Answers to Frequently Asked Questions (FAQ) on comp.lang.c

Steve Summit scs at adam.mit.edu
Wed Feb 6 18:03:07 AEST 1991


[Last modified February 5, 1990 by scs.]

Certain topics come up again and again on this newsgroup.  They are good
questions, and the answers may not be immediately obvious, but each time
they recur, much net bandwidth and reader time is wasted on repetitive
responses, and on tedious corrections to the incorrect answers which are
inevitably posted.

This article, which is posted monthly, attempts to answer these common
questions definitively and succinctly, so that net discussion can move
on to more constructive topics without continual regression to first
principles.

This article does not, and cannot, provide an exhaustive discussion of
every subtle point and counterargument which could be mentioned with
respect to these topics.  Cross-references to standard C publications
have been provided, for further study by the interested and dedicated
reader.  A few of the more perplexing and pervasive topics may be
further explored in some in-depth minitreatises posted in conjunction
with this article.

No mere newsgroup article can substitute for thoughtful perusal of a
full-length language reference manual.  Anyone interested enough in C to
be following this newsgroup should also be interested enough to read and
study one or more such manuals, preferably several times.  Some vendors'
compiler manuals are unfortunately inadequate; a few even perpetuate
some of the myths which this article attempts to debunk.  Several
noteworthy books on C are listed in this article's bibliography.

If you have a question about C which is not answered in this article,
please try to answer it by checking a few of the referenced books, or by
asking knowledgeable colleagues, before posing your question to the net
at large.  There are many people on the net who are happy to answer
questions, but the volume of repetitive answers posted to one question,
as well as the growing numbers of questions as the net attracts more
readers, can become oppressive.  If you have questions or comments
prompted by this article, please reply by mail rather than following up
-- this article is meant to decrease net traffic, not increase it.

This article is always being improved.  Your input is welcomed.  Send
your comments to scs at adam.mit.edu, scs%adam.mit.edu at mit.edu, and/or
mit-eddie!adam!scs; this article's From: line may be unusable.

The questions answered here are divided into several categories:

      1. Null Pointers
      2. Arrays and Pointers
      3. Order of Evaluation
      4. ANSI C
      5. C Preprocessor
      6. Variable-Length Argument Lists
      7. Lint
      8. Memory Allocation
      9. Structures
     10. Declarations
     11. Boolean Expressions and Variables
     12. Operating System Dependencies
     13. Stdio
     14. Style
     15. Miscellaneous

Herewith, some frequently-asked questions and their answers:


Section 1. Null Pointers

1.  What is this infamous null pointer, anyway?

A:  The language definition states that for each pointer type, there is
    a special value -- the "null pointer" -- which is distinguishable
    from all other pointer values and which is not the address of any
    object.  That is, the address-of operator & will never yield a null
    pointer, nor will a successful call to malloc.  (malloc returns a
    null pointer when it fails, and this is a typical use of null
    pointers: as a "special" pointer value with some other meaning,
    usually "not allocated" or "not pointing anywhere yet.")

    A null pointer is conceptually different from an uninitialized
    pointer.  A null pointer is known not to point to any object; an
    uninitialized pointer might point anywhere (that is, at some random
    object, or at a garbage or unallocated address).  See also question
    43.

    As mentioned in the definition above, there is a null pointer for
    each pointer type, and the internal values of null pointers for
    different types may be different.  Although programmers need not
    know the internal values, the compiler must always be informed which
    type of null pointer is required, so it can make the distinction if
    necessary (see below).

    References: K&R I Sec. 5.4 pp. 97-8; K&R II Sec. 5.4 p. 102; H&S
    Sec. 5.3 p. 91; ANSI Sec. 3.2.2.3 p. 38.

2.  How do I "get" a null pointer in my programs?

A:  According to the language definition, a constant 0 in a pointer
    context is converted into a null pointer at compile time.  That is,
    in an initialization, assignment, or comparison when one side is a
    variable or expression of pointer type, the compiler can tell that a
    constant 0 on the other side requests a null pointer, and generate
    the correctly-typed null pointer value.  Therefore, the following
    fragments are perfectly legal:

         char *p = 0;
         if(p != 0)

    However, an argument being passed to a function is not necessarily
    recognizable as a pointer context, and the compiler may not be able
    to tell that an unadorned 0 "means" a null pointer.  For instance,
    the Unix system call "execl" takes a variable-length, null-pointer-
    terminated list of character pointer arguments.  To generate a null
    pointer in a function call context, an explicit cast is typically
    required:

         execl("/bin/sh", "sh", "-c", "ls", (char *)0);

    If the (char *) cast were omitted, the compiler would not know to
    pass a null pointer, and would pass an integer 0 instead.  (Note
    that many Unix manuals get this example wrong.)

