This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
clang-tidy/
-
cppcoreguidelines/
1/1
AvoidGotoCheck.h
26/26
AvoidGotoCheck.cpp
-
CMakeLists.txt
-
CppCoreGuidelinesTidyModule.cpp
-
hicpp/
1/1
HICPPTidyModule.cpp
-
docs/
4/4
ReleaseNotes.rst
-
clang-tidy/checks/
-
checks/
3/3
cppcoreguidelines-avoid-goto.rst
-
hicpp-avoid-goto.rst
-
list.rst
-
test/clang-tidy/
-
clang-tidy/
-
cppcoreguidelines-avoid-goto.cpp

Differential D41815

[clang-tidy] implement check for goto
ClosedPublic

Authored by JonasToth on Jan 8 2018, 1:38 AM.

Download Raw Diff

Details

Reviewers

aaron.ballman
alexfh
hokein

Commits

rGf22f3489d766: [clang-tidy] implement check for goto
rL322626: [clang-tidy] implement check for goto
rCTE322626: [clang-tidy] implement check for goto

Summary

The usage of goto is discourage in C++ since forever. This check implements
a warning for every goto. Even though there are (rare) valid use cases for
goto, better high level constructs should be used.

goto is used sometimes in C programs to free resources at the end of
functions in the case of errors. This pattern is better implemented with
RAII in C++.

Diff Detail

Repository: rCTE Clang Tools Extra

Event Timeline

JonasToth created this revision.Jan 8 2018, 1:38 AM

Herald added subscribers: cfe-commits, kbarton, xazax.hun and 3 others. · View Herald TranscriptJan 8 2018, 1:38 AM

fix typos and return type of main in test

[Misc] emphasize goto in warning message

A high level comment: while it is very easy to get all the gotos using grep, it is not so easy to get all the labels. So for this check to be complete, I think it would be useful to also find labels (possibly having a configuration option for that).

[Misc] reformat

In D41815#969626, @xazax.hun wrote:

A high level comment: while it is very easy to get all the gotos using grep, it is not so easy to get all the labels. So for this check to be complete, I think it would be useful to also find labels (possibly having a configuration option for that).

Agreed. I will add warnings for jump labels too. Do you think a note where a goto jumps to would be helpful too?

In D41815#969673, @JonasToth wrote:

In D41815#969626, @xazax.hun wrote:

A high level comment: while it is very easy to get all the gotos using grep, it is not so easy to get all the labels. So for this check to be complete, I think it would be useful to also find labels (possibly having a configuration option for that).

Agreed. I will add warnings for jump labels too. Do you think a note where a goto jumps to would be helpful too?

Rather than add a warning for the labels, I would just add a note for the label when diagnosing the goto (since the goto has a single target).

clang-tidy/cppcoreguidelines/AvoidGotoCheck.cpp
23	Are you planning to add the exception listed in the C++ Core Guideline? It makes an explicit exception allowing you to jump forward out of a loop construct.
23	What should this check do with indirect goto statements (it's a GCC extension we support where you can jump to an expression)? Regardless, there should be a test for indirect gotos and jump forward out of loop constructs.
28–29	I don't think this diagnostic really helps the user all that much. It doesn't say what's harmful about the goto, nor what high level programming construct to use to make it not harmful.
docs/clang-tidy/checks/cppcoreguidelines-avoid-goto.rst
7–8	This doesn't really help the user understand what's bad about goto or why it should be diagnosed. You should expound a bit here.

Rather than add a warning for the labels, I would just add a note for the label when diagnosing the goto (since the goto has a single target).

That might lead to existing labels without any gotos for them, does it? Maybe the check could also diagnose labels without corresponding gotos, or does the frontend already have something like this?

In D41815#969708, @JonasToth wrote:

Rather than add a warning for the labels, I would just add a note for the label when diagnosing the goto (since the goto has a single target).

That might lead to existing labels without any gotos for them, does it? Maybe the check could also diagnose labels without corresponding gotos, or does the frontend already have something like this?

-Wunused-label already covers this scenario.

JonasToth added inline comments.Jan 8 2018, 5:58 AM

clang-tidy/cppcoreguidelines/AvoidGotoCheck.cpp
23	Are you planning to add the exception listed in the C++ Core Guideline? It makes an explicit exception allowing you to jump forward out of a loop construct. I do plan for this. Because I dont have any experience with gotos I wanted to do it in small steps. What should this check do with indirect goto statements (it's a GCC extension we support where you can jump to an expression)? Iam not aware of these :)
28–29	I dont like the diagnostic too. But i dont know how to give a sensefull short message. Here Andrei Alexandrescu introduced some high level rules, maybe i the Rule of Minimum Power could be a starting point? https://github.com/isocpp/CppCoreGuidelines/issues/19 Good example for Rule of Minimum Power: goto is the most powerful looping construct (it can do everything while does, and a lot more such as jumping in the middle of a loop etc.) and the most unrecommended.

aaron.ballman added inline comments.Jan 8 2018, 6:04 AM

clang-tidy/cppcoreguidelines/AvoidGotoCheck.cpp
23	What should this check do with indirect goto statements (it's a GCC extension we support where you can jump to an expression)? Iam not aware of these :) https://gcc.gnu.org/onlinedocs/gcc/Labels-as-Values.html (and a good reference on why these are interesting: https://eli.thegreenplace.net/2012/07/12/computed-goto-for-efficient-dispatch-tables)
28–29	I think part of the issue here is that goto isn't harmful in all circumstances, but this check is going to tell users to remove the goto regardless of whether it's dangerous or not. That kind of broad prohibition suggests the diagnostic wording should be more along the lines of "avoid using 'goto' for flow control" or something along those lines. When you add the exception case(s) to the rule, you could reword to "this use of 'goto' for flow control is prohibited" (or similar).

Eugene.Zelenko added a subscriber: Eugene.Zelenko.Jan 10 2018, 12:20 PM

Eugene.Zelenko added inline comments.

docs/ReleaseNotes.rst
63	I think will be good idea to reformulate this statement and its copy in documentation. diagnosed with this check is tautological for any check.

jbcoe added a subscriber: jbcoe.Jan 11 2018, 12:35 AM

JonasToth added inline comments.Jan 11 2018, 4:24 AM

clang-tidy/cppcoreguidelines/AvoidGotoCheck.cpp
23	I would think that this is a special feature that will only be used if you know what you are doing. So it should be allowed with configuration. I am not sure about the default though. For now it is ignored. HICPP has a rule on gotos as well, which states that only forward jumps are allowed. I think that these different approaches to `goto` should land here sometime as different configurations.

I enhanced the check to do more:

check that jumps will only be forward. AFAIK that is required in all sensefull usecases of goto, is it?
additionally check for gotos in nested loops. These are not diagnosed if the jump is forward implementing the exception in the core guidelines.

