| blob | 054cf3f1079aef153ba742792ee2565e5f60c443 |
1 Coding conventions in the Samba tree
2 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
4 .. contents::
6 ===========
7 Quick Start
8 ===========
10 Coding style guidelines are about reducing the number of unnecessary
11 reformatting patches and making things easier for developers to work
12 together.
13 You don't have to like them or even agree with them, but once put in place
14 we all have to abide by them (or vote to change them). However, coding
15 style should never outweigh coding itself and so the guidelines
16 described here are hopefully easy enough to follow as they are very
17 common and supported by tools and editors.
19 The basic style for C code, also mentioned in prog_guide4.txt, is the Linux kernel
20 coding style (See Documentation/CodingStyle in the kernel source tree). This
21 closely matches what most Samba developers use already anyways, with a few
22 exceptions as mentioned below.
24 The coding style for Python code is documented in PEP8,
25 http://www.python.org/pep/pep8 (with spaces).
26 If you have ever worked on another free software Python project, you are
27 probably already familiar with it.
29 But to save you the trouble of reading the Linux kernel style guide, here
30 are the highlights.
32 * Maximum Line Width is 80 Characters
33 The reason is not about people with low-res screens but rather sticking
34 to 80 columns prevents you from easily nesting more than one level of
35 if statements or other code blocks. Use source3/script/count_80_col.pl
36 to check your changes.
38 * Use 8 Space Tabs to Indent
39 No whitespace fillers.
41 * No Trailing Whitespace
42 Use source3/script/strip_trail_ws.pl to clean up your files before
43 committing.
45 * Follow the K&R guidelines. We won't go through all of them here. Do you
46 have a copy of "The C Programming Language" anyways right? You can also use
47 the format_indent.sh script found in source3/script/ if all else fails.
51 ============
52 Editor Hints
53 ============
55 Emacs
56 -----
57 Add the follow to your $HOME/.emacs file:
59 (add-hook 'c-mode-hook
60 (lambda ()
61 (c-set-style "linux")
62 (c-toggle-auto-state)))
65 Vi
66 --
67 (Thanks to SATOH Fumiyasu <fumiyas@osstech.jp> for these hints):
69 For the basic vi editor included with all variants of \*nix, add the
70 following to $HOME/.exrc:
72 set tabstop=8
73 set shiftwidth=8
75 For Vim, the following settings in $HOME/.vimrc will also deal with
76 displaying trailing whitespace:
78 if has("syntax") && (&t_Co > 2 || has("gui_running"))
79 syntax on
80 function! ActivateInvisibleCharIndicator()
81 syntax match TrailingSpace "[ \t]\+$" display containedin=ALL
82 highlight TrailingSpace ctermbg=Red
83 endf
84 autocmd BufNewFile,BufRead * call ActivateInvisibleCharIndicator()
85 endif
86 " Show tabs, trailing whitespace, and continued lines visually
87 set list listchars=tab:»·,trail:·,extends:…
89 " highlight overly long lines same as TODOs.
90 set textwidth=80
91 autocmd BufNewFile,BufRead *.c,*.h exec 'match Todo /\%>' . &textwidth . 'v.\+/'
93 clang-format
94 ------------
95 BasedOnStyle: LLVM
96 IndentWidth: 8
97 UseTab: true
98 BreakBeforeBraces: Linux
99 AllowShortIfStatementsOnASingleLine: false
100 IndentCaseLabels: false
101 BinPackParameters: false
102 BinPackArguments: false
105 =========================
106 FAQ & Statement Reference
107 =========================
109 Comments
110 --------
112 Comments should always use the standard C syntax. C++
113 style comments are not currently allowed.
115 The lines before a comment should be empty. If the comment directly
116 belongs to the following code, there should be no empty line
117 after the comment, except if the comment contains a summary
118 of multiple following code blocks.
120 This is good:
122 ...
123 int i;
125 /*
126 * This is a multi line comment,
127 * which explains the logical steps we have to do:
128 *
129 * 1. We need to set i=5, because...
130 * 2. We need to call complex_fn1
131 */
133 /* This is a one line comment about i = 5. */
134 i = 5;
136 /*
137 * This is a multi line comment,
138 * explaining the call to complex_fn1()
139 */
140 ret = complex_fn1();
141 if (ret != 0) {
142 ...
144 /**
145 * @brief This is a doxygen comment.
146 *
147 * This is a more detailed explanation of
148 * this simple function.
149 *
150 * @param[in] param1 The parameter value of the function.
151 *
152 * @param[out] result1 The result value of the function.
153 *
154 * @return 0 on success and -1 on error.
155 */
156 int example(int param1, int *result1);
158 This is bad:
160 ...
161 int i;
162 /*
163 * This is a multi line comment,
164 * which explains the logical steps we have to do:
165 *
166 * 1. We need to set i=5, because...
167 * 2. We need to call complex_fn1
168 */
169 /* This is a one line comment about i = 5. */
170 i = 5;
171 /*
172 * This is a multi line comment,
173 * explaining the call to complex_fn1()
174 */
175 ret = complex_fn1();
176 if (ret != 0) {
177 ...
179 /*This is a one line comment.*/
181 /* This is a multi line comment,
182 with some more words...*/
184 /*
185 * This is a multi line comment,
186 * with some more words...*/
188 Indention & Whitespace & 80 columns
189 -----------------------------------
191 To avoid confusion, indentations have to be tabs with length 8 (not 8
192 ' ' characters). When wrapping parameters for function calls,
193 align the parameter list with the first parameter on the previous line.
194 Use tabs to get as close as possible and then fill in the final 7
195 characters or less with whitespace. For example,
197 var1 = foo(arg1, arg2,
198 arg3);
200 The previous example is intended to illustrate alignment of function
201 parameters across lines and not as encourage for gratuitous line
202 splitting. Never split a line before columns 70 - 79 unless you
203 have a really good reason. Be smart about formatting.
205 One exception to the previous rule is function calls, declarations, and
206 definitions. In function calls, declarations, and definitions, either the
207 declaration is a one-liner, or each parameter is listed on its own
208 line. The rationale is that if there are many parameters, each one
209 should be on its own line to make tracking interface changes easier.
212 If, switch, & Code blocks
213 -------------------------
215 Always follow an 'if' keyword with a space but don't include additional
216 spaces following or preceding the parentheses in the conditional.
217 This is good:
219 if (x == 1)
221 This is bad:
223 if ( x == 1 )
225 Yes we have a lot of code that uses the second form and we are trying
226 to clean it up without being overly intrusive.
228 Note that this is a rule about parentheses following keywords and not
229 functions. Don't insert a space between the name and left parentheses when
230 invoking functions.
232 Braces for code blocks used by for, if, switch, while, do..while, etc.
233 should begin on the same line as the statement keyword and end on a line
234 of their own. You should always include braces, even if the block only
235 contains one statement. NOTE: Functions are different and the beginning left
236 brace should be located in the first column on the next line.
238 If the beginning statement has to be broken across lines due to length,
239 the beginning brace should be on a line of its own.
241 The exception to the ending rule is when the closing brace is followed by
242 another language keyword such as else or the closing while in a do..while
243 loop.
245 Good examples:
247 if (x == 1) {
248 printf("good\n");
249 }
251 for (x=1; x<10; x++) {
252 print("%d\n", x);
253 }
255 for (really_really_really_really_long_var_name=0;
256 really_really_really_really_long_var_name<10;
257 really_really_really_really_long_var_name++)
258 {
259 print("%d\n", really_really_really_really_long_var_name);
260 }
262 do {
263 printf("also good\n");
264 } while (1);
266 Bad examples:
268 while (1)
269 {
270 print("I'm in a loop!\n"); }
272 for (x=1;
273 x<10;
274 x++)
275 {
276 print("no good\n");
277 }
279 if (i < 10)
280 print("I should be in braces.\n");
283 Goto
284 ----
286 While many people have been academically taught that "goto"s are
287 fundamentally evil, they can greatly enhance readability and reduce memory
288 leaks when used as the single exit point from a function. But in no Samba
289 world what so ever is a goto outside of a function or block of code a good
290 idea.
292 Good Examples:
294 int function foo(int y)
295 {
296 int *z = NULL;
297 int ret = 0;
299 if (y < 10) {
300 z = malloc(sizeof(int) * y);
301 if (z == NULL) {
302 ret = 1;
303 goto done;
304 }
305 }
307 print("Allocated %d elements.\n", y);
309 done:
310 if (z != NULL) {
311 free(z);
312 }
314 return ret;
315 }
318 Primitive Data Types
319 --------------------
321 Samba has large amounts of historical code which makes use of data types
322 commonly supported by the C99 standard. However, at the time such types
323 as boolean and exact width integers did not exist and Samba developers
324 were forced to provide their own. Now that these types are guaranteed to
325 be available either as part of the compiler C99 support or from
326 lib/replace/, new code should adhere to the following conventions:
328 * Booleans are of type "bool" (not BOOL)
329 * Boolean values are "true" and "false" (not True or False)
330 * Exact width integers are of type [u]int[8|16|32|64]_t
332 Most of the time a good name for a boolean variable is 'ok'. Here is an
333 example we often use:
335 bool ok;
337 ok = foo();
338 if (!ok) {
339 /* do something */
340 }
342 It makes the code more readable and is easy to debug.
344 Typedefs
345 --------
347 Samba tries to avoid "typedef struct { .. } x_t;" so we do always try to use
348 "struct x { .. };". We know there are still such typedefs in the code,
349 but for new code, please don't do that anymore.
351 Initialize pointers
352 -------------------
354 All pointer variables MUST be initialized to NULL. History has
355 demonstrated that uninitialized pointer variables have lead to various
356 bugs and security issues.
358 Pointers MUST be initialized even if the assignment directly follows
359 the declaration, like pointer2 in the example below, because the
360 instructions sequence may change over time.
362 Good Example:
364 char *pointer1 = NULL;
365 char *pointer2 = NULL;
367 pointer2 = some_func2();
369 ...
371 pointer1 = some_func1();
373 Bad Example:
375 char *pointer1;
376 char *pointer2;
378 pointer2 = some_func2();
380 ...
382 pointer1 = some_func1();
384 Make use of helper variables
385 ----------------------------
387 Please try to avoid passing function calls as function parameters
388 in new code. This makes the code much easier to read and
389 it's also easier to use the "step" command within gdb.
391 Good Example:
393 char *name = NULL;
394 int ret;
396 name = get_some_name();
397 if (name == NULL) {
398 ...
399 }
401 ret = some_function_my_name(name);
402 ...
405 Bad Example:
407 ret = some_function_my_name(get_some_name());
408 ...
410 Please try to avoid passing function return values to if- or
411 while-conditions. The reason for this is better handling of code under a
412 debugger.
414 Good example:
416 x = malloc(sizeof(short)*10);
417 if (x == NULL) {
418 fprintf(stderr, "Unable to alloc memory!\n");
419 }
421 Bad example:
423 if ((x = malloc(sizeof(short)*10)) == NULL ) {
424 fprintf(stderr, "Unable to alloc memory!\n");
425 }
427 There are exceptions to this rule. One example is walking a data structure in
428 an iterator style:
430 while ((opt = poptGetNextOpt(pc)) != -1) {
431 ... do something with opt ...
432 }
434 But in general, please try to avoid this pattern.
437 Control-Flow changing macros
438 ----------------------------
440 Macros like NT_STATUS_NOT_OK_RETURN that change control flow
441 (return/goto/etc) from within the macro are considered bad, because
442 they look like function calls that never change control flow. Please
443 do not use them in new code.
445 The only exception is the test code that depends repeated use of calls
446 like CHECK_STATUS, CHECK_VAL and others.
449 Error and out logic
450 -------------------
452 Don't do this:
454 frame = talloc_stackframe();
456 if (ret == LDB_SUCCESS) {
457 if (result->count == 0) {
458 ret = LDB_ERR_NO_SUCH_OBJECT;
459 } else {
460 struct ldb_message *match =
461 get_best_match(dn, result);
462 if (match == NULL) {
463 TALLOC_FREE(frame);
464 return LDB_ERR_OPERATIONS_ERROR;
465 }
466 *msg = talloc_move(mem_ctx, &match);
467 }
468 }
470 TALLOC_FREE(frame);
471 return ret;
473 It should be:
475 frame = talloc_stackframe();
477 if (ret != LDB_SUCCESS) {
478 TALLOC_FREE(frame);
479 return ret;
480 }
482 if (result->count == 0) {
483 TALLOC_FREE(frame);
484 return LDB_ERR_NO_SUCH_OBJECT;
485 }
487 match = get_best_match(dn, result);
488 if (match == NULL) {
489 TALLOC_FREE(frame);
490 return LDB_ERR_OPERATIONS_ERROR;
491 }
493 *msg = talloc_move(mem_ctx, &match);
494 TALLOC_FREE(frame);
495 return LDB_SUCCESS;
498 DEBUG statements
499 ----------------
501 Use these following macros instead of DEBUG:
503 DBG_ERR log level 0 error conditions
504 DBG_WARNING log level 1 warning conditions
505 DBG_NOTICE log level 3 normal, but significant, condition
506 DBG_INFO log level 5 informational message
507 DBG_DEBUG log level 10 debug-level message
509 Example usage:
511 DBG_ERR("Memory allocation failed\n");
512 DBG_DEBUG("Received %d bytes\n", count);
514 The messages from these macros are automatically prefixed with the
515 function name.