[clang-tools-extra] Enforce SL.con.3: Add check to replace operator[] with at() [Cont.] (PR #95220)
Paul Heidekrüger via cfe-commits
cfe-commits at lists.llvm.org
Fri Feb 14 02:29:35 PST 2025
================
@@ -0,0 +1,227 @@
+// RUN: %check_clang_tidy -std=c++2b -check-suffix=DEFAULT %s \
+// RUN: cppcoreguidelines-pro-bounds-avoid-unchecked-container-accesses %t -- \
+// RUN: -config='{CheckOptions: {cppcoreguidelines-pro-bounds-avoid-unchecked-container-accesses.ExcludeClasses: "::ExcludedClass1;::ExcludedClass2"}}'
+
+// RUN: %check_clang_tidy -std=c++2b -check-suffix=AT %s \
+// RUN: cppcoreguidelines-pro-bounds-avoid-unchecked-container-accesses %t -- \
+// RUN: -config='{CheckOptions: {cppcoreguidelines-pro-bounds-avoid-unchecked-container-accesses.ExcludeClasses: "::ExcludedClass1;::ExcludedClass2", \
+// RUN: cppcoreguidelines-pro-bounds-avoid-unchecked-container-accesses.SubscriptFixMode: at}}'
+
+// RUN: %check_clang_tidy -std=c++2b -check-suffix=FUNC %s \
+// RUN: cppcoreguidelines-pro-bounds-avoid-unchecked-container-accesses %t -- \
+// RUN: -config='{CheckOptions: {cppcoreguidelines-pro-bounds-avoid-unchecked-container-accesses.ExcludeClasses: "::ExcludedClass1;::ExcludedClass2", \
+// RUN: cppcoreguidelines-pro-bounds-avoid-unchecked-container-accesses.SubscriptFixMode: function, \
+// RUN: cppcoreguidelines-pro-bounds-avoid-unchecked-container-accesses.SubscriptFixFunction: "f"}}'
+
+namespace std {
+ template<typename T, unsigned size>
+ struct array {
+ T operator[](unsigned i) {
+ return T{1};
+ }
+ T operator[]() {
+ return T{1};
+ }
+ T at(unsigned i) {
+ return T{1};
+ }
+ T at() {
+ return T{1};
+ }
+ };
+
+ template<typename T, typename V>
+ struct map {
+ T operator[](unsigned i) {
+ return T{1};
+ }
+ T at(unsigned i) {
+ return T{1};
+ }
+ };
+
+ template<typename T>
+ struct unique_ptr {
+ T operator[](unsigned i) {
+ return T{1};
+ }
+ };
+
+ template<typename T>
+ struct span {
+ T operator[](unsigned i) {
+ return T{1};
+ }
+ };
+} // namespace std
+
+namespace json {
+ template<typename T>
+ struct node{
+ T operator[](unsigned i) {
+ return T{1};
+ }
+ };
+} // namespace json
+
+struct SubClass : std::array<int, 3> {};
+
+class ExcludedClass1 {
+ public:
+ int operator[](unsigned i) {
+ return 1;
+ }
+ int at(unsigned i) {
+ return 1;
+ }
+};
+
+class ExcludedClass2 {
+ public:
+ int operator[](unsigned i) {
+ return 1;
+ }
+ int at(unsigned i) {
+ return 1;
+ }
+};
+
+template<class T> int f(T, unsigned){ return 0;}
+template<class T> int f(T){ return 0;}
+
+std::array<int, 3> a;
+
+auto b = a[0];
+// CHECK-MESSAGES-DEFAULT: :[[@LINE-1]]:11: warning: possibly unsafe 'operator[]', consider bound-safe alternatives [cppcoreguidelines-pro-bounds-avoid-unchecked-container-accesses]
+// CHECK-FIXES-AT: auto b = a.at(0);
+// CHECK-FIXES-FUNC: auto b = f(a, 0);
+
+auto b23 = a[];
----------------
paulhdk wrote:
https://github.com/llvm/llvm-project/blob/a7be15062a853218f5b577d0c4973d96b66682ee/clang-tools-extra/test/clang-tidy/checkers/cppcoreguidelines/pro-bounds-avoid-unchecked-container-accesses.cpp#L16-L31
We overload `std::array`'s subscript operator in line 22 s.t. that it can be called without an index. This should be legal as of C++23. See [p2128r5](https://www.open-std.org/jtc1/sc22/wg21/docs/papers/2021/p2128r5.pdf). Also, clang-tidy is giving me the respective warning here: https://github.com/llvm/llvm-project/blob/a7be15062a853218f5b577d0c4973d96b66682ee/clang/test/Parser/cxx2b-subscript.cpp?plain=1#L13-L15
What do you think?
https://github.com/llvm/llvm-project/pull/95220
More information about the cfe-commits
mailing list