Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

platform.h: fixed clang-analyzer-core.BitwiseShift warnings and adjusted types of *_bit members #7271

Merged
merged 2 commits into from
Feb 5, 2025
Merged

platform.h: fixed clang-analyzer-core.BitwiseShift warnings and adjusted types of *_bit members #7271

merged 2 commits into from
Feb 5, 2025

Conversation

firewave
Copy link
Collaborator

No description provided.

@firewave
Copy link
Collaborator Author

The original CSA warnings:

/home/runner/work/cppcheck/cppcheck/lib/platform.h:50:22: error: Right operand is negative in left shift [clang-analyzer-core.BitwiseShift,-warnings-as-errors]
   50 |         return -(1LL << (bit-1));
      |                      ^
/home/runner/work/cppcheck/cppcheck/lib/platform.cpp:447:29: note: Assuming 'cppstd' is < CPP11
  447 |     return getLimitsDefines(cppstd >= Standards::cppstd_t::CPP11);
      |                             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/runner/work/cppcheck/cppcheck/lib/platform.cpp:447:12: note: Calling 'Platform::getLimitsDefines'
  447 |     return getLimitsDefines(cppstd >= Standards::cppstd_t::CPP11);
      |            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/runner/work/cppcheck/cppcheck/lib/platform.cpp:308:25: note: Calling 'Platform::min_value'
  308 |     s += std::to_string(min_value(char_bit));
      |                         ^~~~~~~~~~~~~~~~~~~
/home/runner/work/cppcheck/cppcheck/lib/platform.h:48:13: note: 'bit' is < 64
   48 |         if (bit >= 64)
      |             ^~~
/home/runner/work/cppcheck/cppcheck/lib/platform.h:48:9: note: Taking false branch
   48 |         if (bit >= 64)
      |         ^
/home/runner/work/cppcheck/cppcheck/lib/platform.h:50:22: note: The result of left shift is undefined because the right operand is negative
   50 |         return -(1LL << (bit-1));
      |                  ~~~~^~~~~~~~~~

/home/runner/work/cppcheck/cppcheck/lib/platform.h:56:21: error: Left shift by '2147483647' overflows the capacity of 'long long' [clang-analyzer-core.BitwiseShift,-warnings-as-errors]
   56 |         return (1LL << (bit-1)) - 1LL;
      |                     ^
/home/runner/work/cppcheck/cppcheck/lib/platform.cpp:447:29: note: Assuming 'cppstd' is < CPP11
  447 |     return getLimitsDefines(cppstd >= Standards::cppstd_t::CPP11);
      |                             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/runner/work/cppcheck/cppcheck/lib/platform.cpp:447:12: note: Calling 'Platform::getLimitsDefines'
  447 |     return getLimitsDefines(cppstd >= Standards::cppstd_t::CPP11);
      |            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/runner/work/cppcheck/cppcheck/lib/platform.cpp:312:25: note: Calling 'Platform::max_value'
  312 |     s += std::to_string(max_value(char_bit+1));
      |                         ^~~~~~~~~~~~~~~~~~~~~
/home/runner/work/cppcheck/cppcheck/lib/platform.h:54:13: note: Assuming 'bit' is < 64
   54 |         if (bit >= 64)
      |             ^~~~~~~~~
/home/runner/work/cppcheck/cppcheck/lib/platform.h:54:9: note: Taking false branch
   54 |         if (bit >= 64)
      |         ^
/home/runner/work/cppcheck/cppcheck/lib/platform.h:56:21: note: The result of left shift is undefined because the right operand '2147483647' is not smaller than 64, the capacity of 'long long'
   56 |         return (1LL << (bit-1)) - 1LL;
      |                 ~~~~^~~~~~~~~~

I filed https://trac.cppcheck.net/ticket/13600 about detecting it ourselves.

The redundant code could be extracted into a helper function. I will take a look at that with fixing the TODO in a follow-up.

firewave
firewave commented Jan 30, 2025
View reviewed changes
lib/cppcheck.cpp
<< " int_bit=\"" << settings.platform.int_bit << '\"'
<< " long_bit=\"" << settings.platform.long_bit << '\"'
<< " long_long_bit=\"" << settings.platform.long_long_bit << '\"'
<< " char_bit=\"" << static_cast<unsigned>(settings.platform.char_bit) << '\"'
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

uint8_t is treated as a character with stream insertion operators. This caused invalid dump files to be written.

First, we should not write these files raw but using TinyXML2.

Second, I wonder if it would make sense to have a check which detects the usage of uint8_t in stream insertion operators. If you want it to a be an actual character you should probably use {unsigned|signed} char or char8_t.

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Second, I wonder if it would make sense to have a check which detects the usage of uint8_t in stream insertion operators. If you want it to a be an actual character you should probably use {unsigned|signed} char or char8_t.

Spontanously that checker sounds reasonable to me.

@danmar
Copy link
Owner

danmar commented Feb 5, 2025
edited
Loading

The original CSA warnings:

If char_bit will always be a positive integer then that clang warning is technically a false positive.

We should ensure that char_bit is not assigned 0 when a platform xml file is loaded. I have the feeling that could have bad effects in other places also.

danmar
danmar approved these changes Feb 5, 2025
View reviewed changes
lib/vf_settokenvalue.cpp
@@ -618,7 +618,7 @@ namespace ValueFlow
bits = settings.platform.long_bit;
}
if (bits > 0 && bits < MathLib::bigint_bits)
v.intvalue &= (((MathLib::biguint)1)<<bits) - 1;
v.intvalue &= (1ULL<<bits) - 1;
Copy link
Owner

@danmar danmar Feb 5, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

after your changes this would not work well the day we switch to 128-bit bigints.. however I guess there are plenty of other code that will not work perfectly that day.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This actually causes a compilation failure when using the 128-bit int. That's how I came across this.

@firewave
Copy link
Collaborator Author

firewave commented Feb 5, 2025

If char_bit will always be a positive integer then that clang warning is technically a false positive.

The type does not guarantee that.

We should ensure that char_bit is not assigned 0 when a platform xml file is loaded. I have the feeling that could have bad effects in other places also.

That's why I added the asserts. That should actually be handled during the loading of the platform. The platform loading might lack most of the error handling - at least it was at some point and I did not check if I added that yet.

@firewave firewave merged commit a9f496c into danmar:main Feb 5, 2025
60 checks passed
@firewave firewave deleted the platform-bit branch February 5, 2025 17:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@danmar danmar danmar approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@firewave @danmar