This is an archive of the discontinued LLVM Phabricator instance.

Differential D13787

[clang-tidy] add check cppcoreguidelines-pro-type-vararg-use
ClosedPublic

Authored by mgehre on Oct 15 2015, 2:14 PM.

Details

Reviewers
aaron.ballman
alexfh
bkramer
sbenza
Commits
rG27da23464f46: [clang-tidy] add check cppcoreguidelines-pro-type-vararg
rCTE250939: [clang-tidy] add check cppcoreguidelines-pro-type-vararg
rL250939: [clang-tidy] add check cppcoreguidelines-pro-type-vararg
Summary

This check flags all calls to c-style vararg functions.

Passing to varargs assumes the correct type will be read. This is
fragile because it cannot generally be enforced to be safe in the
language and so relies on programmer discipline to get it right.

This rule is part of the "Type safety" profile of the C++ Core
Guidelines, see
https://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#-type8-avoid-reading-from-varargs-or-passing-vararg-arguments-prefer-variadic-template-parameters-instead

Diff Detail

Repository
rL LLVM

Event Timeline

mgehre updated this revision to Diff 37520.Oct 15 2015, 2:14 PM
mgehre retitled this revision from to [clang-tidy] add check cppcoreguidelines-pro-type-vararg-use.
mgehre updated this object.
mgehre added reviewers: alexfh, sbenza, bkramer, aaron.ballman.
mgehre added a subscriber: cfe-commits.
sbenza added inline comments.Oct 16 2015, 10:12 AM
clang-tidy/cppcoreguidelines/ProTypeVarargUseCheck.cpp
20 ↗(On Diff #37520)

The guideline says that we should also issue a diagnostics for uses of va_list/va_start/va_arg.

test/clang-tidy/cppcoreguidelines-pro-type-vararg-use.cpp
14 ↗(On Diff #37520)

how does this handle SFINAE style ... uses?
The guideline mentions this case as "useful" so we should try to avoid warning on it.

mgehre added inline comments.Oct 16 2015, 12:21 PM
clang-tidy/cppcoreguidelines/ProTypeVarargUseCheck.cpp
20 ↗(On Diff #37520)

This is handled by http://reviews.llvm.org/D13785

test/clang-tidy/cppcoreguidelines-pro-type-vararg-use.cpp
14 ↗(On Diff #37520)

I saw the note in the guidelines, but frankly I don't quite get the use case.
Do you have an example or reference for me?

sbenza added inline comments.Oct 19 2015, 9:54 AM
clang-tidy/cppcoreguidelines/ProTypeVarargUseCheck.cpp
20 ↗(On Diff #37520)

I see. They are split between vararg "def" and "use".

test/clang-tidy/cppcoreguidelines-pro-type-vararg-use.cpp
14 ↗(On Diff #37520)

... has the lowest rank for overload resolution.
You can use it as a default case.
Example:

template <typename T>
void CallFooIfAvailableImpl(T& t, decltype(t.foo())*) {
  t->foo();
}
template <typename T>
void CallFooIfAvailableImpl(T& t, ...) {
  // nothing
}
template <typename T>
void CallFooIfAvailable(T& t) {
  CallFooIfAvailableImpl(t, 0);
}

It is also useful when making traits.
Eg: https://en.wikibooks.org/wiki/More_C%2B%2B_Idioms/Member_Detector#Solution_and_Sample_Code

mgehre updated this revision to Diff 37790.Oct 19 2015, 2:01 PM

Revert "[clang-tidy] add cert's VariadicFunctionDefCheck as cppcoreguidelines-pro-type-vararg-def"; warn about va_* in this check (to allow SFINAE)

sbenza added inline comments.Oct 19 2015, 2:36 PM
clang-tidy/cppcoreguidelines/ProTypeVarargCheck.cpp
26 ↗(On Diff #37790)

Is there a way to look for the standard type (and not the implementation defined __xxx type name)?

test/clang-tidy/cppcoreguidelines-pro-type-vararg.cpp
38 ↗(On Diff #37790)

isn't va_arg as useless as va_copy (without va_start)?

