Re: Cleaning up FILE in stdio..

On Tue, Feb 26, 2008 at 11:55:16PM -0500, John Baldwin wrote:
Yes, I discovered the macros today while working on my fd as short problem.

Macros and __inline functions mean that a significant proportion of
software compiled on FreeBSD has the existing definition of FILE
compiled into it.

However, I can't fix the fact that our stdio can't handle fd's > SHRT_MAX
(again, glibc handles this just fine) w/o making a royal mess.

I don't think a versioned FILE is practical so we are stuck with a
16-bit _file for the immediate future.

What I've gone with instead to fix the SHRT_MAX problem is to change
fopen/fdopen/freopen to fail to use fd's > SHRT_MAX with an error.

You could change _file from 'short' to 'unsigned short' without breaking
the ABI - this would allow either 65535 or 65536 file descriptors (I'm
not sure whether _file == -1 is special or not). This would postpone
the problem for some time.

My suggestion would be:
Now:
a) change _file to 'unsigned short' and add checks as proposed
b) merge __sFILEX into FILE
c) Remove the macros and inlines that poke around inside FILE
d) Note that directly accessing FILE innards is deprecated and
move the definition of struct __sFILE into libc/stdio/local.h

Once RELENG_8 is branched:
e) Don asbestos underwear and re-arrange struct __sFILE to grow _file etc.

--
Peter Jeremy
Please excuse any delays as the result of my ISP's inability to implement
an MTA that is either RFC2821-compliant or matches their claimed behaviour.

Attachment: pgpOxqJd6RqFI.pgp
Description: PGP signature

Relevant Pages

  • Re: CERT C Secure Coding Standard - last call for reviewers
    ... The claim that 'macros are dangerous' can, to a certain extent, be ... suggests that inline functions can eliminate this problem. ... the terms of reference of SECCODE, the suggestion to use inline functions ... The example where the interaction of two macros and a file scope object ...
    (comp.lang.c)
  • Re: C++ as a better C
    ... the overhead of calling the function may be high ... macros have no concept of type safety and can have some nasty ... Inline functions offer many of the benefits of macros, ... int main ...
    (comp.lang.cpp)
  • Re: [PATCH 5/6] i386 virtualization - Make generic set wrprotect a macro
    ... and fixes the build for architectures which include pgtable.h ... >This against the kernel coding style. ... "functions" here are purely macros, ... inline functions for include/asm-i386/pgtable-level.h. ...
    (Linux-Kernel)
  • [PATCH 0/23] make atomic_read() and atomic_set() behavior consistent across all architectures
    ... I've redone the patchset to include volatile casts in atomic_set as well. ... I've also converted the macros to inline functions, to help catch type mismatches at compile time. ...
    (Linux-Kernel)
  • Re: Extreme Efficiency for Odd/Even
    ... C++-ers have used against function macros for years now apply to C. ... would write those as inline functions and only switch to macros after ... Pay close attention to "I would..."; it has a very different meaning ...
    (comp.lang.c)