    When function prototypes are in scope, argument passing becomes an
    "assignment context," and casts may safely be omitted, since the
    prototype tells the compiler that a pointer is required, and of
    which type, enabling it to correctly cast unadorned 0's.  Function
    prototypes cannot provide the types for variable arguments in
    variable-length argument lists, however, so explicit casts are still
    required for those arguments.  It is safest always to cast null
    pointer function arguments, to guard against varargs functions or
    those without prototypes, to allow interim use of non-ANSI
    compilers, and to demonstrate that you know what you are doing.

    Summary:

         Unadorned 0 okay:        Explicit cast required:

         initialization           function call,
                                  no prototype in scope
         assignments
                                  variable argument to
         comparisons              varargs function

         function call,
         prototype in scope,
         fixed argument

    References: K&R I Sec. A7.7 p. 190, Sec. A7.14 p. 192; K&R II Sec.
    A7.10 p. 207, Sec. A7.17 p. 209; H&S Sec. 4.6.3 p. 72; ANSI Sec.
    3.2.2.3 .

3.  But aren't pointers the same as ints?

A:  Not since the early days.  Attempting to turn pointers into
    integers, or to build pointers out of integers, has always been
    machine-dependent and unportable, and doing so is strongly
    discouraged.  (Any object pointer may be cast to the "universal"
    pointer type void *, or char * under a pre-ANSI compiler, when
    heterogeneous pointers must be passed around.)

    References: K&R I Sec. 5.6 pp. 102-3; ANSI Sec. 3.2.2.3 p. 37, Sec.
    3.3.4 pp. 46-7.

4.  What is NULL and how is it #defined?

A:  As a stylistic convention, many people prefer not to have unadorned
    0's scattered throughout their programs.  For this reason, the
    preprocessor macro NULL is #defined (by <stdio.h> or <stddef.h>),
    with value 0 (or (void *)0, about which more later).  A programmer
    who wishes to make explicit the distinction between 0 the integer
    and 0 the null pointer can then use NULL whenever a null pointer is
    required.  This is a stylistic convention only; the preprocessor
    turns NULL back to 0 which is then recognized by the compiler (in
    pointer contexts) as before.  In particular, a cast may still be
    necessary before NULL (as before 0) in a function call argument.
    (The table under question 2 above applies for NULL as well as 0.)

    NULL should _only_ be used for pointers.  It should not be used when
    another kind of 0 is required, even though it might work, because
    doing so sends the wrong stylistic message.  (ANSI allows the
    #definition of NULL to be (void *)0, which will not work in non-
    pointer contexts.)  In particular, do not use NULL when the ASCII
    null character (NUL) is desired.  Provide your own definition

         #define NUL '\0'

    if you must.

    References: K&R I Sec. 5.4 pp. 97-8; K&R II Sec. 5.4 p. 102; H&S
    Sec. 13.1 p. 283; ANSI Sec. 4.1.5 p. 99, Sec. 3.2.2.3 p. 38,
    Rationale Sec. 4.1.5 p. 74.

5.  How should NULL be #defined on a machine which uses a nonzero bit
    pattern as the internal representation of a null pointer?

A:  Programmers should never need to know the internal representation(s)
    of null pointers, because they are normally taken care of by the
    compiler.  If a machine uses a nonzero bit pattern for null
    pointers, it is the compiler's responsibility to generate it when
    the programmer requests, by writing "0" or "NULL," a null pointer.
    Therefore, #defining NULL as 0 on a machine for which internal null
    pointers are nonzero is as valid as on any other, because the
    compiler must (and can) still generate the machine's correct null
    pointers in response to unadorned 0's seen in pointer contexts.

6.  If NULL were defined as follows:

         #define NULL (char *)0

    wouldn't that make function calls which pass an uncast NULL work?

