; use static_cast/const_cast/reinterpret_cast [ // CHECK-MESSAGES: :[[@LINE-1]]:11: warning: {{.*}}; use static_cast/const_cast/reinterpret_cast [
// CHECK-FIXES: int i = (int)t; // CHECK-FIXES: int i = (int)t;
▲ Show 20 LinesShow All 152 Lines▼ Show 20 Linesvoid conversions() {
auto s4 = (S)c; auto s4 = (S)c;
// CHECK-MESSAGES: :[[@LINE-1]]:13: warning: C-style casts are discouraged; use constructor call syntax [ // CHECK-MESSAGES: :[[@LINE-1]]:13: warning: C-style casts are discouraged; use constructor call syntax [
// CHECK-FIXES: auto s4 = S(c); // CHECK-FIXES: auto s4 = S(c);
ConvertibleToSRef cr; ConvertibleToSRef cr;
auto s5 = (const S&)cr; auto s5 = (const S&)cr;
// CHECK-MESSAGES: :[[@LINE-1]]:13: warning: C-style casts are discouraged; use static_cast/const_cast/reinterpret_cast [ // CHECK-MESSAGES: :[[@LINE-1]]:13: warning: C-style casts are discouraged; use static_cast/const_cast/reinterpret_cast [
// CHECK-FIXES: auto s5 = (const S&)cr; // CHECK-FIXES: auto s5 = (const S&)cr;
// FIXME: This should be a static_cast. // FIXME: This should be a static_cast.
// C HECK-FIXES: auto s5 = static_cast<const S&>(cr); // C HECK-FIXES: auto s5 = static_cast<const S&>(cr);
QuuxplusoneUnsubmitted
Not Done
ReplyInline Actions

Pre-existing: This looks accidental.

Quuxplusone: Pre-existing: This looks accidental.
salman-javed-nzUnsubmitted
Not Done
ReplyInline Actions

Isn't this intentional? Isn't it saying what the CHECK-MESSAGES should look like in the future once the FIXME is done?

salman-javed-nz: Isn't this intentional? Isn't it saying what the CHECK-MESSAGES should look like in the future…
QuuxplusoneUnsubmitted
Not Done
ReplyInline Actions

Ah, I guess that must be it.
(C HECK-FIXES: ... is a really subtle idiom for FIXME the line above should become: ..., but OK!)

Quuxplusone: Ah, I guess that must be it. (`C HECK-FIXES: ...` is a really subtle idiom for `FIXME the line…
auto s6 = (S)cr; auto s6 = (S)cr;
// CHECK-MESSAGES: :[[@LINE-1]]:13: warning: C-style casts are discouraged; use constructor call syntax [ // CHECK-MESSAGES: :[[@LINE-1]]:13: warning: C-style casts are discouraged; use constructor call syntax [
// CHECK-FIXES: auto s6 = S(cr); // CHECK-FIXES: auto s6 = S(cr);
} }
template <class T>
T functional_cast_template_used_by_class(float i) {
return T(i);
}
template <class T>
T functional_cast_template_used_by_int(float i) {
return T(i);
// CHECK-MESSAGES: :[[@LINE-1]]:10: warning: C-style casts are discouraged; use static_cast
// CHECK-FIXES: return static_cast<T>(i);
}
salman-javed-nzUnsubmitted
Done
ReplyInline Actions

Is a test to check new int(x) worth including? I see that the cpplint guys explicitly filter it out of their results.

salman-javed-nz: Is a test to check `new int(x)` worth including? I see that the cpplint guys explicitly filter…
carlosgalvezpAuthorUnsubmitted
Done
ReplyInline Actions

Sure, even though I think technically it's not a cast. At least it's not shown as such in the AST.

carlosgalvezp: Sure, even though I think technically it's not a cast. At least it's not shown as such in the…
salman-javed-nzUnsubmitted
Done
ReplyInline Actions

It's not a cast in the AST, but it's nice to document in the unit test that we have considered it and that that intend to treat it no differently to how cpplint treats it.

salman-javed-nz: It's not a cast in the AST, but it's nice to document in the unit test that we have considered…
struct S2 {
S2(float);
};
using T = S2;
using U = S2 &;
void functional_casts() {
QuuxplusoneUnsubmitted
Done
ReplyInline Actions

What about

template<class T> T foo(int i) { return T(i); }
int main() {
    foo<std::vector<int>>(); // valid, OK(!)
    foo<double>(); // valid, not OK
}

What about

struct Widget { Widget(int); };
using T = Widget;
using U = Widget&;
int i = 42;
Widget t = T(i);  // valid, OK?
Widget u = U(i);  // valid C++, should definitely not be OK

https://quuxplusone.github.io/blog/2020/01/22/expression-list-in-functional-cast/

Quuxplusone: What about ``` template<class T> T foo(int i) { return T(i); } int main() { foo<std…
carlosgalvezpAuthorUnsubmitted
Done
ReplyInline Actions

Good point, thanks! I've added the first one to the unit test.

Regarding the second check, I'm not sure if it's the scope of this check. This check does not care whether the constructor of the class is implicit or not - if you use a class type, then you are calling the constructor so it's fine. Same goes when it's a reference - in my opinion this check is not concerned with that.

