Use AST-based tests in favor of token-based tests for greater coverage.

Thanks, that is way better!

Now the error message lacks some detail, the variable name: Could some more details be added again?

@amai2012, you're right. Though, since the boolean in question could be a long expression, it may be unpleasant to look at.

This might be better handled as a separate issue, in that there are many checks which could print more context, and we could enhance reporting in general. I'll follow up on this.

@danmar IIRC recently the column attribute was added. That is not yet mandatory in the message? Or just missing in this output?

The column is not written by default in the tests. But it should be written in the normal output.

@danmar Could you please trigger a re-run? I could not find the reason for travis failure...
Do you think it's ok to accept the lack of details in the message and cure it later? Usually we should try to avoid regressions.

Cppcheck executed by Travis now finds several suspicious places in Cppcheck itself:
IMO & is used by intention here since diag (when not specified otherwise) does insert the token. So the function has side effects and with && the second condition would maybe not tested and thus the token not inserted.
IMHO this could and should be written in another way that is better readable and does not mislead static analyzers (i saw that PVS Studio also complains here).

lib/checkcondition.cpp:473:20: warning: Boolean is used in bitwise operation. Did you mean '&&'? [bitwiseOnBoolean]
    if (diag(tok1) & diag(tok2))
                   ^
lib/checkcondition.cpp:536:22: warning: Boolean is used in bitwise operation. Did you mean '&&'? [bitwiseOnBoolean]
    if (diag(ifCond) & diag(elseIfCond))
                     ^
lib/checkcondition.cpp:801:20: warning: Boolean is used in bitwise operation. Did you mean '&&'? [bitwiseOnBoolean]
    if (diag(tok1) & diag(tok2))
                   ^
lib/checkcondition.cpp:816:20: warning: Boolean is used in bitwise operation. Did you mean '&&'? [bitwiseOnBoolean]
    if (diag(tok1) & diag(tok2))
                   ^
lib/checkcondition.cpp:831:21: warning: Boolean is used in bitwise operation. Did you mean '&&'? [bitwiseOnBoolean]
    if (diag(cond1) & diag(cond2))
                    ^

The code referenced in the following warnings looks like it was written using bitwise operations to be shorter, maybe to be better readable (not sure if it really is the case). IMHO when explicitly using boolean types then no bitwise operations should be used. Otherwise human or machine readers could be mislead. If bitwise operations should be used, the variable types could be changed to integers.

lib/library.cpp:675:44: warning: Boolean is used in bitwise operation. Did you mean '||'? [bitwiseOnBoolean]
                            error |= range | (*(p+1) == '.');
                                           ^
lib/library.cpp:685:46: warning: Boolean is used in bitwise operation. Did you mean '||'? [bitwiseOnBoolean]
                            error |= has_dot | (!std::isdigit(*(p+1)));
                                             ^

The code referenced in the following warning can be clearly optimized. I see no need to use a bitwise operator here.

lib/valueflow.cpp:1014:68: warning: Boolean is used in bitwise operation. Did you mean '||'? [bitwiseOnBoolean]
                    result.setInconclusive(value1.isInconclusive() | value2.isInconclusive());
                                                                   ^

IMHO all the detected issues are more or less true positives that uncover so-called code smells that could be changed to make the code better readable.
@danmar What do you think?

Can we find a pattern which should be marked as inconclusive?

Can we find a pattern which should be marked as inconclusive?

As far as I know the intention of this checker is to warn for that kind of code... so if you don't like it you should suppress it.

As far as I remember we used to suppress these warnings in Cppcheck. Not sure if/when/why that suppression was removed.

@tgnottingham can you please add the suppression again.. add it at the top of the file cppcheck/.travis_suppressions.

@danmar Done. Also fixed the issue in lib/valueflow.cpp. Thanks all for the feedback and discussion.

IMO & is used by intention here since diag (when not specified otherwise) does insert the token. So the function has side effects and with && the second condition would maybe not tested and thus the token not inserted.

We should check if the LHS or RHS has side effects. We do something similar for isSameExpression. I believe you can use the isConstExpression function in astutils.h to check for this case.

The code referenced in the following warnings looks like it was written using bitwise operations to be shorter

The intent is to use && without short-circuiting, which is why & is used.

If bitwise operations should be used, the variable types could be changed to integers.

But that would imply the functions returns something other than true or false which is not the case. And if we were to return true with an int, should we return 1 or 2 or 3? Changing to int can lead to other types of code smell.