Open Bug 124536 Opened 23 years ago Updated 2 years ago

Eliminate nsCRT::str* to use str* from libC

Categories

(Core :: XPCOM, defect, P5)

Product:
Core
Component:
XPCOM
Type:
defect

Tracking

()

Milestone:
mozilla1.1beta

People

(Reporter: cathleennscp, Unassigned)

References

(Depends on 2 open bugs,
URL
)

Details

(Keywords: perf, Whiteboard: [has review])

Attachments

(6 files, 3 obsolete files)

eliminate nsCRT::strlen() for char * strings
186.15 KB, patch
dp
: review+
brendan
: superreview+
Details | Diff | Splinter Review
follow up on removal of nsCRT::strlen(char* s)
7.62 KB, patch
dp
: review+
brendan
: superreview+
Details | Diff | Splinter Review
final patch, remove all nsCRT::strlen(char* s)
13.76 KB, patch
dp
: review+
brendan
: superreview+
Details | Diff | Splinter Review
clean up of str* functions in nsCRT
3.82 KB, patch
alecf
: review+
darin.moz
: superreview+
Details | Diff | Splinter Review
ansify a few more nsCRT functions
7.73 KB, patch
darin.moz
: review+
alecf
: superreview+
Details | Diff | Splinter Review
ansify a few more nsCRT functions v2
7.68 KB, patch
alecf
: superreview+
Details | Diff | Splinter Review
removes levels of indirections in code that we don't need, to improve performance. similar to bug 118135
cathleen: nsCRT::strtok() should be replaced with PL_strtok_r() (same function as strtok_r()) ...
Why do we need to use PL_strtok_r? Does any platform lack strtok_r? /be
Windows lacks strtok_r.
Target Milestone: --- → mozilla0.9.9
Blocks: 71668
Keywords: perf
eliminated 473 callers to nsCRT::strlen(char* s) and function itself.
Comment on attachment 69775 [details] [diff] [review] eliminate nsCRT::strlen() for char * strings r=dp
Attachment #69775 - Flags: review+
Comment on attachment 69775 [details] [diff] [review] eliminate nsCRT::strlen() for char * strings Go strong! Don't let any more nsCRT::strlen on char * data go in while you blink! /be
Attachment #69775 - Flags: superreview+
This caused mac/beos bustage because of bug 102980 - if size_t is unsigned long, rather than unsigned int, then the overloading between the two versions of nsCRT::strncmp we have is ambiguous. I imagine that that bug will be fixed for char* when you use the native strncmp, though, although it won't fix the prunichar* case.
nsCRT.h still includes a comment for the now-removed nsCRT::memcpy function, maybe you can remove it while you're at the file. ( http://lxr.mozilla.org/seamonkey/source/xpcom/ds/nsCRT.h#111 )
Comment on attachment 69775 [details] [diff] [review] eliminate nsCRT::strlen() for char * strings I landed all changes in this patch (for last 2 days), except removing actual nsCRT::strlen(char* s) function itself. A new patch to flow up for diff left to land.
remove nsCRT::strlen(char* s)and fixed up comments in nsCRT.h added back changes that was erased by taka's check-ins in mailnews.
Comment on attachment 70658 [details] [diff] [review] follow up on removal of nsCRT::strlen(char* s) >+ *** In addition, the follwoing char* string utilities >+ *** are no longer supported either. Plse use lib C also. Typo for 'following' and 'please'
just a reminder that you can't whack strcasecmp/strncasecmp or strdup. /** Compute the string length of s @param s the string in question @return the length of s */ - static PRUint32 strlen(const char* s) { - return PRUint32(::strlen(s)); - } also, please don't remove a function without removing its comment. doing so will mess up things like http://unstable.elemental.com/mozilla/build/latest/mozilla/xpcom/dox/classnsCRT .html (or humans trying to read the code...)
I will remove this comment, when the last str* function is removed. Right now, I plan to leave it in till then. :-) /** Compute the string length of s @param s the string in question @return the length of s */ - static PRUint32 strlen(const char* s) { - return PRUint32(::strlen(s)); - }
Attachment #70658 - Attachment is obsolete: true
same as attachment 70658 [details] [diff] [review], fixed typos in comments :-) remove nsCRT::strlen(char* s) and updated comments in nsCRT.h added back changes that was erased by taka's check-ins in mailnews.
Comment on attachment 70750 [details] [diff] [review] follow up on removal of nsCRT::strlen(char* s) r=dp
Attachment #70750 - Flags: review+
Comment on attachment 70750 [details] [diff] [review] follow up on removal of nsCRT::strlen(char* s) sr=brendan@mozilla.org
Attachment #70750 - Flags: superreview+
Comment on attachment 70750 [details] [diff] [review] follow up on removal of nsCRT::strlen(char* s) a=roc+moz for 0.9.9
Attachment #70750 - Flags: approval+
Keywords: mozilla1.0+
Target Milestone: mozilla0.9.9 → mozilla1.0
Comment on attachment 70750 [details] [diff] [review] follow up on removal of nsCRT::strlen(char* s) removing approval. if this still needs to land please re-request approval from drivers. thanks.
Attachment #70750 - Flags: approval+
After examing the usage of 'strlen' for some time, I think it is a better way to encapsulate the function. Because if we pass a parameter of NULL to 'strlen', the application will crash. The attachment I give today(04/01/2002) is an example to show the crash. I've verified this on both Win2k and Solaris. And I find that in mozilla a lot of people doesn't check the parameter before passing it in. So this is a very serious implied problem. I'm not sure if I should file a new bug or keep on working on this bug, so I just discuss this issue here first. If you think I should file a new bug, just tell me. BTW: I'll try to give a patch for the encapsulation with almost no performance lost soon, so this issue may be discussed more clearly and quickly.
It is a foundation stability problem to encapsulat the C function 'strlen'. If we do this, we can make mozilla more stable.
I agree with henry, just like NSPR we use NSPR, will lose some perf, but at the same time, we can use it more safely.
This is the patch for encapsulating the C function 'strlen'. Using the encapsulating function 'nsCRT::strlen' instead of directly using the C function 'strlen' will cause almost no performance lose in average. Although it will add a comparing operation, the operation will use very little time and when the parameter string is NULL, there is no need to call the C function and directly return 0. If this patch can be r= and sr=, we need to go back to reuse the original nsCRT::strlen instead of direct strlen. So although I strongly suggest to encapsulating 'strlen', we must think this issue clearly. If we need to reuse nsCRT::strlen, I volunteer to do this work. BTW: Other similliar functions, such as str*, printf, etc, also need to be taken into account.
By using NSPR, we can not only make mozilla cross-platform, but also give out a set of APIs which are more stable and more easy to use.
NSPR does not wrap ("encapsulate") all Standard C and C++ functions, nor should it. Besides defeating optimizations where the compiler can disambiguate strlen and inline it appropriately, such wrapping adds cost. We do not know how high that cost is without measuring real-world benchmarks with and without wrapping. Then there is the question of null-testing char * or const char * in parameters. If we had been null-testing the parameter to nsCRT::strlen(const char* s) for years, then I would agree that we can't stop checking for null. However, nsCRT::strlen has *never* null-tested s. The standard C function strlen does not null-test either. So I claim we should not keep nsCRT::strlen, because (1) we do not want any overhead of wrapping, however small it appears without measurement; (2) we do not want any overhead of null-testing, same reason; (3) we do not need null-testing for nsCRT.h "API compatibility", and now is not the time to be changing the API semantics. Let's not actually encourage callers to be sloppy about null vs. a valid char pointer. A C string is referenced via a (const or not) char *, which is never null. The C standard doesn't allow null as a valid parameter to strlen, and neither should Mozilla allow it in any strlen-like wrapper, or pass null into anything named strlen. /be
What's more, all this talk about "stability" and "portability" is conjecture. We have code that is highly portable already. Until someone can demonstrate a real world portability problem that requires wrapping strlen or other standard C library functions, we should do nothing. To do the opposite in the name of some abstract good such as stability or portability is to bloat code and add cycle costs without reason. /be
