Commit Graph

31 Commits

Author SHA1 Message Date
Rich Felker f368d9fd26 make FILE a complete type for pre-C11 standard profiles
C11 removed the requirement that FILE be a complete type, which was
deemed erroneous, as part of the changes introduced by N1439 regarding
completeness of types (see footnote 6 for specific mention of FILE).
however the current version of POSIX is still based on C99 and
incorporates the old requirement that FILE be a complete type.

expose an arbitrary, useless complete type definition because the
actual object used to represent FILE streams cannot be public/ABI.

thanks to commit 13d1afa46f, we now have
a framework for suppressing the public complete-type definition of FILE
when stdio.h is included internally, so that a different internal
definition can be provided. this is perfectly well-defined, since the
same struct tag can refer to different types in different translation
units. it would be a problem if the implementation were accessing the
application's FILE objects or vice versa, but either would be
undefined behavior.
2019-03-12 15:24:00 -04:00
Rich Felker 2fae10f887 fix aliasing violations in fgetpos/fsetpos
add a member of appropriate type to the fpos_t union so that accesses
are well-defined. use long long instead of off_t since off_t is not
always exposed in stdio.h and there's no namespace-clean alias for it.

access is still performed using pointer casts rather than by naming
the union member as a matter of style; to the extent possible, the
naming of fields in opaque types defined in the public headers is not
treated as an API contract with the implementation. access via the
pointer cast is valid as long as the union has a member of matching
type.
2018-02-24 16:45:33 -05:00
Rich Felker 2488d31f5a adjust fopencookie structure tag for ABI-compat
stdio types use the struct tag names from glibc libio to match C++
ABI.
2017-12-06 13:14:22 -05:00
William Pitcock 061843340f implement the fopencookie extension to stdio
notes added by maintainer:

this function is a GNU extension. it was chosen over the similar BSD
function funopen because the latter depends on fpos_t being an
arithmetic type as part of its public API, conflicting with our
definition of fpos_t and with the intent that it be an opaque type. it
was accepted for inclusion because, despite not being widely used, it
is usually very difficult to extricate software using it from the
dependency on it.

calling pattern for the read and write callbacks is not likely to
match glibc or other implementations, but should work with any
reasonable callbacks. in particular the read function is never called
without at least one byte being needed to satisfy its caller, so that
spurious blocking is not introduced.

contracts for what callbacks called from inside libc/stdio can do are
always complicated, and at some point still need to be specified
explicitly. at the very least, the callbacks must return or block
indefinitely (they cannot perform nonlocal exits) and they should not
make calls to stdio using their own FILE as an argument.
2017-12-06 13:11:48 -05:00
Rich Felker c8a9c22173 restore type of NULL to void * except when used in C++ programs
unfortunately this eliminates the ability of the compiler to diagnose
some dangerous/incorrect usage, but POSIX requires (as an extension to
the C language, i.e. CX shaded) that NULL have type void *. plain C
allows it to be defined as any null pointer constant.

the definition 0L is preserved for C++ rather than reverting to plain
0 to avoid dangerous behavior in non-conforming programs which use
NULL as a variadic sentinel. (it's impossible to use (void *)0 for C++
since C++ lacks the proper implicit pointer conversions, and other
popular alternatives like the GCC __null extension seem non-conforming
to the standard's requirements.)
2013-11-24 21:42:55 -05:00
Rich Felker 9448b0513e refactor headers, especially alltypes.h, and improve C++ ABI compat
the arch-specific bits/alltypes.h.sh has been replaced with a generic
alltypes.h.in and minimal arch-specific bits/alltypes.h.in.

this commit is intended to have no functional changes except:
- exposing additional symbols that POSIX allows but does not require
- changing the C++ name mangling for some types
- fixing the signedness of blksize_t on powerpc (POSIX requires signed)
- fixing the limit macros for sig_atomic_t on x86_64
- making dev_t an unsigned type (ABI matching goal, and more logical)

in addition, some types that were wrongly defined with long on 32-bit
archs were changed to int, and vice versa; this change is
non-functional except for the possibility of making pointer types
mismatch, and only affects programs that were using them incorrectly,
and only at build-time, not runtime.

the following changes were made in the interest of moving
non-arch-specific types out of the alltypes system and into the
headers they're associated with, and also will tend to improve
application compatibility:
- netdb.h now includes netinet/in.h (for socklen_t and uint32_t)
- netinet/in.h now includes sys/socket.h and inttypes.h
- sys/resource.h now includes sys/time.h (for struct timeval)
- sys/wait.h now includes signal.h (for siginfo_t)
- langinfo.h now includes nl_types.h (for nl_item)

for the types in stdint.h:
- types which are of no interest to other headers were moved out of
  the alltypes system.
- fast types for 8- and 64-bit are hard-coded (at least for now); only
  the 16- and 32-bit ones have reason to vary by arch.

