[prev in list] [next in list] [prev in thread] [next in thread]
List: zeromq-dev
Subject: Re: [zeromq-dev] SAL annotations
From: Osiris Pedroso <opedroso () gmail ! com>
Date: 2023-10-17 11:34:32
Message-ID: CALMrRGnX5r5qhZCkb=UQaiRQ5Z4uPb1bGRrKSbgwOitUgByxyg () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hi Axel,
Sounds wonderful since it won't affect other platform targets and give us
extra benefits when compiling with MSbuild. You got my vote.
Best regards,
Osiris
On Tue, 17 Oct 2023, 06:56 Axel R., <axelriet@gmail.com> wrote:
> Hi ZeroMQ devs,
>
> I want to see how you guys feel about adding SAL 2 annotations to the code
> (https://learn.microsoft.com/en-us/cpp/c-runtime-library/sal-annotations
> <https://learn.microsoft.com/en-us/cpp/c-runtime-library/sal-annotations?view=msvc-170>
> )
>
> The goal is to give hints to (Microsoft's) static analyzers beyond what
> can be inferred from the code itself, with the hope to enforce correct
> usage, verify assumptions at compile time, and ultimately reduce defects.
>
> We have a couple of static analyzers at work that use the annotations, the
> public version of one of them (PREfast) ships with Visual Studio and can be
> used by anyone.
>
> It is possible to #define out all annotations for non-MSVC builds. The
> PREfast analysis itself is opt-in so it's possible to annotate with zero
> side effect save for a little more work for the preprocessor.
>
> What I did was adding a new zmq_sal.h header (next to zmq_utils.h) and
> simply included it #ifdef _MSC_VER from zmq.h
>
> The new header either includes <sal.h> from the Windows SDK for MSVC, or
> adds a bunch of #defines that resolve to nothing for other compilers.
>
> The next step is to annotate all the exported functions, then
> progressively move inwards to internal functions and methods and check that
> in.
>
> From there, anyone can opt to enable code analysis on MSVC builds and
> review/address the more insightful warnings. Any resulting code changes
> would be separate things.
>
> Thoughts?
>
> Axel
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev@lists.zeromq.org
> https://lists.zeromq.org/mailman/listinfo/zeromq-dev
>
[Attachment #5 (text/html)]
<div dir="auto">Hi Axel,<div dir="auto"><br></div><div dir="auto">Sounds wonderful \
since it won't affect other platform targets and give us extra benefits when \
compiling with MSbuild. You got my vote.</div><div dir="auto"><br></div><div \
dir="auto">Best regards,</div><div dir="auto">Osiris<br><div \
dir="auto"><br></div><div dir="auto"><br></div></div></div><br><div \
class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, 17 Oct 2023, 06:56 Axel \
R., <<a href="mailto:axelriet@gmail.com">axelriet@gmail.com</a>> \
wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 \
.8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="auto">Hi ZeroMQ \
devs,<div><br></div><div>I want to see how you guys feel about adding SAL 2 \
annotations to the code (<a \
href="https://learn.microsoft.com/en-us/cpp/c-runtime-library/sal-annotations?view=msvc-170" \
target="_blank" rel="noreferrer">https://learn.microsoft.com/en-us/cpp/c-runtime-library/sal-annotations</a>)</div><div><br></div><div>The \
goal is to give hints to (Microsoft's) static analyzers beyond what can be inferred \
from the code itself, with the hope to enforce correct usage, verify assumptions at \
compile time, and ultimately reduce defects.</div><div><br></div><div>We have a \
couple of static analyzers at work that use the annotations, the public version of \
one of them (PREfast) ships with Visual Studio and can be used by \
anyone.</div><div><br></div><div>It is possible to #define out all annotations for \
non-MSVC builds. The PREfast analysis itself is opt-in so it's possible to annotate \
with zero side effect save for a little more work for the \
preprocessor.</div><div><br></div><div>What I did was adding a new zmq_sal.h header \
(next to zmq_utils.h) and simply included it #ifdef _MSC_VER from \
zmq.h</div><div><br></div><div>The new header either includes <sal.h> from the \
Windows SDK for MSVC, or adds a bunch of #defines that resolve to nothing for other \
compilers.</div><div><br></div><div>The next step is to annotate all the exported \
functions, then progressively move inwards to internal functions and methods and \
check that in.</div><div><br></div><div>From there, anyone can opt to enable code \
analysis on MSVC builds and review/address the more insightful warnings. Any \
resulting code changes would be separate \
things.</div><div><br></div><div>Thoughts?</div><div><br></div><div>Axel</div></div>_______________________________________________<br>
zeromq-dev mailing list<br>
<a href="mailto:zeromq-dev@lists.zeromq.org" target="_blank" \
rel="noreferrer">zeromq-dev@lists.zeromq.org</a><br> <a \
href="https://lists.zeromq.org/mailman/listinfo/zeromq-dev" rel="noreferrer \
noreferrer" target="_blank">https://lists.zeromq.org/mailman/listinfo/zeromq-dev</a><br>
</blockquote></div>
_______________________________________________
zeromq-dev mailing list
zeromq-dev@lists.zeromq.org
https://lists.zeromq.org/mailman/listinfo/zeromq-dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic