The C++ Core Guidelines

Auckland C++ Meetup 2016-11-08

Toby Allsopp

toby@mi6.gen.nz

Introduction

“Within C++ is a smaller, simpler, safer language struggling to get out.”
—Bjarne Stroustrup

What?

A document: isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines
A collaborative open-source project: https://github.com/isocpp/CppCoreGuidelines

a set of guidelines for using C++ well… to help people to use modern C++ effectively

Who?

The C++ Core Guidelines are a collaborative effort led by Bjarne Stroustrup, much like the C++ language itself.

Editors:
- Bjarne Stroustrup
- Herb Sutter
Contributors: 136

When?

Announced at CppCon 2015 in keynotes by Bjarne Stroustrup and Herb Sutter
Watch the videos:

Where?

GitHub, of course!

Let's take a look...

http://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines

Enforcement

Rules with no enforcement are unmanageable for large code bases.

Each rule has an Enforcement section listing ideas for enforcement. Enforcement might be by code review, by static analysis, by compiler, or by run-time checks.

Profiles

A “profile” is a set of deterministic and portably enforceable subset rules (i.e., restrictions) that are designed to achieve a specific guarantee.

There are three profiles currently defined:

Pro.type: Type safety

Pro.bounds: Bounds safety

Pro.lifetime: Lifetime safety

Tools

The Guidelines are big on "mechanical" enforcement but where are the tools to do this?

Visual Studio

clang-tidy

As of clang-3.9, only a handful of checks implemented:

$ clang-tidy -checks='-*,cppcoreguidelines-*' -list-checks
Enabled checks:
    cppcoreguidelines-c-copy-assignment-signature
    cppcoreguidelines-interfaces-global-init
    cppcoreguidelines-pro-bounds-array-to-pointer-decay
    cppcoreguidelines-pro-bounds-constant-array-index
    cppcoreguidelines-pro-bounds-pointer-arithmetic
    cppcoreguidelines-pro-type-const-cast
    cppcoreguidelines-pro-type-cstyle-cast
    cppcoreguidelines-pro-type-member-init
    cppcoreguidelines-pro-type-reinterpret-cast
    cppcoreguidelines-pro-type-static-cast-downcast
    cppcoreguidelines-pro-type-union-access
    cppcoreguidelines-pro-type-vararg

Using clang-tidy

Requires a compilation database (compile_commands.json)
CMake can create one automatically
- set(CMAKE_EXPORT_COMPILE_COMMANDS ON)

$ clang-tidy -p build/ -checks='cppcoreguidelines-*' *.cpp


int f(int *a, int i) {
  return a[i];
}

int main() {
  int a[] = {1, 2, 3};
  const int *p = a;
  (void) a[f((int*)p, 0)];
}


example-clang.cpp:2:10: warning: do not use pointer arithmetic [cppcoreguidelines-pro-bounds-pointer-arithmetic]
  return a[i];
         ^
example-clang.cpp:7:18: warning: do not implicitly decay an array into a pointer; consider using gsl::array_view or an explicit cast instead [cppcoreguidelines-pro-bounds-array-to-pointer-decay]
  const int *p = a;
                 ^
example-clang.cpp:8:10: warning: do not use array subscript when the index is not an integer constant expression; use gsl::at() instead [cppcoreguidelines-pro-bounds-constant-array-index]
  (void) a[f((int*)p, 0)];
         ^
example-clang.cpp:8:14: warning: do not use C-style cast to cast away constness [cppcoreguidelines-pro-type-cstyle-cast]
  (void) a[f((int*)p, 0)];
             ^

Visual Studio

Requires at least Visual Studio 2015 Update 1
Just install a NuGet package and turn on Code Analysis
Instructions are at https://msdn.microsoft.com/en-us/library/mt762841.aspx
Not really clear which checks are implemented

So...

Go and read skim the document
Stuff you agree with: adopt
Stuff you don't understand: learn
Stuff you disagree with: reflect
Contribute!