Henry Jia: If someone hits the "|strlen(NULL)|-causes-crash"-issue in a production build he/she can use |% export LD_PRELOAD=/usr/lib/0@0.so.1; ./mozilla| in Solaris to work around these crashes (0@0.so.1 maps a zero-filled page at the address 0 to make it a valid address) ...
If someone finds strlen(NULL) being called, then they can file a bug so that the code cam be fixed.
Anyway, I still stick to my opinion for the following reasons. 1. PL_strlen wrap strlen with the null parameter checking (http://lxr.mozilla.org/seamonkey/source/nsprpub/lib/libc/src/strlen.c#40). And it still be used in the trunk code. Since we're trying to eliminate it, we should pay attention to the places in which it is used. 2. I still think by wraping strlen, we can make mozilla programming more easy and safe.
I'm against using PR_strlen, it's much slower than simply using strlen(), because a) it's not inlined and b) it does the null check For several years we have not null checked strings passed into strlen, why should we start now?
I think we should file a bug to get PL_strlen() removed from NSPR code. |strlen()| is part of ANSI-C and there is AFAIK no need to keep it around... brendan ?
As wtc wrote elsewhere, NSPR has been around for many years, and it keeps compatibility according to some strict rules. It's not about to remove the PL_str* wrappers, on that account, but they are deprectated, and there is *no good reason* to use them where standard C provides working counterparts, and where no one passes in null. /be
Brendan wrote: > and there is *no good reason* to use them where standard C provides > working counterparts, and where no one passes in null. Did you ever make a search how many people use PL_strlen() ? I think we should put a LARGE comment (like "do not use - deprectated") into the header file and source because some people still think that PL_strlen() is mandatory... ;-(
Roland: sorry I misspelled "deprecated" (a typo), please don't repeat my mistake. You might file a bug on NSPR asking for deprecation comments, but wtc is cc'd here, so let's ask him first. wtc, what do you say to deprecation comments? /be
Sure. We should go one step further and implement PL_strxxx as a call to strxxx if strxxx is a standard C library function. This will reduce the performance penalty of PL_strxxx to function call overhead and the inability of inlining by compilers.
Mmmmm... I agree with you guys. If you decide to do something more on this, don't forget to tell me. I volunteer.
Attachment #76999 - Attachment is obsolete: true
Attachment #76993 - Attachment is obsolete: true
attatchment 70750 had landed back in Feb (for 0.9.9). This new patch cleans up all final traces and creep backs, over last 3 mo.
Shouldn't the patch also remove the nsCRT::strlen function itself, to ensure that it's not used anymore?
yes, of course. removing nsCRT::strlen(char* s) is part of the latest patch.
Comment on attachment 86137 [details] [diff] [review] final patch, remove all nsCRT::strlen(char* s) sr=brendan@mozilla.org /be
Attachment #86137 - Flags: superreview+
oh indeed. but it leaves the comment about the function's usage in, shouldn't that be removed as well?
Comment on attachment 86137 [details] [diff] [review] final patch, remove all nsCRT::strlen(char* s) r=dp
Attachment #86137 - Flags: review+
Whiteboard: [has review]
Target Milestone: mozilla1.0 → mozilla1.1beta
Depends on: 150073
this patch eliminates nsCRT::str* call instructions, and only native str* appears in generated assembly code.
Comment on attachment 117671 [details] [diff] [review] clean up of str* functions in nsCRT sr=darin
Attachment #117671 - Flags: superreview+
Comment on attachment 117671 [details] [diff] [review] clean up of str* functions in nsCRT alec: can you review this. thx!
Attachment #117671 - Flags: review?(alecf)
The nspr strcmp is null-safe, whilst the libc ones (and thus these replacements) aren't. Hopefully noone tries to pass a null string in, though.
Comment on attachment 117671 [details] [diff] [review] clean up of str* functions in nsCRT can't we use configure to check for stricmp and friends? I'm concerned that XP_UNIX won't be enough... a simple one or two line check in configure.in, something like AC_CHECK_FUNCS(stricmp, strnicmp)
