Summary:
This check flags all array subscriptions on static arrays and
std::arrays that either have a non-compile-time-constant index or are
out of bounds.
Dynamic accesses into arrays are difficult for both tools and humans to
validate as safe. array_view is a bounds-checked, safe type for
accessing arrays of data. at() is another alternative that ensures
single accesses are bounds-checked. If iterators are needed to access an
array, use the iterators from an array_view constructed over the array.
This rule is part of the "Bounds safety" profile of the C++ Core
Guidelines, see
https://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#-bounds2-only-index-into-arrays-using-constant-expressions
Reviewers: alexfh, sbenza, bkramer, aaron.ballman
Subscribers: cfe-commits
Differential Revision: http://reviews.llvm.org/D13746
llvm-svn: 253401
Summary:
This check flags all use of c-style casts that perform a static_cast
downcast, const_cast, or reinterpret_cast.
Use of these casts can violate type safety and cause the program to
access a
variable that is actually of type X to be accessed as if it were of an
unrelated type Z. Note that a C-style (T)expression cast means to
perform
the first of the following that is possible: a const_cast, a
static_cast, a
static_cast followed by a const_cast, a reinterpret_cast, or a
reinterpret_cast followed by a const_cast. This rule bans (T)expression
only when used to perform an unsafe cast.
This rule is part of the "Type safety" profile of the C++ Core
Guidelines, see
https://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#-type4-dont-use-c-style-texpression-casts-that-would-perform-a-static_cast-downcast-const_cast-or-reinterpret_cast.
Reviewers: alexfh, sbenza, bkramer, aaron.ballman
Subscribers: cfe-commits
Differential Revision: http://reviews.llvm.org/D14096
llvm-svn: 252425
Summary:
This is another check that I ported to clang-tidy from colobot-lint tool.
As previously discussed on cfe-dev mailing list, this is one of those
checks that I think is general and useful enough for contribution to
clang-tidy.
This patch contains implementation of check taken from colobot-lint, but
it is extended a great deal, including FixIt hints for automated
refactoring, exhaustive testcases, and user documentation.
Reviewers: sbenza, aaron.ballman, alexfh
Subscribers: Eugene.Zelenko
Differential Revision: http://reviews.llvm.org/D13635
llvm-svn: 251235
Summary:
This check flags all calls to c-style vararg functions and all use
of va_list, va_start and va_arg.
Passing to varargs assumes the correct type will be read. This is
fragile because it cannot generally be enforced to be safe in the
language and so relies on programmer discipline to get it right.
This rule is part of the "Type safety" profile of the C++ Core
Guidelines, see
https://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#-type8-avoid-reading-from-varargs-or-passing-vararg-arguments-prefer-variadic-template-parameters-instead
This commits also reverts
"[clang-tidy] add cert's VariadicFunctionDefCheck as cppcoreguidelines-pro-type-vararg-def"
because that check makes the SFINAE use of vararg functions impossible.
Reviewers: alexfh, sbenza, bkramer, aaron.ballman
Subscribers: cfe-commits
Differential Revision: http://reviews.llvm.org/D13787
llvm-svn: 250939
Summary:
Add a check that replaces empty bodies of special member functions with '= default;'.
For now, it is only implemented for the default constructor and the destructor, which are the easier cases.
The copy-constructor and the copy-assignment operator cases will be implemented later.
I applied this check to the llvm code base and found 627 warnings (385 in llvm, 9 in compiler-rt, 220 in clang and 13 in clang-tools-extra).
Applying the fixes didn't break any build or test, it only caused a -Wpedantic warning in lib/Target/Mips/MipsOptionRecord.h:33 becaused it replaced
virtual ~MipsOptionRecord(){}; to virtual ~MipsOptionRecord()= default;;
Reviewers: klimek
Subscribers: george.burgess.iv, Eugene.Zelenko, alexfh, cfe-commits
Differential Revision: http://reviews.llvm.org/D13871
llvm-svn: 250897
Summary:
This check flags all access to members of unions. Passing unions as a
whole is not flagged.
