This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
clang-tidy/hicpp/
-
hicpp/
-
CMakeLists.txt
-
HICPPTidyModule.cpp
-
SignedBitwiseCheck.h
18/18
SignedBitwiseCheck.cpp
-
docs/
-
ReleaseNotes.rst
-
clang-tidy/checks/
-
checks/
2/2
hicpp-signed-bitwise.rst
-
list.rst
-
test/clang-tidy/
-
clang-tidy/
2/2
hicpp-signed-bitwise.cpp

Differential D36586

[clang-tidy] hicpp bitwise operations on signed integers
ClosedPublic

Authored by JonasToth on Aug 10 2017, 12:07 PM.

Download Raw Diff

Details

Reviewers

aaron.ballman
hokein
alexfh
Eugene.Zelenko

Commits

rGa8c34530df86: [clang-tidy] hicpp bitwise operations on signed integers
rCTE312122: [clang-tidy] hicpp bitwise operations on signed integers
rL312122: [clang-tidy] hicpp bitwise operations on signed integers

Summary

This check implements the rule 5.6. HIC++
that forbidds bitwise operations on signed integer types.

Diff Detail

Build Status

Buildable 9772
Build 9772: arc lint + arc unit

Event Timeline

JonasToth created this revision.Aug 10 2017, 12:07 PM

Herald added subscribers: xazax.hun, JDevlieghere, mgorny. · View Herald TranscriptAug 10 2017, 12:07 PM

Eugene.Zelenko added inline comments.Aug 10 2017, 1:01 PM

docs/clang-tidy/checks/hicpp-signed-bitwise.rst
7	Please add short description. Copying it from ReleaseNotes.rst should be fine.

Fix documentation of checker

Harbormaster completed remote builds in B9212: Diff 110628.Aug 10 2017, 1:27 PM

Eugene.Zelenko added inline comments.Aug 10 2017, 6:53 PM

clang-tidy/hicpp/SignedBitwiseCheck.cpp
59	Unnecessary empty line.
docs/clang-tidy/checks/hicpp-signed-bitwise.rst
9	Please insert empty line above.

JonasToth marked 2 inline comments as done.Aug 11 2017, 3:18 AM

fix review comments from eugene

Harbormaster completed remote builds in B9219: Diff 110681.Aug 11 2017, 3:19 AM

aaron.ballman added inline comments.Aug 11 2017, 6:23 AM

clang-tidy/hicpp/SignedBitwiseCheck.cpp
24	Is ignoring implicit casts the correct behavior here as far as the coding standard is concerned? Consider: unsigned char c = 128; f(~c); // c promotes to int before ~ is applied Looking at the coding standard, I get the impression this is not allowed, but I'm not super familiar with HIC++.
43	Any particular reason this local variable is needed? If so, it should not be declared with `auto`.
49	s/and/an However, I think this assert can be removed as it cannot trigger unless the AST matching facilities have broken (which will break a lot of tests).
51	Elide braces here and below.
53–57	I think these diagnostics should be combined into a single diagnostic using a %select. Also, you can use `getSourceRange()` instead of manually creating the range. The wording of the diagnostic is a bit off, I would go with something more along the lines of: "use of a signed integer operand with a %select{binary\|unary}0 bitwise operator"
58	I'm not certain there is utility in highlighting the operator, since the operand is what's at fault.
63	I don't think a note is appropriate here; I would include the `SourceRange` for the offending operand in the preceding diagnostic.

JonasToth marked 5 inline comments as done.Aug 11 2017, 7:27 AM

JonasToth added inline comments.

clang-tidy/hicpp/SignedBitwiseCheck.cpp
24	I first implemented it without ignoring the implicit integer casts, the result was, that most cases (in test cases) where not found. therefore i implemented it that way. I add an testcase for this and see how i need to adjust the matcher. Could you help me there with the semantic, since i am not so fluent in C/C++ standardese, but i think the findings are reasonable.
43	This shortens the next 3 lines, otherwise there will be linebreaks that are bad for readability (IMHO).

adress aarons comments

Harbormaster completed remote builds in B9227: Diff 110721.Aug 11 2017, 7:28 AM

JonasToth marked an inline comment as done.Aug 11 2017, 7:34 AM

adjusted diagnostics

aaron.ballman added inline comments.Aug 11 2017, 9:19 AM

clang-tidy/hicpp/SignedBitwiseCheck.cpp
24	It kind of boils down to the intention from the HIC++. Consider a test case like: void f(int i); void g() { unsigned char c = 127; f(~c); } Does `f()` expect to receive `-128` or `128`? I think this code will pass your check (ignoring the promotion means the type is `unsigned char`), but the actual bitwise operation is on a signed integer value because there is an integer promotion. So 127 is promoted to int, then ~ is applied, resulting in the value `-128` being passed to the function.
48	You can elide the parens, or use `!!SignedBinary`.
52	The logic with `IsBinary` seems incorrect to me -- if its value is true, then it selects the "unary" option.

minor stuff and rebase

Harbormaster completed remote builds in B9240: Diff 110789.Aug 11 2017, 12:51 PM

aaron.ballman added inline comments.Aug 11 2017, 12:54 PM

clang-tidy/hicpp/SignedBitwiseCheck.cpp
48	Rather than go with the negative logic, why not go with `IsUnary = SignedUnary != nullptr`?