and the following types have been changed for C++ ABI purposes;
- mbstate_t now has a struct tag, __mbstate_t
- FILE's struct tag has been changed to _IO_FILE
- DIR's struct tag has been changed to __dirstream
- locale_t's struct tag has been changed to __locale_struct
- pthread_t is defined as unsigned long in C++ mode only
- fpos_t now has a struct tag, _G_fpos64_t
- fsid_t's struct tag has been changed to __fsid_t
- idtype_t has been made an enum type (also required by POSIX)
- nl_catd has been changed from long to void *
- siginfo_t's struct tag has been removed
- sigset_t's has been given a struct tag, __sigset_t
- stack_t has been given a struct tag, sigaltstack
- suseconds_t has been changed to long on 32-bit archs
- [u]intptr_t have been changed from long to int rank on 32-bit archs
- dev_t has been made unsigned

summary of tests that have been performed against these changes:
- nsz's libc-test (diff -u before and after)
- C++ ABI check symbol dump (diff -u before, after, glibc)
- grepped for __NEED, made sure types needed are still in alltypes
- built gcc 3.4.6
2013-07-22 11:22:36 -04:00
Rich Felker b823ef2db1 fix FILENAME_MAX to match PATH_MAX
POSIX is not clear on whether it includes the termination, but ISO C
requires that it does. the whole concept of this macro is rather
useless, but it's better to be correct anyway.
2013-07-18 14:15:48 -04:00
Rich Felker a3e2f3c2b1 respect iso c namespace in stdio.h and wchar.h regarding va_list
despite declaring functions that take arguments of type va_list, these
headers are not permitted by the c standard to expose the definition
of va_list, so an alias for the type must be used. the name
__isoc_va_list was chosen to convey that the purpose of this alternate
name is for iso c conformance, and to avoid the multitude of names
which gcc mangles with its hideous "fixincludes" monstrosity, leading
to serious header breakage if these "fixes" are run.
2013-06-25 22:26:20 -04:00
Rich Felker 41d7c77d6a use a common definition of NULL as 0L for C and C++
the historical mess of having different definitions for C and C++
comes from the historical C definition as (void *)0 and the fact that
(void *)0 can't be used in C++ because it does not convert to other
pointer types implicitly. however, using plain 0 in C++ exposed bugs
in C++ programs that call variadic functions with NULL as an argument
and (wrongly; this is UB) expect it to arrive as a null pointer. on
64-bit machines, the high bits end up containing junk. glibc dodges
the issue by using a GCC extension __null to define NULL; this is
observably non-conforming because a conforming application could
observe the definition of NULL via stringizing and see that it is
neither an integer constant expression with value zero nor such an
expression cast to void.

switching to 0L eliminates the issue and provides compatibility with
broken applications, since on all musl targets, long and pointers have
the same size, representation, and argument-passing convention. we
could maintain separate C and C++ definitions of NULL (i.e. just use
0L on C++ and use (void *)0 on C) but after careful analysis, it seems
extremely difficult for a C program to even determine whether NULL has
integer or pointer type, much less depend in subtle, unintentional
ways, on whether it does. C89 seems to have no way to make the
distinction. on C99, the fact that (int)(void *)0 is not an integer
constant expression, along with subtle VLA/sizeof semantics, can be
used to make the distinction, but many compilers are non-conforming
and give the wrong result to this test anyway. on C11, _Generic can
trivially make the distinction, but it seems unlikely that code
targetting C11 would be so backwards in caring which definition of
NULL an implementation uses.

as such, the simplest path of using the same definition for NULL in
both C and C++ was chosen. the #undef directive was also removed so
that the compiler can catch and give a warning or error on
redefinition if buggy programs have defined their own versions of
NULL prior to inclusion of standard headers.
2013-01-18 20:35:26 -05:00
Rich Felker d18a410bbf expose [v]asprintf under _BSD_SOURCE
reported/requested by Strake; simplified from the provided patch
2012-12-28 15:39:33 -05:00
Rich Felker 769fd4ce20 feature test macros: make _GNU_SOURCE enable everything
previously, a few BSD features were enabled only by _BSD_SOURCE, not
by _GNU_SOURCE. since _BSD_SOURCE is default in the absence of other
feature test macros, this made adding _GNU_SOURCE to a project not a
purely additive feature test macro; it actually caused some features
to be suppressed.

most of the changes made by this patch actually bring musl in closer
alignment with the glibc behavior for _GNU_SOURCE. the only exceptions
are the added visibility of functions like strlcpy which were BSD-only
due to being disliked/rejected by glibc maintainers. here, I feel the
consistency of having _GNU_SOURCE mean "everything", and especially
the property of it being purely additive, are more valuable than
hiding functions which glibc does not have.
2012-12-03 16:57:01 -05:00
Rich Felker c1a9658bd1 default features: make musl usable without feature test macros
the old behavior of exposing nothing except plain ISO C can be
obtained by defining __STRICT_ANSI__ or using a compiler option (such
as -std=c99) that predefines it. the new default featureset is POSIX
with XSI plus _BSD_SOURCE. any explicit feature test macros will
inhibit the default.

