{"id":18625,"date":"2018-03-22T15:56:54","date_gmt":"2018-03-22T22:56:54","guid":{"rendered":"https:\/\/blogs.msdn.microsoft.com\/vcblog\/?p=18625"},"modified":"2019-02-18T17:48:00","modified_gmt":"2019-02-18T17:48:00","slug":"c-core-checks-in-visual-studio-2017-15-7-preview-2","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/cppblog\/c-core-checks-in-visual-studio-2017-15-7-preview-2\/","title":{"rendered":"C++ Core Checks in Visual Studio 2017 15.7 Preview 2"},"content":{"rendered":"<p>This post was written by Sergiy Oryekhov.<\/p>\n<p style=\"font-weight: 400\"><span>The C++ Core Guidelines Check extension received several new rules in <a href=\"https:\/\/www.visualstudio.com\/preview\">Visual Studio 2017 15.7 Preview 2<\/a>. The primary focus in this iteration was on the checks that would make it easier to adopt utilities from the <a href=\"https:\/\/github.com\/Microsoft\/GSL\">Guidelines Support Library<\/a>. <\/span><\/p>\n<p>Below is a quick summary of these additions. For more detailed information please see documentation on MSDN: <a href=\"https:\/\/docs.microsoft.com\/en-us\/visualstudio\/code-quality\/code-analysis-for-cpp-corecheck\">C++ Core Guidelines Checker Reference<\/a>.<\/p>\n<p>If you&#8217;re just getting started with native code analysis tools, take a look at our introductory <a href=\"https:\/\/msdn.microsoft.com\/en-us\/library\/hh419384.aspx\">Quick Start: Code Analysis for C\/C++<\/a>.<\/p>\n<h2 style=\"font-weight: 400\"><span>New rule sets<\/span><\/h2>\n<p style=\"font-weight: 400\"><span>There is one new rule category added in this release with a rule set file which can be selected in the project settings dialog.<\/span><\/p>\n<ul>\n<li>\n<h4>GSL rules<\/h4>\n<p>Several new rules try to help catching subtle issues related to how span and view types are used. Catching such issues becomes more important once modern practices of safe memory handling get adopted. In addition, a couple useful utilities from the Guidelines Support Library are promoted so that user code can be made safer and more uniform.<\/li>\n<\/ul>\n<h2 style=\"font-weight: 400\"><span>New rules<\/span><\/h2>\n<h4>Bounds rules<\/h4>\n<ul>\n<li>C26446 USE_GSL_AT\nThis rule suggests using a safer version of an indexing function whenever a subscript operator which doesn\u2019t perform range checks gets called.\nThis rule is also a part of the GSL rule set.<\/li>\n<\/ul>\n<h4>Function rules<\/h4>\n<ul>\n<li>C26447 DONT_THROW_IN_NOEXCEPT\nThis check is applicable to functions marked as \u2018noexcept\u2019 and points to the places where such functions invoke code that can potentially throw exceptions.<\/li>\n<\/ul>\n<h4>GSL rules<\/h4>\n<ul>\n<li style=\"margin-bottom: 1em\">C26445 NO_SPAN_REF\nSome subtle issues may occur when legacy code gets migrated to new types that point to memory buffers. One of such issue is unintended referencing of spans or views which may happen if legacy code used to reference containers like vectors or strings etc.<\/li>\n<li style=\"margin-bottom: 1em\">C26448 USE_GSL_FINALLY\nThe Guidelines Support Library has a useful utility which helps to add the \u201cfinal action\u201d functionality in a structural and uniform way. This rule helps to find places that use \u2018goto\u2019 and may be good candidates for adoption of gsl::finally.<\/li>\n<li style=\"margin-bottom: 1em\">C26449 NO_SPAN_FROM_TEMPORARY\nSpans and views are efficient and safe in dealing with memory buffers, but they never own data they point to. This must be taken into account especially when dealing with legacy code. One dangerous mistake that users can make is to create a span over a temporary object. It is a special case of a lifetime issue similar to referencing local data.<\/p>\n<p style=\"font-weight: 400\"><span><i>This rule is enabled by default in the &#8220;Native Recommended&#8221; rule set.<\/i><\/span><\/p>\n<p style=\"font-weight: 400\"><span>Example: Subtle difference in result types.<\/span><\/p>\n<pre class=\"prettyprint\">\n\/\/ Returns a predefined collection. Keeps data alive.\ngsl::span get_seed_sequence() noexcept;\n\n\/\/ Returns a generated collection. Doesn\u2019t own new data.\nconst std::vector get_next_sequence(gsl::span);\n\nvoid run_batch()\n{\nauto sequence = get_seed_sequence();\nwhile (send(sequence))\n{\nsequence = get_next_sequence(sequence); \/\/ C26449\n\/\/ ...\n}\n}\n<\/pre>\n<\/li>\n<li style=\"margin-bottom: 1em\">C26446 USE_GSL_AT\nSee \u201cBounds rules\u201d above.<\/li>\n<\/ul>\n<h3>Feedback<\/h3>\n<p style=\"font-weight: 400\"><span>As always, we welcome your feedback. Feel free to send any comments through e-mail at <\/span><a href=\"mailto:visualcpp@microsoft.com\"><span>visualcpp@microsoft.com<\/span><\/a><span>, through <a href=\"https:\/\/twitter.com\/visualc\">Twitter @<\/a><\/span><span>visualc<\/span><span>, or Facebook at <a href=\"https:\/\/www.facebook.com\/Microsoft-Visual-Cpp-222043184527264\/\">Microsoft Visual Cpp<\/a><\/span>.<span> <\/span><\/p>\n<p style=\"font-weight: 400\"><span>If you encounter other problems with MSVC in VS 2017, please let us know via the <a href=\"https:\/\/docs.microsoft.com\/en-us\/visualstudio\/ide\/how-to-report-a-problem-with-visual-studio-2017\">Report a Problem<\/a> option, either from the installer or the Visual Studio IDE itself. For suggestions, let us know through <\/span><a href=\"https:\/\/visualstudio.uservoice.com\/forums\/121579-visual-studio-2015\/category\/30937-languages-c\"><span>UserVoice<\/span><\/a><span>. Thank you!<\/span><span> <\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This post was written by Sergiy Oryekhov. The C++ Core Guidelines Check extension received several new rules in Visual Studio 2017 15.7 Preview 2. The primary focus in this iteration was on the checks that would make it easier to adopt utilities from the Guidelines Support Library. Below is a quick summary of these additions. [&hellip;]<\/p>\n","protected":false},"author":324,"featured_media":35994,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[239,277],"tags":[245,163],"class_list":["post-18625","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-diagnostics","category-writing-code","tag-cppcorecheck","tag-static-analysis"],"acf":[],"blog_post_summary":"<p>This post was written by Sergiy Oryekhov. The C++ Core Guidelines Check extension received several new rules in Visual Studio 2017 15.7 Preview 2. The primary focus in this iteration was on the checks that would make it easier to adopt utilities from the Guidelines Support Library. Below is a quick summary of these additions. [&hellip;]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/posts\/18625","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/users\/324"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/comments?post=18625"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/posts\/18625\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/media\/35994"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/media?parent=18625"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/categories?post=18625"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/cppblog\/wp-json\/wp\/v2\/tags?post=18625"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}