JonasToth added inline comments.Aug 11 2017, 1:03 PM

clang-tidy/hicpp/SignedBitwiseCheck.cpp
24	Yeah i see, i have such cases added in the tests. TBH. i don't know if the standard wants this covered, but the demonstrated case is definitly bad. Would it be a good idea, to warn on assigning/initializing `signed` integers with `unsigned` integers? The CppCoreGuidelines have some sections on that as well: Section ES.100-103 Not sure if this check should care. On the other hand, would it be nice to have a check that covers all "integer problems".

minor fix for logic, testcase improved

JonasToth marked an inline comment as done.Aug 11 2017, 1:18 PM

aaron.ballman added inline comments.Aug 16 2017, 6:42 AM

clang-tidy/hicpp/SignedBitwiseCheck.cpp
24	Yeah i see, i have such cases added in the tests. TBH. i don't know if the standard wants this covered, but the demonstrated case is definitly bad. I think you should ask the HIC++ people what they think; the rule text does not make it clear what the behavior should be here. Would it be a good idea, to warn on assigning/initializing signed integers with unsigned integers? We already have such a warning in clang (-Wsign-conversion). The CppCoreGuidelines have some sections on that as well: Section ES.100-103 Not sure if this check should care. On the other hand, would it be nice to have a check that covers all "integer problems". Any such check will require so many options that it is likely to be almost unusable. However, I would not be opposed to seeing a clang-tidy module that has a bunch of checks in it that relate to integer problems.

JDevlieghere added a subscriber: cfe-commits.Aug 17 2017, 3:43 PM

JonasToth added inline comments.Aug 24 2017, 8:41 AM

clang-tidy/hicpp/SignedBitwiseCheck.cpp
24	i think, those could land in `bugprone-`, and be aliases to hicpp and the cppcoreguidelines if appropriate. depending on my time (i should have a lot of free time for 2 months) i will try to implement some. is there a resource with all common problems found with integers?

get up to date with master
added testcase for enums

fix indendation in testcase

Harbormaster completed remote builds in B9602: Diff 112573.Aug 24 2017, 9:16 AM

JonasToth added inline comments.Aug 30 2017, 2:32 AM

clang-tidy/hicpp/SignedBitwiseCheck.cpp
24	The response from Christof: Hi Jonas, using bitwise operators with unsigned operands is compliant with this rule, even if the operand is promoted to signed int. expr.unary.op in the C++ standard says "The operand of ~ shall have integral or unscoped enumeration type; [...] Integral promotions are performed. The type of the result is the type of the promoted operand." The HICPP rule refers to the type of the operand (and not the type of the promoted operand), it therefore refers to the type before promotion (which is "unsigned char" in the example). Regards, Christof Your requested case is therefore conforming and i think the current implementation handles these things correct.

aaron.ballman added inline comments.Aug 30 2017, 4:54 AM

clang-tidy/hicpp/SignedBitwiseCheck.cpp
24	Your requested case is therefore conforming and i think the current implementation handles these things correct. Agreed; thank you for following up on this!
test/clang-tidy/hicpp-signed-bitwise.cpp
206	I don't think it helps to have this code remain in the test case. Can you add tests for the following? int i1 = 1 << 12; int i2 = 1u << 12; enum E { one = 1, two = 2, test1 = 1 << 12, test2 = one << two, test3 = 1u << 12 };

added additional testcases, like @aaron.ballman requested
fixed diagnostics

JonasToth marked an inline comment as done.Aug 30 2017, 6:06 AM

JonasToth added inline comments.

test/clang-tidy/hicpp-signed-bitwise.cpp
206	the first two cases `int i1 ...` are in the first function of this file( `binary_bitwise`).

JonasToth marked 2 inline comments as done.Aug 30 2017, 6:06 AM

Thanks! LGTM!

