This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
clang-tools-extra/
-
clang-tidy/bugprone/
-
bugprone/
6/7
UseAfterMoveCheck.cpp
-
docs/clang-tidy/checks/
-
clang-tidy/
-
checks/
1/1
bugprone-use-after-move.rst
-
test/clang-tidy/checkers/
-
clang-tidy/
-
checkers/
3/3
bugprone-use-after-move.cpp

Differential D98034

[clang-tidy] Use-after-move: Ignore moves inside a try_emplace.
ClosedPublic

Authored by mboehme on Mar 5 2021, 4:28 AM.

Download Raw Diff

Details

Reviewers

sammccall
njames93

Commits

rGe67d91faec21: [clang-tidy] Use-after-move: Ignore moves inside a try_emplace.

Summary

We have no way to reason about the bool returned by try_emplace, so we
simply ignore any std::move()s that happen in a try_emplace argument.
A lot of the time in this situation, the code will be checking the
bool and doing something else if it turns out the value wasn't moved
into the map, and this has been causing false positives so far.

I don't currently have any intentions of handling "maybe move" functions
more generally.

Diff Detail

Event Timeline

mboehme created this revision.Mar 5 2021, 4:28 AM

Herald added a subscriber: xazax.hun. · View Herald TranscriptMar 5 2021, 4:28 AM

mboehme requested review of this revision.Mar 5 2021, 4:28 AM

Herald added a project: Restricted Project. · View Herald TranscriptMar 5 2021, 4:28 AM

Herald added a subscriber: cfe-commits. · View Herald Transcript

Nice! Only substantive suggestion: I think requiring the base type to be exactly a standard map type is too conservative.

clang-tools-extra/clang-tidy/bugprone/UseAfterMoveCheck.cpp
396	I'd suggest dropping this condition. Custom containers often emulate the standard library (e.g. llvm::DenseMap implements try_emplace, as do the absl maps and I found several other examples). It seems very unlikely to encounter a try_emplace function without these semantics. (The only case I can imagine is if for some reason they didn't bother to implement the bool return value, so there was no way to know whether emplacement happened. False negative there doesn't seem bad).
406	Maybe explain why try_emplace is special? try_emplace is a common maybe-moving function that returns a bool that tells callers whether it moved. Ignore std::move inside try_emplace to avoid false positives, as we don't track uses of the bool.
409	i'm trying to think if there's an important case where the call isn't the immediate parent of the move and yet we're still maybe-moving... but I can't think of one. (Just mentioning in case one occurs to you)
clang-tools-extra/docs/clang-tidy/checks/bugprone-use-after-move.rst
173	s/ignored/conservatively assumed not to move/? (It wasn't obvious to me when reading how "ignored" in the implementation translates to the domain)
clang-tools-extra/test/clang-tidy/checkers/bugprone-use-after-move.cpp
510	calling this function exactly try_emplace seems gratuitiously confusing - since the condition we're changing here is "calls inside a function named try_emplace", just with a different definition of "inside"...
831	hahaha :-)

This revision is now accepted and ready to land.Mar 5 2021, 4:44 AM

Responses to review comments.

mboehme marked 5 inline comments as done.Mar 5 2021, 5:52 AM

mboehme added inline comments.

clang-tools-extra/clang-tidy/bugprone/UseAfterMoveCheck.cpp
396	Thanks -- I wasn't sure myself whether I should be so restrictive, and you make some very convincing points. Done!
406	I've stolen your wording -- thanks!
409	Yeah, I thought about that myself but couldn't come up with anything.
clang-tools-extra/test/clang-tidy/checkers/bugprone-use-after-move.cpp
831	Yeah, I was being a bit sloppy with my definition of what a map is...

While try_emplace is a special case, it's may not be the only special case in someone's codebase, this should be extended with options to let users handle their special containers.

clang-tools-extra/clang-tidy/bugprone/UseAfterMoveCheck.cpp
410	Going with a custom list of bad names I'd suggest matching on function decls instead of method decls.

This revision now requires changes to proceed.Mar 5 2021, 6:04 AM

njames93 added a comment.Mar 5 2021, 6:05 AM

This comment was removed by njames93.

This revision was not accepted when it landed; it landed in state Needs Revision.Mar 5 2021, 6:06 AM

This revision was landed with ongoing or failed builds.

Closed by commit rGe67d91faec21: [clang-tidy] Use-after-move: Ignore moves inside a try_emplace. (authored by mboehme). · Explain Why

This revision was automatically updated to reflect the committed changes.

mboehme marked 3 inline comments as done.

mboehme added a commit: rGe67d91faec21: [clang-tidy] Use-after-move: Ignore moves inside a try_emplace..