Attachment #117671 - Flags: review?(alecf) → review-
alec: i originally wrote some configure.in checks, but they weren't being executed on windows... asked seawood... and he said, use an #ifdef in the header file. turns out most of the checks we run in configure.in are disabled for WIN32.
Comment on attachment 117671 [details] [diff] [review] clean up of str* functions in nsCRT ah ok. r=alecf
Attachment #117671 - Flags: review- → review+
yeah, darin said it. :-) thanks guys! :-)
bbaetz: you mean null pointer, not null string -- the latter is ambiguous, often meaning an empty string. Null-the-pointer (0 in a pointer context) is not a valid C string (char * or const char *) value. I hope we can safely assert this in all of our code! /be
Just for clarification, I said that there's no need to add a configure check for strlen because it's in the ANSI C standard and we're already using it (w/o nsCRT:: or PL_) in numerous places in the code. Unless we have reason to believe strcasecmp isn't available on some platform, I wouldn't bother with a check there either. I'm guessing from the patch that it's not available on win32 & os2 so we probably should add a check for it. (Not that we should hold the patch for it.)
so, there are some hangups with this patch. namely, linux (RH7.3) doesn't provide strcasecmp or strncasecmp unless __USE_BSD is defined above #include <string.h>. that means we are going to need some configure.in magic... but i worry that setting such defines (maybe _BSD_SOURCE is equivalent) globably would have some side effect? also, bbaetz's point is very good... i don't know if we want to bite the bullet and risk unprotected strcmp. we could just implement nsCRT::strcmp like this: PRInt32 strcmp(const char *s1, const char *s2) { if (!s1 || !s2) return PRInt32(s1 - s2); return ::strcmp(s1, s2); } but now this might end up increasing code size :( thoughts?
brendan: Yeah, thats what I meant. I hope we can assert that too, but given how long these have tested their arguments.... The compielr should be bale to optimise the inlined null check out when it can prove that the result isn't null. I'm happy with it as is, but we could assert and test for a few weeks if others aren't, and see if anyone gets caught. I jsut wanted to mention it...
I think the only adverse side-effect -D_BSD_SOURCE would have is to enable a bunch of annoying warnings. That was the reason we started using _POSIX_SOURCE way back when. We could just remove the *_SOURCE defines from configure.in and have all of the default glibc API (which includes bsd routines) available.
seawood: yeah, there are several places where we have to add -D_BSD_SOURCE to build specific files: xpcom/io, netwerk/base/src, netwerk/cache/src. ftruncate being one such system call that we use in necko. if you are ok eliminating _POSIX_SOURCE, then i think we should just do that. it would greatly simplify using the extended functions.
Bug 209499 is similar to this one. I have started to remove uses of PL_str* functions. Seeking review.
this removes/cleans up a few methods to use ANSI C functions.
Attachment #135654 - Flags: superreview?(alecf)
Attachment #135654 - Flags: review?(darin)
oh, regarding the comment in strncasecmp - i checked all the usages in the tree, and no one's abusing the return value. it seems that comment was added at the same time as an identical one in xpcom/string, so it probably has no significance. i also don't see what it means by "very negative numbers". PL_strncasecmp will return the difference between two |char| values when the strings differ, so it could at most be -128.
Comment on attachment 135654 [details] [diff] [review] ansify a few more nsCRT functions did you try compiling with this? I feel like we're using some of the nsCRT::strncmp stuff in templates..i.e. so you can apply it in template<T> int MyCompare(T* a, T* b) { return nsCRT::strncmp(a, b, 100); } I tried to remove these once before and I think it was darin who objected for that reason anyway, sr=alecf on all the non-inlined stuff for inline stuff like nsCRT::strncmp() which is just a direct forward to the libc version, I don't feel like they're doing much harm (But maybe we still need to update the comment there!)