This revision is now accepted and ready to land.Aug 30 2017, 6:17 AM

JonasToth closed this revision.Aug 30 2017, 6:33 AM

Revision Contents

Path

Size

clang-tidy/

hicpp/

CMakeLists.txt

1 line

HICPPTidyModule.cpp

3 lines

SignedBitwiseCheck.h

36 lines

SignedBitwiseCheck.cpp

56 lines

docs/

ReleaseNotes.rst

6 lines

clang-tidy/

checks/

hicpp-signed-bitwise.rst

9 lines

list.rst

1 line

test/

clang-tidy/

hicpp-signed-bitwise.cpp

219 lines

Commit	Tree	Parents	Author	Summary	Date
dbca800813bd	2f17f24fc54a	0d8b44f7efac	Jonas Toth	more testcases and fixed diagnostics	Aug 30 2017, 6:01 AM
0d8b44f7efac	76fda7ba5652	1343dda4ba8f	Jonas Toth	add trailing comma	Aug 30 2017, 5:47 AM
1343dda4ba8f	7a8b7c606aa6	cc0e903cbb71 b5672f2f79e8	Jonas Toth	Merge branch 'master' of http://llvm.org/git/clang-tools-extra into… (Show More…)	Aug 30 2017, 5:32 AM
cc0e903cbb71	4b4297ab7d42	a8c26593c7a7	Jonas Toth	added additional testcases, like @aaron.ballman requested	Aug 30 2017, 5:32 AM
a8c26593c7a7	1437b9a7ed1e	a2fe7f7dc90b c543235c134f	Jonas Toth	Merge branch 'master' into check_signed_bitoperations	Aug 24 2017, 9:21 AM
a2fe7f7dc90b	0a087dd312a1	7bcfef47628a	Jonas Toth	fix indendation in testcase	Aug 24 2017, 9:12 AM
7bcfef47628a	e416ab4c5b5d	2a5a8cd4d4b3	Jonas Toth	[Tests] added testcase for enums	Aug 24 2017, 9:10 AM
2a5a8cd4d4b3	ff92fb3c577a	01b7ffe2d85e 8ec0380620d7	Jonas Toth	get up to date with master	Aug 23 2017, 9:44 AM
01b7ffe2d85e	1ed7c3892348	4ee9ac6a6cc9	Jonas Toth	minor fix for logic, testcase improved	Aug 11 2017, 1:14 PM
4ee9ac6a6cc9	1162b40944ff	6522f52d682c	Jonas Toth	clean up	Aug 11 2017, 12:39 PM
6522f52d682c	189eaff0e2f2	1075ed75c3ea	Jonas Toth	[Misc] adjusted variable name to show the negative logic condition	Aug 11 2017, 7:35 AM
1075ed75c3ea	5585e82bb053	9535351f60a7	Jonas Toth	adjusted diagnostics	Aug 11 2017, 7:31 AM
9535351f60a7	55445605c6d2	e4ebf75ab614	Jonas Toth	adress aarons comments	Aug 11 2017, 7:25 AM
e4ebf75ab614	fada8796f6ed	a1be90b5463a	Jonas Toth	[Misc] fix review comments from eugene	Aug 11 2017, 3:16 AM
a1be90b5463a	efbec4c85b27	e88ac49c428f	Jonas Toth	Fix documentation of checker	Aug 10 2017, 1:25 PM
e88ac49c428f	3578326a1618	0ca929334ee7	Jonas Toth	[Doc] merge problems	Aug 10 2017, 11:45 AM
0ca929334ee7	9d121f248b70	1c1288d0d39d	Jonas Toth	[Doc] release notes ordered	Aug 10 2017, 11:44 AM
1c1288d0d39d	9c891ef11f42	341f40583dd5	Jonas Toth	[Test] all operators tested	Aug 10 2017, 11:41 AM
341f40583dd5	d0353ed65f33	5fc01ea13217	Jonas Toth	[Feature] matchers for bitwise operations done	Aug 10 2017, 6:10 AM
5fc01ea13217	9c891ef11f42	016afb995c3e	Jonas Toth	[Doc] working on doc	Aug 10 2017, 4:53 AM
016afb995c3e	9d121f248b70	79523207df32	Jonas Toth	[Misc] start new check for 5.6.1 of hicpp	Aug 10 2017, 4:50 AM
79523207df32	69a99c9e3203	9269f425e611	Jonas Toth	[Test] all operators tested	Aug 10 2017, 11:41 AM
9269f425e611	91c51709e535	4d02f808bbc2	Jonas Toth	[Feature] matchers for bitwise operations done	Aug 10 2017, 6:10 AM
4d02f808bbc2	3d0f9ac9918c	0f73e9d259cf	Jonas Toth	[Test] first examples in test cases	Aug 10 2017, 5:13 AM
0f73e9d259cf	4fc624ffe80e	2d5ab93fbaea	Jonas Toth	[Doc] working on doc	Aug 10 2017, 4:53 AM
2d5ab93fbaea	0fb9a9824f66	b4829b414023	Jonas Toth	[Misc] start new check for 5.6.1 of hicpp	Aug 10 2017, 4:50 AM

Diff 113246

clang-tidy/hicpp/CMakeLists.txt

	set(LLVM_LINK_COMPONENTS support)			set(LLVM_LINK_COMPONENTS support)

	add_clang_library(clangTidyHICPPModule			add_clang_library(clangTidyHICPPModule
	ExceptionBaseclassCheck.cpp			ExceptionBaseclassCheck.cpp
	NoAssemblerCheck.cpp			NoAssemblerCheck.cpp
	HICPPTidyModule.cpp			HICPPTidyModule.cpp
				SignedBitwiseCheck.cpp

	LINK_LIBS			LINK_LIBS
	clangAST			clangAST
	clangASTMatchers			clangASTMatchers
	clangBasic			clangBasic
	clangLex			clangLex
	clangTidy			clangTidy
	clangTidyCppCoreGuidelinesModule			clangTidyCppCoreGuidelinesModule
	clangTidyGoogleModule			clangTidyGoogleModule
	clangTidyMiscModule			clangTidyMiscModule
	clangTidyModernizeModule			clangTidyModernizeModule
	clangTidyReadabilityModule			clangTidyReadabilityModule
	clangTidyUtils			clangTidyUtils
	)			)

clang-tidy/hicpp/HICPPTidyModule.cpp

	Show All 20 Lines
	#include "../modernize/UseEqualsDefaultCheck.h"			#include "../modernize/UseEqualsDefaultCheck.h"
	#include "../modernize/UseEqualsDeleteCheck.h"			#include "../modernize/UseEqualsDeleteCheck.h"
	#include "../modernize/UseOverrideCheck.h"			#include "../modernize/UseOverrideCheck.h"
	#include "../readability/BracesAroundStatementsCheck.h"			#include "../readability/BracesAroundStatementsCheck.h"
	#include "../readability/FunctionSizeCheck.h"			#include "../readability/FunctionSizeCheck.h"
	#include "../readability/IdentifierNamingCheck.h"			#include "../readability/IdentifierNamingCheck.h"
	#include "ExceptionBaseclassCheck.h"			#include "ExceptionBaseclassCheck.h"
	#include "NoAssemblerCheck.h"			#include "NoAssemblerCheck.h"
				#include "SignedBitwiseCheck.h"

	namespace clang {			namespace clang {
	namespace tidy {			namespace tidy {
	namespace hicpp {			namespace hicpp {

	class HICPPModule : public ClangTidyModule {			class HICPPModule : public ClangTidyModule {
	public:			public:
	void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override {			void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override {
	CheckFactories.registerCheck<readability::BracesAroundStatementsCheck>(			CheckFactories.registerCheck<readability::BracesAroundStatementsCheck>(
	"hicpp-braces-around-statements");			"hicpp-braces-around-statements");
	CheckFactories.registerCheck<ExceptionBaseclassCheck>(			CheckFactories.registerCheck<ExceptionBaseclassCheck>(
	"hicpp-exception-baseclass");			"hicpp-exception-baseclass");
				CheckFactories.registerCheck<SignedBitwiseCheck>(
				"hicpp-signed-bitwise");
	CheckFactories.registerCheck<google::ExplicitConstructorCheck>(			CheckFactories.registerCheck<google::ExplicitConstructorCheck>(
	"hicpp-explicit-conversions");			"hicpp-explicit-conversions");
	CheckFactories.registerCheck<readability::FunctionSizeCheck>(			CheckFactories.registerCheck<readability::FunctionSizeCheck>(
	"hicpp-function-size");			"hicpp-function-size");
	CheckFactories.registerCheck<readability::IdentifierNamingCheck>(			CheckFactories.registerCheck<readability::IdentifierNamingCheck>(
	"hicpp-named-parameter");			"hicpp-named-parameter");
	CheckFactories.registerCheck<misc::UseAfterMoveCheck>(			CheckFactories.registerCheck<misc::UseAfterMoveCheck>(
	"hicpp-invalid-access-moved");			"hicpp-invalid-access-moved");
	Show All 33 Lines

clang-tidy/hicpp/SignedBitwiseCheck.h

This file was added.

				//===--- SignedBitwiseCheck.h - clang-tidy------------------------ C++ --===//
				//
				// The LLVM Compiler Infrastructure
				//
				// This file is distributed under the University of Illinois Open Source
				// License. See LICENSE.TXT for details.
				//
				//===----------------------------------------------------------------------===//

				#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_HICPP_SIGNED_BITWISE_H
				#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_HICPP_SIGNED_BITWISE_H

				#include "../ClangTidy.h"

				namespace clang {
				namespace tidy {
				namespace hicpp {

				/// This check implements the rule 5.6.1 of the HICPP Standard, which disallows
				/// bitwise operations on signed integer types.
				///
				/// For the user-facing documentation see:
				/// http://clang.llvm.org/extra/clang-tidy/checks/hicpp-signed-bitwise.html
				class SignedBitwiseCheck : public ClangTidyCheck {
				public:
				SignedBitwiseCheck(StringRef Name, ClangTidyContext *Context)
				: ClangTidyCheck(Name, Context) {}
				void registerMatchers(ast_matchers::MatchFinder *Finder) override;
				void check(const ast_matchers::MatchFinder::MatchResult &Result) override;
				};

				} // namespace hicpp
				} // namespace tidy
				} // namespace clang

				#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_HICPP_SIGNED_BITWISE_H

clang-tidy/hicpp/SignedBitwiseCheck.cpp

This file was added.

				//===--- SignedBitwiseCheck.cpp - clang-tidy-------------------------------===//
				//
				// The LLVM Compiler Infrastructure
				//
				// This file is distributed under the University of Illinois Open Source
				// License. See LICENSE.TXT for details.
				//
				//===----------------------------------------------------------------------===//

				#include "SignedBitwiseCheck.h"
				#include "clang/AST/ASTContext.h"
				#include "clang/ASTMatchers/ASTMatchFinder.h"

				using namespace clang::ast_matchers;
				using namespace clang::ast_matchers::internal;

				namespace clang {
				namespace tidy {
				namespace hicpp {

				void SignedBitwiseCheck::registerMatchers(MatchFinder *Finder) {
				const auto SignedIntegerOperand =
				expr(ignoringImpCasts(hasType(isSignedInteger()))).bind("signed_operand");

				aaron.ballmanUnsubmitted Done Reply Inline Actions Is ignoring implicit casts the correct behavior here as far as the coding standard is concerned? Consider: unsigned char c = 128; f(~c); // c promotes to int before ~ is applied Looking at the coding standard, I get the impression this is not allowed, but I'm not super familiar with HIC++. aaron.ballman: Is ignoring implicit casts the correct behavior here as far as the coding standard is concerned?
				JonasTothAuthorUnsubmitted Done Reply Inline Actions I first implemented it without ignoring the implicit integer casts, the result was, that most cases (in test cases) where not found. therefore i implemented it that way. I add an testcase for this and see how i need to adjust the matcher. Could you help me there with the semantic, since i am not so fluent in C/C++ standardese, but i think the findings are reasonable. JonasToth: I first implemented it without ignoring the implicit integer casts, the result was, that most…
				aaron.ballmanUnsubmitted Done Reply Inline Actions It kind of boils down to the intention from the HIC++. Consider a test case like: void f(int i); void g() { unsigned char c = 127; f(~c); } Does `f()` expect to receive `-128` or `128`? I think this code will pass your check (ignoring the promotion means the type is `unsigned char`), but the actual bitwise operation is on a signed integer value because there is an integer promotion. So 127 is promoted to int, then ~ is applied, resulting in the value `-128` being passed to the function. aaron.ballman: It kind of boils down to the intention from the HIC++. Consider a test case like: ``` void f…
				JonasTothAuthorUnsubmitted Done Reply Inline Actions Yeah i see, i have such cases added in the tests. TBH. i don't know if the standard wants this covered, but the demonstrated case is definitly bad. Would it be a good idea, to warn on assigning/initializing `signed` integers with `unsigned` integers? The CppCoreGuidelines have some sections on that as well: Section ES.100-103 Not sure if this check should care. On the other hand, would it be nice to have a check that covers all "integer problems". JonasToth: Yeah i see, i have such cases added in the tests. TBH. i don't know if the standard wants this…
				aaron.ballmanUnsubmitted Done Reply Inline Actions Yeah i see, i have such cases added in the tests. TBH. i don't know if the standard wants this covered, but the demonstrated case is definitly bad. I think you should ask the HIC++ people what they think; the rule text does not make it clear what the behavior should be here. Would it be a good idea, to warn on assigning/initializing signed integers with unsigned integers? We already have such a warning in clang (-Wsign-conversion). The CppCoreGuidelines have some sections on that as well: Section ES.100-103 Not sure if this check should care. On the other hand, would it be nice to have a check that covers all "integer problems". Any such check will require so many options that it is likely to be almost unusable. However, I would not be opposed to seeing a clang-tidy module that has a bunch of checks in it that relate to integer problems. aaron.ballman: > Yeah i see, i have such cases added in the tests. > TBH. i don't know if the standard wants…
				JonasTothAuthorUnsubmitted Done Reply Inline Actions i think, those could land in `bugprone-`, and be aliases to hicpp and the cppcoreguidelines if appropriate. depending on my time (i should have a lot of free time for 2 months) i will try to implement some. is there a resource with all common problems found with integers? JonasToth: i think, those could land in `bugprone-`, and be aliases to hicpp and the cppcoreguidelines if…
				JonasTothAuthorUnsubmitted Done Reply Inline Actions The response from Christof: Hi Jonas, using bitwise operators with unsigned operands is compliant with this rule, even if the operand is promoted to signed int. expr.unary.op in the C++ standard says "The operand of ~ shall have integral or unscoped enumeration type; [...] Integral promotions are performed. The type of the result is the type of the promoted operand." The HICPP rule refers to the type of the operand (and not the type of the promoted operand), it therefore refers to the type before promotion (which is "unsigned char" in the example). Regards, Christof Your requested case is therefore conforming and i think the current implementation handles these things correct. JonasToth: The response from Christof: > Hi Jonas, > > using bitwise operators with unsigned operands…
				aaron.ballmanUnsubmitted Done Reply Inline Actions Your requested case is therefore conforming and i think the current implementation handles these things correct. Agreed; thank you for following up on this! aaron.ballman: > Your requested case is therefore conforming and i think the current implementation handles…
				// Match binary bitwise operations on signed integer arguments.
				Finder->addMatcher(
				binaryOperator(allOf(anyOf(hasOperatorName("\|"), hasOperatorName("&"),
				hasOperatorName("^"), hasOperatorName("<<"),
				hasOperatorName(">>")),
				hasEitherOperand(SignedIntegerOperand)))
				.bind("binary_signed"),
				this);

				// Match unary operations on signed integer types.
				Finder->addMatcher(unaryOperator(allOf(hasOperatorName("~"),
				hasUnaryOperand(SignedIntegerOperand)))
				.bind("unary_signed"),
				this);
				}

				void SignedBitwiseCheck::check(const MatchFinder::MatchResult &Result) {
				const ast_matchers::BoundNodes &N = Result.Nodes;
				const auto *SignedBinary = N.getNodeAs<BinaryOperator>("binary_signed");
				aaron.ballmanUnsubmitted Done Reply Inline Actions Any particular reason this local variable is needed? If so, it should not be declared with `auto`. aaron.ballman: Any particular reason this local variable is needed? If so, it should not be declared with…
				JonasTothAuthorUnsubmitted Done Reply Inline Actions This shortens the next 3 lines, otherwise there will be linebreaks that are bad for readability (IMHO). JonasToth: This shortens the next 3 lines, otherwise there will be linebreaks that are bad for readability…
				const auto *SignedUnary = N.getNodeAs<UnaryOperator>("unary_signed");
				const auto *SignedOperand = N.getNodeAs<Expr>("signed_operand");

				const bool IsUnary = SignedUnary != nullptr;
				diag(IsUnary ? SignedUnary->getLocStart() : SignedBinary->getLocStart(),
				aaron.ballmanUnsubmitted Done Reply Inline Actions You can elide the parens, or use `!!SignedBinary`. aaron.ballman: You can elide the parens, or use `!!SignedBinary`.
				aaron.ballmanUnsubmitted Done Reply Inline Actions Rather than go with the negative logic, why not go with `IsUnary = SignedUnary != nullptr`? aaron.ballman: Rather than go with the negative logic, why not go with `IsUnary = SignedUnary != nullptr`?
				"use of a signed integer operand with a %select{binary\|unary}0 bitwise "
				aaron.ballmanUnsubmitted Done Reply Inline Actions s/and/an However, I think this assert can be removed as it cannot trigger unless the AST matching facilities have broken (which will break a lot of tests). aaron.ballman: s/and/an However, I think this assert can be removed as it cannot trigger unless the AST…
				"operator")
				<< IsUnary << SignedOperand->getSourceRange();
				aaron.ballmanUnsubmitted Done Reply Inline Actions Elide braces here and below. aaron.ballman: Elide braces here and below.
				}
				aaron.ballmanUnsubmitted Done Reply Inline Actions The logic with `IsBinary` seems incorrect to me -- if its value is true, then it selects the "unary" option. aaron.ballman: The logic with `IsBinary` seems incorrect to me -- if its value is true, then it selects the…

				} // namespace hicpp
				} // namespace tidy
				} // namespace clang
				Eugene.ZelenkoUnsubmitted Done Reply Inline Actions Unnecessary empty line. Eugene.Zelenko: Unnecessary empty line.
				aaron.ballmanUnsubmitted Done Reply Inline Actions I don't think a note is appropriate here; I would include the `SourceRange` for the offending operand in the preceding diagnostic. aaron.ballman: I don't think a note is appropriate here; I would include the `SourceRange` for the offending…
				aaron.ballmanUnsubmitted Done Reply Inline Actions I'm not certain there is utility in highlighting the operator, since the operand is what's at fault. aaron.ballman: I'm not certain there is utility in highlighting the operator, since the operand is what's at…

docs/ReleaseNotes.rst

Show First 20 Lines • Show All 114 Lines • ▼ Show 20 Lines	- New `bugprone-integer-division
cause unintended loss of precision.		cause unintended loss of precision.

- New `hicpp-exception-baseclass		- New `hicpp-exception-baseclass
<http://clang.llvm.org/extra/clang-tidy/checks/hicpp-exception-baseclass.html>`_ check		<http://clang.llvm.org/extra/clang-tidy/checks/hicpp-exception-baseclass.html>`_ check

Ensures that all exception will be instances of ``std::exception`` and classes		Ensures that all exception will be instances of ``std::exception`` and classes
that are derived from it.		that are derived from it.

		- New `hicpp-signed-bitwise
		<http://clang.llvm.org/extra/clang-tidy/checks/hicpp-signed-bitwise.html>`_ check

		Finds uses of bitwise operations on signed integer types, which may lead to
		undefined or implementation defined behaviour.

- New `android-cloexec-inotify-init1		- New `android-cloexec-inotify-init1
<http://clang.llvm.org/extra/clang-tidy/checks/android-cloexec-inotify-init1.html>`_ check		<http://clang.llvm.org/extra/clang-tidy/checks/android-cloexec-inotify-init1.html>`_ check

Checks if the required file flag ``IN_CLOEXEC`` is present in the argument of		Checks if the required file flag ``IN_CLOEXEC`` is present in the argument of
``inotify_init1()``.		``inotify_init1()``.

- New `readability-static-accessed-through-instance		- New `readability-static-accessed-through-instance
<http://clang.llvm.org/extra/clang-tidy/checks/readability-static-accessed-through-instance.html>`_ check		<http://clang.llvm.org/extra/clang-tidy/checks/readability-static-accessed-through-instance.html>`_ check
Show All 19 Lines

docs/clang-tidy/checks/hicpp-signed-bitwise.rst

This file was added.

				.. title:: clang-tidy - hicpp-signed-bitwise

				hicpp-signed-bitwise
				====================

				Finds uses of bitwise operations on signed integer types, which may lead to
				undefined or implementation defined behaviour.
				Eugene.ZelenkoUnsubmitted Done Reply Inline Actions Please add short description. Copying it from ReleaseNotes.rst should be fine. Eugene.Zelenko: Please add short description. Copying it from ReleaseNotes.rst should be fine.

				The according rule is defined in the `High Integrity C++ Standard, Section 5.6.1 <http://www.codingstandard.com/section/5-6-shift-operators/>`_.
				Eugene.ZelenkoUnsubmitted Done Reply Inline Actions Please insert empty line above. Eugene.Zelenko: Please insert empty line above.

docs/clang-tidy/checks/list.rst

Show First 20 Lines • Show All 73 Lines • ▼ Show 20 Lines	.. toctree::
hicpp-explicit-conversions (redirects to google-explicit-constructor) <hicpp-explicit-conversions>		hicpp-explicit-conversions (redirects to google-explicit-constructor) <hicpp-explicit-conversions>
hicpp-function-size (redirects to readability-function-size) <hicpp-function-size>		hicpp-function-size (redirects to readability-function-size) <hicpp-function-size>
hicpp-invalid-access-moved (redirects to misc-use-after-move) <hicpp-invalid-access-moved>		hicpp-invalid-access-moved (redirects to misc-use-after-move) <hicpp-invalid-access-moved>
hicpp-member-init (redirects to cppcoreguidelines-pro-type-member-init) <hicpp-member-init>		hicpp-member-init (redirects to cppcoreguidelines-pro-type-member-init) <hicpp-member-init>
hicpp-named-parameter (redirects to readability-named-parameter) <hicpp-named-parameter>		hicpp-named-parameter (redirects to readability-named-parameter) <hicpp-named-parameter>
hicpp-new-delete-operators (redirects to misc-new-delete-overloads) <hicpp-new-delete-operators>		hicpp-new-delete-operators (redirects to misc-new-delete-overloads) <hicpp-new-delete-operators>
hicpp-no-assembler		hicpp-no-assembler
hicpp-noexcept-move (redirects to misc-noexcept-moveconstructor) <hicpp-noexcept-move>		hicpp-noexcept-move (redirects to misc-noexcept-moveconstructor) <hicpp-noexcept-move>
		hicpp-signed-bitwise
hicpp-special-member-functions (redirects to cppcoreguidelines-special-member-functions) <hicpp-special-member-functions>		hicpp-special-member-functions (redirects to cppcoreguidelines-special-member-functions) <hicpp-special-member-functions>
hicpp-undelegated-constructor (redirects to misc-undelegated-constructor) <hicpp-undelegated-constructor>		hicpp-undelegated-constructor (redirects to misc-undelegated-constructor) <hicpp-undelegated-constructor>
hicpp-use-equals-default (redirects to modernize-use-equals-default) <hicpp-use-equals-default>		hicpp-use-equals-default (redirects to modernize-use-equals-default) <hicpp-use-equals-default>
hicpp-use-equals-delete (redirects to modernize-use-equals-delete) <hicpp-use-equals-delete>		hicpp-use-equals-delete (redirects to modernize-use-equals-delete) <hicpp-use-equals-delete>
hicpp-use-override (redirects to modernize-use-override) <hicpp-use-override>		hicpp-use-override (redirects to modernize-use-override) <hicpp-use-override>
llvm-header-guard		llvm-header-guard
llvm-include-order		llvm-include-order
llvm-namespace-comment		llvm-namespace-comment
▲ Show 20 Lines • Show All 106 Lines • Show Last 20 Lines

test/clang-tidy/hicpp-signed-bitwise.cpp

This file was added.

				// RUN: %check_clang_tidy %s hicpp-signed-bitwise %t

				// These could cause false positives and should not be considered.
				struct StreamClass {
				};
				StreamClass &operator<<(StreamClass &os, unsigned int i) {
				return os;
				}
				StreamClass &operator<<(StreamClass &os, int i) {
				return os;
				}
				StreamClass &operator>>(StreamClass &os, unsigned int i) {
				return os;
				}
				StreamClass &operator>>(StreamClass &os, int i) {
				return os;
				}
				struct AnotherStream {
				AnotherStream &operator<<(unsigned char c) { return *this; }
				AnotherStream &operator<<(char c) { return *this; }

				AnotherStream &operator>>(unsigned char c) { return *this; }
				AnotherStream &operator>>(char c) { return *this; }
				};

				void binary_bitwise() {
				int SValue = 42;
				int SResult;

				unsigned int UValue = 42;
				unsigned int UResult;

				SResult = SValue & 1;
				// CHECK-MESSAGES: :[[@LINE-1]]:13: warning: use of a signed integer operand with a binary bitwise operator
				SResult = SValue & -1;
				// CHECK-MESSAGES: :[[@LINE-1]]:13: warning: use of a signed integer operand with a binary bitwise operator
				SResult = SValue & SValue;
				// CHECK-MESSAGES: :[[@LINE-1]]:13: warning: use of a signed integer operand with a binary bitwise operator

				UResult = SValue & 1;
				// CHECK-MESSAGES: :[[@LINE-1]]:13: warning: use of a signed integer operand with a binary bitwise operator
				UResult = SValue & -1;
				// CHECK-MESSAGES: :[[@LINE-1]]:13: warning: use of a signed integer operand with a binary bitwise operator

				UResult = UValue & 1u; // Ok
				UResult = UValue & UValue; // Ok

				unsigned char UByte1 = 0u;
				unsigned char UByte2 = 16u;
				char SByte1 = 0;
				char SByte2 = 16;

				UByte1 = UByte1 & UByte2; // Ok
				UByte1 = SByte1 & UByte2;
				// CHECK-MESSAGES: :[[@LINE-1]]:12: warning: use of a signed integer operand with a binary bitwise operator
				UByte1 = SByte1 & SByte2;
				// CHECK-MESSAGES: :[[@LINE-1]]:12: warning: use of a signed integer operand with a binary bitwise operator
				SByte1 = SByte1 & SByte2;
				// CHECK-MESSAGES: :[[@LINE-1]]:12: warning: use of a signed integer operand with a binary bitwise operator

				// More complex expressions.
				UResult = UValue & (SByte1 + (SByte1 \| SByte2));
				// CHECK-MESSAGES: :[[@LINE-1]]:13: warning: use of a signed integer operand with a binary bitwise operator
				// CHECK-MESSAGES: :[[@LINE-2]]:33: warning: use of a signed integer operand with a binary bitwise operator

				// The rest is to demonstrate functionality but all operators are matched equally.
				// Therefore functionality is the same for all binary operations.
				UByte1 = UByte1 \| UByte2; // Ok
				UByte1 = UByte1 \| SByte2;
				// CHECK-MESSAGES: :[[@LINE-1]]:12: warning: use of a signed integer operand with a binary bitwise operator

				UByte1 = UByte1 ^ UByte2; // Ok
				UByte1 = UByte1 ^ SByte2;
				// CHECK-MESSAGES: :[[@LINE-1]]:12: warning: use of a signed integer operand with a binary bitwise operator

				UByte1 = UByte1 >> UByte2; // Ok
				UByte1 = UByte1 >> SByte2;
				// CHECK-MESSAGES: :[[@LINE-1]]:12: warning: use of a signed integer operand with a binary bitwise operator

				UByte1 = UByte1 << UByte2; // Ok
				UByte1 = UByte1 << SByte2;
				// CHECK-MESSAGES: :[[@LINE-1]]:12: warning: use of a signed integer operand with a binary bitwise operator

				int SignedInt1 = 1 << 12;
				// CHECK-MESSAGES: :[[@LINE-1]]:20: warning: use of a signed integer operand with a binary bitwise operator
				int SignedInt2 = 1u << 12;
				// CHECK-MESSAGES: :[[@LINE-1]]:20: warning: use of a signed integer operand with a binary bitwise operator
				}

				void f1(unsigned char c) {}
				void f2(char c) {}
				void f3(int c) {}

				void unary_bitwise() {
				unsigned char UByte1 = 0u;
				char SByte1 = 0;

				UByte1 = ~UByte1; // Ok
				SByte1 = ~UByte1;
				SByte1 = ~SByte1;
				// CHECK-MESSAGES: :[[@LINE-1]]:12: warning: use of a signed integer operand with a unary bitwise operator
				UByte1 = ~SByte1;
				// CHECK-MESSAGES: :[[@LINE-1]]:12: warning: use of a signed integer operand with a unary bitwise operator

				unsigned int UInt = 0u;
				int SInt = 0;

				f1(~UByte1); // Ok
				f1(~SByte1);
				// CHECK-MESSAGES: :[[@LINE-1]]:6: warning: use of a signed integer operand with a unary bitwise operator
				f1(~UInt);
				f1(~SInt);
				// CHECK-MESSAGES: :[[@LINE-1]]:6: warning: use of a signed integer operand with a unary bitwise operator
				f2(~UByte1);
				f2(~SByte1);
				// CHECK-MESSAGES: :[[@LINE-1]]:6: warning: use of a signed integer operand with a unary bitwise operator
				f2(~UInt);
				f2(~SInt);
				// CHECK-MESSAGES: :[[@LINE-1]]:6: warning: use of a signed integer operand with a unary bitwise operator
				f3(~UByte1); // Ok
				f3(~SByte1);
				// CHECK-MESSAGES: :[[@LINE-1]]:6: warning: use of a signed integer operand with a unary bitwise operator
				}

