- commented author name and email address(es)
- commented GPL boilerplate
- commented longer description / notes for the program (if needed)
- - #includes and #defines
+ - #includes of .h files with angle brackets (<>) around them
+ - #includes of .h files with quotes ("") around them
+ - #defines (if any, note the section below titled "Avoid the Preprocessor")
- const and global variables
- function declarations (if necessary)
- function implementations
Don't do this either:
while (!done){
+
do{
+ And for heaven's sake, don't do this:
+
+ while (!done)
+ {
+
+ do
+ {
+
Do this instead:
while (!done) {
+
do {
-Paren Spacing
-~~~~~~~~~~~~~
+Spacing around Parentheses
+~~~~~~~~~~~~~~~~~~~~~~~~~~
-Put a space between C keywords and left parens, but not between
-function names and the left paren that starts it's parameter list (whether it
-is being declared or called). Examples:
+Put a space between C keywords and left parens, but not between function names
+and the left paren that starts it's parameter list (whether it is being
+declared or called). Examples:
Don't do this:
...
baz = my_func(1, 2);
+Also, don't put a space between the left paren and the first term, nor between
+the last arg and the right paren.
+
+ Don't do this:
+
+ if ( x < 1 )
+ strcmp( thisstr, thatstr )
+
+ Do this instead:
+
+ if (x < 1)
+ strcmp(thisstr, thatstr)
+
Cuddled Elses
~~~~~~~~~~~~~
acceptable). Using underscores makes variable and function names more readable
because it looks like whitespace; using lower-case is easy on the eyes.
-Note: The Busybox codebase is very much a mixture of code gathered from a
-variety of sources. This explains why the current codebase contains such a
-hodge-podge of different naming styles (Java, Pascal, K&R, just-plain-weird,
-etc.). The K&R guideline explained above should therefore be used on new files
-that are added to the repository. Furthermore, the maintainer of an existing
-file that uses alternate naming conventions should -- at his own convenience --
-convert those names over to K&R style; converting variable names is a very low
-priority task. Perhaps in the future we will include some magical Perl script
-that can go through and convert files -- left as an exercise to the reader for
-now.
+ Frowned upon:
+
+ hitList
+ TotalChars
+ szFileName
+ pf_Nfol_TriState
+
+ Preferred:
+
+ hit_list
+ total_chars
+ file_name
+ sensible_name
+
+Exceptions:
+
+ - Enums, macros, and constant variables are occasionally written in all
+ upper-case with words optionally seperatedy by underscores (i.e. FIFOTYPE,
+ ISBLKDEV()).
+
+ - Nobody is going to get mad at you for using 'pvar' as the name of a
+ variable that is a pointer to 'var'.
+
+
+Converting to K&R
+~~~~~~~~~~~~~~~~~
+
+The Busybox codebase is very much a mixture of code gathered from a variety of
+sources. This explains why the current codebase contains such a hodge-podge of
+different naming styles (Java, Pascal, K&R, just-plain-weird, etc.). The K&R
+guideline explained above should therefore be used on new files that are added
+to the repository. Furthermore, the maintainer of an existing file that uses
+alternate naming conventions should, at his own convenience, convert those
+names over to K&R style. Converting variable names is a very low priority
+task.
+
+If you want to do a search-and-replace of a single variable name in different
+files, you can do the following in the busybox directory:
+
+ $ perl -pi -e 's/\bOldVar\b/new_var/g' *.[ch]
+
+If you want to convert all the non-K&R vars in your file all at once, follow
+these steps:
+
+ - In the busybox directory type 'examples/mk2knr.pl files-to-convert'. This
+ does not do the actual conversion, rather, it generates a script called
+ 'convertme.pl' that shows what will be converted, giving you a chance to
+ review the changes beforehand.
+
+ - Review the 'convertme.pl' script that gets generated in the busybox
+ directory and remove / edit any of the substitutions in there. Please
+ especially check for false positives (strings that should not be
+ converted).
+
+ - Type './convertme.pl same-files-as-before' to perform the actual
+ conversion.
+
+ - Compile and see if everything still works.