I definitely see the problems that can arise from the example that you posted, but maybe it fits better as a separate check in the bugprone category? This check (google-readability-casting) is focused only about avoiding C-style casting, i.e. it's a readability/style/modernize matter IMO. If cpplint is not diagnosing that, I don't think this check should either.

carlosgalvezp: Good point, thanks! I've added the first one to the unit test. Regarding the second check, I'm…
carlosgalvezpAuthorUnsubmitted
Done
ReplyInline Actions

It seems I should be able to just add the second example as a test and clang-tidy would warn but, what should be the fixit for it? A static_cast<U> would lead to compiler error (which I personally would gladly take, but I don't know in general if we want clang-tidy to "fix" code leading to compiler errors"). Adding an ad-hoc message for this particular error seems out of the scope of a "readability" check.

What do you guys think?

carlosgalvezp: It seems I should be able to just add the second example as a test and clang-tidy would warn…
salman-javed-nzUnsubmitted
Done
ReplyInline Actions

It seems I should be able to just add the second example as a test and clang-tidy would warn but, what should be the fixit for it?

If I run the second example, but with old style C casts instead:

Input:

struct Widget { Widget(int); };
using T = Widget;
using U = Widget&;
int i = 42;
Widget t = (T)(i);
Widget u = (U)(i);

Output after fixits:

struct Widget { Widget(int); };
using T = Widget;
using U = Widget&;
int i = 42;
Widget t = T(i);
Widget u = (U)(i);

I guess the fix Widget t = T(i); is OK as it is covered by this exception:

You may use cast formats like T(x) only when T is a class type.

For the Widget u = (U)(i); line, clang-tidy has warned about it but not offered a fix.

salman-javed-nz: > It seems I should be able to just add the second example as a test and clang-tidy would warn…
QuuxplusoneUnsubmitted
Done
ReplyInline Actions

What would be the right fixit for that anyway?
Widget u = U(i); --> Widget u = static_cast<T>(i); ?

No, this is a reinterpret_cast, so it would be

Widget u = reinterpret_cast<U>(i);

at least in C++. I don't know about C, but I imagine the problem doesn't come up.

(If the programmer looks at this line and says "oh geez, that's wrong," well, he'll either fix it or file a task to revisit weird reinterpret_casts in the codebase. If the programmer thinks the cast is correct, then personally I'd hope he rewrites it as Widget u = *reinterpret_cast<Widget*>(&i); for clarity, but that's not a clang-tidy issue.)

Relevant: "fixits versus suppression mechanisms" https://quuxplusone.github.io/blog/2020/09/02/wparentheses/ reinterpret_cast is a suppression mechanism; I infer that you're casting about for a fixit, which won't exist in this case.

Quuxplusone: > What would be the right fixit for that anyway? > `Widget u = U(i); --> Widget u =…
carlosgalvezpAuthorUnsubmitted
Done
ReplyInline Actions

Added test case, currently it provides a generic comment.

Thanks a lot for the explanation, this was eye-opening to me. I only thought of reinterpret casts when using pointers, but of course references are kind of the same thing :)

Let me know if you are happy with the patch!

carlosgalvezp: Added test case, currently it provides a generic comment. Thanks a lot for the explanation…
float x = 1.5F;
auto y = int(x);
// CHECK-MESSAGES: :[[@LINE-1]]:12: warning: C-style casts are discouraged; use static_cast
// CHECK-FIXES: auto y = static_cast<int>(x);
#pragma clang diagnostic push
#pragma clang diagnostic ignored "-Wc++11-narrowing"
// This if fine, compiler will warn about implicit conversions with brace initialization
auto z = int{x};
#pragma clang diagnostic pop
// Functional casts are allowed if S is of class type
const char *str = "foo";
auto s = S(str);
// Functional casts in template functions
functional_cast_template_used_by_class<S2>(x);
functional_cast_template_used_by_int<int>(x);
QuuxplusoneUnsubmitted
Done
ReplyInline Actions

FWIW, I'd prefer to instantiate the same function template in both cases (because that's the interesting case for practical purposes — a template that's only instantiated once doesn't pose a problem for the programmer). But I get that you're doing this because it's easier to express the expected output.

Quuxplusone: FWIW, I'd prefer to instantiate the same function template in both cases (because that's the…
carlosgalvezpAuthorUnsubmitted
Done
ReplyInline Actions

Yeah I'd prefer that too, but I wasn't sure how to set expectations on the same line for different inputs.

carlosgalvezp: Yeah I'd prefer that too, but I wasn't sure how to set expectations on the same line for…
// New expressions are not functional casts
auto w = new int(x);
// Typedefs
S2 t = T(x); // OK, constructor call
S2 u = U(x); // NOK, it's a reinterpret_cast in disguise
// CHECK-MESSAGES: :[[@LINE-1]]:10: warning: C-style casts are discouraged; use static_cast/const_cast/reinterpret_cast
}
QuuxplusoneUnsubmitted
Done
ReplyInline Actions

It has also just now occurred to me that it might be interesting to see what happens with this warning in a SFINAE context, e.g.

template<class T> auto is_castable(int i) -> decltype(T(i), void(), true) { return true; }

but I suppose none of the things we could do there would be remotely sensible, so you'd just be testing basically that clang-tidy doesn't crash in that case. Anyway, no action needed.

Quuxplusone: It has also just now occurred to me that it might be interesting to see what happens with this…