				/// HICPP uses these examples to demonstrate the rule.
				void standard_examples() {
				int i = 3;
				unsigned int k = 0u;

				int r = i << -1; // Emits -Wshift-count-negative from clang
				// CHECK-MESSAGES: :[[@LINE-1]]:11: warning: use of a signed integer operand with a binary bitwise operator
				r = i << 1;
				// CHECK-MESSAGES: :[[@LINE-1]]:7: warning: use of a signed integer operand with a binary bitwise operator

				r = -1 >> -1; // Emits -Wshift-count-negative from clang
				// CHECK-MESSAGES: :[[@LINE-1]]:7: warning: use of a signed integer operand with a binary bitwise operator
				r = -1 >> 1;
				// CHECK-MESSAGES: :[[@LINE-1]]:7: warning: use of a signed integer operand with a binary bitwise operator

				r = -1 >> i;
				// CHECK-MESSAGES: :[[@LINE-1]]:7: warning: use of a signed integer operand with a binary bitwise operator
				r = -1 >> -i;
				// CHECK-MESSAGES: :[[@LINE-1]]:7: warning: use of a signed integer operand with a binary bitwise operator

				r = ~0;
				// CHECK-MESSAGES: :[[@LINE-1]]:7: warning: use of a signed integer operand with a unary bitwise operator
				r = ~0u; // Ok
				k = ~k; // Ok

				unsigned int u = (-1) & 2u;
				// CHECK-MESSAGES: :[[@LINE-1]]:20: warning: use of a signed integer operand with a binary bitwise operator
				u = (-1) \| 1u;
				// CHECK-MESSAGES: :[[@LINE-1]]:7: warning: use of a signed integer operand with a binary bitwise operator
				u = (-1) ^ 1u;
				// CHECK-MESSAGES: :[[@LINE-1]]:7: warning: use of a signed integer operand with a binary bitwise operator
				}

				void streams_should_work() {
				StreamClass s;
				s << 1u; // Ok
				s << 1; // Ok
				s >> 1; // Ok
				s >> 1u; // Ok

				AnotherStream as;
				unsigned char uc = 1u;
				char sc = 1;
				as << uc; // Ok
				as << sc; // Ok
				as >> uc; // Ok
				as >> sc; // Ok
				}

				enum OldEnum {
				ValueOne,
				ValueTwo,
				};

				enum OldSigned : int {
				IntOne,
				IntTwo,
				};

				void classicEnums() {
				OldEnum e1 = ValueOne, e2 = ValueTwo;
				int e3; // Using the enum type, results in an error.
				e3 = ValueOne \| ValueTwo; // Ok
				e3 = ValueOne & ValueTwo; // Ok
				e3 = ValueOne ^ ValueTwo; // Ok
				e3 = e1 \| e2; // Ok
				e3 = e1 & e2; // Ok
				e3 = e1 ^ e2; // Ok

				OldSigned s1 = IntOne, s2 = IntTwo;
				int s3;
				s3 = IntOne \| IntTwo; // Signed
				// CHECK-MESSAGES: [[@LINE-1]]:8: warning: use of a signed integer operand with a binary bitwise operator
				s3 = IntOne & IntTwo; // Signed
				// CHECK-MESSAGES: [[@LINE-1]]:8: warning: use of a signed integer operand with a binary bitwise operator
				s3 = IntOne ^ IntTwo; // Signed
				// CHECK-MESSAGES: [[@LINE-1]]:8: warning: use of a signed integer operand with a binary bitwise operator
				s3 = s1 \| s2; // Signed
				// CHECK-MESSAGES: [[@LINE-1]]:8: warning: use of a signed integer operand with a binary bitwise operator
				s3 = s1 & s2; // Signed
				// CHECK-MESSAGES: [[@LINE-1]]:8: warning: use of a signed integer operand with a binary bitwise operator
				s3 = s1 ^ s2; // Signed
				aaron.ballmanUnsubmitted Done Reply Inline Actions I don't think it helps to have this code remain in the test case. Can you add tests for the following? int i1 = 1 << 12; int i2 = 1u << 12; enum E { one = 1, two = 2, test1 = 1 << 12, test2 = one << two, test3 = 1u << 12 }; aaron.ballman: I don't think it helps to have this code remain in the test case. Can you add tests for the…
				JonasTothAuthorUnsubmitted Done Reply Inline Actions the first two cases `int i1 ...` are in the first function of this file( `binary_bitwise`). JonasToth: the first two cases `int i1 ...` are in the first function of this file( `binary_bitwise`).
				// CHECK-MESSAGES: [[@LINE-1]]:8: warning: use of a signed integer operand with a binary bitwise operator
				}

				enum EnumConstruction {
				one = 1,
				two = 2,
				test1 = 1 << 12,
				// CHECK-MESSAGES: [[@LINE-1]]:11: warning: use of a signed integer operand with a binary bitwise operator
				test2 = one << two,
				// CHECK-MESSAGES: [[@LINE-1]]:11: warning: use of a signed integer operand with a binary bitwise operator
				test3 = 1u << 12,
				// CHECK-MESSAGES: [[@LINE-1]]:11: warning: use of a signed integer operand with a binary bitwise operator
				};

This is an archive of the discontinued LLVM Phabricator instance.

[clang-tidy] hicpp bitwise operations on signed integersClosedPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 113246

clang-tidy/hicpp/CMakeLists.txt

clang-tidy/hicpp/HICPPTidyModule.cpp

clang-tidy/hicpp/SignedBitwiseCheck.h

clang-tidy/hicpp/SignedBitwiseCheck.cpp

docs/ReleaseNotes.rst

docs/clang-tidy/checks/hicpp-signed-bitwise.rst

docs/clang-tidy/checks/list.rst

test/clang-tidy/hicpp-signed-bitwise.cpp

[clang-tidy] hicpp bitwise operations on signed integers
ClosedPublic