A:  Not in general.  The problem is that there are machines which use
    different internal representations for pointers to different types
    of data.  The suggested #definition would make uncast NULL arguments
    to functions expecting pointers to characters to work correctly, but
    pointer arguments to other types would still be problematical, and
    legal constructions such as

         FILE *fp = NULL;

    could fail.

    Nevertheless, ANSI C allows the alternate

         #define NULL (void *)0

    definition for NULL.  Besides helping incorrect programs to work
    (but only on machines with all pointers the same, thus questionably
    valid assistance) this definition may catch programs which use NULL
    incorrectly (e.g. when the ASCII  NUL character was really
    intended).

7.  I use the preprocessor macro

         #define Nullptr(type) (type *)0

    to help me build null pointers of the correct type.

A:  This trick, though popular with beginning programmers, does not buy
    much.  It is not needed in assignments and comparisons; see question
    2.  It does not even save keystrokes.  Its use suggests to the
    reader that the author is shaky on the subject of null pointers, and
    requires the reader to check the #definition of the macro, its
    invocations, and _all_ other pointer usages much more carefully.

8.  Is the abbreviated pointer comparison "if(p)" to test for non-null
    pointers valid?  What if the internal representation for null
    pointers is nonzero?

A:  When C requires the boolean value of an expression (in the if,
    while, for, and do statements, and with the &&, ||, !, and ?:
    operators), a false value is produced when the expression compares
    equal to zero, and a true value otherwise.  That is, whenever one
    writes

         if(expr)

    where "expr" is any expression at all, the compiler essentially acts
    as if it had been written as

         if(expr != 0)

    Substituting the trivial pointer expression "p" for "expr," we have

         if(p)      is equivalent to                 if(p != 0)

    and this is a comparison context, so the compiler can tell that the
    (implicit) 0 is a null pointer, and use the correct value.  There is
    no trickery involved here; compilers do work this way, and generate
    identical code for both statements.  The internal representation of
    a pointer does _not_ matter.

    The boolean negation operator, !, can be described as follows:

         !expr      is essentially equivalent to     expr?0:1

    It is left as an exercise for the reader to show that

         if(!p)     is equivalent to                 if(p == 0)

    See also question 62.

    References: K&R II Sec. A7.4.7 p. 204; H&S Sec. 5.3 p. 91; ANSI
    Secs. 3.3.3.3, 3.3.9, 3.3.13, 3.3.14, 3.3.15, 3.6.4.1, and 3.6.5 .

9.  If "NULL" and "0" are equivalent, which should I use?

A:  Many programmers believe that "NULL" should be used in all pointer
    contexts, as a reminder that the value is to be thought of as a
    pointer.  Others feel that the confusion surrounding "NULL" and "0"
    is only compounded by hiding "0" behind a #definition, and prefer to
    use unadorned "0" instead.  There is no one right answer.
    C programmers must understand that "NULL" and "0" are
    interchangeable and that an uncast "0" is perfectly acceptable in
    initialization, assignment, and comparison contexts.  Any usage of
    "NULL" (as opposed to "0") should be considered a gentle reminder
    that a pointer is involved; programmers should not depend on it
    (either for their own understanding or the compiler's) for
    distinguishing pointer 0's from integer 0's.  Again, NULL should not
    be used for other than pointers.

    Reference: K&R II Sec. 5.4 p. 102.

10. But wouldn't it be better to use NULL (rather than 0) in case the
    value of NULL changes, perhaps on a machine with nonzero null
    pointers?

A:  No.  Although preprocessor macros are often used in place of numbers
    because the numbers might change, this is _not_ the reason that NULL
    is used in place of 0.  The language guarantees that source-code 0's
    (in pointer contexts) generate null pointers.  NULL is used only as
    a stylistic convention.

11. I once used a compiler that wouldn't work unless NULL was used.

A:  That compiler was broken.  In general, making decisions about a
    language based on the behavior of one particular compiler is likely
    to be counterproductive.

12. I'm confused.  NULL is guaranteed to be 0, but the null pointer is
    not?

A:  A "null pointer" (written in lower case in this article) is a
    language concept whose particular internal value does not matter.
    (On some machines the internal value is all-bits-0; on others it is
    not.)  A "null pointer" is requested in source code with the
    character "0".  "NULL" (always in capital letters) is a preprocessor
    macro, which is always #defined as 0 (or (void *)0).

