Search code examples
cgdbglibcputs

About works of _IO_sputn through _IO_file_jumps in glibc

thank you for read my question.

When i debug puts function in glibc, I found something which couldn't understand.

// glibc-2.27/libio/ioputs.c

int
_IO_puts (const char *str)
{
  int result = EOF;
  size_t len = strlen (str);
  _IO_acquire_lock (stdout);
  if ((_IO_vtable_offset (stdout) != 0
       || _IO_fwide (stdout, -1) == -1)
      && _IO_sputn (stdout, str, len) == len
      && _IO_putc_unlocked ('\n', stdout) != EOF)
    result = MIN (INT_MAX, len + 1);
  _IO_release_lock (stdout);
  return result;
}
weak_alias (_IO_puts, puts)

enter image description here

(part of calling _IO_sputn function in gdb)

As you can see, _IO_puts calls _IO_sputn function.

But when i check [r13+0x38] in gdb, there is a different value.

enter image description here

(different value)

  1. Why _IO_sputn function is called through _IO_file_jumps ?

  2. And what is _IO_file_jumps's role in glibc?

  3. How can _IO_sputn function calls _IO_new_file_xsputn finally ?

< Addition >

// glibc-2.27/libio/libioP.h

#define _IO_sputn(__fp, __s, __n) _IO_XSPUTN (__fp, __s, __n)

// glibc-2.27/libio/libioP.h

typedef size_t (*_IO_xsputn_t) (FILE *FP, const void *DATA,
                                    size_t N);
#define _IO_XSPUTN(FP, DATA, N) JUMP2 (__xsputn, FP, DATA, N)
#define _IO_WXSPUTN(FP, DATA, N) WJUMP2 (__xsputn, FP, DATA, N)


// glibc-2.27/libio/libioP.h

struct _IO_jump_t
{
    JUMP_FIELD(size_t, __dummy);
    JUMP_FIELD(size_t, __dummy2);
    JUMP_FIELD(_IO_finish_t, __finish);
    JUMP_FIELD(_IO_overflow_t, __overflow);
    JUMP_FIELD(_IO_underflow_t, __underflow);
    JUMP_FIELD(_IO_underflow_t, __uflow);
    JUMP_FIELD(_IO_pbackfail_t, __pbackfail);
    /* showmany */
    JUMP_FIELD(_IO_xsputn_t, __xsputn);
    JUMP_FIELD(_IO_xsgetn_t, __xsgetn);
    JUMP_FIELD(_IO_seekoff_t, __seekoff);
    JUMP_FIELD(_IO_seekpos_t, __seekpos);
    JUMP_FIELD(_IO_setbuf_t, __setbuf);
    JUMP_FIELD(_IO_sync_t, __sync);
    JUMP_FIELD(_IO_doallocate_t, __doallocate);
    JUMP_FIELD(_IO_read_t, __read);
    JUMP_FIELD(_IO_write_t, __write);
    JUMP_FIELD(_IO_seek_t, __seek);
    JUMP_FIELD(_IO_close_t, __close);
    JUMP_FIELD(_IO_stat_t, __stat);
    JUMP_FIELD(_IO_showmanyc_t, __showmanyc);
    JUMP_FIELD(_IO_imbue_t, __imbue);
};

This is everything which I could find about _IO_sputn with ctags and cscope.

Solution

  • Why _IO_sputn function is called through _IO_file_jumps ?

    Because a file ("file" as an object) may implement putting characters differently, a dispatch table is used.

    And what is _IO_file_jumps's role in glibc?

    It's a dispatch table - an array of function pointers. It's there to specify a common stable virtual interface to be differently implemented by different files requiring differently implementations and abstractions for the requested operations.

    How can _IO_sputn function calls _IO_new_file_xsputn finally ?

    A function pointer is part of C language, that allows to call another function via a pointer that points to a function. _IO_sputn is a macro that expands to a function call on that function pointer. The macros are there to simplify passing the pointer to the object data itself to the function - it's not particularly beautiful, but simplifies writing the code.