Actually, given that va_arg is the only one we can look for without using the private __va_xxx name, maybe we should only warn on that one.

sbenza added inline comments.Oct 19 2015, 2:38 PM
test/clang-tidy/cppcoreguidelines-pro-type-vararg.cpp
27 ↗(On Diff #37790)

You would still warn on the callers of this.
Maybe we should ignore any call if the variadic part is a single argument with value 0, which is what is commonly used for SFINAE checks.

mgehre updated this revision to Diff 37814.Oct 19 2015, 4:16 PM

Only flag va_arg and variadic call. Suppress warning if the only vararg argument is literal 0.

sbenza edited edge metadata.Oct 20 2015, 1:01 PM

Minor comments only.

clang-tidy/cppcoreguidelines/ProTypeVarargCheck.cpp
29 ↗(On Diff #37814)

No need to mention __builtin_va_start anymore.

test/clang-tidy/cppcoreguidelines-pro-type-vararg.cpp
31 ↗(On Diff #37814)

nit: t.foo() here vs t->foo() in the next line.

mgehre updated this revision to Diff 37925.Oct 20 2015, 2:45 PM
mgehre edited edge metadata.

removed __builtin_va_start; change f->foo() to f.foo()

sbenza accepted this revision.Oct 20 2015, 2:49 PM
sbenza edited edge metadata.

Thanks for check.

This revision is now accepted and ready to land.Oct 20 2015, 2:49 PM
mgehre added a comment.Oct 20 2015, 3:37 PM

Thanks for the good review!

clang-tidy/cppcoreguidelines/ProTypeVarargCheck.cpp
26 ↗(On Diff #37790)

I don't see it in the AST, because the other names are macros. But maybe there is some magic I don't know of.

Closed by commit rL250939: [clang-tidy] add check cppcoreguidelines-pro-type-vararg (authored by mgehre). · Explain WhyOct 21 2015, 1:11 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
clang-tools-extra/
trunk/
clang-tidy/
cppcoreguidelines/
2 lines
6 lines
34 lines
76 lines
docs/
clang-tidy/
checks/
12 lines
1 line
test/
clang-tidy/
51 lines

Diff 38040

clang-tools-extra/trunk/clang-tidy/cppcoreguidelines/CMakeLists.txt

set(LLVM_LINK_COMPONENTS support) set(LLVM_LINK_COMPONENTS support)
add_clang_library(clangTidyCppCoreGuidelinesModule add_clang_library(clangTidyCppCoreGuidelinesModule
CppCoreGuidelinesTidyModule.cpp CppCoreGuidelinesTidyModule.cpp
ProBoundsPointerArithmeticCheck.cpp ProBoundsPointerArithmeticCheck.cpp
ProTypeConstCastCheck.cpp ProTypeConstCastCheck.cpp
ProTypeReinterpretCastCheck.cpp ProTypeReinterpretCastCheck.cpp
ProTypeStaticCastDowncastCheck.cpp ProTypeStaticCastDowncastCheck.cpp
ProTypeUnionAccessCheck.cpp ProTypeUnionAccessCheck.cpp
ProTypeVarargCheck.cpp
LINK_LIBS LINK_LIBS
clangAST clangAST
clangASTMatchers clangASTMatchers
clangBasic clangBasic
clangLex clangLex
clangTidy clangTidy
clangTidyCERTModule
clangTidyMiscModule clangTidyMiscModule
clangTidyUtils clangTidyUtils
clangTooling clangTooling
) )

clang-tools-extra/trunk/clang-tidy/cppcoreguidelines/CppCoreGuidelinesTidyModule.cpp