    When the term "null" or "NULL" is casually used, one of several
    things may be meant:

    1.   The conceptual null pointer, the abstract language concept
         defined in question 1.  It is implemented with...

    2.   The internal (or run-time) representation of a null pointer,
         which may or may not be all-bits-0 and which may be different
         for different pointer types.  The actual values should be of
         concern only to compiler writers.  Authors of C programs never
         see them, since they use...

    3.   The source code syntax for null pointers, which is the single
         character "0".  It is often hidden behind...

    4.   The NULL macro, which is #defined to be "0" or "(void *)0".
         Finally, as a red herring, we have...

    5.   The ASCII null character (NUL), which does have all bits zero,
         but has no relation to the null pointer except in name.

    This article always uses the phrase "null pointer" for sense 1, the
    character "0" for sense 3, and the capitalized word "NULL" for
    sense 4.

13. Why is there so much confusion surrounding null pointers?  Why do
    these questions come up so often?

A:  C programmers traditionally like to know more than they need to
    about the underlying machine implementation.  The fact that null
    pointers are represented both in source code, and internally to most
    machines, as zero invites unwarranted assumptions.  The use of a
    preprocessor macro (NULL) suggests that the value might change
    later, or on some weird machine.  The construct "if(p == 0)" is
    easily misread as calling for conversion of p to an integral type,
    rather than 0 to a pointer type, before the comparison.  Finally,
    the distinction between the several uses of the term "null" (listed
    above) is often overlooked.

    One good way to wade out of the confusion is to imagine that C had a
    keyword (perhaps "nil", like Pascal) with which null pointers were
    requested.  The compiler could either turn "nil" into the correct
    type of null pointer, when it could determine the type from the
    source code (as it does with 0's in reality), or complain when it
    could not.  Now, in fact, in C the keyword for a null pointer is not
    "nil" but "0", which works almost as well, except that an uncast "0"
    in a non-pointer context generates an integer zero instead of an
    error message, and if that uncast 0 was supposed to be a null
    pointer, the code may not work.

14. I'm still confused.  I just can't understand all this null pointer
    stuff.

A:  Follow these two simple rules:

    1.   When you want to refer to a null pointer in source code, use
         "0" or "NULL".

    2.   If the usage of "0" or "NULL" is an argument in a function
         call, cast it to the pointer type expected by the function
         being called.

    The rest of the discussion has to do with other people's
    misunderstandings, or with the internal representation of null
    pointers, which you shouldn't need to know.  Understand questions 1,
    2, and 4, and consider 9 and 13, and you'll do fine.


Section 2. Arrays and Pointers

15. I had the declaration char a[5] in one source file, and in another I
    declared extern char *a.  Why didn't it work?

A:  The declaration extern char *a simply does not match the actual
    definition.  The type "pointer-to-type-T" is not the same as
    "array-of-type-T."  Use extern char a[].

    References: CT&P Sec. 3.3 pp. 33-4, Sec. 4.5 pp. 64-5.

16. But I heard that char a[] was identical to char *a.

A:  This identity (that a pointer declaration is interchangeable with an
    array declaration, usually unsized) holds _only_ for formal
    parameters to functions.  This identity is related to the fact that
    arrays "decay" into pointers in expressions.  That is, when an array
    name is mentioned in an expression, it is converted immediately into
    a pointer to the array's first element.  Therefore, an array is
    never passed to a function; rather a pointer to its first element is
    passed instead.  Allowing pointer parameters to be declared as
    arrays is a simply a way of making it look as though the array was
    actually being passed.  Some programmers prefer, as a matter of
    style, to use this syntax to indicate that the pointer parameter is
    expected to point to the start of an array rather than to some
    single value.

    Since functions can never receive arrays as parameters, any
    parameter declarations which "look like" arrays, e.g.

         f(a)
         char a[];

    are treated as if they were pointers, since that is what the
    function will receive if an array is passed:

         f(a)
         char *a;

    To repeat, however, this conversion holds only within function
    formal parameter declarations, nowhere else.  If this conversion
    bothers you, don't use it; many people have concluded that the
    confusion it causes outweighs the small advantage of having the
    declaration "look like" the call and/or the uses within the
    function.