+
+Please be aware of changes that have cascading effects into other files. For
+example, if you're changing the name of something in, say utility.c, you
+should probably run 'examples/mk2knr.pl utility.c' at first, but when you run
+the 'convertme.pl' script you should run it on _all_ files like so:
+'./convertme.pl *.[ch]'.
}
Static inline functions are greatly preferred over macros. They provide type
-safety, have no length limitations, no formatting limitations, and under gcc
-they are as cheap as macros. Besides, really long macros with backslashes at
-the end of each line are ugly as sin.
+safety, have no length limitations, no formatting limitations, have an actual
+return value, and under gcc they are as cheap as macros. Besides, really long
+macros with backslashes at the end of each line are ugly as sin.
The Folly of #ifdef
~~~~~~~~~~~~~~~~~~~
Code cluttered with ifdefs is difficult to read and maintain. Don't do it.
-Instead, put your ifdefs in a header, and conditionally define 'static inline'
-functions, (or *maybe* macros), which are used in the code.
+Instead, put your ifdefs at the top of your .c file (or in a header), and
+conditionally define 'static inline' functions, (or *maybe* macros), which are
+used in the code.
Don't do this:
ret = my_func(bar, baz);
if (!ret)
return -1;
- #ifdef BB_FEATURE_FUNKY
+ #ifdef CONFIG_FEATURE_FUNKY
maybe_do_funky_stuff(bar, baz);
#endif
(in .h header file)
- #ifndef BB_FEATURE_FUNKY
+ #ifdef CONFIG_FEATURE_FUNKY
+ static inline void maybe_do_funky_stuff (int bar, int baz)
+ {
+ /* lotsa code in here */
+ }
+ #else
static inline void maybe_do_funky_stuff (int bar, int baz) {}
#endif
maybe_do_funky_stuff(bar, baz);
The great thing about this approach is that the compiler will optimize away
-the "no-op" case when the feature is turned off.
+the "no-op" case (the empty function) when the feature is turned off.
Note also the use of the word 'maybe' in the function name to indicate
conditional execution.
that ain't the world we're living in.
+Avoid Dangerous String Functions
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Unfortunately, the way C handles strings makes them prone to overruns when
+certain library functions are (mis)used. The following table offers a summary
+of some of the more notorious troublemakers:
+
+function overflows preferred
+----------------------------------------
+strcpy dest string strncpy
+strcat dest string strncat
+gets string it gets fgets
+getwd buf string getcwd
+[v]sprintf str buffer [v]snprintf
+realpath path buffer use with pathconf
+[vf]scanf its arguments just avoid it
+
+
+The above is by no means a complete list. Be careful out there.
+
+
+
+Avoid Big Static Buffers
+------------------------
+
+First, some background to put this discussion in context: Static buffers look
+like this in code:
+
+ /* in a .c file outside any functions */
+ static char *buffer[BUFSIZ]; /* happily used by any function in this file,
+ but ick! big! */
+
+The problem with these is that any time any busybox app is run, you pay a
+memory penalty for this buffer, even if the applet that uses said buffer is
+not run. This can be fixed, thusly:
+
+ static char *buffer;
+ ...
+ other_func()
+ {
+ strcpy(buffer, lotsa_chars); /* happily uses global *buffer */
+ ...
+ foo_main()
+ {
+ buffer = xmalloc(sizeof(char)*BUFSIZ);
+ ...
+
+However, this approach trades bss segment for text segment. Rather than
+mallocing the buffers (and thus growing the text size), buffers can be
+declared on the stack in the *_main() function and made available globally by
+assigning them to a global pointer thusly:
+
+ static char *pbuffer;
+ ...
+ other_func()
+ {
+ strcpy(pbuffer, lotsa_chars); /* happily uses global *pbuffer */
+ ...
+ foo_main()
+ {
+ char *buffer[BUFSIZ]; /* declared locally, on stack */
+ pbuffer = buffer; /* but available globally */
+ ...
+
+This last approach has some advantages (low code size, space not used until
+it's needed), but can be a problem in some low resource machines that have
+very limited stack space (e.g., uCLinux).
+
+A macro is declared in busybox.h that implements compile-time selection
+between xmalloc() and stack creation, so you can code the line in question as
+
+ RESERVE_CONFIG_BUFFER(buffer, BUFSIZ);
+
+and the right thing will happen, based on your configuration.