Attachment #135654 - Flags: superreview?(alecf) → superreview+
yup, i did build with this... but egads, looking at it now, there's a pretty nice mistake(?) in the current nsCRT.h, and in my patch... http://lxr.mozilla.org/seamonkey/source/xpcom/ds/nsCRT.h#144 http://lxr.mozilla.org/seamonkey/source/xpcom/ds/nsCRT.h#164 so we have two of the same method, with different types of the integer arg! that can't be right... anyway, what would eventually be nice to do is make nsCRT a home for libc wrappers that aren't available in ANSI C (like cathleen tried to do for strcasecmp here). then we could start removing usages of the (inherently much slower) PL_* functions that these replace, such as PL_strcasecmp. eliminating the ANSI C wrappers we have now would also be nice, especially since they call PL_str* versions which are inherently slower. those consumers that explicitly need nullsafety could either add the checks themselves, or use the PL_str* versions. but that's not too big of a deal. anyway, which comment were you referring to alec? ;)
remove the duplicate fn... took the safe route and removed the non-nullsafe one. i'll fix the callers of this method to do the right thing at some other point.
Comment on attachment 135660 [details] [diff] [review] ansify a few more nsCRT functions v2 alec, could i get you to sr this again? :/
Attachment #135660 - Flags: superreview?(alecf)
Be very careful. Thats not a mistake, its on purpose, it appears. See bug 102980.
Attachment #135654 - Flags: review?(darin) → review+
hmm... nice. thanks bbaetz. so, my build compiles fine with the duplicate function removed... are there any platforms that might break (i.e. if a consumer was trying to pass a PRInt32, and the compiler decides the remaining PRUint32 prototype isn't compatible)? otherwise i think we *should* be able to remove it... so my sr request still stands.
Since we no longer need to worry about Mac OS9, you should also be able to ditch PL_strdup in favor of strdup, I think.
Have you checked that every platform has strdup? It is not part of the C standard, at least not C90. I'd expect that some of the older UNIX platforms lack it. strcat, strcmp, etc are good functions to use directly, but in general strdup is not.
i'm not too fussed about strdup... my patch breaks PL_strdup down into a strlen/malloc/memcpy anyway, and the malloc is slow, so it's not perf-critical :) if we wanted to do something like that, we'd probably have to go for a configure test.
Aaron: as I remember it, when people used to check in code with strdup() in it, Mac OS9 tinderboxen were the only ones that broke. It's possible that I'm misremembering, however. As dwitte points out, an autoconf test would be ideal.
>i'm not too fussed about strdup... my patch breaks PL_strdup down into a >strlen/malloc/memcpy anyway, and the malloc is slow, so it's not perf-critical :) incidentally, dbaron mentioned that he compared GLIBC's strdup against strlen+malloc+memcpy and found the latter to be faster! the reason, he said, had to do with strdup copying the data byte-by-byte. memcpy on the other hand copies data one WORD at a time (modulo special handling at the beginning and end). of course, this may have been fixed in more recent GLIBC versions :)
in cvs head glibc sources, strdup does exactly that - strlen/malloc/memcpy. so i doubt this is something to worry much about :)
Comment on attachment 135660 [details] [diff] [review] ansify a few more nsCRT functions v2 well then, sr=alecf
Attachment #135660 - Flags: superreview?(alecf) → superreview+
*** Bug 102980 has been marked as a duplicate of this bug. ***
in /netwerk/cache still nsCRT:: strdup, and ::strcmp are used, can these also be replaced with PL_strdup and libc:strcmp?
*** Bug 105482 has been marked as a duplicate of this bug. ***
> replaced with PL_strdup be careful with allocators
Component: XP Miscellany → XPCOM
Assignee: cathleennscp → nobody
QA Contact: brendan → xpcom
See bug 181295 for discussion on PL_strdup (that needs to match PL_strfree).
Depends on: 743581
Filing a blocking bug to replace the nsCRT::strcmp with the libc::strmcp
Depends on: 791546
Depends on: 798840
Priority: -- → P5
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: