stdio: don't require ignore_value around fwrite

This patch works around libc bug 11959
<http://sources.redhat.com/bugzilla/show_bug.cgi?id=11959>.
Without this patch, applications must often write
ignore_value (fwrite (...)) even though the ignore_value is
not helpful here.  It's common to write many objects, using
fwrite/printf/etc., and then use ferror to detect output error.

I considered making this patch optional, but decided against it,
because libc is obviously being inconsistent here: there is no
reason libc should insist that user code must inspect fwrite
return's value without also insisting that it inspect printf's,
putchar's, etc.  If user code wants to have a strict style where
all these functions' values are checked (so that ferror need not
be checked), we could add support for that style in a new gnulib
module, but in the meantime it's better to be consistent and to
support common usage.

* lib/stdio.in.h (rpl_fwrite): Define this wrapper around fwrite,
to work around libc bug 11959, if __USE_FORTIFY_LEVEL indicates
that we are compiling in checking mode, and if not C++, and
if not already wrapping fwrite for some other reason.
(fwrite): #define to rpl_fwrite if the latter is defined.

diff --git a/ChangeLog b/ChangeLog
index 4dda753..168a6e9 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,30 @@
+2011-03-20  Paul Eggert  <eggert@cs.ucla.edu>
+
+       stdio: don't require ignore_value around fwrite
+
+       This patch works around libc bug 11959
+       <http://sources.redhat.com/bugzilla/show_bug.cgi?id=11959>.
+       Without this patch, applications must often write
+       ignore_value (fwrite (...)) even though the ignore_value is
+       not helpful here.  It's common to write many objects, using
+       fwrite/printf/etc., and then use ferror to detect output error.
+
+       I considered making this patch optional, but decided against it,
+       because libc is obviously being inconsistent here: there is no
+       reason libc should insist that user code must inspect fwrite
+       return's value without also insisting that it inspect printf's,
+       putchar's, etc.  If user code wants to have a strict style where
+       all these functions' values are checked (so that ferror need not
+       be checked), we could add support for that style in a new gnulib
+       module, but in the meantime it's better to be consistent and to
+       support common usage.
+
+       * lib/stdio.in.h (rpl_fwrite): Define this wrapper around fwrite,
+       to work around libc bug 11959, if __USE_FORTIFY_LEVEL indicates
+       that we are compiling in checking mode, and if not C++, and
+       if not already wrapping fwrite for some other reason.
+       (fwrite): #define to rpl_fwrite if the latter is defined.
+
 2011-03-20  Bruno Haible  <bruno@clisp.org>
 
        verror: Fix compilation error introduced on 2011-02-13.

diff --git a/lib/stdio.in.h b/lib/stdio.in.h
index b5083d1..816c9f2 100644 (file)
--- a/lib/stdio.in.h
+++ b/lib/stdio.in.h
@@ -496,6 +496,23 @@ _GL_CXXALIAS_RPL (fwrite, size_t,
 # else
 _GL_CXXALIAS_SYS (fwrite, size_t,
                   (const void *ptr, size_t s, size_t n, FILE *stream));
+
+/* Work around glibc bug 11959
+   <http://sources.redhat.com/bugzilla/show_bug.cgi?id=11959>,
+   which sometimes causes an unwanted diagnostic for fwrite calls.
+   This affects only function declaration attributes, so it's not
+   needed for C++.  */
+#  if !defined __cplusplus && 0 < __USE_FORTIFY_LEVEL
+static inline size_t _GL_ARG_NONNULL ((1, 4))
+rpl_fwrite (const void *ptr, size_t s, size_t n, FILE *stream)
+{
+  size_t r = fwrite (ptr, s, n, stream);
+  (void) r;
+  return r;
+}
+#   undef fwrite
+#   define fwrite rpl_fwrite
+#  endif
 # endif
 _GL_CXXALIASWARN (fwrite);
 #endif