This is an archive of the discontinued LLVM Phabricator instance.

Differential D40937

[clang-tidy] Infinite loop checker
Needs RevisionPublic

Authored by szepet on Dec 6 2017, 5:49 PM.

Details

Reviewers
alexfh
aaron.ballman
xazax.hun
hokein
dcoughlin
Summary

The check aims to find loops where none of the condition variables are updated in the body.
In this version it only works on integer types but the final aim is to make it work for objects as well. (via checking non-const method calls, etc)

Note: this kind of check is supported by clang warning as well (-Wfor-loop-analysis), however, it only works on for-loops and not investigate escape statements (modification via alias generates false positives e.g. escape_before1() test case).

Any suggestions on the check are welcome!

Diff Detail

Event Timeline

szepet created this revision.Dec 6 2017, 5:49 PM
Herald added subscribers: rnkovacs, baloghadamsoftware, whisperity, mgorny. · View Herald TranscriptDec 6 2017, 5:49 PM
Eugene.Zelenko added a subscriber: Eugene.Zelenko.Dec 6 2017, 6:24 PM

Does it really belong to Clang-tidy or Clang Analyzer is better place because of path-ensitivity?

Please rebase from trunk.

General note: CLang-tidy use check in terminology, not checker.

docs/ReleaseNotes.rst
63

Just Finds instead of The checker aims to find. Please also align on 80 symbols per line. Same in documentation.

Eugene.Zelenko added a reviewer: hokein.Dec 6 2017, 6:32 PM
Eugene.Zelenko set the repository for this revision to rL LLVM.
Eugene.Zelenko added a project: Restricted Project.
Eugene.Zelenko added a subscriber: zaks.anna.
szepet edited the summary of this revision. (Show Details)Dec 6 2017, 6:40 PM
szepet updated this revision to Diff 125870.Dec 6 2017, 6:50 PM
szepet marked an inline comment as done.

Updated the wording in the docs.

szepet added a comment.Dec 6 2017, 7:06 PM

Hi Eugen!
Good question, probably should have detailed it in the description.
This matcher based solution would not gain much benefit from the symbolic execution provided information. (I mean, it would mean a much different type of check on the states.)
The main problems that the analyzer does not completely unroll the loops only the first steps and we always have information about the simulated path. However, detecting that some variables will surely not be modified requires a top level overview on the loop and the AST provides these informations. The one thing (that I can say right now) that can come handy is that we would able to detect more precisely the happened-before relation on the escape and the loop statements. Since the CFG can provide us fair enough information on this one, I do not think that this is enough reason to put this checker to the analyzer.

Other note: If somebody would came up with an approach which can benefit from the symbolic execution, these solutions could still live happily in the different tools eg. UseAfterMove (tidy) and MisusedMovedObjectChecker (analyzer).

Eugene.Zelenko added a comment.Dec 6 2017, 9:27 PM
In D40937#947658, @szepet wrote:

Other note: If somebody would came up with an approach which can benefit from the symbolic execution, these solutions could still live happily in the different tools eg. UseAfterMove (tidy) and MisusedMovedObjectChecker (analyzer).

I'm more concerned with path sensitivity and reporting. From my point of view UseAfterMove also belongs to Analyzer realm.

Actually bugprone module may be better choice then misc.

docs/ReleaseNotes.rst
63

Please remove The check. See other checks release notes and documentation as style examples.

Please rebase from trunk, since I sorted Clang-tidy notes recently, so just prefer to avoid this task in future :-)

Eugene.Zelenko added inline comments.Dec 6 2017, 9:32 PM
clang-tidy/misc/InfiniteLoopCheck.cpp
94 ↗(On Diff #125870)

Missing static?

102 ↗(On Diff #125870)

May be return {}?

125 ↗(On Diff #125870)

const auto?

130 ↗(On Diff #125870)

const auto?

142 ↗(On Diff #125870)

const auto?

168 ↗(On Diff #125870)

const auto?

176 ↗(On Diff #125870)

const auto?

JVApen added a subscriber: JVApen.Dec 6 2017, 11:19 PM

How does this check deal with atomic members?

struct A {
std:: atomic<bool> a;

void f() const { while (a); }
};

JonasToth added a subscriber: JonasToth.Dec 6 2017, 11:30 PM
martong added a subscriber: martong.Dec 7 2017, 5:23 AM
martong added inline comments.
clang-tidy/misc/InfiniteLoopCheck.cpp
105 ↗(On Diff #125870)

make_unique is a forwarding function, therefore there is no need to create an object and then move it. Instead you can simply forward the arguments to the constructor:
return llvm::make_unique<ExprSequence>(TheCFG.get(), &ASTCtx)

szepet updated this revision to Diff 125965.Dec 7 2017, 8:00 AM
szepet marked 9 inline comments as done.

Updates based on comments.

Eugene.Zelenko added inline comments.Dec 7 2017, 8:01 AM
docs/clang-tidy/checks/misc-infinite-loop.rst
6 ↗(On Diff #125965)

Please synchronize with release notes.

szepet added a comment.Dec 7 2017, 8:02 AM
In D40937#947760, @JVApen wrote:

How does this check deal with atomic members?
...

This patch only works on integer types. So, since the atomic is a non-supported type the check will skip that while loop.

xazax.hun edited edge metadata.Dec 7 2017, 8:08 AM

This does not support memberExprs as condition variables right now.

What happens if you have something like this:

struct X {
void f(int a) {
  while(a < i) {
    --i;
  } 
}
int i;
};

I think you could extend the test cases with some classes.

clang-tidy/misc/InfiniteLoopCheck.cpp
28 ↗(On Diff #125870)

Do you need this to be a lambda? Can't you just use a local variable?

31 ↗(On Diff #125870)

Maybe this is not too important, but you might also want to check for blocks here.

48 ↗(On Diff #125870)

This can be greatly simplified once https://reviews.llvm.org/D38921 is accepted. Maybe you could use that as a dependent revision? It should be close to be accepted.

xazax.hun added inline comments.Dec 7 2017, 8:14 AM
clang-tidy/misc/InfiniteLoopCheck.cpp
121 ↗(On Diff #125965)

This could be pointer to const, right?

aaron.ballman added a reviewer: dcoughlin.Dec 7 2017, 2:15 PM
aaron.ballman edited edge metadata.
aaron.ballman added a subscriber: dcoughlin.

I share the concerns that @Eugene.Zelenko brought up regarding this not being in the analyzer. This is a path sensitive problem that I'm not certain clang-tidy is the best home for. You cover many of the simple cases, but fail to cover cases like nested loops, unsigned integer wrapping, non-integral types, function calls, globals, etc. I'm not certain this check will generalize over time as part of clang-tidy in the way it would in the analyzer. I'd be curious to hear what @alexfh and @dcoughlin think, though.

xazax.hun added a comment.Dec 16 2017, 10:52 AM

I think, while the analyzer is more suitable for certain kinds of checks that require deep analysis, it is still useful to have quicker syntactic checks that can easily identify problems that are the results of typos or incorrectly modified copy and pasted code. I think this check is in that category. Also, the original warning Peter mentioned does something similar but has some shortcomings.

The current implementation is not path sensitive. It uses flow sensitivity to check for escaping values.
If we would try to port this check to the static analyzer, the questions we would ask from the analyzer are universally quantified (e.g. for all path this variable does not escape and does not change). Unfortunately, it is not that easy with the current analyzer to answer such questions. The static analyzer is better with existential questions (e.g. there is a path such that the condition variables are not escaped and are unchanged in the loop). Using the latter formulation we might have a larger number of false positives because the analyzer sometimes hit infeasible paths. In the first approach, the infeasible paths are less of a problem (they might cause false negatives but not false positives), but we need to be careful with all the peculiarities of the analyzer because it does not guarantee to discover all possible paths.

Hopefully, Devin will correct me if I'm wrong :)

alexfh requested changes to this revision.Mar 14 2018, 8:36 AM

Please move this check to "bugprone-", since it seems to be an appropriate category for this check.

This revision now requires changes to proceed.Mar 14 2018, 8:36 AM
szepet updated this revision to Diff 141132.EditedApr 5 2018, 5:24 AM
szepet marked 3 inline comments as done.

Moved to bugprone category,
skipping memberExpr cases for now in order to avoid false positives,
other small changes based on review comments.

clang-tidy/misc/InfiniteLoopCheck.cpp
121 ↗(On Diff #125965)

Since the createSequence uses it as a parameter for buildCFG which expects a Stmt*, I believe this is fine. (Or I could const cast is away on the call)

alexfh requested changes to this revision.Apr 5 2018, 6:17 AM
alexfh added inline comments.
clang-tidy/bugprone/InfiniteLoopCheck.cpp
24–26

This doesn't have to be a function. It can be a local variable or can be inlined into the callsite.

33

http://llvm.org/docs/CodingStandards.html#name-types-functions-variables-and-enumerators-properly

Variable names should be nouns (as they represent state). The name should be camel case, and start with an upper case letter (e.g. Leader or Boats).

106

Why not just llvm::make_unique<ExprSequence>(TheCFG.get(), &ASTCtx)?

It also may be that you somehow lost a bunch of fixes, since this comment has already been addressed at some point: https://reviews.llvm.org/D40937?id=125870#inline-357357

187

Clang diagnostics (and clang-tidy warnings) are not complete sentences and shouldn't start with a capital letter.

This revision now requires changes to proceed.Apr 5 2018, 6:17 AM
szepet updated this revision to Diff 141322.Apr 6 2018, 5:32 AM
szepet marked 4 inline comments as done.

Addressed comments and readded the lost fixes.

alexfh requested changes to this revision.Apr 9 2018, 10:00 AM
alexfh added inline comments.
clang-tidy/bugprone/InfiniteLoopCheck.cpp
95–100

A little suggestion:

if (std::unique_ptr<CFG> TheCFG = ...)
  return llvm::make_unique<ExprSequence>(TheCFG.get(), &ASTCtx);
return {};
129

The main concern I have now is that the check may end up creating the CFG multiple times for the same function, which may be rather expensive in certain cases (consider a large function consisting of loops that trigger the matcher). It's hard to predict how common is this situation in real code. Do you see how this could be restructured to avoid unnecessary work?

180

I suggest a more straightforward version:

​ std::string CondVarNames;

for (const auto &CVM : CondVarMatches) {
  if (!CondVarNames.empty())
    CondVarNames.append(", ");
  CondVarNames.append(CVM.getNodeAs<VarDecl>("condvar")->getNameAsString());

​ }

This revision now requires changes to proceed.Apr 9 2018, 10:00 AM
szepet updated this revision to Diff 143949.Apr 25 2018, 9:34 AM
szepet marked 2 inline comments as done.

Changes made based on comments.
The CFG recreating problem is handled the following (only for this check):
Always store the last visited function and its CFG* (in form of the Sequence*) and check if we are visiting it again. If so, then the check reuses the previous one, if not, then replaces them. As far as I know the AST traverse done by the tidy fits this model (at least for this check, since it not uses narrowing matchers to other functions).
Sure, it would be better to find a general solution to this problem, and make the CFG reusable by every check which needs it, but I would left it for a follow-up (and a change like this probably would worth an own patch/review anyway).

alexfh requested changes to this revision.May 3 2018, 9:06 AM
alexfh added inline comments.
clang-tidy/bugprone/InfiniteLoopCheck.h
38

Why bool? The return value is not used anywhere.

docs/ReleaseNotes.rst
68

There should be a trailing period in each of these New ... check items. I've updated the script in r331460 and the existing release notes in r331461. Please rebase.

This revision now requires changes to proceed.May 3 2018, 9:06 AM
szepet updated this revision to Diff 145160.May 4 2018, 1:12 AM
szepet marked 2 inline comments as done.

Changes based on comments.

alexfh requested changes to this revision.May 4 2018, 10:04 AM

Could you run the check on llvm sources and post a summary of results here?

A few more inline comments.

clang-tidy/bugprone/InfiniteLoopCheck.cpp
102

What does nullptr mean here? Please add an argument comment (/*ArgumentName=*/nullptr, ...).

109–112

nit: Let's put these variable definitions into the corresponding if conditions to limit their scope. I'd also move the ifs to the start of the function.

122–123

Instead I'd check that FunctionBody is not nullptr.

148

nit: const auto *

150

Any reason to store the result of the matching instead of returning early? Same below. Please also move the definition of the Match variable to where it's actually needed first time.

175

Please use the specific type instead of auto.

clang-tidy/bugprone/InfiniteLoopCheck.h
37

You seem to have forgotten to update the header.

This revision now requires changes to proceed.May 4 2018, 10:04 AM

Revision Contents

PathSize
clang-tidy/
bugprone/
3 lines
1 line
46 lines
197 lines
docs/
6 lines
clang-tidy/
checks/
30 lines
1 line
test/
clang-tidy/
121 lines

Diff 145160

clang-tidy/bugprone/BugproneTidyModule.cpp

Show All 14 Lines
#include "BoolPointerImplicitConversionCheck.h" #include "BoolPointerImplicitConversionCheck.h"
#include "CopyConstructorInitCheck.h" #include "CopyConstructorInitCheck.h"
#include "DanglingHandleCheck.h" #include "DanglingHandleCheck.h"
#include "FoldInitTypeCheck.h" #include "FoldInitTypeCheck.h"
#include "ForwardDeclarationNamespaceCheck.h" #include "ForwardDeclarationNamespaceCheck.h"
#include "ForwardingReferenceOverloadCheck.h" #include "ForwardingReferenceOverloadCheck.h"
#include "InaccurateEraseCheck.h" #include "InaccurateEraseCheck.h"
#include "IncorrectRoundingsCheck.h" #include "IncorrectRoundingsCheck.h"
#include "InfiniteLoopCheck.h"
#include "IntegerDivisionCheck.h" #include "IntegerDivisionCheck.h"
#include "LambdaFunctionNameCheck.h" #include "LambdaFunctionNameCheck.h"
#include "MacroParenthesesCheck.h" #include "MacroParenthesesCheck.h"
#include "MacroRepeatedSideEffectsCheck.h" #include "MacroRepeatedSideEffectsCheck.h"
#include "MisplacedOperatorInStrlenInAllocCheck.h" #include "MisplacedOperatorInStrlenInAllocCheck.h"
#include "MisplacedWideningCastCheck.h" #include "MisplacedWideningCastCheck.h"
#include "MoveForwardingReferenceCheck.h" #include "MoveForwardingReferenceCheck.h"
#include "MultipleStatementMacroCheck.h" #include "MultipleStatementMacroCheck.h"
Show All 39 Lines void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override {
CheckFactories.registerCheck<ForwardDeclarationNamespaceCheck>( CheckFactories.registerCheck<ForwardDeclarationNamespaceCheck>(
"bugprone-forward-declaration-namespace"); "bugprone-forward-declaration-namespace");
CheckFactories.registerCheck<ForwardingReferenceOverloadCheck>( CheckFactories.registerCheck<ForwardingReferenceOverloadCheck>(
"bugprone-forwarding-reference-overload"); "bugprone-forwarding-reference-overload");
CheckFactories.registerCheck<InaccurateEraseCheck>( CheckFactories.registerCheck<InaccurateEraseCheck>(
"bugprone-inaccurate-erase"); "bugprone-inaccurate-erase");
CheckFactories.registerCheck<IncorrectRoundingsCheck>( CheckFactories.registerCheck<IncorrectRoundingsCheck>(
"bugprone-incorrect-roundings"); "bugprone-incorrect-roundings");
CheckFactories.registerCheck<InfiniteLoopCheck>(
"bugprone-infinite-loop");
CheckFactories.registerCheck<IntegerDivisionCheck>( CheckFactories.registerCheck<IntegerDivisionCheck>(
"bugprone-integer-division"); "bugprone-integer-division");
CheckFactories.registerCheck<LambdaFunctionNameCheck>( CheckFactories.registerCheck<LambdaFunctionNameCheck>(
"bugprone-lambda-function-name"); "bugprone-lambda-function-name");
CheckFactories.registerCheck<MacroParenthesesCheck>( CheckFactories.registerCheck<MacroParenthesesCheck>(
"bugprone-macro-parentheses"); "bugprone-macro-parentheses");
CheckFactories.registerCheck<MacroRepeatedSideEffectsCheck>( CheckFactories.registerCheck<MacroRepeatedSideEffectsCheck>(
"bugprone-macro-repeated-side-effects"); "bugprone-macro-repeated-side-effects");
▲ Show 20 LinesShow All 61 LinesShow Last 20 Lines