    References: K&R I Sec. 5.3 p. 95, Sec. A10.1 p. 205; K&R II Sec. 5.3
    p. 100, Sec. A8.6.3 p. 218, Sec. A10.1 p. 226; H&S Sec. 5.4.3 p. 96;
    ANSI Sec. 3.5.4.3, Sec. 3.7.1, CT&P Sec. 3.3 pp. 33-4.

17. So what is meant by the "equivalence of pointers and arrays" in C?

A:  Much of the confusion surrounding pointers in C can be traced to a
    misunderstanding of this statement.  Saying that arrays and pointers
    are "equivalent" does not by any means imply that they are
    interchangeable.  (The fact that, as formal parameters to functions,
    array-style and pointer-style declarations are in fact
    interchangeable does nothing to reduce the confusion.)

    "Equivalence" refers to the fact (mentioned above) that arrays decay
    into pointers within expressions, and that pointers and arrays can
    both be dereferenced using array-like subscript notation.  That is,
    if we have

         char a[10];
         char *p = a;
         int i;

    we can refer to a[i] and p[i].  (That pointers can be subscripted
    like arrays is hardly surprising, since arrays have decayed into
    pointers by the time they are subscripted.)

    References: K&R I Sec. 5.3 pp. 93-6; K&R II Sec. 5.3 p. 99; H&S Sec.
    5.4.1 p. 93; ANSI Sec. 3.3.2.1, Sec. 3.3.6 .

18. I came across some "joke" code containing the "expression"
    5["abcdef"] .  How can this be legal C?

A:  Yes, Virginia, array subscripting is commutative in C.  This curious
    fact follows from the pointer definition of array subscripting,
    namely that a[e] is exactly equivalent to *((a)+(e)), for _any_
    expression e and primary expression a, as long as one of them is a
    pointer expression.  This unsuspected commutativity is often
    mentioned in C texts as if it were something to be proud of, but it
    finds no useful application outside of the Obfuscated C Contest (see
    also question 83).

19. My compiler complained when I passed a two-dimensional array to a
    routine expecting a pointer to a pointer.

A:  The rule by which arrays decay into pointers is not applied
    recursively.  An array of arrays (i.e. a two-dimensional array in C)
    decays into a pointer to an array, not a pointer to a pointer.
    Pointers to arrays are confusing, and it is best to avoid them.
    (The confusion is heightened by the existence of incorrect
    compilers, including some versions of pcc and pcc-derived lint's,
    which improperly accept assignments of multi-dimensional arrays to
    multi-level pointers.)  If you are passing a two-dimensional array
    to a function:

         int array[YSIZE][XSIZE];
         f(array);

    the function's declaration should match:

         f(int a[][XSIZE]) {...}
    or
         f(int (*ap)[XSIZE]) {...}       /* ap is a pointer to an array */

    In the first declaration, the compiler performs the usual implicit
    rewriting of "array of array" to "pointer to array;" in the second
    form the pointer declaration is explicit.  The called function does
    not care how big the array is, but it must know its shape, so the
    "column" dimension XSIZE must be included.  In both cases the number
    of "rows" is irrelevant, and omitted.

    If a function is already declared as accepting a pointer to a
    pointer, it is probably incorrect to pass a two-dimensional array
    directly to it.

20. How do I declare a pointer to an array?

A:  Usually, you don't want to.  Consider using a pointer to one of the
    array's elements instead.  Arrays of type T decay into pointers to
    type T, which is convenient; subscripting or incrementing the
    resultant pointer accesses the individual members of the array.
    True pointers to arrays, when subscripted or incremented, step over
    entire arrays, and are generally only useful when operating on
    multidimensional arrays, if at all.  (See question 19 above.)  When
    people speak casually of a pointer to an array, they usually mean a
    pointer to its first element; the type of this latter pointer is
    generally more useful.

    If you really need to declare a pointer to an entire array, use
    something like "int (*ap)[N];" where N is the size of the array.  If
    the size of the array is unknown, N can be omitted, but the
    resulting type, "pointer to array of unknown size," is almost
    completely useless.  (See also question 57.)