With these modifications the check can be used to enforce the rule in the
CoreGuidelines and the goto part of 6.3.1 Ensure that the label(s) for a jump statement or a switch condition appear later, in the same or an enclosing block
for the HICPP module.

Some test cases for all combinations are missing, i can add those once you
agree that the functionality change is indeed ok.

In D41815#973260, @JonasToth wrote:

check that jumps will only be forward. AFAIK that is required in all sensefull usecases of goto, is it?

You could implement loops/recursion with goto, something like:

const int end = 10;
int i = 0;
assert(i < end);

begin:
<do stuff>
i++
if(i < end)
  goto begin;

// end

But it really should be done with normal for(), or while(), so i think it would make sense to diagnose those.

In D41815#973260, @JonasToth wrote:

I enhanced the check to do more:

check that jumps will only be forward. AFAIK that is required in all sensefull usecases of goto, is it?

additionally check for gotos in nested loops. These are not diagnosed if the jump is forward implementing the exception in the core guidelines.

With these modifications the check can be used to enforce the rule in the
CoreGuidelines and the goto part of 6.3.1 Ensure that the label(s) for a jump statement or a switch condition appear later, in the same or an enclosing block
for the HICPP module.

Nice!

Some test cases for all combinations are missing, i can add those once you
agree that the functionality change is indeed ok.

I think this is the correct direction for the check.

clang-tidy/cppcoreguidelines/AvoidGotoCheck.cpp
22	Can remove the spurious newline.
23	I would think that this is a special feature that will only be used if you know what you are doing. So it should be allowed with configuration. I am not sure about the default though. For now it is ignored. Ignoring it for now seems reasonable to me. You should add a TODO comment for it so we don't lose track of it, though. HICPP has a rule on gotos as well, which states that only forward jumps are allowed. That's essentially the same exception as the C++ Core Guidelines, which is nice. I think that these different approaches to goto should land here sometime as different configurations. Agreed, if needed.
27	s/then/than
42–54	Is there a reason to have two separate diagnostics? It seems like these both would be covered by "this use of 'goto' for flow control is prohibited".

lebedev.ri added inline comments.Jan 11 2018, 11:39 AM

clang-tidy/cppcoreguidelines/AvoidGotoCheck.cpp
21	It would be nice to have it in standard ASTMatchers, i believe it will be useful for `else-after-return` check. Though the ASTMatchers are stuck due to the doc-dumping script being 'broken' (see D41455)

In D41815#973265, @lebedev.ri wrote:
In D41815#973260, @JonasToth wrote:

check that jumps will only be forward. AFAIK that is required in all sensefull usecases of goto, is it?

You could implement loops/recursion with goto, something like:
const int end = 10;
int i = 0;
assert(i < end);

begin:
<do stuff>
i++
if(i < end)
  goto begin;

// end
But it really should be done with normal for(), or while(), so i think it would make sense to diagnose those.

That check is specifically targeting these code constellations to be bad practice. As you said, using the looping constructs is the way to go :)

JonasToth added inline comments.Jan 11 2018, 1:57 PM

clang-tidy/cppcoreguidelines/AvoidGotoCheck.cpp
21	Yes. The GNU extension goto does not have ASTMatcher yet, so i will pack these together in a review. What do you think how long the ASTMatcher issue will be there? Maybe it could be done after that check lands?
42–54	Yes, the new wording better. The note about the backward jump could be added in the `label defined here` note. I think distignuishing between backward jumps and forward jumps is still a good thing. The forward jumps could come from a C code part where forward jumps are done for resource cleaning. So having a strong `prohibited` and a suggesting `avoid` diagnostic makes sense to me.

lebedev.ri added inline comments.Jan 11 2018, 1:58 PM

clang-tidy/cppcoreguidelines/AvoidGotoCheck.cpp
21	Maybe it could be done after that check lands? Yes, absolutely. I did not meant that as a blocker here.

JonasToth marked 3 inline comments as done.Jan 12 2018, 11:10 AM

JonasToth added inline comments.

clang-tidy/cppcoreguidelines/AvoidGotoCheck.cpp
21	On my todo list.

JonasToth marked 2 inline comments as done.Jan 12 2018, 11:10 AM

address review comments
add better documentation with code examples

JonasToth marked 5 inline comments as done.Jan 12 2018, 12:24 PM

JonasToth added inline comments.

docs/ReleaseNotes.rst
63	Reformulated, is it ok now?
docs/clang-tidy/checks/cppcoreguidelines-avoid-goto.rst
7–8	Is it better now?

simplified the code and merged diagnostics

Harbormaster completed remote builds in B13796: Diff 129684.Jan 12 2018, 12:28 PM

Eugene.Zelenko added inline comments.Jan 12 2018, 12:55 PM

docs/clang-tidy/checks/cppcoreguidelines-avoid-goto.rst
7–8	Much better now! Thank you for fix!

JonasToth marked 5 inline comments as done.Jan 12 2018, 12:59 PM

lebedev.ri added inline comments.Jan 12 2018, 11:22 PM

clang-tidy/cppcoreguidelines/AvoidGotoCheck.cpp
22	Hm, on a second thought, i think this will have false-positive if the label and the goto are on the same line, like goto label; ; label: ; I wonder we could easily compare accounting for the position in the line, or it is not worth the extra complexity.

add edgecase test from roman

clang-tidy/cppcoreguidelines/AvoidGotoCheck.cpp
22	Iam not sure what you mean. Is the concern that the `goto` does not actually skip something? If yes it is still worth it, because its not necessary to have the `goto` then. The `<` on the locations should always be sensefull because AFAIK its at byte level (or something similar). Your example is diagnosed correctly.

lebedev.ri added inline comments.Jan 13 2018, 7:12 AM

clang-tidy/cppcoreguidelines/AvoidGotoCheck.cpp
22	The < on the locations should always be sensefull because AFAIK its at byte level (or something similar). Ah, great then. I had some recollections of having some issues with that before, but it makes sense that it would just work.

aaron.ballman added inline comments.Jan 13 2018, 7:55 AM

clang-tidy/cppcoreguidelines/AvoidGotoCheck.cpp
21	I'm not certain adding this to the AST matchers is critical. For instance, we may want to, instead, consider adding relational operators for source locations and then expose a generic facility for getting source location information out of AST nodes.
27	separatly -> separately a ASTMatcher -> an AST matcher
29–30	We don't usually put names into the source code and given the questions about adding that matcher, I'd say it's better to remove the promise that this will become a generic one.
44	I think that this check should be C++ only. C makes far more use of `goto`, and backwards jumps are not always bad there (they don't have to consider things like destructors or RAII like you do in C++). Esp since this is a check for the C++ core guidelines and HICPP (both are C++ standards).
docs/ReleaseNotes.rst
74–75	I think you should also add the HICPP changes as well, given that this check also covers that rule.