clang-tidy/bugprone/CMakeLists.txt

set(LLVM_LINK_COMPONENTS support) set(LLVM_LINK_COMPONENTS support)
add_clang_library(clangTidyBugproneModule add_clang_library(clangTidyBugproneModule
ArgumentCommentCheck.cpp ArgumentCommentCheck.cpp
AssertSideEffectCheck.cpp AssertSideEffectCheck.cpp
BoolPointerImplicitConversionCheck.cpp BoolPointerImplicitConversionCheck.cpp
BugproneTidyModule.cpp BugproneTidyModule.cpp
CopyConstructorInitCheck.cpp CopyConstructorInitCheck.cpp
DanglingHandleCheck.cpp DanglingHandleCheck.cpp
FoldInitTypeCheck.cpp FoldInitTypeCheck.cpp
ForwardDeclarationNamespaceCheck.cpp ForwardDeclarationNamespaceCheck.cpp
ForwardingReferenceOverloadCheck.cpp ForwardingReferenceOverloadCheck.cpp
InaccurateEraseCheck.cpp InaccurateEraseCheck.cpp
IncorrectRoundingsCheck.cpp IncorrectRoundingsCheck.cpp
InfiniteLoopCheck.cpp
IntegerDivisionCheck.cpp IntegerDivisionCheck.cpp
LambdaFunctionNameCheck.cpp LambdaFunctionNameCheck.cpp
MacroParenthesesCheck.cpp MacroParenthesesCheck.cpp
MacroRepeatedSideEffectsCheck.cpp MacroRepeatedSideEffectsCheck.cpp
MisplacedOperatorInStrlenInAllocCheck.cpp MisplacedOperatorInStrlenInAllocCheck.cpp
MisplacedWideningCastCheck.cpp MisplacedWideningCastCheck.cpp
MoveForwardingReferenceCheck.cpp MoveForwardingReferenceCheck.cpp
MultipleStatementMacroCheck.cpp MultipleStatementMacroCheck.cpp
Show All 30 Lines

clang-tidy/bugprone/InfiniteLoopCheck.h

  • This file was added.
//===--- InfiniteLoopCheck.h - clang-tidy------------------------*- C++ -*-===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_BUGPRONE_INFINITELOOPCHECK_H
#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_BUGPRONE_INFINITELOOPCHECK_H
#include "../ClangTidy.h"
#include "../utils/ExprSequence.h"
using namespace clang::tidy::utils;
namespace clang {
namespace tidy {
namespace bugprone {
/// The check aims to find loops where none of the condition variables are
/// updated in the body. This performs a very conservative check in order to
/// avoid false positives and work only on integer types at the moment.
///
/// For the user-facing documentation see:
/// http://clang.llvm.org/extra/clang-tidy/checks/bugprone-infinite-loop.html
class InfiniteLoopCheck : public ClangTidyCheck {
public:
InfiniteLoopCheck(StringRef Name, ClangTidyContext *Context)
: ClangTidyCheck(Name, Context), PrevFunctionBody(nullptr),
Sequence(nullptr) {}
void registerMatchers(ast_matchers::MatchFinder *Finder) override;
void check(const ast_matchers::MatchFinder::MatchResult &Result) override;
private:
bool updateSequence(Stmt *FunctionBody, ASTContext &ASTCtx);
alexfhUnsubmitted
Not Done
ReplyInline Actions

You seem to have forgotten to update the header.

alexfh: You seem to have forgotten to update the header.
const Stmt *PrevFunctionBody;
alexfhUnsubmitted
Done
ReplyInline Actions

Why bool? The return value is not used anywhere.

alexfh: Why bool? The return value is not used anywhere.
std::unique_ptr<ExprSequence> Sequence;
};
} // namespace bugprone
} // namespace tidy
} // namespace clang
#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_BUGPRONE_INFINITELOOPCHECK_H

clang-tidy/bugprone/InfiniteLoopCheck.cpp

  • This file was added.
//===--- InfiniteLoopCheck.cpp - clang-tidy -------------------------------===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
#include "InfiniteLoopCheck.h"
#include "../utils/ExprSequence.h"
#include "clang/ASTMatchers/ASTMatchFinder.h"
#include "clang/ASTMatchers/ASTMatchers.h"
#include "clang/Analysis/CFG.h"
using namespace clang::ast_matchers;
using namespace clang::tidy::utils;
namespace clang {
namespace tidy {
namespace bugprone {
static internal::Matcher<Expr> exprAccessToVar(const VarDecl *VD) {
return ignoringParenImpCasts(declRefExpr(hasDeclaration(equalsNode(VD))));
}
alexfhUnsubmitted
Done
ReplyInline Actions

This doesn't have to be a function. It can be a local variable or can be inlined into the callsite.

alexfh: This doesn't have to be a function. It can be a local variable or can be inlined into the…
void InfiniteLoopCheck::registerMatchers(MatchFinder *Finder) {
const auto LoopEndingStmt =
stmt(anyOf(breakStmt(), returnStmt(), gotoStmt(), cxxThrowExpr()));
const auto LoopCondition =
allOf(hasCondition(expr().bind("condition")),
anyOf(hasAncestor(lambdaExpr().bind("containing-lambda")),
alexfhUnsubmitted
Done
ReplyInline Actions

http://llvm.org/docs/CodingStandards.html#name-types-functions-variables-and-enumerators-properly

Variable names should be nouns (as they represent state). The name should be camel case, and start with an upper case letter (e.g. Leader or Boats).

alexfh: http://llvm.org/docs/CodingStandards.html#name-types-functions-variables-and-enumerators…
hasAncestor(functionDecl().bind("containing-func"))),
unless(hasBody(hasDescendant(LoopEndingStmt))));
Finder->addMatcher(stmt(anyOf(whileStmt(LoopCondition), doStmt(LoopCondition),
forStmt(LoopCondition)))
.bind("loop-stmt"),
this);
}
static internal::Matcher<Stmt>
changeByOperator(internal::Matcher<Expr> ExprNodeMatcher) {
return anyOf(
unaryOperator(anyOf(hasOperatorName("--"), hasOperatorName("++")),
hasUnaryOperand(ignoringParenImpCasts(ExprNodeMatcher))),
binaryOperator(isAssignmentOperator(), hasLHS(ExprNodeMatcher)));
}
static internal::Matcher<Stmt>
callByRef(internal::Matcher<Expr> ExprNodeMatcher) {
return callExpr(forEachArgumentWithParam(
ExprNodeMatcher,
parmVarDecl(hasType(references(qualType(unless(isConstQualified())))))));
}
static internal::Matcher<Stmt>
assignedToRef(internal::Matcher<Expr> ExprNodeMatcher) {
return declStmt(hasDescendant(
varDecl(allOf(hasType(referenceType()),
hasInitializer(anyOf(initListExpr(has(ExprNodeMatcher)),
ExprNodeMatcher))))));
}
static internal::Matcher<Stmt>
getAddrTo(internal::Matcher<Expr> ExprNodeMatcher) {
return unaryOperator(hasOperatorName("&"), hasUnaryOperand(ExprNodeMatcher));
}
static internal::Matcher<Stmt> escapeStmt(const VarDecl *VD) {
// Escaping is covered as address-of operators, pass-by-ref function calls and
// reference initialization on the variable body.
return stmt(anyOf(callByRef(exprAccessToVar(VD)),
getAddrTo(exprAccessToVar(VD)),
assignedToRef(exprAccessToVar(VD))));
}
static internal::Matcher<Stmt>
hasDescendantOrIsItselfStmt(internal::Matcher<Stmt> VarNodeMatcher) {
return anyOf(VarNodeMatcher, hasDescendant(VarNodeMatcher));
}
static internal::Matcher<Stmt> potentiallyModifyVarStmt(const VarDecl *VD) {
return hasDescendantOrIsItselfStmt(
anyOf(changeByOperator(exprAccessToVar(VD)), escapeStmt(VD)));
}
// In order to avoid unnecessary rebuilding of the CFG we check whether the
// currently analyzed function is the same as the previous one. In this case
// we can use the CFG and the created Sequence from that analysis instead of
// constructing them again. We rely on the fact that clang-tidy visits the
// matches of a function in a row.
void InfiniteLoopCheck::updateSequence(Stmt *FunctionBody, ASTContext &ASTCtx) {
if (FunctionBody == PrevFunctionBody)
return;
PrevFunctionBody = FunctionBody;
CFG::BuildOptions Options;
Options.AddImplicitDtors = true;
Options.AddTemporaryDtors = true;
alexfhUnsubmitted
Done
ReplyInline Actions

