Factor out code that should move to cxplat #82
Conversation
dthaler
commented
Aug 18, 2023
•
dthaler
commented
- Move leak detection and fault injection to cxplat_winuser
- Add tests for memory realloc
- Add cxplat_test to CI/CD
Signed-off-by: Dave Thaler <[email protected]>
cxplat/inc/cxplat/fault_injection.h
Outdated
| NTSTATUS | ||
| usersim_fault_injection_initialize(size_t stack_depth) noexcept; | ||
| int | ||
| cxplat_fault_injection_initialize(size_t stack_depth) NOEXCEPT; |
There was a problem hiding this comment.
You already extern "c" all these functions. Why do you have the NOEXCEPT?
There was a problem hiding this comment.
"it's a good idea that user defined extern "C" functions be also specified with noexcept, unless it is handed a pointer to C++ function as callback argument like qsort and the likes"
cxplat/inc/cxplat/common.h
Outdated
| #endif | ||
|
|
||
| #ifdef _DEBUG | ||
| #define cxplat_assert(x) assert(x) |
There was a problem hiding this comment.
For MsQuic, we generally follow the pattern that #define macros are always all upper case: CXPLAT_ASSERT. Additionally, we have several types of asserts:
#define CXPLAT_DBG_ASSERT(_exp)
#define CXPLAT_DBG_ASSERTMSG(_exp, _msg)
#define CXPLAT_TEL_ASSERT(_exp)
#define CXPLAT_TEL_ASSERTMSG(_exp, _msg)
#define CXPLAT_TEL_ASSERTMSG_ARGS(_exp, _msg, _origin, _bucketArg1, _bucketArg2)
#define CXPLAT_FRE_ASSERT(_exp)
#define CXPLAT_FRE_ASSERTMSG(_exp, _msg)There was a problem hiding this comment.
FRE is super confusing and not cross-platform as a term. I propose using _RUNTIME_
There was a problem hiding this comment.
I'm definitely open to other terms. Not sure how I feel about RUNTIME though.
There was a problem hiding this comment.
I'm open to other terms too :)
cxplat/inc/cxplat/memory.h
Outdated
| * @param[in] size Size of memory to allocate. | ||
| * @returns Pointer to memory block allocated, or null on failure. | ||
| */ | ||
| _Must_inspect_result_ _Ret_writes_maybenull_(size) void* cxplat_allocate(size_t size); |
There was a problem hiding this comment.
Super happy to see the SAL annotations, but you will need a stub file for posix platforms. Feel free to steal quic_sal_stub.h and rename to cxplat_sal_stub.h or whatever you'd like.
There was a problem hiding this comment.
agreed. not needed for this PR but agree it will be needed eventually.
There was a problem hiding this comment.
I propose we do this after moving code to the cxplat repo, since a stub file isn't needed for the usersim project which does not support posix platforms.
Signed-off-by: Dave Thaler <[email protected]>
Signed-off-by: Dave Thaler <[email protected]>
Signed-off-by: Dave Thaler <[email protected]>
Signed-off-by: Dave Thaler <[email protected]>
| #pragma once | ||
| // Do not add anything else to this file. | ||
| // Actual platform-specific definitions go in the file below. | ||
| #include "cxplat_winuser.h" |
There was a problem hiding this comment.
| #include "cxplat_winuser.h" | |
| #ifdef _KERNEL_MODE | |
| #error "Windows kernel platform is unsupported" | |
| #elif _WIN32 | |
| #include "cxplat_winuser.h" | |
| #else | |
| #error "Unknown unsupported Platform" | |
| #endif |
Maybe make this a bit explicit right off the bat?
There was a problem hiding this comment.
I have a general distaste for ifdefs, they clutter the code and can easily leave dead code sections.
There was a problem hiding this comment.
I don't feel strongly about this, so may adopt this suggestion in the next PR
There was a problem hiding this comment.
We can discuss more in a follow up PR, but I don't want each consumer of cxplat to be required to have platforms specific logic to change the include path. They should include one path, and just #include <cxplat_platform.h> and be good to go.
| // SPDX-License-Identifier: MIT | ||
| #pragma once | ||
| #include <winerror.h> | ||
|
|
There was a problem hiding this comment.