JonasToth marked 3 inline comments as done.Jan 13 2018, 8:23 AM

JonasToth added inline comments.

clang-tidy/cppcoreguidelines/AvoidGotoCheck.cpp
22	I dont know the internals, i just assume because it works :)

JonasToth marked 2 inline comments as done.Jan 13 2018, 8:24 AM

address review comments

clang-tidy/cppcoreguidelines/AvoidGotoCheck.cpp
44	Ok. I merged the matchers too.
docs/ReleaseNotes.rst
74–75	I think `Only forward jumps in nested loops are accepted.` covers it, but i reformulated it.

[Fix] bug with language mode

Harbormaster completed remote builds in B13844: Diff 129865.Jan 15 2018, 8:30 AM

doc clarified that check is c++ only
add missing tests for do and range-for, not all combinations done, but every loop construct is used as outer and inner loop

Harbormaster completed remote builds in B13845: Diff 129868.Jan 15 2018, 8:45 AM

aaron.ballman added inline comments.Jan 15 2018, 12:23 PM

clang-tidy/cppcoreguidelines/AvoidGotoCheck.h
20–21	This comment is a bit out of date now that it no longer diagnoses all uses of `goto`.

hicpp alias added
update documentation

remove spurious whitespace

last nits i found

LGTM aside from a minor formatting nit.

clang-tidy/hicpp/HICPPTidyModule.cpp
57	Spurious formatting change -- feel free to commit separately (no review required) if you want to fix it.

This revision is now accepted and ready to land.Jan 16 2018, 8:46 AM

[Misc] remove spurious format

Harbormaster completed remote builds in B13903: Diff 130113.Jan 17 2018, 2:22 AM

Closed by commit rCTE322626: [clang-tidy] implement check for goto (authored by JonasToth). · Explain WhyJan 17 2018, 2:29 AM

This revision was automatically updated to reflect the committed changes.

Revision Contents

Path

Size

clang-tidy/

cppcoreguidelines/

AvoidGotoCheck.h

36 lines

AvoidGotoCheck.cpp

55 lines

CMakeLists.txt

1 line

CppCoreGuidelinesTidyModule.cpp

3 lines

hicpp/

HICPPTidyModule.cpp

3 lines

docs/

ReleaseNotes.rst

12 lines

clang-tidy/

checks/

cppcoreguidelines-avoid-goto.rst

50 lines

hicpp-avoid-goto.rst

12 lines

list.rst

2 lines

test/

clang-tidy/

cppcoreguidelines-avoid-goto.cpp

139 lines

Diff 130115

clang-tidy/cppcoreguidelines/AvoidGotoCheck.h

				//===--- AvoidGotoCheck.h - clang-tidy---------------------------- C++ --===//
				//
				// The LLVM Compiler Infrastructure
				//
				// This file is distributed under the University of Illinois Open Source
				// License. See LICENSE.TXT for details.
				//
				//===----------------------------------------------------------------------===//

				#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CPPCOREGUIDELINES_AVOIDGOTOCHECK_H
				#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CPPCOREGUIDELINES_AVOIDGOTOCHECK_H

				#include "../ClangTidy.h"

				namespace clang {
				namespace tidy {
				namespace cppcoreguidelines {

				/// The usage of ``goto`` for control flow is error prone and should be replaced
				/// with looping constructs. Only forward jumps in nested loops are accepted.
				//
				aaron.ballmanUnsubmitted Done Reply Inline Actions This comment is a bit out of date now that it no longer diagnoses all uses of `goto`. aaron.ballman: This comment is a bit out of date now that it no longer diagnoses all uses of `goto`.
				/// For the user-facing documentation see:
				/// http://clang.llvm.org/extra/clang-tidy/checks/cppcoreguidelines-avoid-goto.html
				class AvoidGotoCheck : public ClangTidyCheck {
				public:
				AvoidGotoCheck(StringRef Name, ClangTidyContext *Context)
				: ClangTidyCheck(Name, Context) {}
				void registerMatchers(ast_matchers::MatchFinder *Finder) override;
				void check(const ast_matchers::MatchFinder::MatchResult &Result) override;
				};

				} // namespace cppcoreguidelines
				} // namespace tidy
				} // namespace clang

				#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_CPPCOREGUIDELINES_AVOIDGOTOCHECK_H

clang-tidy/cppcoreguidelines/AvoidGotoCheck.cpp

				//===--- AvoidGotoCheck.cpp - clang-tidy-----------------------------------===//
				//
				// The LLVM Compiler Infrastructure
				//
				// This file is distributed under the University of Illinois Open Source
				// License. See LICENSE.TXT for details.
				//
				//===----------------------------------------------------------------------===//

				#include "AvoidGotoCheck.h"
				#include "clang/AST/ASTContext.h"
				#include "clang/ASTMatchers/ASTMatchFinder.h"

				using namespace clang::ast_matchers;

				namespace clang {
				namespace tidy {
				namespace cppcoreguidelines {

				AST_MATCHER(GotoStmt, isForwardJumping) {
				return Node.getLocStart() < Node.getLabel()->getLocStart();
				lebedev.riUnsubmitted Done Reply Inline Actions It would be nice to have it in standard ASTMatchers, i believe it will be useful for `else-after-return` check. Though the ASTMatchers are stuck due to the doc-dumping script being 'broken' (see D41455) lebedev.ri: It would be nice to have it in standard ASTMatchers, i believe it will be useful for `else…
				JonasTothAuthorUnsubmitted Done Reply Inline Actions Yes. The GNU extension goto does not have ASTMatcher yet, so i will pack these together in a review. What do you think how long the ASTMatcher issue will be there? Maybe it could be done after that check lands? JonasToth: Yes. The GNU extension goto does not have ASTMatcher yet, so i will pack these together in a…
				lebedev.riUnsubmitted Done Reply Inline Actions Maybe it could be done after that check lands? Yes, absolutely. I did not meant that as a blocker here. lebedev.ri: > Maybe it could be done after that check lands? Yes, absolutely. I did not meant that as a…
				JonasTothAuthorUnsubmitted Done Reply Inline Actions On my todo list. JonasToth: On my todo list.
				aaron.ballmanUnsubmitted Done Reply Inline Actions I'm not certain adding this to the AST matchers is critical. For instance, we may want to, instead, consider adding relational operators for source locations and then expose a generic facility for getting source location information out of AST nodes. aaron.ballman: I'm not certain adding this to the AST matchers is critical. For instance, we may want to…
				}
				aaron.ballmanUnsubmitted Done Reply Inline Actions Can remove the spurious newline. aaron.ballman: Can remove the spurious newline.
				lebedev.riUnsubmitted Done Reply Inline Actions Hm, on a second thought, i think this will have false-positive if the label and the goto are on the same line, like goto label; ; label: ; I wonder we could easily compare accounting for the position in the line, or it is not worth the extra complexity. lebedev.ri: Hm, on a second thought, i think this will have false-positive if the label and the goto are on…
				JonasTothAuthorUnsubmitted Done Reply Inline Actions Iam not sure what you mean. Is the concern that the `goto` does not actually skip something? If yes it is still worth it, because its not necessary to have the `goto` then. The `<` on the locations should always be sensefull because AFAIK its at byte level (or something similar). Your example is diagnosed correctly. JonasToth: Iam not sure what you mean. Is the concern that the `goto` does not actually skip something? If…
				lebedev.riUnsubmitted Done Reply Inline Actions The < on the locations should always be sensefull because AFAIK its at byte level (or something similar). Ah, great then. I had some recollections of having some issues with that before, but it makes sense that it would just work. lebedev.ri: > The < on the locations should always be sensefull because AFAIK its at byte level (or…
				JonasTothAuthorUnsubmitted Done Reply Inline Actions I dont know the internals, i just assume because it works :) JonasToth: I dont know the internals, i just assume because it works :)