A little suggestion:

if (std::unique_ptr<CFG> TheCFG = ...)
  return llvm::make_unique<ExprSequence>(TheCFG.get(), &ASTCtx);
return {};
alexfh: A little suggestion: if (std::unique_ptr<CFG> TheCFG = ...) return llvm…
if (std::unique_ptr<CFG> TheCFG =
CFG::buildCFG(nullptr, FunctionBody, &ASTCtx, Options))
alexfhUnsubmitted
Not Done
ReplyInline Actions

What does nullptr mean here? Please add an argument comment (/*ArgumentName=*/nullptr, ...).

alexfh: What does `nullptr` mean here? Please add an argument comment (`/*ArgumentName=*/nullptr, ...`).
Sequence = llvm::make_unique<ExprSequence>(TheCFG.get(), &ASTCtx);
else
Sequence = std::unique_ptr<ExprSequence>();
}
alexfhUnsubmitted
Done
ReplyInline Actions

Why not just llvm::make_unique<ExprSequence>(TheCFG.get(), &ASTCtx)?

It also may be that you somehow lost a bunch of fixes, since this comment has already been addressed at some point: https://reviews.llvm.org/D40937?id=125870#inline-357357

alexfh: Why not just `llvm::make_unique<ExprSequence>(TheCFG.get(), &ASTCtx)`? It also may be that you…
void InfiniteLoopCheck::check(const MatchFinder::MatchResult &Result) {
const auto *ContainingLambda =
Result.Nodes.getNodeAs<LambdaExpr>("containing-lambda");
const auto *ContainingFunc =
Result.Nodes.getNodeAs<FunctionDecl>("containing-func");
alexfhUnsubmitted
Not Done
ReplyInline Actions

nit: Let's put these variable definitions into the corresponding if conditions to limit their scope. I'd also move the ifs to the start of the function.

alexfh: nit: Let's put these variable definitions into the corresponding `if` conditions to limit their…
const auto *Cond = Result.Nodes.getNodeAs<Expr>("condition");
const auto *LoopStmt = Result.Nodes.getNodeAs<Stmt>("loop-stmt");
auto &ASTCtx = *Result.Context;
Stmt *FunctionBody = nullptr;
if (ContainingLambda)
FunctionBody = ContainingLambda->getBody();
else if (ContainingFunc)
FunctionBody = ContainingFunc->getBody();
else
return;
alexfhUnsubmitted
Not Done
ReplyInline Actions

Instead I'd check that FunctionBody is not nullptr.

alexfh: Instead I'd check that FunctionBody is not nullptr.
const auto CondVarMatches =
match(findAll(declRefExpr(to(varDecl().bind("condvar")))), *Cond, ASTCtx);
// Since MemberExprs can be modified by outer functions this case is excluded
// right now.
alexfhUnsubmitted
Not Done
ReplyInline Actions

The main concern I have now is that the check may end up creating the CFG multiple times for the same function, which may be rather expensive in certain cases (consider a large function consisting of loops that trigger the matcher). It's hard to predict how common is this situation in real code. Do you see how this could be restructured to avoid unnecessary work?

alexfh: The main concern I have now is that the check may end up creating the CFG multiple times for…
const auto MemberExprsInCond =
match(hasDescendantOrIsItselfStmt(memberExpr()), *Cond, ASTCtx);
if (!MemberExprsInCond.empty())
return;
updateSequence(FunctionBody, ASTCtx);
for (const auto &E : CondVarMatches) {
auto CondVar = E.getNodeAs<VarDecl>("condvar");
// TODO: handle cases with non-integer condition variables
if (!CondVar->getType().getTypePtr()->isIntegerType())
return;
// In case the loop potentially changes any of the condition variables we
// assume the loop is not infinite.
SmallVector<BoundNodes, 1> Match;
// In case of for loop we check the increment stmt and the body for changes
// (excluding the init stmt).
if (const auto ForLoop = dyn_cast<ForStmt>(LoopStmt)) {
alexfhUnsubmitted
Not Done
ReplyInline Actions

nit: const auto *

alexfh: nit: `const auto *`
if (ForLoop->getInc())
Match = match(potentiallyModifyVarStmt(CondVar), *ForLoop->getInc(),
alexfhUnsubmitted
Not Done
ReplyInline Actions

Any reason to store the result of the matching instead of returning early? Same below. Please also move the definition of the Match variable to where it's actually needed first time.

alexfh: Any reason to store the result of the matching instead of returning early? Same below. Please…
ASTCtx);
if (Match.empty() && ForLoop->getBody())
Match = match(potentiallyModifyVarStmt(CondVar), *ForLoop->getBody(),
ASTCtx);
} else {
// In cases of while and do-while we can match the whole loop.
Match = match(potentiallyModifyVarStmt(CondVar), *LoopStmt, ASTCtx);
}
if (!Match.empty())
return;
// Skip the cases where any of the condition variables come from outside
// of the function in order to avoid false positives.
Match = match(stmt(hasDescendant(varDecl(equalsNode(CondVar)))),
*FunctionBody, ASTCtx);
if (Match.empty())
return;
// When a condition variable is escaped before the loop we skip since we
// have no precise pointer analysis and want to avoid false positives.
Match = match(
stmt(forEachDescendant(stmt(escapeStmt(CondVar)).bind("escStmt"))),
*FunctionBody, ASTCtx);
for (const auto &ES : Match) {
alexfhUnsubmitted
Not Done
ReplyInline Actions

