Fix latent memory error exposed by fixed_hierarchy_test

[knoepfel]

I encountered a bug in the implementation of convert_vector_vector_string when creating a fixed_hierarchy object. I ran the address sanitizer on the test and submitted its output to Claude Sonnet 4.6, which said:

Root Cause: Use-after-move in convert_vector_vector_string
The crash is a SEGV during destruction of a std::vector<layer_path>, caused by a use-after-move bug in fixed_hierarchy.cpp:47–53.

The problematic code (fixed_hierarchy.cpp:43–54):

std::vector<phlex::experimental::layer_path> convert_vector_vector_string(
  std::vector<std::vector<std::string>>&& layer_paths)
{
  using namespace phlex::experimental;
  return std::move(layer_paths) | std::views::transform([](std::vector<std::string>& lp) {
           auto lp_as_ids =
             lp | std::views::transform([](auto& str) { return identifier(std::move(str)); }) |
             std::ranges::to<std::vector>();
           return layer_path(std::move(lp_as_ids));
         }) |
         std::ranges::to<std::vector<layer_path>>();
}

The bug: std::move(layer_paths) passes the vector as an rvalue into std::views::owning_view, but the inner lambda takes std::vector<std::string>& lp — a lvalue reference. The transform_view lazily evaluates elements, so by the time std::ranges::to<std::vector<layer_path>>() materializes the results, the intermediate layer_path objects constructed during iteration share memory that the owning_view has already moved/destroyed.

More precisely: std::ranges::to<std::vector<layer_path>> constructs the result vector by iterating the transform_view. During iteration, each element is constructed by the lambda and then moved into the result vector. However, the layer_path destructor (via std::vector<identifier>) is then called on the temporaries. ASan's 0xbebebebe... pattern in rbx/rdi/rsi (the "poisoned" freed-memory canary) and the segfault inside __asan::Allocator::AtomicallySetQuarantineFlagIfAllocated confirm the memory backing the identifier strings was already freed or poisoned when the destructor ran.

The immediate trigger is the test at fixed_hierarchy_test.cpp:32:

CHECK_THROWS_WITH(fixed_hierarchy{{}}, ContainsSubstring("Layer paths cannot be empty"));

An empty inner vector {} causes layer_path to be constructed from an empty std::vector<identifier>, which immediately throws in validate(). The exception unwinds through std::ranges::to<std::vector<layer_path>> while the partially-constructed vector is being destroyed — at that point the layer_path destructor runs on memory that was moved-from or is otherwise in an invalid state.

Because this is a memory error, it does not necessarily manifest on all platforms/compiler combinations. I encountered it by running on Alma Linux 9 with GCC 15.1; I did not encounter it running on macOS 26.5.1 with Apple clang 21.0.0.

This PR fixes the bug.

• Code

  • Reworked convert_vector_vector_string in phlex/model/fixed_hierarchy.cpp to construct the std::vector<layer_path> with an explicit loop and reserve() instead of a std::ranges transform/to pipeline.
  • Preserved the existing conversion behavior by still moving each inner std::string into identifier(std::move(str)) before building each layer_path.
  • This avoids the latent use-after-move / invalid-state issue that could occur during exception unwinding when an empty inner vector triggers layer_path validation failure.

• Reliability

  • Fixes the crash/memory-safety path exposed by constructing fixed_hierarchy{{}}, where Layer paths cannot be empty is thrown and partially built objects are now destroyed safely.

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: a032bc49-ee75-4757-9f64-6e9928780bf7

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

📝 Walkthrough

Walkthrough

The PR rewrites convert_vector_vector_string to build the output with a reserved loop instead of a chained range transform, while keeping the same identifier conversion and layer_path construction.

Changes

Fixed hierarchy conversion

Layer / File(s)	Summary
Reserved conversion loop phlex/model/fixed_hierarchy.cpp	convert_vector_vector_string reserves output capacity, iterates over layer paths, moves each string into identifier, and appends the converted layer_path values with emplace_back.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately reflects the main change: fixing a latent memory error surfaced by fixed_hierarchy_test.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[greenc-FNAL]

21 fixed, 0 new since branch point (5e6a365)
21 fixed, 0 new since previous report on PR (b3af2f7)

✅ 21 CodeQL alerts resolved since the previous PR commit

• ✅ Warning # 196 actions/untrusted-checkout-toctou/critical at .github/workflows/clang-tidy-fix.yaml:109:9 — Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
• ✅ Warning # 227 actions/untrusted-checkout-toctou/high at .github/workflows/clang-format-fix.yaml:94:9 — Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
  Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
• ✅ Warning # 228 actions/untrusted-checkout-toctou/high at .github/workflows/python-fix.yaml:94:9 — Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
  Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
• ✅ Warning # 229 actions/untrusted-checkout/high at .github/workflows/clang-format-fix.yaml:94:9 — Checkout of untrusted code in a privileged workflow with later potential execution (event trigger: issue_comment).
  Checkout of untrusted code in a privileged workflow with later potential execution (event trigger: issue_comment).
• ✅ Warning # 230 actions/untrusted-checkout/high at .github/workflows/python-fix.yaml:94:9 — Checkout of untrusted code in a privileged workflow with later potential execution (event trigger: issue_comment).
  Checkout of untrusted code in a privileged workflow with later potential execution (event trigger: issue_comment).
• ✅ Warning # 231 actions/untrusted-checkout-toctou/high at .github/workflows/cmake-format-fix.yaml:94:9 — Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
  Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
• ✅ Warning # 232 actions/untrusted-checkout-toctou/high at .github/workflows/jsonnet-format-fix.yaml:95:9 — Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
  Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
• ✅ Warning # 233 actions/untrusted-checkout/high at .github/workflows/cmake-format-fix.yaml:94:9 — Checkout of untrusted code in a privileged workflow with later potential execution (event trigger: issue_comment).
  Checkout of untrusted code in a privileged workflow with later potential execution (event trigger: issue_comment).
• ✅ Warning # 234 actions/untrusted-checkout/high at .github/workflows/jsonnet-format-fix.yaml:95:9 — Checkout of untrusted code in a privileged workflow with later potential execution (event trigger: issue_comment).
  Checkout of untrusted code in a privileged workflow with later potential execution (event trigger: issue_comment).
• ✅ Warning # 235 actions/untrusted-checkout/medium at .github/workflows/clang-format-check.yaml:82:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 236 actions/untrusted-checkout/medium at .github/workflows/actionlint-check.yaml:86:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 237 actions/untrusted-checkout/medium at .github/workflows/clang-tidy-check.yaml:59:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 238 actions/untrusted-checkout/medium at .github/workflows/cmake-format-check.yaml:79:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 239 actions/untrusted-checkout/medium at .github/workflows/cmake-build.yaml:159:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 240 actions/untrusted-checkout/medium at .github/workflows/header-guards-check.yaml:82:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 241 actions/untrusted-checkout/medium at .github/workflows/jsonnet-format-check.yaml:79:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 242 actions/untrusted-checkout/medium at .github/workflows/markdown-check.yaml:82:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 243 actions/untrusted-checkout/medium at .github/workflows/python-check.yaml:84:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 244 actions/untrusted-checkout/medium at .github/workflows/yaml-check.yaml:76:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 245 actions/untrusted-checkout-toctou/high at .github/workflows/coverage.yaml:386:9 — Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
• ✅ …and 1 more alerts (see Code Scanning for the full list).