installation docs have also been updated to reflect this change.
2012-09-07 23:13:55 -04:00
Rich Felker 400c5e5c83 use restrict everywhere it's required by c99 and/or posix 2008
to deal with the fact that the public headers may be used with pre-c99
compilers, __restrict is used in place of restrict, and defined
appropriately for any supported compiler. we also avoid the form
[restrict] since older versions of gcc rejected it due to a bug in the
original c99 standard, and instead use the form *restrict.
2012-09-06 22:44:55 -04:00
Rich Felker 9bff7c133e implement "low hanging fruit" from C11
based on Gregor's patch sent to the list. includes:
- stdalign.h
- removing gets in C11 mode
- adding aligned_alloc and adjusting other functions to use it
- adding 'x' flag to fopen for exclusive mode
2012-08-25 23:15:13 -04:00
Rich Felker 617182734c add bsd fgetln function
optimized to avoid allocation and return lines directly out of the
stream buffer whenever possible.
2012-08-11 18:10:38 -04:00
Rich Felker 25b88f0810 add prototypes for getw/putw 2012-07-04 12:18:04 -04:00
Rich Felker 3b94daba71 _GNU_SOURCE is supposed to imply _LARGEFILE64_SOURCE
this is ugly and stupid, but now that the *64 symbol names exist, a
lot of broken GNU software detects them in configure, then either
breaks during build due to missing off64_t definition, or attempts to
compile without function declarations/prototypes. "fixing" it here is
easier than telling everyone to add yet another feature test macro to
their builds.
2012-06-04 08:03:56 -04:00
Rich Felker a34b0465ba there is no such GNU function fpurge, only __fpurge.
no idea where I got the idea fpurge should exist...
2012-05-28 22:54:27 -04:00
Rich Felker b63cab76ec add prototype for BSD/GNU stdio *_unlocked extension functions
also fix up distinction of what is GNU-only and what's GNU+BSD
2012-05-28 22:53:24 -04:00
Rich Felker 15c7af3e21 remove duplicate lfs64 cruft in stdio.h 2012-05-28 22:46:28 -04:00
Rich Felker 419ae6d5c9 support _BSD_SOURCE feature test macro
patch by Isaac Dunham. matched closely (maybe not exact) to glibc's
idea of what _BSD_SOURCE should make visible.
2012-05-22 21:52:08 -04:00
Rich Felker 2dd8d5e1b8 add support for ugly *64 functions with _LARGEFILE64_SOURCE
musl does not support legacy 32-bit-off_t whatsoever. off_t is always
64 bit, and correct programs that use off_t and the standard functions
will just work out of the box. (on glibc, they would require
-D_FILE_OFFSET_BITS=64 to work.) however, some programs instead define
_LARGEFILE64_SOURCE and use alternate versions of all the standard
types and functions with "64" appended to their names.

we do not want code to actually get linked against these functions
(it's ugly and inconsistent), so macros are used instead of prototypes
with weak aliases in the library itself. eventually the weak aliases
may be added at the library level for the sake of using code that was
originally built against glibc, but the macros will still be the
desired solution in the headers.
2012-05-04 00:13:23 -04:00
Rich Felker ce17ea6f2c add prototypes for GNU *_unlocked stdio functions
actually these are just weak aliases for the normal locking versions
right now, and they will probably stay that way since making them
lock-free without slowing down the normal versions would require
significant code duplication for no benefit.
2011-09-11 22:50:02 -04:00
Rich Felker d4fa6f0e08 implement fmemopen
testing so far has been minimal. may need further work.
2011-09-03 23:26:17 -04:00
Rich Felker b158b32a44 implement open_memstream
this is the first attempt, and may have bugs. only minimal testing has
been performed.
2011-09-03 00:45:21 -04:00
Rich Felker 7640497f5f implement the nonstandard GNU function fpurge
this is a really ugly and backwards function, but its presence will
prevent lots of broken gnulib software from trying to define its own
version of fpurge and thereby failing to build or worse.
2011-06-30 11:42:33 -04:00
Rich Felker e72180083e add more legacy functions: setlinebuf and setbuffer 2011-04-05 12:25:31 -04:00
Rich Felker 46b99426e1 prototypes for GNU asprintf/vasprintf 2011-02-20 17:17:09 -05:00
Rich Felker 571312de5f move stdio stuff that's not arch-specific out of bits 2011-02-15 19:47:22 -05:00
Rich Felker 80695b1d1e begin namespace-cleanup of standard C headers 2011-02-14 05:10:10 -05:00
Rich Felker 0b44a0315b initial check-in, version 0.5.0 2011-02-12 00:22:29 -05:00