//===--- CppCoreGuidelinesModule.cpp - clang-tidy -------------------------===// //===--- CppCoreGuidelinesModule.cpp - clang-tidy -------------------------===//
// //
// The LLVM Compiler Infrastructure // The LLVM Compiler Infrastructure
// //
// This file is distributed under the University of Illinois Open Source // This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details. // License. See LICENSE.TXT for details.
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#include "../ClangTidy.h" #include "../ClangTidy.h"
#include "../ClangTidyModule.h" #include "../ClangTidyModule.h"
#include "../ClangTidyModuleRegistry.h" #include "../ClangTidyModuleRegistry.h"
#include "../cert/VariadicFunctionDefCheck.h"
#include "../misc/AssignOperatorSignatureCheck.h" #include "../misc/AssignOperatorSignatureCheck.h"
#include "ProBoundsPointerArithmeticCheck.h" #include "ProBoundsPointerArithmeticCheck.h"
#include "ProTypeConstCastCheck.h" #include "ProTypeConstCastCheck.h"
#include "ProTypeReinterpretCastCheck.h" #include "ProTypeReinterpretCastCheck.h"
#include "ProTypeStaticCastDowncastCheck.h" #include "ProTypeStaticCastDowncastCheck.h"
#include "ProTypeUnionAccessCheck.h" #include "ProTypeUnionAccessCheck.h"
#include "ProTypeVarargCheck.h"
namespace clang { namespace clang {
namespace tidy { namespace tidy {
namespace cppcoreguidelines { namespace cppcoreguidelines {
/// A module containing checks of the C++ Core Guidelines /// A module containing checks of the C++ Core Guidelines
class CppCoreGuidelinesModule : public ClangTidyModule { class CppCoreGuidelinesModule : public ClangTidyModule {
public: public:
void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override { void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override {
CheckFactories.registerCheck<ProBoundsPointerArithmeticCheck>( CheckFactories.registerCheck<ProBoundsPointerArithmeticCheck>(
"cppcoreguidelines-pro-bounds-pointer-arithmetic"); "cppcoreguidelines-pro-bounds-pointer-arithmetic");
CheckFactories.registerCheck<ProTypeConstCastCheck>( CheckFactories.registerCheck<ProTypeConstCastCheck>(
"cppcoreguidelines-pro-type-const-cast"); "cppcoreguidelines-pro-type-const-cast");
CheckFactories.registerCheck<VariadicFunctionDefCheck>(
"cppcoreguidelines-pro-type-vararg-def");
CheckFactories.registerCheck<ProTypeReinterpretCastCheck>( CheckFactories.registerCheck<ProTypeReinterpretCastCheck>(
"cppcoreguidelines-pro-type-reinterpret-cast"); "cppcoreguidelines-pro-type-reinterpret-cast");
CheckFactories.registerCheck<ProTypeStaticCastDowncastCheck>( CheckFactories.registerCheck<ProTypeStaticCastDowncastCheck>(
"cppcoreguidelines-pro-type-static-cast-downcast"); "cppcoreguidelines-pro-type-static-cast-downcast");
CheckFactories.registerCheck<ProTypeUnionAccessCheck>( CheckFactories.registerCheck<ProTypeUnionAccessCheck>(
"cppcoreguidelines-pro-type-union-access"); "cppcoreguidelines-pro-type-union-access");
CheckFactories.registerCheck<ProTypeVarargCheck>(
"cppcoreguidelines-pro-type-vararg");
CheckFactories.registerCheck<misc::AssignOperatorSignatureCheck>( CheckFactories.registerCheck<misc::AssignOperatorSignatureCheck>(
"cppcoreguidelines-c-copy-assignment-signature"); "cppcoreguidelines-c-copy-assignment-signature");
} }
}; };
// Register the LLVMTidyModule using this statically initialized variable. // Register the LLVMTidyModule using this statically initialized variable.
static ClangTidyModuleRegistry::Add<CppCoreGuidelinesModule> static ClangTidyModuleRegistry::Add<CppCoreGuidelinesModule>
X("cppcoreguidelines-module", "Adds checks for the C++ Core Guidelines."); X("cppcoreguidelines-module", "Adds checks for the C++ Core Guidelines.");
Show All 9 Lines