✅ 21 CodeQL alerts resolved since the branch point

• ✅ Warning # 196 actions/untrusted-checkout-toctou/critical at .github/workflows/clang-tidy-fix.yaml:109:9 — Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
• ✅ Warning # 227 actions/untrusted-checkout-toctou/high at .github/workflows/clang-format-fix.yaml:94:9 — Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
  Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
• ✅ Warning # 228 actions/untrusted-checkout-toctou/high at .github/workflows/python-fix.yaml:94:9 — Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
  Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
• ✅ Warning # 229 actions/untrusted-checkout/high at .github/workflows/clang-format-fix.yaml:94:9 — Checkout of untrusted code in a privileged workflow with later potential execution (event trigger: issue_comment).
  Checkout of untrusted code in a privileged workflow with later potential execution (event trigger: issue_comment).
• ✅ Warning # 230 actions/untrusted-checkout/high at .github/workflows/python-fix.yaml:94:9 — Checkout of untrusted code in a privileged workflow with later potential execution (event trigger: issue_comment).
  Checkout of untrusted code in a privileged workflow with later potential execution (event trigger: issue_comment).
• ✅ Warning # 231 actions/untrusted-checkout-toctou/high at .github/workflows/cmake-format-fix.yaml:94:9 — Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
  Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
• ✅ Warning # 232 actions/untrusted-checkout-toctou/high at .github/workflows/jsonnet-format-fix.yaml:95:9 — Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
  Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
• ✅ Warning # 233 actions/untrusted-checkout/high at .github/workflows/cmake-format-fix.yaml:94:9 — Checkout of untrusted code in a privileged workflow with later potential execution (event trigger: issue_comment).
  Checkout of untrusted code in a privileged workflow with later potential execution (event trigger: issue_comment).
• ✅ Warning # 234 actions/untrusted-checkout/high at .github/workflows/jsonnet-format-fix.yaml:95:9 — Checkout of untrusted code in a privileged workflow with later potential execution (event trigger: issue_comment).
  Checkout of untrusted code in a privileged workflow with later potential execution (event trigger: issue_comment).
• ✅ Warning # 235 actions/untrusted-checkout/medium at .github/workflows/clang-format-check.yaml:82:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 236 actions/untrusted-checkout/medium at .github/workflows/actionlint-check.yaml:86:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 237 actions/untrusted-checkout/medium at .github/workflows/clang-tidy-check.yaml:59:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 238 actions/untrusted-checkout/medium at .github/workflows/cmake-format-check.yaml:79:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 239 actions/untrusted-checkout/medium at .github/workflows/cmake-build.yaml:159:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 240 actions/untrusted-checkout/medium at .github/workflows/header-guards-check.yaml:82:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 241 actions/untrusted-checkout/medium at .github/workflows/jsonnet-format-check.yaml:79:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 242 actions/untrusted-checkout/medium at .github/workflows/markdown-check.yaml:82:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 243 actions/untrusted-checkout/medium at .github/workflows/python-check.yaml:84:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 244 actions/untrusted-checkout/medium at .github/workflows/yaml-check.yaml:76:9 — Potential unsafe checkout of untrusted pull request on privileged workflow.
• ✅ Warning # 245 actions/untrusted-checkout-toctou/high at .github/workflows/coverage.yaml:386:9 — Insufficient protection against execution of untrusted code on a privileged workflow (issue_comment).
• ✅ …and 1 more alerts (see Code Scanning for the full list).

Review the full CodeQL report for details.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

@@            Coverage Diff             @@
##             main     #668      +/-   ##
==========================================
- Coverage   83.55%   83.02%   -0.54%     
==========================================
  Files         170      172       +2     
  Lines        6283     6446     +163     
  Branches      706      744      +38     
==========================================
+ Hits         5250     5352     +102     
- Misses        810      854      +44     
- Partials      223      240      +17     

Flag	Coverage Δ
scripts	78.86% <ø> (ø)
unittests	85.05% <100.00%> (-0.88%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
phlex/model/fixed_hierarchy.cpp	76.31% <100.00%> (+1.31%)	⬆️

... and 5 files with indirect coverage changes

---

Continue to review full report in Codecov by Harness.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5e6a365...999aabc. Read the comment docs.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[github-actions]

Clang-Tidy Check Results

Found 5374 issue(s); none are newly introduced by this patch.

All issues by check:

• readability-identifier-naming: 2059
• readability-redundant-member-init: 1258
• portability-template-virtual-member-function: 563
• performance-unnecessary-value-param: 457
• readability-avoid-const-params-in-decls: 269
• modernize-pass-by-value: 206
• readability-braces-around-statements: 90
• modernize-use-designated-initializers: 86
• readability-convert-member-functions-to-static: 80
• readability-const-return-type: 50
• modernize-use-auto: 27
• readability-redundant-control-flow: 23
• readability-qualified-auto: 21
• modernize-concat-nested-namespaces: 17
• readability-math-missing-parentheses: 16
• modernize-use-equals-default: 15
• modernize-avoid-c-arrays: 15
• modernize-use-using: 13
• bugprone-branch-clone: 12
• readability-static-definition-in-anonymous-namespace: 12
• modernize-return-braced-init-list: 10
• readability-function-size: 10
• readability-isolate-declaration: 8
• cppcoreguidelines-special-member-functions: 7
• readability-container-size-empty: 7
• modernize-use-starts-ends-with: 6
• modernize-use-ranges: 5
• readability-inconsistent-declaration-parameter-name: 5
• readability-redundant-access-specifiers: 5
• readability-container-contains: 5
• modernize-use-std-numbers: 3
• readability-redundant-casting: 3
• modernize-use-integer-sign-comparison: 2
• cppcoreguidelines-rvalue-reference-param-not-moved: 1
• performance-avoid-endl: 1
• readability-else-after-return: 1
• readability-redundant-string-init: 1
• readability-simplify-boolean-expr: 1
• readability-use-anyofallof: 1
• performance-move-const-arg: 1
• modernize-redundant-void-arg: 1
• modernize-make-shared: 1