21. How can I dynamically allocate a multidimensional array?

A:  It is usually best to allocate an array of pointers, and then
    initialize each pointer to a dynamically-allocated "row." The
    resulting "ragged" array can save space, although it is not
    necessarily contiguous in memory as a real array would be.

         int **array = (int **)malloc(nrows * sizeof(int *));
         for(i = 0; i < nrows; i++)
                 array[i] = (int *)malloc(ncolumns * sizeof(int));

    (In "real" code, of course, each return value from malloc would have
    to be checked.)

    You can keep the array's contents contiguous, while making later
    reallocation of individual rows difficult, with a bit of explicit
    pointer arithmetic:

         int **array = (int **)malloc(nrows * sizeof(int *));
         array[0] = (int *)malloc(nrows * ncolumns * sizeof(int));
         for(i = 1; i < nrows; i++)
                 array[i] = array[0] + i * ncolumns;

    In either case, the elements of the dynamic array can be accessed
    with normal-looking array subscripts: array[i][j].

    If the double indirection implied by the above scheme is for some
    reason unacceptable, you can simulate a two-dimensional array with a
    single, dynamically-allocated one-dimensional array:

         int *array = (int *)malloc(nrows * ncolumns * sizeof(int));

    However, you must now perform subscript calculations manually,
    accessing the i,jth element with array[i * ncolumns + j].  (A macro
    can hide the explicit calculation, but invoking it then requires
    parentheses and commas which don't look exactly like
    multidimensional array subscripts.)


Section 3. Order of Evaluation

22. Under my compiler, the code

         int i = 7;
         printf("%d\n", i++ * i++);

    prints 49.  Regardless of the order of evaluation, shouldn't it
    print 56?

A:  Although the postincrement and postdecrement operators ++ and --
    perform the operations after yielding the former value, many people
    misunderstand the implication of "after." It is _not_ guaranteed
    that the operation is performed immediately after giving up the
    previous value and before any other part of the expression is
    evaluated.  It is merely guaranteed that the update will be
    performed sometime before the expression is considered "finished"
    (before the next "sequence point," in ANSI C's terminology).  In the
    example, the compiler chose to multiply the previous value by itself
    and to perform both increments afterwards.

    The order of other embedded side effects is similarly undefined.
    For example, the expression i + (i = 2) may or may not have the
    value 4.

    The behavior of code which contains ambiguous or undefined side
    effects has always been undefined.  (Note, too, that a compiler's
    choice, especially under ANSI rules, for "undefined behavior" may be
    to refuse to compile the code.)  Don't even try to find out how your
    compiler implements such things (contrary to the ill-advised
    exercises in many C textbooks); as K&R wisely point out, "if you
    don't know _how_ they are done on various machines, the innocence
    may help to protect you."

    References: K&R I Sec. 2.12 p. 50; K&R II Sec. 2.12 p. 54; ANSI Sec.
    3.3 p. 39; CT&P Sec. 3.7 p. 47; PCS Sec. 9.5 pp. 120-1.  (Ignore H&S
    Sec. 7.12 pp. 190-1, which is obsolete.)

23. But what about the &&, ||, and comma operators?
    I see code like "if((c = getchar()) == EOF || c == '\n')" ...

A:  There is a special exception for those operators, (as well as ?: );
    each of them does imply a sequence point (i.e. left-to-right
    evaluation is guaranteed).  Any book on C should make this clear.

    References: K&R I Sec. 2.6 p. 38, Secs. A7.11-12 pp. 190-1; K&R II
    Sec. 2.6 p. 41, Secs. A7.14-15 pp. 207-8; ANSI Secs. 3.3.13 p. 52,
    3.3.14 p. 52, 3.3.15 p. 53, 3.3.17 p. 55, CT&P Sec. 3.7 pp. 46-7.


Section 4. ANSI C

24. What is the "ANSI C Standard?"

A:  In 1983, the American National Standards Institute commissioned a
    committee, X3J11, to standardize the C language.  After a long,
    arduous process, including several widespread public reviews, the
    committee's work was finally ratified as an American National
    Standard, X3.159-1989, on December 14, 1989, and published in the
    spring of 1990.  For the most part, ANSI C standardizes existing
    practice, with a few additions from C++ (most notably function
    prototypes) and support for multinational character sets (including
    the much-lambasted trigraph sequences).  The ANSI C standard also
    formalizes the C run-time library support routines.

