有没有 C++ 的工具哪个将检查常见的未指定行为?

发布于 2024-10-04 19:38:30 字数 201 浏览 7 评论 0原文

人们通常会对正在编码的特定平台做出假设,例如有符号整数使用二进制补码存储,或者 (0xFFFFFFFF == -1) 或类似性质的东西。

是否存在一种工具可以检查代码库中最常见的违规行为(对于我们这些想要可移植代码但没有奇怪的非补码机器的人来说)?

(我上面的示例特定于有符号整数,但我也对其他错误(例如对齐或字节顺序)感兴趣)

Often one makes assumptions about a particular platform one is coding on, for example that signed integers use two's complement storage, or that (0xFFFFFFFF == -1), or things of that nature.

Does a tool exist which can check a codebase for the most common violations of these kinds of things (for those of us who want portable code but don't have strange non-two's-complement machines)?

(My examples above are specific to signed integers, but I'm interested in other errors (such as alignment or byte order) as well)

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

猫弦 2024-10-11 19:38:30

您可能希望打开不同级别的编译器警告,并且可以将警告视为错误。

如果您知道在代码中的各个点做出了其他假设,则可以断言它们。如果您可以使用静态断言来做到这一点,您将在编译时失败。

There are various levels of compiler warnings that you may wish to have switched on, and you can treat warnings as errors.

If there are other assumptions you know you make at various points in the code you can assert them. If you can do that with static asserts you will get failure at compile time.

脸赞 2024-10-11 19:38:30

我知道 CLang 正在非常积极地开发静态分析器(作为库)。

目标是在分析时捕获错误,但是我还不清楚捕获的错误的确切程度。该库称为“Checker”,由 T. Kremenek 负责,您可以在 clang-dev 邮件列表上询问它。

我不认为有任何关于正在执行的检查的参考,而且我认为它对于生产工具来说还不够成熟(考虑到正在发生的变化速度),但它可能值得一看。

I know that CLang is very actively developing a static analyzer (as a library).

The goal is to catch errors at analysis time, however the exact extent of the errors caught is not that clear to me yet. The library is called "Checker" and T. Kremenek is the responsible for it, you can ask about it on clang-dev mailing list.

I don't have the impression that there is any kind of reference about the checks being performed, and I don't think it's mature enough yet for production tool (given the rate of changes going on) but it may be worth a look.

罗罗贝儿 2024-10-11 19:38:30

也许是静态代码分析工具?几年前我用过一个,它报告了这样的错误。它并不完美并且仍然有限,但也许现在的工具更好了?

更新:
也许其中之一:
有哪些开源 C++ 静态分析工具可用?

更新2:
我在您的示例上尝试了 FlexeLint (您可以使用 http 上的 Do-It-Yourself 示例在线尝试://www.gimpel-online.com/OnlineTesting.html)并且它抱怨它,但可能不是您正在寻找的方式:

5    int i = -1;
6    if (i == 0xffffffff)
diy64.cpp  6  Warning 650:  Constant '4294967295' out of range for operator '=='
diy64.cpp  6  Info 737:  Loss of sign in promotion from int to unsigned int
diy64.cpp  6  Info 774:  Boolean within 'if' always evaluates to False [Reference: file diy64.cpp: lines 5, 6]

Maybe a static code analysis tool? I used one a few years ago and it reported errors like this. It was not perfect and still limited but maybe the tools are better now?

update:
Maybe one of these:
What open source C++ static analysis tools are available?

update2:
I tried FlexeLint on your example (you can try it online using the Do-It-Yourself Example on http://www.gimpel-online.com/OnlineTesting.html) and it complains about it but perhaps not in a way you are looking for:

5    int i = -1;
6    if (i == 0xffffffff)
diy64.cpp  6  Warning 650:  Constant '4294967295' out of range for operator '=='
diy64.cpp  6  Info 737:  Loss of sign in promotion from int to unsigned int
diy64.cpp  6  Info 774:  Boolean within 'if' always evaluates to False [Reference: file diy64.cpp: lines 5, 6]
落在眉间の轻吻 2024-10-11 19:38:30

非常有趣的问题。我认为编写一个工具来有效地标记这些将是一个相当大的挑战,因为很大程度上取决于程序员的意图/假设

例如,很容易识别这样的构造:

x &= -2; // round down to an even number

依赖于二进制补码表示,但是如果掩码是变量而不是常量“-2”怎么办?

是的,您可以更进一步,警告任何使用按位 & 的有符号 int、将负常量分配给无符号 int 以及将有符号 int 分配给unsigned int 等,但我认为这会导致大量误报。

[抱歉,不是真正的答案,但评论太长了]

Very interesting question. I think it would be quite a challenge to write a tool to flag these usefully, because so much depends on the programmer's intent/assumptions

For example, it would be easy to recognize a construct like:

x &= -2; // round down to an even number

as being dependent on twos-complement representation, but what if the mask is a variable instead of a constant "-2"?

Yes, you could take it a step further and warn of any use of a signed int with bitwise &, any assignment of a negative constant to an unsigned int, and any assignment of a signed int to an unsigned int, etc., but I think that would lead to an awful lot of false positives.

[ sorry, not really an answer, but too long for a comment ]

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文