Reading from a union member assumes that member was the last one
written, and writing to a union member assumes another member with a
nontrivial destructor had its destructor called. This is fragile because
it cannot generally be enforced to be safe in the language and so relies
on programmer discipline to get it right.
This rule is part of the "Type safety" profile of the C++ Core
Guidelines, see
https://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#-type7-avoid-accessing-members-of-raw-unions-prefer-variant-instead
Reviewers: alexfh, sbenza, bkramer, aaron.ballman
Subscribers: cfe-commits
Differential Revision: http://reviews.llvm.org/D13784
llvm-svn: 250537
Summary:
This check flags all usage of pointer arithmetic, because it could lead
to an
invalid pointer.
Subtraction of two pointers is not flagged by this check.
Pointers should only refer to single objects, and pointer arithmetic is
fragile and easy to get wrong. array_view is a bounds-checked, safe type
for accessing arrays of data.
This rule is part of the "Bounds safety" profile of the C++ Core
Guidelines, see
https://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#-bounds1-dont-use-pointer-arithmetic-use-array_view-instead
Depends on D13313
Subscribers: cfe-commits
Differential Revision: http://reviews.llvm.org/D13311
llvm-svn: 250116
Summary:
This check flags all usages of static_cast, where a base class is casted
to a derived class.
In those cases, a fixit is provided to convert the cast to a
dynamic_cast.
Use of these casts can violate type safety and cause the program to
access a variable that is actually of type X to be accessed as if it
were of an unrelated type Z.
This rule is part of the "Type safety" profile of the C++ Core
Guidelines, see
https://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#-type2-dont-use-static_cast-downcasts-use-dynamic_cast-instead
Depends on D13313
Reviewers: alexfh, sbenza, bkramer, aaron.ballman
Subscribers: cfe-commits
Differential Revision: http://reviews.llvm.org/D13368
llvm-svn: 250098
Summary: Replace references to "transform" with references to "check" where neccessary in the documentation.
Reviewers: alexfh
Subscribers: cfe-commits, klimek
Differential Revision: http://reviews.llvm.org/D13006
llvm-svn: 248153
containers.
Summary:
sizeof(some_std_string) is likely to be an error. This check finds this
pattern and suggests using .size() instead.
Reviewers: djasper, klimek, aaron.ballman
Subscribers: aaron.ballman, cfe-commits
Differential Revision: http://reviews.llvm.org/D12759
llvm-svn: 247297
This is first of series of patches, porting code from my project colobot-lint,
as I mentioned recently in cfe-dev mailing list.
This patch adds a new check in readability module:
readability-inconsistent-declaration-parameter-name. I also added appropriate
testcases and documentation.
I chose readability module, as it seems it is the best place for it.
I think I followed the rules of LLVM coding guideline, but I may have missed
something, as I usually use other code formatting style.
http://reviews.llvm.org/D12462
Patch by Piotr Dziwinski!
llvm-svn: 247261
Summary:
Add a deprecation notice to the clang-modernize documentation. Remove
the reference to the external JIRA tracker.
Reviewers: revane, klimek
Subscribers: cfe-commits
Differential Revision: http://reviews.llvm.org/D12732
llvm-svn: 247258
The doc files for checks have been generated from the corresponding header files
using the docs/clang-tidy/tools/dump_check_docs.py script. Committing the script
as well, but the intention is to move all the user-facing docs from header files
to the rST files and add links to .h files appropriately.
llvm-svn: 246173
to determine files that have comnpilation or dependency problems.
A new -display-file-lists option use this to display lists of good files
(no compile errors), problem files, and a combined list with
problem files preceded by a '#'. The problem files list can be
used in the module map generation assistant mode to exclude
problem files. The combined files list can be used during module
map development. See added docs.
llvm-svn: 241880