See inline comments for details. Comment @phlexbot tidy-fix to auto-fix.

[beojan]

The change looks fine to me, but I don't understand Claude's explanation. The vector of identifiers was moved into the layer path so how can the layer path be sharing memory with anything?

[knoepfel]

The change looks fine to me, but I don't understand Claude's explanation. The vector of identifiers was moved into the layer path so how can the layer path be sharing memory with anything?

See the attached ASAN log for fixed_hierarchy_test.
fixed_hierarchy_test_asan.log

[greenc-FNAL]

Fix looks good. I spent a few minutes coming up with a regression test using the sanitizer—testing now, but it's up to you whether you want to wait for it or have me put in a specific PR.

[beojan]

I suspect clang-tidy will complain about cppcoreguidelines-rvalue-reference-param-not-moved.

GPT 5.5 identified the cause as a bug in GCC 15.1's libstdc++ which was fixed in 15.2.

[beojan]

AI-generated analysis of the ASan trace:

The crash does not look like identifier borrowing/misusing moved-from string storage. It looks more like GCC 15.1 libstdc++ getting exception unwinding wrong in the std::ranges::to<std::vector<layer_path>>() / std::vector(from_range, ...) path.

For fixed_hierarchy{{}}, construction of the first layer_path correctly throws during validation of the empty path. Since that layer_path constructor throws, no layer_path element should be considered fully constructed in the destination std::vector<layer_path>. But the ASan stack shows std::vector<layer_path>::~vector() calling layer_path::~layer_path(), which then destroys a garbage std::vector<identifier> member and tries to deallocate 0xbebebebebebebebe-poisoned storage. That suggests the destination vector's constructed range is wrong during unwinding, i.e. it is destroying unconstructed storage.

This matches a plausible libstdc++ 15.1 issue in the vector range-constructor path: storage is allocated before std::__uninitialized_copy_a, but _M_finish is not set to _M_start before element construction can throw. GCC 15.2 appears to have changed that invariant. So the explicit loop in this PR is still a good fix/workaround because it avoids the problematic outer ranges::to construction path, but I would soften the diagnosis from "use-after-move in our code" to "GCC 15.1/libstdc++ ranges/vector exception-unwinding issue triggered by this pipeline."

[knoepfel]

AI-generated analysis of the ASan trace:

The crash does not look like identifier borrowing/misusing moved-from string storage. It looks more like GCC 15.1 libstdc++ getting exception unwinding wrong in the std::ranges::to<std::vector<layer_path>>() / std::vector(from_range, ...) path.

For fixed_hierarchy{{}}, construction of the first layer_path correctly throws during validation of the empty path. Since that layer_path constructor throws, no layer_path element should be considered fully constructed in the destination std::vector<layer_path>. But the ASan stack shows std::vector<layer_path>::~vector() calling layer_path::~layer_path(), which then destroys a garbage std::vector<identifier> member and tries to deallocate 0xbebebebebebebebe-poisoned storage. That suggests the destination vector's constructed range is wrong during unwinding, i.e. it is destroying unconstructed storage.

This matches a plausible libstdc++ 15.1 issue in the vector range-constructor path: storage is allocated before std::__uninitialized_copy_a, but _M_finish is not set to _M_start before element construction can throw. GCC 15.2 appears to have changed that invariant. So the explicit loop in this PR is still a good fix/workaround because it avoids the problematic outer ranges::to construction path, but I would soften the diagnosis from "use-after-move in our code" to "GCC 15.1/libstdc++ ranges/vector exception-unwinding issue triggered by this pipeline."