Please use the specific type instead of auto.

alexfh: Please use the specific type instead of `auto`.
if (Sequence->potentiallyAfter(LoopStmt, ES.getNodeAs<Stmt>("escStmt")))
return;
}
}
alexfhUnsubmitted
Done
ReplyInline Actions

I suggest a more straightforward version:

​ std::string CondVarNames;

for (const auto &CVM : CondVarMatches) {
  if (!CondVarNames.empty())
    CondVarNames.append(", ");
  CondVarNames.append(CVM.getNodeAs<VarDecl>("condvar")->getNameAsString());

​ }

alexfh: I suggest a more straightforward version: ​ std::string CondVarNames; for (const auto &CVM…
// Creating the string containing the name of condition variables.
std::string CondVarNames;
for (const auto &CVM : CondVarMatches) {
if (!CondVarNames.empty())
CondVarNames.append(", ");
CondVarNames.append(CVM.getNodeAs<VarDecl>("condvar")->getNameAsString());
}
alexfhUnsubmitted
Done
ReplyInline Actions

Clang diagnostics (and clang-tidy warnings) are not complete sentences and shouldn't start with a capital letter.

alexfh: Clang diagnostics (and clang-tidy warnings) are not complete sentences and shouldn't start with…
diag(LoopStmt->getLocStart(),
"%plural{1:the condition variable|:none of the condition variables}0 "
"(%1) %plural{1:is not|:are}0 updated in the loop body")
<< (unsigned)CondVarMatches.size() << CondVarNames;
}
} // namespace bugprone
} // namespace tidy
} // namespace clang

docs/ReleaseNotes.rst

Show First 20 LinesShow All 54 Lines▼ Show 20 Lines
The improvements are... The improvements are...
Improvements to clang-tidy Improvements to clang-tidy
-------------------------- --------------------------
- New module `abseil` for checks related to the `Abseil <https://abseil.io>`_ - New module `abseil` for checks related to the `Abseil <https://abseil.io>`_
library. library.
- New module ``portability``. - New module ``portability``.
Eugene.ZelenkoUnsubmitted
Done
ReplyInline Actions

Just Finds instead of The checker aims to find. Please also align on 80 symbols per line. Same in documentation.

Eugene.Zelenko: Just //Finds// instead of //The checker aims to find//. Please also align on 80 symbols per…
Eugene.ZelenkoUnsubmitted
Done
ReplyInline Actions

Please remove The check. See other checks release notes and documentation as style examples.

Please rebase from trunk, since I sorted Clang-tidy notes recently, so just prefer to avoid this task in future :-)

Eugene.Zelenko: Please remove //The check//. See other checks release notes and documentation as style examples.
- New module ``zircon`` for checks related to Fuchsia's Zircon kernel. - New module ``zircon`` for checks related to Fuchsia's Zircon kernel.
- New :doc:`android-comparison-in-temp-failure-retry - New :doc:`android-comparison-in-temp-failure-retry
<clang-tidy/checks/android-comparison-in-temp-failure-retry>` check. <clang-tidy/checks/android-comparison-in-temp-failure-retry>` check.
alexfhUnsubmitted
Done
ReplyInline Actions

There should be a trailing period in each of these New ... check items. I've updated the script in r331460 and the existing release notes in r331461. Please rebase.

alexfh: There should be a trailing period in each of these `New ... check` items. I've updated the…
Diagnoses comparisons that appear to be incorrectly placed in the argument to Diagnoses comparisons that appear to be incorrectly placed in the argument to
the ``TEMP_FAILURE_RETRY`` macro. the ``TEMP_FAILURE_RETRY`` macro.
- New :doc:`bugprone-infinite-loop
<clang-tidy/checks/bugprone-infinite-loop>` check.
Warns on loops where none of the condition variables are updated in the
body.
- New :doc:`bugprone-parent-virtual-call - New :doc:`bugprone-parent-virtual-call
<clang-tidy/checks/bugprone-parent-virtual-call>` check. <clang-tidy/checks/bugprone-parent-virtual-call>` check.
Detects and fixes calls to grand-...parent virtual methods instead of calls Detects and fixes calls to grand-...parent virtual methods instead of calls
to overridden parent's virtual methods. to overridden parent's virtual methods.
- New :doc:`bugprone-throw-keyword-missing - New :doc:`bugprone-throw-keyword-missing
<clang-tidy/checks/bugprone-throw-keyword-missing>` check. <clang-tidy/checks/bugprone-throw-keyword-missing>` check.
▲ Show 20 LinesShow All 157 LinesShow Last 20 Lines

docs/clang-tidy/checks/bugprone-infinite-loop.rst

  • This file was added.
.. title:: clang-tidy - bugprone-infinite-loop
bugprone-infinite-loop
======================
Finds loops where none of the condition variables are updated in the body. This
performs a very conservative check in order to avoid false positives and work
only on integer types at the moment.
Examples:
.. code-block:: c++
void simple_infinite_loop() {
int i = 0;
int j = 0;
int Limit = 10;
while (i < Limit) { // Error, since none of the variables are updated.
j++;
}
}
void escape_before() {
int i = 0;
int Limit = 100;
int *p = &i;
while (i < Limit) { // Not an error, since p is alias of i.
*++p;
}
}

docs/clang-tidy/checks/list.rst

Show All 23 Lines.. toctree::
bugprone-bool-pointer-implicit-conversion bugprone-bool-pointer-implicit-conversion
bugprone-copy-constructor-init bugprone-copy-constructor-init
bugprone-dangling-handle bugprone-dangling-handle
bugprone-fold-init-type bugprone-fold-init-type
bugprone-forward-declaration-namespace bugprone-forward-declaration-namespace
bugprone-forwarding-reference-overload bugprone-forwarding-reference-overload
bugprone-inaccurate-erase bugprone-inaccurate-erase
bugprone-incorrect-roundings bugprone-incorrect-roundings
bugprone-infinite-loop
bugprone-integer-division bugprone-integer-division
bugprone-lambda-function-name bugprone-lambda-function-name
bugprone-macro-parentheses bugprone-macro-parentheses
bugprone-macro-repeated-side-effects bugprone-macro-repeated-side-effects
bugprone-misplaced-operator-in-strlen-in-alloc bugprone-misplaced-operator-in-strlen-in-alloc
bugprone-misplaced-widening-cast bugprone-misplaced-widening-cast
bugprone-move-forwarding-reference bugprone-move-forwarding-reference
bugprone-multiple-statement-macro bugprone-multiple-statement-macro
▲ Show 20 LinesShow All 193 LinesShow Last 20 Lines

test/clang-tidy/bugprone-infinite-loop.cpp

  • This file was added.
// RUN: %check_clang_tidy %s bugprone-infinite-loop %t
void simple_infinite_loop1() {
int i = 0;
int j = 0;
while (i < 10) {
// CHECK-MESSAGES: :[[@LINE-1]]:3: warning: the condition variable (i) is not updated in the loop body [bugprone-infinite-loop]
j++;
}
do {
// CHECK-MESSAGES: :[[@LINE-1]]:3: warning: the condition variable (i) is not updated in the loop body
j++;
} while (i < 10);
for (i = 0; i < 10; ++j) {
// CHECK-MESSAGES: :[[@LINE-1]]:3: warning: the condition variable (i) is not updated in the loop body
}
}
void simple_infinite_loop2() {
int i = 0;
int j = 0;
int Limit = 10;
while (i < Limit) {
// CHECK-MESSAGES: :[[@LINE-1]]:3: warning: none of the condition variables (i, Limit) are updated in the loop body [bugprone-infinite-loop]
j++;
}
do {
// CHECK-MESSAGES: :[[@LINE-1]]:3: warning: none of the condition variables (i, Limit) are updated in the loop body
j++;
} while (i < Limit);
for (i = 0; i < Limit; ++j) {
// CHECK-MESSAGES: :[[@LINE-1]]:3: warning: none of the condition variables (i, Limit) are updated in the loop body
}
}
void simple_not_infinite() {
int i = 0;
int Limit = 100;
while (i < Limit) { // Not an error since 'Limit' is updated
Limit--;
}
do {
Limit--;
} while (i < Limit);
for (i = 0; i < Limit; Limit--) {
}
}
void escape_before1() {
int i = 0;
int Limit = 100;
int *p = &i;
while (i < Limit) { // Not an error, since p is alias of i.
*++p;
}
do {
*++p;
} while (i < Limit);
for (i = 0; i < Limit; *++p) {
;
}
}
void escape_before2() {
int i = 0;
int Limit = 100;
int *p = &i;
while (i < Limit) { // We do not warn since the var 'i' is escaped but it is
// an actual error, since the pointer 'p' is increased.
*(p++);
}
}
void escape_after() {
int i = 0;
int j = 0;
int Limit = 10;
while (i < Limit) {
// CHECK-MESSAGES: :[[@LINE-1]]:3: warning: none of the condition variables (i, Limit) are updated in the loop body
}
int *p = &i;
}
int glob;
void glob_var(int &x) {
int i = 0, Limit = 100;
while (x < Limit) { // Not an error since 'x' can be an alias of glob.
glob++;
}
}
void glob_var2() {
int i = 0, Limit = 100;
while (glob < Limit) { // Since 'glob' is declared out of the function we do not warn.
i++;
}
}
struct X {
void memberExpr_test(int i) {
while (i < m) { // False negative: No warning, since skipping the case where
// a memberExpr can be found in the condition.
;
}
}
void memberExpr_test2(int i) {
while (i < m) {
--m;
}
}
int m;
};