In D98034#2606488, @njames93 wrote:

While try_emplace is a special case, it's may not be the only special case in someone's codebase, this should be extended with options to let users handle their special containers.

Sorry, I didn't see your comment before submitting.

I agree that there may be other cases of "maybe move" functions, but try_emplace seems to be the most common case. Handling "maybe move" functions more general would require some way of annotating them; I felt it was useful to get the try_emplace case handled first.

In D98034#2606535, @mboehme wrote:

In D98034#2606488, @njames93 wrote:

While try_emplace is a special case, it's may not be the only special case in someone's codebase, this should be extended with options to let users handle their special containers.

Sorry, I didn't see your comment before submitting.

I agree that there may be other cases of "maybe move" functions, but try_emplace seems to be the most common case. Handling "maybe move" functions more general would require some way of annotating them; I felt it was useful to get the try_emplace case handled first.

The canonical way of doing this in clang-tidy is to add an option to the check which takes a semi-colon delimited list.
clang::tidy::utils::options::parseStringList can then turn that into a vector of string.
Annoyingly the hasAnyName matcher needs a vector of StringRef's so most checks do something like this

hasAnyName(SmallVector<StringRef, 4>(
      StringLikeClasses.begin(), StringLikeClasses.end())

As you are reading options, you will need to override the storeOptions method in the check to then store the value read from config, serializeStringList is your friend here.
The documentation will also need updating to describe the option and what it does.

Harbormaster completed remote builds in B92280: Diff 328474.Mar 5 2021, 9:49 PM

Harbormaster completed remote builds in B92295: Diff 328491.Mar 5 2021, 11:10 PM

First of all, sorry for submitting this change prematurely. I don't contribute to LLVM/Clang regularly and forgot that reviews should be kept open for a while after a reviewer has approved them to give others a chance to chime in. I jumped the gun here -- apologies.

In D98034#2606642, @njames93 wrote:
In D98034#2606535, @mboehme wrote:

In D98034#2606488, @njames93 wrote:

While try_emplace is a special case, it's may not be the only special case in someone's codebase, this should be extended with options to let users handle their special containers.

Sorry, I didn't see your comment before submitting.

I agree that there may be other cases of "maybe move" functions, but try_emplace seems to be the most common case. Handling "maybe move" functions more general would require some way of annotating them; I felt it was useful to get the try_emplace case handled first.

The canonical way of doing this in clang-tidy is to add an option to the check which takes a semi-colon delimited list.
clang::tidy::utils::options::parseStringList can then turn that into a vector of string.
Annoyingly the hasAnyName matcher needs a vector of StringRef's so most checks do something like this
hasAnyName(SmallVector<StringRef, 4>(
      StringLikeClasses.begin(), StringLikeClasses.end())
As you are reading options, you will need to override the storeOptions method in the check to then store the value read from config, serializeStringList is your friend here.
The documentation will also need updating to describe the option and what it does.

I think I shouldn't just use a functionDecl(hasAnyName()) matcher with a string list; here's why.

In the case of try_emplace, it makes sense to match on any method (or even a free function) with that name. I was originally restricting myself to only the standard map types, but as @sammccall pointed out to me, someone using this pretty unique name in their own code is very likely to be using the same semantics as the standard map types.

This may not be true for all methods that a user might want to specify though. Say a user has

class MyClass {
public:
  bool Insert(OtherClass &&);
};

where, as for try_emplace, the boolean return value says whether the insertion actually happened.

We wouldn't simply want to ignore std::move arguments on any method called Insert. It's likely that there are other methods called Insert in the codebase that take an rvalue reference and move from it unconditionally, and we want the check to look at those.

So we'd want the user to be able to specify the qualified name MyClass::Insert as the function to ignore. This makes the matcher a bit more interesting as we'd need to work out when seeing a string like this whether MyClass is a class name or a namespace name. Or we might simply do something like

anyOf(
    // maybe `MyClass` is a namespace...
    functionDecl(hasName("MyClass::Insert")),
    // ...or maybe it's a class
    cxxMethodDecl(ofClass(hasName("MyClass")), hasName("Insert"))
)

I assume there isn't an existing matcher that does this -- or are you aware of one?

Revision Contents

Path

Size

clang-tools-extra/

clang-tidy/

bugprone/

UseAfterMoveCheck.cpp

12 lines

docs/

clang-tidy/

checks/

bugprone-use-after-move.rst

4 lines

test/

clang-tidy/

checkers/

bugprone-use-after-move.cpp

60 lines

Diff 328474

clang-tools-extra/clang-tidy/bugprone/UseAfterMoveCheck.cpp

Show First 20 Lines • Show All 387 Lines • ▼ Show 20 Lines	static void emitDiagnostic(const Expr MovingCall, const DeclRefExpr MoveArg,
} else if (UseLoc < MoveLoc \|\| Use.DeclRef == MoveArg) {		} else if (UseLoc < MoveLoc \|\| Use.DeclRef == MoveArg) {
Check->diag(UseLoc,		Check->diag(UseLoc,
"the use happens in a later loop iteration than the move",		"the use happens in a later loop iteration than the move",
DiagnosticIDs::Note);		DiagnosticIDs::Note);
}		}
}		}

void UseAfterMoveCheck::registerMatchers(MatchFinder *Finder) {		void UseAfterMoveCheck::registerMatchers(MatchFinder *Finder) {
		auto StandardMapMatcher =
		sammccallUnsubmitted Done Reply Inline Actions I'd suggest dropping this condition. Custom containers often emulate the standard library (e.g. llvm::DenseMap implements try_emplace, as do the absl maps and I found several other examples). It seems very unlikely to encounter a try_emplace function without these semantics. (The only case I can imagine is if for some reason they didn't bother to implement the bool return value, so there was no way to know whether emplacement happened. False negative there doesn't seem bad). sammccall: I'd suggest dropping this condition. Custom containers often emulate the standard library (e.g.
		mboehmeAuthorUnsubmitted Done Reply Inline Actions Thanks -- I wasn't sure myself whether I should be so restrictive, and you make some very convincing points. Done! mboehme: Thanks -- I wasn't sure myself whether I should be so restrictive, and you make some very…
		hasType(hasUnqualifiedDesugaredType(recordType(hasDeclaration(
		cxxRecordDecl(hasAnyName("::std::map", "::std::unordered_map"))))));

auto CallMoveMatcher =		auto CallMoveMatcher =
callExpr(callee(functionDecl(hasName("::std::move"))), argumentCountIs(1),		callExpr(callee(functionDecl(hasName("::std::move"))), argumentCountIs(1),
hasArgument(0, declRefExpr().bind("arg")),		hasArgument(0, declRefExpr().bind("arg")),
anyOf(hasAncestor(lambdaExpr().bind("containing-lambda")),		anyOf(hasAncestor(lambdaExpr().bind("containing-lambda")),
hasAncestor(functionDecl().bind("containing-func"))),		hasAncestor(functionDecl().bind("containing-func"))),
unless(inDecltypeOrTemplateArg()))		unless(inDecltypeOrTemplateArg()),
		// Ignore std::move()s inside a try_emplace() call to avoid false
		sammccallUnsubmitted Done Reply Inline Actions Maybe explain why try_emplace is special? try_emplace is a common maybe-moving function that returns a bool that tells callers whether it moved. Ignore std::move inside try_emplace to avoid false positives, as we don't track uses of the bool. sammccall: Maybe explain why try_emplace is special? try_emplace is a common maybe-moving function that…
		mboehmeAuthorUnsubmitted Done Reply Inline Actions I've stolen your wording -- thanks! mboehme: I've stolen your wording -- thanks!
		// positives as we can't reason about the bool returned by
		// try_emplace.
		unless(hasParent(cxxMemberCallExpr(
		sammccallUnsubmitted Done Reply Inline Actions i'm trying to think if there's an important case where the call isn't the immediate parent of the move and yet we're still maybe-moving... but I can't think of one. (Just mentioning in case one occurs to you) sammccall: i'm trying to think if there's an important case where the call isn't the immediate parent of…
		mboehmeAuthorUnsubmitted Done Reply Inline Actions Yeah, I thought about that myself but couldn't come up with anything. mboehme: Yeah, I thought about that myself but couldn't come up with anything.
		on(expr(declRefExpr(), StandardMapMatcher)),
		njames93Unsubmitted Not Done Reply Inline Actions Going with a custom list of bad names I'd suggest matching on function decls instead of method decls. njames93: Going with a custom list of bad names I'd suggest matching on function decls instead of method…
		callee(cxxMethodDecl(hasName("try_emplace")))))))
.bind("call-move");		.bind("call-move");

Finder->addMatcher(		Finder->addMatcher(
traverse(		traverse(
TK_AsIs,		TK_AsIs,
// To find the Stmt that we assume performs the actual move, we look		// To find the Stmt that we assume performs the actual move, we look
// for the direct ancestor of the std::move() that isn't one of the		// for the direct ancestor of the std::move() that isn't one of the
// node types ignored by ignoringParenImpCasts().		// node types ignored by ignoringParenImpCasts().
▲ Show 20 Lines • Show All 48 Lines • Show Last 20 Lines

clang-tools-extra/docs/clang-tidy/checks/bugprone-use-after-move.rst

Show First 20 Lines • Show All 163 Lines • ▼ Show 20 Lines	void f(std::string &&str) {
}		}
}		}
std::string str = "";		std::string str = "";
f(std::move(str));		f(std::move(str));

The check will assume that the last line causes a move, even though, in this		The check will assume that the last line causes a move, even though, in this
particular case, it does not. Again, this is intentional.		particular case, it does not. Again, this is intentional.

		There is one special case: A call to ``std::move`` inside a ``try_emplace`` call
		on a standard map type is ignored. This is to avoid spurious warnings, as the
		sammccallUnsubmitted Done Reply Inline Actions s/ignored/conservatively assumed not to move/? (It wasn't obvious to me when reading how "ignored" in the implementation translates to the domain) sammccall: s/ignored/conservatively assumed not to move/? (It wasn't obvious to me when reading how…
		check has no way to reason about the ``bool`` returned by ``try_emplace``.

When analyzing the order in which moves, uses and reinitializations happen (see		When analyzing the order in which moves, uses and reinitializations happen (see
section `Unsequenced moves, uses, and reinitializations`_), the move is assumed		section `Unsequenced moves, uses, and reinitializations`_), the move is assumed
to occur in whichever function the result of the ``std::move`` is passed to.		to occur in whichever function the result of the ``std::move`` is passed to.

Use		Use
---		---

Any occurrence of the moved variable that is not a reinitialization (see below)		Any occurrence of the moved variable that is not a reinitialization (see below)
▲ Show 20 Lines • Show All 57 Lines • Show Last 20 Lines

clang-tools-extra/test/clang-tidy/checkers/bugprone-use-after-move.cpp

Show All 26 Lines
};		};

template <typename T>		template <typename T>
struct weak_ptr {		struct weak_ptr {
weak_ptr();		weak_ptr();
bool expired() const;		bool expired() const;
};		};

		template <typename T1, typename T2>
		struct pair {};

		template <typename Key, typename T>
		struct map {
		struct iterator {};

		map();
		void clear();
		bool empty();
		template <class... Args>
		pair<iterator, bool> try_emplace(const Key &key, Args &&...args);
		};

		template <typename Key, typename T>
		struct unordered_map {
		struct iterator {};

		unordered_map();
		void clear();
		bool empty();
		template <class... Args>
		pair<iterator, bool> try_emplace(const Key &key, Args &&...args);
		};

#define DECLARE_STANDARD_CONTAINER(name) \		#define DECLARE_STANDARD_CONTAINER(name) \
template <typename T> \		template <typename T> \
struct name { \		struct name { \
name(); \		name(); \
void clear(); \		void clear(); \
bool empty(); \		bool empty(); \
}		}

#define DECLARE_STANDARD_CONTAINER_WITH_ASSIGN(name) \		#define DECLARE_STANDARD_CONTAINER_WITH_ASSIGN(name) \
template <typename T> \		template <typename T> \
struct name { \		struct name { \
name(); \		name(); \
void clear(); \		void clear(); \
bool empty(); \		bool empty(); \
void assign(size_t, const T &); \		void assign(size_t, const T &); \
}		}

DECLARE_STANDARD_CONTAINER_WITH_ASSIGN(basic_string);		DECLARE_STANDARD_CONTAINER_WITH_ASSIGN(basic_string);
DECLARE_STANDARD_CONTAINER_WITH_ASSIGN(vector);		DECLARE_STANDARD_CONTAINER_WITH_ASSIGN(vector);
DECLARE_STANDARD_CONTAINER_WITH_ASSIGN(deque);		DECLARE_STANDARD_CONTAINER_WITH_ASSIGN(deque);
DECLARE_STANDARD_CONTAINER_WITH_ASSIGN(forward_list);		DECLARE_STANDARD_CONTAINER_WITH_ASSIGN(forward_list);
DECLARE_STANDARD_CONTAINER_WITH_ASSIGN(list);		DECLARE_STANDARD_CONTAINER_WITH_ASSIGN(list);
DECLARE_STANDARD_CONTAINER(set);		DECLARE_STANDARD_CONTAINER(set);
DECLARE_STANDARD_CONTAINER(map);
DECLARE_STANDARD_CONTAINER(multiset);		DECLARE_STANDARD_CONTAINER(multiset);
DECLARE_STANDARD_CONTAINER(multimap);		DECLARE_STANDARD_CONTAINER(multimap);
DECLARE_STANDARD_CONTAINER(unordered_set);		DECLARE_STANDARD_CONTAINER(unordered_set);
DECLARE_STANDARD_CONTAINER(unordered_map);
DECLARE_STANDARD_CONTAINER(unordered_multiset);		DECLARE_STANDARD_CONTAINER(unordered_multiset);
DECLARE_STANDARD_CONTAINER(unordered_multimap);		DECLARE_STANDARD_CONTAINER(unordered_multimap);

typedef basic_string<char> string;		typedef basic_string<char> string;

template <typename>		template <typename>
struct remove_reference;		struct remove_reference;

▲ Show 20 Lines • Show All 407 Lines • ▼ Show 20 Lines	void f() {
std::move(a);		std::move(a);
a.foo();		a.foo();

std::move(static_a);		std::move(static_a);
static_a.foo();		static_a.foo();
}		}
};		};

		// Ignore moves that happen in a try_emplace.
		void try_emplace() {
		sammccallUnsubmitted Done Reply Inline Actions calling this function exactly try_emplace seems gratuitiously confusing - since the condition we're changing here is "calls inside a function named try_emplace", just with a different definition of "inside"... sammccall: calling this function exactly try_emplace seems gratuitiously confusing - since the condition…
		{
		std::map<int, A> amap;
		A a;
		amap.try_emplace(1, std::move(a));
		a.foo();
		}
		{
		std::unordered_map<int, A> amap;
		A a;
		amap.try_emplace(1, std::move(a));
		a.foo();
		}
		{
		// Don't make any assumptions about methods called try_emplace that don't
		// belong to a standard container.
		struct map {
		void try_emplace(int, A &&);
		};
		map mymap;
		A a;
		mymap.try_emplace(1, std::move(a));
		a.foo();
		// CHECK-NOTES: [[@LINE-1]]:5: warning: 'a' used after it was moved
		// CHECK-NOTES: [[@LINE-3]]:11: note: move occurred here
		}
		}

////////////////////////////////////////////////////////////////////////////////		////////////////////////////////////////////////////////////////////////////////
// Tests involving control flow.		// Tests involving control flow.

void useAndMoveInLoop() {		void useAndMoveInLoop() {
// Warn about use-after-moves if they happen in a later loop iteration than		// Warn about use-after-moves if they happen in a later loop iteration than
// the std::move().		// the std::move().
{		{
A a;		A a;
▲ Show 20 Lines • Show All 277 Lines • ▼ Show 20 Lines	void standardContainerClearIsReinit() {
}		}
{		{
std::set<int> container;		std::set<int> container;
std::move(container);		std::move(container);
container.clear();		container.clear();
container.empty();		container.empty();
}		}
{		{
std::map<int> container;		std::map<int, int> container;
		sammccallUnsubmitted Done Reply Inline Actions hahaha :-) sammccall: hahaha :-)
		mboehmeAuthorUnsubmitted Done Reply Inline Actions Yeah, I was being a bit sloppy with my definition of what a map is... mboehme: Yeah, I was being a bit sloppy with my definition of what a map is...
std::move(container);		std::move(container);
container.clear();		container.clear();
container.empty();		container.empty();
}		}
{		{
std::multiset<int> container;		std::multiset<int> container;
std::move(container);		std::move(container);
container.clear();		container.clear();
container.empty();		container.empty();
}		}
{		{
std::multimap<int> container;		std::multimap<int> container;
std::move(container);		std::move(container);
container.clear();		container.clear();
container.empty();		container.empty();
}		}
{		{
std::unordered_set<int> container;		std::unordered_set<int> container;
std::move(container);		std::move(container);
container.clear();		container.clear();
container.empty();		container.empty();
}		}
{		{
std::unordered_map<int> container;		std::unordered_map<int, int> container;
std::move(container);		std::move(container);
container.clear();		container.clear();
container.empty();		container.empty();
}		}
{		{
std::unordered_multiset<int> container;		std::unordered_multiset<int> container;
std::move(container);		std::move(container);
container.clear();		container.clear();
▲ Show 20 Lines • Show All 490 Lines • Show Last 20 Lines

This is an archive of the discontinued LLVM Phabricator instance.

[clang-tidy] Use-after-move: Ignore moves inside a try_emplace.ClosedPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 328474

clang-tools-extra/clang-tidy/bugprone/UseAfterMoveCheck.cpp

clang-tools-extra/docs/clang-tidy/checks/bugprone-use-after-move.rst

clang-tools-extra/test/clang-tidy/checkers/bugprone-use-after-move.cpp

[clang-tidy] Use-after-move: Ignore moves inside a try_emplace.
ClosedPublic