Okay, thanks for the cross-check, @beojan. When merging, I'll adjust the commit message to refer to the GCC 15.1 limitation.

[github-actions]

Clang-Tidy Check Results

1 new issue(s) introduced by this patch (5374 total).

New issues on modified lines:

• /__w/phlex/phlex/phlex-src/phlex/model/fixed_hierarchy.cpp:52: warning: forwarding reference passed to std::move(), which may unexpectedly cause lvalues to be moved; use std::forward() instead

All issues by check:

• readability-identifier-naming: 2059
• readability-redundant-member-init: 1258
• portability-template-virtual-member-function: 563
• performance-unnecessary-value-param: 457
• readability-avoid-const-params-in-decls: 269
• modernize-pass-by-value: 206
• readability-braces-around-statements: 90
• modernize-use-designated-initializers: 86
• readability-convert-member-functions-to-static: 80
• readability-const-return-type: 50
• modernize-use-auto: 27
• readability-redundant-control-flow: 23
• readability-qualified-auto: 21
• modernize-concat-nested-namespaces: 17
• readability-math-missing-parentheses: 16
• modernize-use-equals-default: 15
• modernize-avoid-c-arrays: 15
• modernize-use-using: 13
• bugprone-branch-clone: 12
• readability-static-definition-in-anonymous-namespace: 12
• readability-function-size: 10
• modernize-return-braced-init-list: 10
• readability-isolate-declaration: 8
• cppcoreguidelines-special-member-functions: 7
• readability-container-size-empty: 7
• modernize-use-starts-ends-with: 6
• readability-container-contains: 5
• readability-inconsistent-declaration-parameter-name: 5
• modernize-use-ranges: 5
• readability-redundant-access-specifiers: 5
• readability-redundant-casting: 3
• modernize-use-std-numbers: 3
• modernize-use-integer-sign-comparison: 2
• bugprone-move-forwarding-reference: 1
• readability-redundant-string-init: 1
• performance-move-const-arg: 1
• readability-else-after-return: 1
• readability-simplify-boolean-expr: 1
• readability-use-anyofallof: 1
• modernize-make-shared: 1
• performance-avoid-endl: 1
• modernize-redundant-void-arg: 1

See inline comments for details. Comment @phlexbot tidy-fix to auto-fix.

[knoepfel]

@beojan, clang-tidy objected to the latest implementation (see #668 (comment)). Commit 999aabc is a fix.

[github-actions]

Clang-Tidy Check Results

Found 5438 issue(s); none are newly introduced by this patch.

All issues by check:

• readability-identifier-naming: 2066
• readability-redundant-member-init: 1258
• portability-template-virtual-member-function: 563
• performance-unnecessary-value-param: 464
• readability-avoid-const-params-in-decls: 269
• modernize-pass-by-value: 206
• readability-braces-around-statements: 118
• modernize-use-designated-initializers: 86
• readability-convert-member-functions-to-static: 80
• readability-const-return-type: 50
• modernize-use-auto: 28
• readability-redundant-control-flow: 23
• readability-qualified-auto: 21
• modernize-use-using: 19
• modernize-concat-nested-namespaces: 17
• readability-math-missing-parentheses: 16
• modernize-use-equals-default: 15
• modernize-avoid-c-arrays: 15
• readability-static-definition-in-anonymous-namespace: 14
• bugprone-branch-clone: 12
• readability-function-size: 12
• modernize-return-braced-init-list: 10
• readability-isolate-declaration: 8
• modernize-use-starts-ends-with: 8
• readability-container-size-empty: 7
• cppcoreguidelines-special-member-functions: 7
• bugprone-throw-keyword-missing: 6
• readability-redundant-access-specifiers: 5
• readability-container-contains: 5
• readability-inconsistent-declaration-parameter-name: 5
• modernize-use-ranges: 5
• readability-redundant-casting: 5
• modernize-use-std-numbers: 3
• readability-else-after-return: 2
• modernize-use-integer-sign-comparison: 2
• performance-avoid-endl: 1
• modernize-make-shared: 1
• performance-move-const-arg: 1
• modernize-redundant-void-arg: 1
• readability-redundant-string-init: 1
• modernize-use-emplace: 1
• readability-simplify-boolean-expr: 1
• readability-use-anyofallof: 1

See inline comments for details. Comment @phlexbot tidy-fix to auto-fix.