I'd also recommend:
#define CXPLAT_FAILED(X) FAILED(X)
#define CXPLAT_SUCCEEDED(X) SUCCEEDED(X)There was a problem hiding this comment.
I dislike having two macros that do the same thing. How is FAILED different from !SUCCEEDED?
There was a problem hiding this comment.
98% of the time, code uses the failed marco for error conditions, so if we did have to pick just 1, I'd prefer that. But I do like having two for the cases where you want the opposite. Having english words instead of just ! the other is nicer (IMO) to read.
Signed-off-by: Dave Thaler <[email protected]>
Signed-off-by: Dave Thaler <[email protected]>
Signed-off-by: Dave Thaler <[email protected]>
Signed-off-by: Dave Thaler <[email protected]>
Signed-off-by: Dave Thaler <[email protected]>
dthaler
changed the title
Signed-off-by: Dave Thaler <[email protected]>
dthaler
force-pushed
the
cxplat
branch
3 times, most recently
from
ec55537 to
6c6a136
Compare
Signed-off-by: Dave Thaler <[email protected]>
Signed-off-by: Dave Thaler <[email protected]>
Signed-off-by: Dave Thaler <[email protected]>
| cxplat_status_t | ||
| cxplat_initialize(); |
There was a problem hiding this comment.
Would you mind not having the spaces before all these lines? IMHO, it's a lot of wasted space.
There was a problem hiding this comment.
I think clang-format did it, the formatting isn't supposed to be manual.
We can see if there's a config option to do what you want.
| #ifdef __cplusplus | ||
| extern "C" | ||
| { | ||
| #endif |
There was a problem hiding this comment.
To simplify this stuff, we can define EXTERN_C (or EXTERN_C_START) and EXTERN_C_END in cxplat_common.h for this. It would reduce the duplication and line count a bit. It would also hide the { and } to eliminate any visible/explicit need to tab things over.
| { | ||
| CXPLAT_STATUS_SUCCESS = CXPLAT_PLATFORM_STATUS_SUCCESS, | ||
| CXPLAT_STATUS_NO_MEMORY = CXPLAT_PLATFORM_STATUS_NO_MEMORY, | ||
| } cxplat_status_t; |
There was a problem hiding this comment.
There is a problem with defining cxplat_status_t as an enum instead of the platform type (HRESULT or NTSTATUS): you lose the "success" SAL annotation of those types that is then used for evaluation of a function being successful or not.
typedef _Return_type_success_(return >= 0) long HRESULT;
typedef _Return_type_success_(return >= 0) LONG NTSTATUS;I'm not sure if we can get the same thing on this enum.
There was a problem hiding this comment.
I believe yes we can get it on an enum.
| // Include platform-specific definitions of common defines. | ||
| #include "cxplat_platform.h" | ||
|
|
||
| #include <assert.h> |
There was a problem hiding this comment.
FYI, in MsQuic's platform abstraction, the definition of assert is platform specific, and does not use assert.h. On Windows we have:
#define CXPLAT_ASSERT_LOG(_exp, _msg) \
(CXPLAT_ANALYSIS_ASSUME(_exp), \
((!(_exp)) ? (CxPlatLogAssert(__FILE__, __LINE__, #_exp), FALSE) : TRUE))
#define CXPLAT_ASSERT_CRASH(_exp, _msg) \
(CXPLAT_ANALYSIS_ASSUME(_exp), \
((!(_exp)) ? \
(CxPlatLogAssert(__FILE__, __LINE__, #_exp), \
__annotation(L"Debug", L"AssertFail", _msg), \
DbgRaiseAssertionFailure(), FALSE) : \
TRUE))
| Copyright (c) Microsoft Corporation | ||
| SPDX-License-Identifier: MIT | ||
| --> | ||
| <Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> |
There was a problem hiding this comment.
We can do this in a follow up PR, but this project file needs some work. It won't load on xbox for instance.
| cxplat_initialize() | ||
| { | ||
| try { | ||
| auto fault_injection_stack_depth = |
There was a problem hiding this comment.
Eventually, this all needs to be DEBUG only.
Signed-off-by: Dave Thaler <[email protected]>