				aaron.ballmanUnsubmitted Done Reply Inline Actions Are you planning to add the exception listed in the C++ Core Guideline? It makes an explicit exception allowing you to jump forward out of a loop construct. aaron.ballman: Are you planning to add the exception listed in the C++ Core Guideline? It makes an explicit…
				JonasTothAuthorUnsubmitted Done Reply Inline Actions Are you planning to add the exception listed in the C++ Core Guideline? It makes an explicit exception allowing you to jump forward out of a loop construct. I do plan for this. Because I dont have any experience with gotos I wanted to do it in small steps. What should this check do with indirect goto statements (it's a GCC extension we support where you can jump to an expression)? Iam not aware of these :) JonasToth: > Are you planning to add the exception listed in the C++ Core Guideline? It makes an explicit…
				aaron.ballmanUnsubmitted Done Reply Inline Actions What should this check do with indirect goto statements (it's a GCC extension we support where you can jump to an expression)? Iam not aware of these :) https://gcc.gnu.org/onlinedocs/gcc/Labels-as-Values.html (and a good reference on why these are interesting: https://eli.thegreenplace.net/2012/07/12/computed-goto-for-efficient-dispatch-tables) aaron.ballman: >> What should this check do with indirect goto statements (it's a GCC extension we support…
				aaron.ballmanUnsubmitted Done Reply Inline Actions What should this check do with indirect goto statements (it's a GCC extension we support where you can jump to an expression)? Regardless, there should be a test for indirect gotos and jump forward out of loop constructs. aaron.ballman: What should this check do with indirect goto statements (it's a GCC extension we support where…
				JonasTothAuthorUnsubmitted Done Reply Inline Actions I would think that this is a special feature that will only be used if you know what you are doing. So it should be allowed with configuration. I am not sure about the default though. For now it is ignored. HICPP has a rule on gotos as well, which states that only forward jumps are allowed. I think that these different approaches to `goto` should land here sometime as different configurations. JonasToth: I would think that this is a special feature that will only be used if you know what you are…
				aaron.ballmanUnsubmitted Done Reply Inline Actions I would think that this is a special feature that will only be used if you know what you are doing. So it should be allowed with configuration. I am not sure about the default though. For now it is ignored. Ignoring it for now seems reasonable to me. You should add a TODO comment for it so we don't lose track of it, though. HICPP has a rule on gotos as well, which states that only forward jumps are allowed. That's essentially the same exception as the C++ Core Guidelines, which is nice. I think that these different approaches to goto should land here sometime as different configurations. Agreed, if needed. aaron.ballman: > I would think that this is a special feature that will only be used if you know what you are…
				void AvoidGotoCheck::registerMatchers(MatchFinder *Finder) {
				if (!getLangOpts().CPlusPlus)
				return;

				aaron.ballmanUnsubmitted Done Reply Inline Actions s/then/than aaron.ballman: s/then/than
				aaron.ballmanUnsubmitted Done Reply Inline Actions separatly -> separately a ASTMatcher -> an AST matcher aaron.ballman: separatly -> separately a ASTMatcher -> an AST matcher
				// TODO: This check does not recognize `IndirectGotoStmt` which is a
				// GNU extension. These must be matched separately and an AST matcher
				aaron.ballmanUnsubmitted Done Reply Inline Actions I don't think this diagnostic really helps the user all that much. It doesn't say what's harmful about the goto, nor what high level programming construct to use to make it not harmful. aaron.ballman: I don't think this diagnostic really helps the user all that much. It doesn't say what's…
				JonasTothAuthorUnsubmitted Done Reply Inline Actions I dont like the diagnostic too. But i dont know how to give a sensefull short message. Here Andrei Alexandrescu introduced some high level rules, maybe i the Rule of Minimum Power could be a starting point? https://github.com/isocpp/CppCoreGuidelines/issues/19 Good example for Rule of Minimum Power: goto is the most powerful looping construct (it can do everything while does, and a lot more such as jumping in the middle of a loop etc.) and the most unrecommended. JonasToth: I dont like the diagnostic too. But i dont know how to give a sensefull short message. Here…
				aaron.ballmanUnsubmitted Done Reply Inline Actions I think part of the issue here is that goto isn't harmful in all circumstances, but this check is going to tell users to remove the goto regardless of whether it's dangerous or not. That kind of broad prohibition suggests the diagnostic wording should be more along the lines of "avoid using 'goto' for flow control" or something along those lines. When you add the exception case(s) to the rule, you could reword to "this use of 'goto' for flow control is prohibited" (or similar). aaron.ballman: I think part of the issue here is that goto isn't harmful in all circumstances, but this check…
				// is currently missing for them.
				aaron.ballmanUnsubmitted Done Reply Inline Actions We don't usually put names into the source code and given the questions about adding that matcher, I'd say it's better to remove the promise that this will become a generic one. aaron.ballman: We don't usually put names into the source code and given the questions about adding that…

				// Check if the 'goto' is used for control flow other than jumping
				// out of a nested loop.
				auto Loop = stmt(anyOf(forStmt(), cxxForRangeStmt(), whileStmt(), doStmt()));
				auto NestedLoop =
				stmt(anyOf(forStmt(hasAncestor(Loop)), cxxForRangeStmt(hasAncestor(Loop)),
				whileStmt(hasAncestor(Loop)), doStmt(hasAncestor(Loop))));

				Finder->addMatcher(gotoStmt(anyOf(unless(hasAncestor(NestedLoop)),
				unless(isForwardJumping())))
				.bind("goto"),
				this);
				}

				aaron.ballmanUnsubmitted Done Reply Inline Actions I think that this check should be C++ only. C makes far more use of `goto`, and backwards jumps are not always bad there (they don't have to consider things like destructors or RAII like you do in C++). Esp since this is a check for the C++ core guidelines and HICPP (both are C++ standards). aaron.ballman: I think that this check should be C++ only. C makes far more use of `goto`, and backwards jumps…
				JonasTothAuthorUnsubmitted Done Reply Inline Actions Ok. I merged the matchers too. JonasToth: Ok. I merged the matchers too.
				void AvoidGotoCheck::check(const MatchFinder::MatchResult &Result) {
				const auto *Goto = Result.Nodes.getNodeAs<GotoStmt>("goto");

				diag(Goto->getGotoLoc(), "avoid using 'goto' for flow control")
				<< Goto->getSourceRange();
				diag(Goto->getLabel()->getLocStart(), "label defined here",
				DiagnosticIDs::Note);
				}
				} // namespace cppcoreguidelines
				} // namespace tidy
				aaron.ballmanUnsubmitted Done Reply Inline Actions Is there a reason to have two separate diagnostics? It seems like these both would be covered by "this use of 'goto' for flow control is prohibited". aaron.ballman: Is there a reason to have two separate diagnostics? It seems like these both would be covered…
				JonasTothAuthorUnsubmitted Done Reply Inline Actions Yes, the new wording better. The note about the backward jump could be added in the `label defined here` note. I think distignuishing between backward jumps and forward jumps is still a good thing. The forward jumps could come from a C code part where forward jumps are done for resource cleaning. So having a strong `prohibited` and a suggesting `avoid` diagnostic makes sense to me. JonasToth: Yes, the new wording better. The note about the backward jump could be added in the `label…
				} // namespace clang

clang-tidy/cppcoreguidelines/CMakeLists.txt

	set(LLVM_LINK_COMPONENTS support)			set(LLVM_LINK_COMPONENTS support)

	add_clang_library(clangTidyCppCoreGuidelinesModule			add_clang_library(clangTidyCppCoreGuidelinesModule
				AvoidGotoCheck.cpp
	CppCoreGuidelinesTidyModule.cpp			CppCoreGuidelinesTidyModule.cpp
	InterfacesGlobalInitCheck.cpp			InterfacesGlobalInitCheck.cpp
	NoMallocCheck.cpp			NoMallocCheck.cpp
	OwningMemoryCheck.cpp			OwningMemoryCheck.cpp
	ProBoundsArrayToPointerDecayCheck.cpp			ProBoundsArrayToPointerDecayCheck.cpp
	ProBoundsConstantArrayIndexCheck.cpp			ProBoundsConstantArrayIndexCheck.cpp
	ProBoundsPointerArithmeticCheck.cpp			ProBoundsPointerArithmeticCheck.cpp
	ProTypeConstCastCheck.cpp			ProTypeConstCastCheck.cpp
	Show All 19 Lines

clang-tidy/cppcoreguidelines/CppCoreGuidelinesTidyModule.cpp

	//===--- CppCoreGuidelinesModule.cpp - clang-tidy -------------------------===//			//===--- CppCoreGuidelinesModule.cpp - clang-tidy -------------------------===//
	//			//
	// The LLVM Compiler Infrastructure			// The LLVM Compiler Infrastructure
	//			//
	// This file is distributed under the University of Illinois Open Source			// This file is distributed under the University of Illinois Open Source
	// License. See LICENSE.TXT for details.			// License. See LICENSE.TXT for details.
	//			//
	//===----------------------------------------------------------------------===//			//===----------------------------------------------------------------------===//

	#include "../ClangTidy.h"			#include "../ClangTidy.h"
	#include "../ClangTidyModule.h"			#include "../ClangTidyModule.h"
	#include "../ClangTidyModuleRegistry.h"			#include "../ClangTidyModuleRegistry.h"
	#include "../misc/UnconventionalAssignOperatorCheck.h"			#include "../misc/UnconventionalAssignOperatorCheck.h"
				#include "AvoidGotoCheck.h"
	#include "InterfacesGlobalInitCheck.h"			#include "InterfacesGlobalInitCheck.h"
	#include "NoMallocCheck.h"			#include "NoMallocCheck.h"
	#include "OwningMemoryCheck.h"			#include "OwningMemoryCheck.h"
	#include "ProBoundsArrayToPointerDecayCheck.h"			#include "ProBoundsArrayToPointerDecayCheck.h"
	#include "ProBoundsConstantArrayIndexCheck.h"			#include "ProBoundsConstantArrayIndexCheck.h"
	#include "ProBoundsPointerArithmeticCheck.h"			#include "ProBoundsPointerArithmeticCheck.h"
	#include "ProTypeConstCastCheck.h"			#include "ProTypeConstCastCheck.h"
	#include "ProTypeCstyleCastCheck.h"			#include "ProTypeCstyleCastCheck.h"
	#include "ProTypeMemberInitCheck.h"			#include "ProTypeMemberInitCheck.h"
	#include "ProTypeReinterpretCastCheck.h"			#include "ProTypeReinterpretCastCheck.h"
	#include "ProTypeStaticCastDowncastCheck.h"			#include "ProTypeStaticCastDowncastCheck.h"
	#include "ProTypeUnionAccessCheck.h"			#include "ProTypeUnionAccessCheck.h"
	#include "ProTypeVarargCheck.h"			#include "ProTypeVarargCheck.h"
	#include "SlicingCheck.h"			#include "SlicingCheck.h"
	#include "SpecialMemberFunctionsCheck.h"			#include "SpecialMemberFunctionsCheck.h"

	namespace clang {			namespace clang {
	namespace tidy {			namespace tidy {
	namespace cppcoreguidelines {			namespace cppcoreguidelines {

	/// A module containing checks of the C++ Core Guidelines			/// A module containing checks of the C++ Core Guidelines
	class CppCoreGuidelinesModule : public ClangTidyModule {			class CppCoreGuidelinesModule : public ClangTidyModule {
	public:			public:
	void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override {			void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override {
				CheckFactories.registerCheck<AvoidGotoCheck>(
				"cppcoreguidelines-avoid-goto");
	CheckFactories.registerCheck<InterfacesGlobalInitCheck>(			CheckFactories.registerCheck<InterfacesGlobalInitCheck>(
	"cppcoreguidelines-interfaces-global-init");			"cppcoreguidelines-interfaces-global-init");
	CheckFactories.registerCheck<NoMallocCheck>("cppcoreguidelines-no-malloc");			CheckFactories.registerCheck<NoMallocCheck>("cppcoreguidelines-no-malloc");
	CheckFactories.registerCheck<OwningMemoryCheck>(			CheckFactories.registerCheck<OwningMemoryCheck>(
	"cppcoreguidelines-owning-memory");			"cppcoreguidelines-owning-memory");
	CheckFactories.registerCheck<ProBoundsArrayToPointerDecayCheck>(			CheckFactories.registerCheck<ProBoundsArrayToPointerDecayCheck>(
	"cppcoreguidelines-pro-bounds-array-to-pointer-decay");			"cppcoreguidelines-pro-bounds-array-to-pointer-decay");
	CheckFactories.registerCheck<ProBoundsConstantArrayIndexCheck>(			CheckFactories.registerCheck<ProBoundsConstantArrayIndexCheck>(
	Show All 37 Lines

clang-tidy/hicpp/HICPPTidyModule.cpp

	//===------- HICPPTidyModule.cpp - clang-tidy -----------------------------===//			//===------- HICPPTidyModule.cpp - clang-tidy -----------------------------===//
	//			//
	// The LLVM Compiler Infrastructure			// The LLVM Compiler Infrastructure
	//			//
	// This file is distributed under the University of Illinois Open Source			// This file is distributed under the University of Illinois Open Source
	// License. See LICENSE.TXT for details.			// License. See LICENSE.TXT for details.
	//			//
	//===----------------------------------------------------------------------===//			//===----------------------------------------------------------------------===//

	#include "../ClangTidy.h"			#include "../ClangTidy.h"
	#include "../ClangTidyModule.h"			#include "../ClangTidyModule.h"
	#include "../ClangTidyModuleRegistry.h"			#include "../ClangTidyModuleRegistry.h"
	#include "../bugprone/UseAfterMoveCheck.h"			#include "../bugprone/UseAfterMoveCheck.h"
				#include "../cppcoreguidelines/AvoidGotoCheck.h"
	#include "../cppcoreguidelines/NoMallocCheck.h"			#include "../cppcoreguidelines/NoMallocCheck.h"
	#include "../cppcoreguidelines/ProBoundsArrayToPointerDecayCheck.h"			#include "../cppcoreguidelines/ProBoundsArrayToPointerDecayCheck.h"
	#include "../cppcoreguidelines/ProTypeMemberInitCheck.h"			#include "../cppcoreguidelines/ProTypeMemberInitCheck.h"
	#include "../cppcoreguidelines/ProTypeVarargCheck.h"			#include "../cppcoreguidelines/ProTypeVarargCheck.h"
	#include "../cppcoreguidelines/SpecialMemberFunctionsCheck.h"			#include "../cppcoreguidelines/SpecialMemberFunctionsCheck.h"
	#include "../google/DefaultArgumentsCheck.h"			#include "../google/DefaultArgumentsCheck.h"
	#include "../google/ExplicitConstructorCheck.h"			#include "../google/ExplicitConstructorCheck.h"
	#include "../misc/NewDeleteOverloadsCheck.h"			#include "../misc/NewDeleteOverloadsCheck.h"
	Show All 18 Lines

	namespace clang {			namespace clang {
	namespace tidy {			namespace tidy {
	namespace hicpp {			namespace hicpp {

	class HICPPModule : public ClangTidyModule {			class HICPPModule : public ClangTidyModule {
	public:			public:
	void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override {			void addCheckFactories(ClangTidyCheckFactories &CheckFactories) override {
				CheckFactories.registerCheck<cppcoreguidelines::AvoidGotoCheck>(
				"hicpp-avoid-goto");
	CheckFactories.registerCheck<readability::BracesAroundStatementsCheck>(			CheckFactories.registerCheck<readability::BracesAroundStatementsCheck>(
	"hicpp-braces-around-statements");			"hicpp-braces-around-statements");
	CheckFactories.registerCheck<modernize::DeprecatedHeadersCheck>(			CheckFactories.registerCheck<modernize::DeprecatedHeadersCheck>(
	"hicpp-deprecated-headers");			"hicpp-deprecated-headers");
	CheckFactories.registerCheck<ExceptionBaseclassCheck>(			CheckFactories.registerCheck<ExceptionBaseclassCheck>(
	"hicpp-exception-baseclass");			"hicpp-exception-baseclass");
	CheckFactories.registerCheck<SignedBitwiseCheck>("hicpp-signed-bitwise");			CheckFactories.registerCheck<SignedBitwiseCheck>("hicpp-signed-bitwise");
				aaron.ballmanUnsubmitted Done Reply Inline Actions Spurious formatting change -- feel free to commit separately (no review required) if you want to fix it. aaron.ballman: Spurious formatting change -- feel free to commit separately (no review required) if you want…
	CheckFactories.registerCheck<google::ExplicitConstructorCheck>(			CheckFactories.registerCheck<google::ExplicitConstructorCheck>(
	"hicpp-explicit-conversions");			"hicpp-explicit-conversions");
	CheckFactories.registerCheck<readability::FunctionSizeCheck>(			CheckFactories.registerCheck<readability::FunctionSizeCheck>(
	"hicpp-function-size");			"hicpp-function-size");
	CheckFactories.registerCheck<readability::IdentifierNamingCheck>(			CheckFactories.registerCheck<readability::IdentifierNamingCheck>(
	"hicpp-named-parameter");			"hicpp-named-parameter");
	CheckFactories.registerCheck<bugprone::UseAfterMoveCheck>(			CheckFactories.registerCheck<bugprone::UseAfterMoveCheck>(
	"hicpp-invalid-access-moved");			"hicpp-invalid-access-moved");
	▲ Show 20 Lines • Show All 51 Lines • Show Last 20 Lines

docs/ReleaseNotes.rst

	Show First 20 Lines • Show All 51 Lines • ▼ Show 20 Lines
	Improvements to clang-rename			Improvements to clang-rename
	----------------------------			----------------------------

	The improvements are...			The improvements are...

	Improvements to clang-tidy			Improvements to clang-tidy
	--------------------------			--------------------------

				- New `cppcoreguidelines-avoid-goto
				<http://clang.llvm.org/extra/clang-tidy/checks/cppcoreguidelines-avoid-goto.html>`_ check

				The usage of ``goto`` for control flow is error prone and should be replaced
				Eugene.ZelenkoUnsubmitted Done Reply Inline Actions I think will be good idea to reformulate this statement and its copy in documentation. diagnosed with this check is tautological for any check. Eugene.Zelenko: I think will be good idea to reformulate this statement and its copy in documentation.
				JonasTothAuthorUnsubmitted Done Reply Inline Actions Reformulated, is it ok now? JonasToth: Reformulated, is it ok now?
				with looping constructs. Every backward jump is rejected. Forward jumps are
				only allowed in nested loops.

	- New `fuchsia-statically-constructed-objects			- New `fuchsia-statically-constructed-objects
	<http://clang.llvm.org/extra/clang-tidy/checks/fuchsia-statically-constructed-objects.html>`_ check			<http://clang.llvm.org/extra/clang-tidy/checks/fuchsia-statically-constructed-objects.html>`_ check

	Warns if global, non-trivial objects with static storage are constructed, unless the			Warns if global, non-trivial objects with static storage are constructed, unless the
	object is statically initialized with a ``constexpr`` constructor or has no			object is statically initialized with a ``constexpr`` constructor or has no
	explicit constructor.			explicit constructor.

				- New alias `hicpp-avoid-goto
				<http://clang.llvm.org/extra/clang-tidy/checks/hicpp-avoid-goto.html>`_ to
				aaron.ballmanUnsubmitted Done Reply Inline Actions I think you should also add the HICPP changes as well, given that this check also covers that rule. aaron.ballman: I think you should also add the HICPP changes as well, given that this check also covers that…
				JonasTothAuthorUnsubmitted Done Reply Inline Actions I think `Only forward jumps in nested loops are accepted.` covers it, but i reformulated it. JonasToth: I think `Only forward jumps in nested loops are accepted.` covers it, but i reformulated it.
				`cppcoreguidelines-avoid-goto <http://clang.llvm.org/extra/clang-tidy/checks/cppcoreguidelines-avoid-goto.html>`_
				added.

	Improvements to include-fixer			Improvements to include-fixer
	-----------------------------			-----------------------------

	The improvements are...			The improvements are...

	Improvements to modularize			Improvements to modularize
	--------------------------			--------------------------

	The improvements are...			The improvements are...

docs/clang-tidy/checks/cppcoreguidelines-avoid-goto.rst

				.. title:: clang-tidy - cppcoreguidelines-avoid-goto

				cppcoreguidelines-avoid-goto
				============================

				The usage of ``goto`` for control flow is error prone and should be replaced
				with looping constructs. Only forward jumps in nested loops are accepted.

				aaron.ballmanUnsubmitted Done Reply Inline Actions This doesn't really help the user understand what's bad about goto or why it should be diagnosed. You should expound a bit here. aaron.ballman: This doesn't really help the user understand what's bad about goto or why it should be…
				JonasTothAuthorUnsubmitted Done Reply Inline Actions Is it better now? JonasToth: Is it better now?
				Eugene.ZelenkoUnsubmitted Done Reply Inline Actions Much better now! Thank you for fix! Eugene.Zelenko: Much better now! Thank you for fix!
				This check implements `ES.76 <https://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#es76-avoid-goto>`_
				from the CppCoreGuidelines and
				`6.3.1 from High Integrity C++ <http://www.codingstandard.com/rule/6-3-1-ensure-that-the-labels-for-a-jump-statement-or-a-switch-condition-appear-later-in-the-same-or-an-enclosing-block/>`_.

				For more information on why to avoid programming
				with ``goto`` you can read the famous paper `A Case against the GO TO Statement. <https://www.cs.utexas.edu/users/EWD/ewd02xx/EWD215.PDF>`_.

				The check diagnoses ``goto`` for backward jumps in every language mode. These
				should be replaced with `C/C++` looping constructs.

				.. code-block:: c++

				// Bad, handwritten for loop.
				int i = 0;
				// Jump label for the loop
				loop_start:
				do_some_operation();

				if (i < 100) {
				++i;
				goto loop_start;
				}

				// Better
				for(int i = 0; i < 100; ++i)
				do_some_operation();

				Modern C++ needs ``goto`` only to jump out of nested loops.

				.. code-block:: c++

				for(int i = 0; i < 100; ++i) {
				for(int j = 0; j < 100; ++j) {
				if (i * j > 500)
				goto early_exit;
				}
				}

				early_exit:
				some_operation();

				All other uses of ``goto`` are diagnosed in `C++`.

docs/clang-tidy/checks/hicpp-avoid-goto.rst

				.. title:: clang-tidy - hicpp-avoid-goto

				hicpp-avoid-goto
				================

				The `hicpp-avoid-goto` check is an alias to
				`cppcoreguidelines-avoid-goto <cppcoreguidelines-avoid-goto.html>`_.
				Rule `6.3.1 High Integrity C++ <http://www.codingstandard.com/rule/6-3-1-ensure-that-the-labels-for-a-jump-statement-or-a-switch-condition-appear-later-in-the-same-or-an-enclosing-block/>`_
				requires that ``goto`` only skips parts of a block and is not used for other
				reasons.

				Both coding guidelines implement the same exception to the usage of ``goto``.