+
+
Miscellaneous Coding Guidelines
-------------------------------
formatting, options, etc.), model it after the equivalent GNU program.
Doesn't matter how that program behaves on some other flavor of *NIX; doesn't
matter what the POSIX standard says or doesn't say, just model Busybox
-programs after their GNU counterparts and nobody has to get hurt.
+programs after their GNU counterparts and it will make life easier on (nearly)
+everyone.
The only time we deviate from emulating the GNU behavior is when:
switch)
- Emulating the GNU behavior is prohibitively expensive (lots more code
would be required, lots more memory would be used, etc.)
- - The differce is minor or cosmetic
+ - The difference is minor or cosmetic
A note on the 'cosmetic' case: Output differences might be considered
cosmetic, but if the output is significant enough to break other scripts that
If a const variable is used only in a single source file, put it in the source
file and not in a header file. Likewise, if a const variable is used in only
one function, do not make it global to the file. Instead, declare it inside
-the function body. Bottom line: Make a concious effort to limit declarations
+the function body. Bottom line: Make a conscious effort to limit declarations
to the smallest scope possible.
Inside applet files, all functions should be declared static so as to keep the
Don't do this:
if (foo)
- stmt;
- else
- stmt;
+ stmt1;
+ stmt2
+ stmt3;
Do this instead:
if (foo) {
- stmt;
- } else {
- stmt;
+ stmt1;
}
+ stmt2
+ stmt3;
The "bracketless" approach is error prone because someday you might add a line
like this:
if (foo)
- stmt;
+ stmt1;
new_line();
- else
- stmt;
+ stmt2
+ stmt3;
And the resulting behavior of your program would totally bewilder you. (Don't
laugh, it happens to us all.) Remember folks, this is C, not Python.
....
The only time you would ever need to use the old declaration syntax is to
-support ancient, antedeluvian compilers. To our good fortune, we have access
+support ancient, antediluvian compilers. To our good fortune, we have access
to more modern compilers and the old declaration syntax is neither necessary
nor desired.
+
+Emphasizing Logical Blocks
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Organization and readability are improved by putting extra newlines around
+blocks of code that perform a single task. These are typically blocks that
+begin with a C keyword, but not always.
+
+Furthermore, you should put a single comment (not necessarily one line, just
+one comment) before the block, rather than commenting each and every line.
+There is an optimal ammount of commenting that a program can have; you can
+comment too much as well as too little.
+
+A picture is really worth a thousand words here, the following example
+illustrates how to emphasize logical blocks:
+
+ while (line = get_line_from_file(fp)) {
+
+ /* eat the newline, if any */
+ chomp(line);
+
+ /* ignore blank lines */
+ if (strlen(file_to_act_on) == 0) {
+ continue;
+ }
+
+ /* if the search string is in this line, print it,
+ * unless we were told to be quiet */
+ if (strstr(line, search) && !be_quiet) {
+ puts(line);
+ }
+
+ /* clean up */
+ free(line);
+ }
+
+
+Processing Options with getopt
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+If your applet needs to process command-line switches, please use getopt() to
+do so. Numerous examples can be seen in many of the existing applets, but
+basically it boils down to two things: at the top of the .c file, have this
+line in the midst of your #includes:
+
+ #include <getopt.h>
+
+And a code block similar to the following near the top of your applet_main()
+routine:
+
+ while ((opt = getopt(argc, argv, "abc")) > 0) {
+ switch (opt) {
+ case 'a':
+ do_a_opt = 1;
+ break;
+ case 'b':
+ do_b_opt = 1;
+ break;
+ case 'c':
+ do_c_opt = 1;
+ break;
+ default:
+ show_usage(); /* in utility.c */
+ }
+ }
+
+If your applet takes no options (such as 'init'), there should be a line
+somewhere in the file reads:
+
+ /* no options, no getopt */
+
+That way, when people go grepping to see which applets need to be converted to
+use getopt, they won't get false positives.
+
+Additional Note: Do not use the getopt_long library function and do not try to
+hand-roll your own long option parsing. Busybox applets should only support
+short options. Explanations and examples of the short options should be
+documented in usage.h.
projects / oweals / busybox.git / blobdiff