clang-tools-extra/trunk/clang-tidy/cppcoreguidelines/ProTypeVarargCheck.h

//===--- ProTypeVarargCheck.h - clang-tidy--------------------*- C++ -*-===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CPPCOREGUIDELINES_PRO_TYPE_VARARG_H
#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CPPCOREGUIDELINES_PRO_TYPE_VARARG_H
#include "../ClangTidy.h"
namespace clang {
namespace tidy {
/// This check flags all calls to c-style variadic functions and all use
/// of va_arg.
///
/// For the user-facing documentation see:
/// http://clang.llvm.org/extra/clang-tidy/checks/cppcoreguidelines-pro-type-vararg.html
class ProTypeVarargCheck : public ClangTidyCheck {
public:
ProTypeVarargCheck(StringRef Name, ClangTidyContext *Context)
: ClangTidyCheck(Name, Context) {}
void registerMatchers(ast_matchers::MatchFinder *Finder) override;
void check(const ast_matchers::MatchFinder::MatchResult &Result) override;
};
} // namespace tidy
} // namespace clang
#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CPPCOREGUIDELINES_PRO_TYPE_VARARG_H

clang-tools-extra/trunk/clang-tidy/cppcoreguidelines/ProTypeVarargCheck.cpp

//===--- ProTypeVarargCheck.cpp - clang-tidy-------------------------------===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
#include "ProTypeVarargCheck.h"
#include "clang/AST/ASTContext.h"
#include "clang/ASTMatchers/ASTMatchFinder.h"
using namespace clang::ast_matchers;
namespace clang {
namespace tidy {
const internal::VariadicDynCastAllOfMatcher<Stmt, VAArgExpr> vAArgExpr;
void ProTypeVarargCheck::registerMatchers(MatchFinder *Finder) {
if (!getLangOpts().CPlusPlus)
return;
Finder->addMatcher(vAArgExpr().bind("va_use"), this);
Finder->addMatcher(
callExpr(callee(functionDecl(isVariadic())))
.bind("callvararg"),
this);
}
static bool hasSingleVariadicArgumentWithValue(const CallExpr *C, uint64_t I) {
const auto *FDecl = dyn_cast<FunctionDecl>(C->getCalleeDecl());
if (!FDecl)
return false;
auto N = FDecl->getNumParams(); // Number of parameters without '...'
if (C->getNumArgs() != N + 1)
return false; // more/less than one argument passed to '...'
const auto *IntLit =
dyn_cast<IntegerLiteral>(C->getArg(N)->IgnoreParenImpCasts());
if (!IntLit)
return false;
if (IntLit->getValue() != I)
return false;
return true;
}
void ProTypeVarargCheck::check(const MatchFinder::MatchResult &Result) {
if (const auto *Matched = Result.Nodes.getNodeAs<CallExpr>("callvararg")) {
if (hasSingleVariadicArgumentWithValue(Matched, 0))
return;
diag(Matched->getExprLoc(), "do not call c-style vararg functions");
}
if (const auto *Matched = Result.Nodes.getNodeAs<Expr>("va_use")) {
diag(Matched->getExprLoc(),
"do not use va_start/va_arg to define c-style vararg functions; "
"use variadic templates instead");
}
if (const auto *Matched = Result.Nodes.getNodeAs<VarDecl>("va_list")) {
auto SR = Matched->getSourceRange();
if (SR.isInvalid())
return; // some implicitly generated builtins take va_list
diag(SR.getBegin(), "do not declare variables of type va_list; "
"use variadic templates instead");
}
}
} // namespace tidy
} // namespace clang

clang-tools-extra/trunk/docs/clang-tidy/checks/cppcoreguidelines-pro-type-vararg.rst

cppcoreguidelines-pro-type-vararg
=====================================
This check flags all calls to c-style vararg functions and all use
of va_arg.
To allow for SFINAE use of vararg functions, a call is not flagged if
a literal 0 is passed as the only vararg argument.
Passing to varargs assumes the correct type will be read. This is fragile because it cannot generally be enforced to be safe in the language and so relies on programmer discipline to get it right.
This rule is part of the "Type safety" profile of the C++ Core Guidelines, see
https://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#-type8-avoid-reading-from-varargs-or-passing-vararg-arguments-prefer-variadic-template-parameters-instead

clang-tools-extra/trunk/docs/clang-tidy/checks/list.rst

List of clang-tidy Checks List of clang-tidy Checks
========================= =========================
.. toctree:: .. toctree::
cert-setlongjmp cert-setlongjmp
cert-variadic-function-def cert-variadic-function-def
cppcoreguidelines-pro-bounds-pointer-arithmetic cppcoreguidelines-pro-bounds-pointer-arithmetic
cppcoreguidelines-pro-type-const-cast cppcoreguidelines-pro-type-const-cast
cppcoreguidelines-pro-type-reinterpret-cast cppcoreguidelines-pro-type-reinterpret-cast
cppcoreguidelines-pro-type-static-cast-downcast cppcoreguidelines-pro-type-static-cast-downcast
cppcoreguidelines-pro-type-union-access cppcoreguidelines-pro-type-union-access
cppcoreguidelines-pro-type-vararg
google-build-explicit-make-pair google-build-explicit-make-pair
google-build-namespaces google-build-namespaces
google-build-using-namespace google-build-using-namespace
google-explicit-constructor google-explicit-constructor
google-global-names-in-headers google-global-names-in-headers
google-readability-braces-around-statements google-readability-braces-around-statements
google-readability-casting google-readability-casting
google-readability-function-size google-readability-function-size
▲ Show 20 LinesShow All 52 LinesShow Last 20 Lines

clang-tools-extra/trunk/test/clang-tidy/cppcoreguidelines-pro-type-vararg.cpp

// RUN: %python %S/check_clang_tidy.py %s cppcoreguidelines-pro-type-vararg %t
void f(int i);
void f_vararg(int i, ...);
struct C {
void g_vararg(...);
void g(const char*);
} c;
template<typename... P>
void cpp_vararg(P... p);
void check() {
f_vararg(1, 7, 9);
// CHECK-MESSAGES: :[[@LINE-1]]:3: warning: do not call c-style vararg functions [cppcoreguidelines-pro-type-vararg]
c.g_vararg("foo");
// CHECK-MESSAGES: :[[@LINE-1]]:3: warning: do not call c-style vararg functions
f(3); // OK
c.g("foo"); // OK
cpp_vararg(1, 7, 9); // OK
}
// ... as a parameter is allowed (e.g. for SFINAE)
template <typename T>
void CallFooIfAvailableImpl(T& t, ...) {
// nothing
}
template <typename T>
void CallFooIfAvailableImpl(T& t, decltype(t.foo())*) {
t.foo();
}
template <typename T>
void CallFooIfAvailable(T& t) {
CallFooIfAvailableImpl(t, 0); // OK to call variadic function when the argument is a literal 0
}
#include <cstdarg>
void my_printf(const char* format, ...) {
va_list ap;
va_start(ap, format);
// CHECK-MESSAGES: :[[@LINE-1]]:3: warning: do not call c-style vararg functions
va_list n;
va_copy(n, ap); // Don't warn, va_copy is anyway useless without va_start
int i = va_arg(ap, int);
// CHECK-MESSAGES: :[[@LINE-1]]:11: warning: do not use va_start/va_arg to define c-style vararg functions; use variadic templates instead
va_end(ap); // Don't warn, va_end is anyway useless without va_start
}
int my_vprintf(const char* format, va_list arg ); // OK to declare function taking va_list