docs/clang-tidy/checks/list.rst

Show First 20 Lines • Show All 46 Lines • ▼ Show 20 Lines	.. toctree::
cert-err58-cpp		cert-err58-cpp
cert-err60-cpp		cert-err60-cpp
cert-err61-cpp (redirects to misc-throw-by-value-catch-by-reference) <cert-err61-cpp>		cert-err61-cpp (redirects to misc-throw-by-value-catch-by-reference) <cert-err61-cpp>
cert-fio38-c (redirects to misc-non-copyable-objects) <cert-fio38-c>		cert-fio38-c (redirects to misc-non-copyable-objects) <cert-fio38-c>
cert-flp30-c		cert-flp30-c
cert-msc30-c (redirects to cert-msc50-cpp) <cert-msc30-c>		cert-msc30-c (redirects to cert-msc50-cpp) <cert-msc30-c>
cert-msc50-cpp		cert-msc50-cpp
cert-oop11-cpp (redirects to performance-move-constructor-init) <cert-oop11-cpp>		cert-oop11-cpp (redirects to performance-move-constructor-init) <cert-oop11-cpp>
		cppcoreguidelines-avoid-goto
cppcoreguidelines-c-copy-assignment-signature (redirects to misc-unconventional-assign-operator) <cppcoreguidelines-c-copy-assignment-signature>		cppcoreguidelines-c-copy-assignment-signature (redirects to misc-unconventional-assign-operator) <cppcoreguidelines-c-copy-assignment-signature>
cppcoreguidelines-interfaces-global-init		cppcoreguidelines-interfaces-global-init
cppcoreguidelines-no-malloc		cppcoreguidelines-no-malloc
cppcoreguidelines-owning-memory		cppcoreguidelines-owning-memory
cppcoreguidelines-pro-bounds-array-to-pointer-decay		cppcoreguidelines-pro-bounds-array-to-pointer-decay
cppcoreguidelines-pro-bounds-constant-array-index		cppcoreguidelines-pro-bounds-constant-array-index
cppcoreguidelines-pro-bounds-pointer-arithmetic		cppcoreguidelines-pro-bounds-pointer-arithmetic
cppcoreguidelines-pro-type-const-cast		cppcoreguidelines-pro-type-const-cast
Show All 22 Lines	.. toctree::
google-readability-function-size (redirects to readability-function-size) <google-readability-function-size>		google-readability-function-size (redirects to readability-function-size) <google-readability-function-size>
google-readability-namespace-comments (redirects to llvm-namespace-comment) <google-readability-namespace-comments>		google-readability-namespace-comments (redirects to llvm-namespace-comment) <google-readability-namespace-comments>
google-readability-redundant-smartptr-get (redirects to readability-redundant-smartptr-get) <google-readability-redundant-smartptr-get>		google-readability-redundant-smartptr-get (redirects to readability-redundant-smartptr-get) <google-readability-redundant-smartptr-get>
google-readability-todo		google-readability-todo
google-runtime-int		google-runtime-int
google-runtime-member-string-references		google-runtime-member-string-references
google-runtime-operator		google-runtime-operator
google-runtime-references		google-runtime-references
		hicpp-avoid-goto (redirects to cppcoreguidelines-avoid-goto) <hicpp-avoid-goto>
hicpp-braces-around-statements (redirects to readability-braces-around-statements) <hicpp-braces-around-statements>		hicpp-braces-around-statements (redirects to readability-braces-around-statements) <hicpp-braces-around-statements>
hicpp-deprecated-headers (redirects to modernize-deprecated-headers) <hicpp-deprecated-headers>		hicpp-deprecated-headers (redirects to modernize-deprecated-headers) <hicpp-deprecated-headers>
hicpp-exception-baseclass		hicpp-exception-baseclass
hicpp-explicit-conversions (redirects to google-explicit-constructor) <hicpp-explicit-conversions>		hicpp-explicit-conversions (redirects to google-explicit-constructor) <hicpp-explicit-conversions>
hicpp-function-size (redirects to readability-function-size) <hicpp-function-size>		hicpp-function-size (redirects to readability-function-size) <hicpp-function-size>
hicpp-invalid-access-moved (redirects to bugprone-use-after-move) <hicpp-invalid-access-moved>		hicpp-invalid-access-moved (redirects to bugprone-use-after-move) <hicpp-invalid-access-moved>
hicpp-member-init (redirects to cppcoreguidelines-pro-type-member-init) <hicpp-member-init>		hicpp-member-init (redirects to cppcoreguidelines-pro-type-member-init) <hicpp-member-init>
hicpp-move-const-arg (redirects to performance-move-const-arg) <hicpp-move-const-arg>		hicpp-move-const-arg (redirects to performance-move-const-arg) <hicpp-move-const-arg>
▲ Show 20 Lines • Show All 119 Lines • Show Last 20 Lines

test/clang-tidy/cppcoreguidelines-avoid-goto.cpp

				// RUN: %check_clang_tidy %s cppcoreguidelines-avoid-goto %t

				void noop() {}

				int main() {
				noop();
				goto jump_to_me;
				// CHECK-MESSAGES: [[@LINE-1]]:3: warning: avoid using 'goto' for flow control
				// CHECK-MESSAGES: [[@LINE+3]]:1: note: label defined here
				noop();

				jump_to_me:;

				jump_backwards:;
				noop();
				goto jump_backwards;
				// CHECK-MESSAGES: [[@LINE-1]]:3: warning: avoid using 'goto' for flow control
				// CHECK-MESSAGES: [[@LINE-4]]:1: note: label defined here

				goto jump_in_line;
				;
				jump_in_line:;
				// CHECK-MESSAGES: [[@LINE-3]]:3: warning: avoid using 'goto' for flow control
				// CHECK-MESSAGES: [[@LINE-2]]:1: note: label defined here

				// Test the GNU extension https://gcc.gnu.org/onlinedocs/gcc/Labels-as-Values.html
				some_label:;
				void *dynamic_label = &&some_label;

				// FIXME: `IndirectGotoStmt` is not detected.
				goto *dynamic_label;
				}

				void forward_jump_out_nested_loop() {
				int array[] = {1, 2, 3, 4, 5};
				for (int i = 0; i < 10; ++i) {
				noop();
				for (int j = 0; j < 10; ++j) {
				noop();
				if (i + j > 10)
				goto early_exit1;
				}
				noop();
				}

				for (int i = 0; i < 10; ++i) {
				noop();
				while (true) {
				noop();
				if (i > 5)
				goto early_exit1;
				}
				noop();
				}

				for (auto value : array) {
				noop();
				for (auto number : array) {
				noop();
				if (number == 5)
				goto early_exit1;
				}
				}

				do {
				noop();
				do {
				noop();
				goto early_exit1;
				} while (true);
				} while (true);

				do {
				for (auto number : array) {
				noop();
				if (number == 2)
				goto early_exit1;
				}
				} while (true);

				// Jumping further results in error, because the variable declaration would
				// be skipped.
				early_exit1:;

				int i = 0;
				while (true) {
				noop();
				while (true) {
				noop();
				if (i > 5)
				goto early_exit2;
				i++;
				}
				noop();
				}

				while (true) {
				noop();
				for (int j = 0; j < 10; ++j) {
				noop();
				if (j > 5)
				goto early_exit2;
				}
				noop();
				}

				while (true) {
				noop();
				for (auto number : array) {
				if (number == 1)
				goto early_exit2;
				noop();
				}
				}

				while (true) {
				noop();
				do {
				noop();
				goto early_exit2;
				} while (true);
				}
				early_exit2:;
				}

				void jump_out_backwards() {

				before_the_loop:
				noop();

				for (int i = 0; i < 10; ++i) {
				for (int j = 0; j < 10; ++j) {
				if (i * j > 80)
				goto before_the_loop;
				// CHECK-MESSAGES: [[@LINE-1]]:9: warning: avoid using 'goto' for flow control
				// CHECK-MESSAGES: [[@LINE-8]]:1: note: label defined here
				}
				}
				}

This is an archive of the discontinued LLVM Phabricator instance.

[clang-tidy] implement check for gotoClosedPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 130115

clang-tidy/cppcoreguidelines/AvoidGotoCheck.h

clang-tidy/cppcoreguidelines/AvoidGotoCheck.cpp

clang-tidy/cppcoreguidelines/CMakeLists.txt

clang-tidy/cppcoreguidelines/CppCoreGuidelinesTidyModule.cpp

clang-tidy/hicpp/HICPPTidyModule.cpp

docs/ReleaseNotes.rst

docs/clang-tidy/checks/cppcoreguidelines-avoid-goto.rst

docs/clang-tidy/checks/hicpp-avoid-goto.rst

docs/clang-tidy/checks/list.rst

test/clang-tidy/cppcoreguidelines-avoid-goto.cpp

[clang-tidy] implement check for goto
ClosedPublic