    The published Standard includes a "Rationale," which explains many
    of its decisions, and discusses a number of subtle points, including
    several of those covered here.  (The Rationale is "not part of ANSI
    Standard X3.159-1989, but is included for information only.")

    The Standard has also been adopted as an international standard,
    ISO/IEC 9899:1990, although the Rationale is currently not included.

25. How can I get a copy of the ANSI C standard?

A:  Copies are available from

        American National Standards Institute
        1430 Broadway
        New York, NY  10018  USA
        (+1) 212 642 4900

    or

        Global Engineering Documents
        2805 McGaw Avenue
        Irvine, CA  92714  USA
        (+1) 714 261 1455
        (800) 854 7179  (U.S. & Canada)

    The cost from ANSI is $50.00, plus $6.00 shipping.  Quantity
    discounts are available.  (Note that ANSI derives revenues to
    support its operations from the sale of printed standards, so
    electronic copies are _not_ available.)

26. Does anyone have a tool for converting old-style C programs to ANSI
    C, or for automatically generating prototypes?

A:  There are several such programs, many in the public domain.  Check
    your nearest comp.sources archive.  (See also questions 81 and 82.)

27. My ANSI compiler complains about a mismatch when it sees

         extern int func(float);

         int func(x)
         float x;
         {...

A:  You have mixed the new-style prototype declaration
    "extern int func(float);" with the old-style definition "int func(x)
    float x;".  Old C (and ANSI C, in the absence of prototypes)
    silently promotes floats to doubles when passing them as arguments,
    and makes a corresponding silent change to formal parameter
    declarations, so the old-style definition actually says that func
    takes a double.

    The problem can be fixed either by using new-style syntax
    consistently in the definition:

         int func(float x) { ... }

    or by changing the new-style prototype declaration to match the
    old-style definition:

         extern int func(double);

    (In this case, it would be clearest to change the old-style
    definition to use double as well).

    Reference: ANSI Sec. 3.3.2.2 .

28. Why does the ANSI Standard not guarantee more than six monocase
    characters of external identifier significance?

A:  The problem is older linkers which are neither under the control of
    the ANSI standard nor the C compiler developers on the systems which
    have them.  The limitation is only that identifiers be _significant_
    in the first six characters, not that they be restricted to six
    characters in length.  This limitation is annoying, but certainly
    not unbearable, and is marked in the Standard as "obsolescent," i.e.
    a future revision will likely relax it.

    This concession to current, restrictive linkers really had to be
    made, no matter how vehemently some people oppose it.  (The
    Rationale notes that its retention was "most painful.")  If you
    disagree, or have thought of a trick by which a compiler burdened
    with a restrictive linker could present the C programmer with the
    appearance of more significance in external identifiers, read the
    excellently-worded X3.159 Rationale (see question 25), which
    discusses several such schemes and explains why they couldn't be
    mandated.

    References: ANSI Sec. 3.1.2 p. 21, Sec. 3.9.1 p. 96, Rationale Sec.
    3.1.2 pp. 19-21.


Section 5. C Preprocessor

29. How can I write a macro to swap two values?

A:  There is no good answer to this question.  If the values are
    integers, a well-known trick using exclusive-OR could perhaps be
    used, but it will not work for floating-point values or pointers
    (and the "obvious" supercompressed implementation for integral types
    a^=b^=a^=b is, strictly speaking, illegal due to multiple side-
    effects; and it will not work if the two values are the same
    variable, and...).  If the macro is intended to be used on values of
    arbitrary type (the usual goal), it cannot use a temporary, since it
    does not know what type of temporary it needs, and standard C does
    not provide a typeof operator.  (GNU C does.)

    The best all-around solution is probably to forget about using a
    macro.  If you're worried about the use of an ugly temporary, and
    know that your machine provides an exchange instruction, convince
    your compiler vendor to recognize the standard three-assignment swap
    idiom in the optimization phase.

30. I have some old code that tries to construct identifiers with a
    macro like

         #define Paste(a, b) a/**/b

    but it doesn't work any more.

A:  That comments disappeared entirely and could therefore be used for
    token pasting was an undocumented feature of some early preprocessor
    implementations, notably Reiser's.  ANSI affirms (as did K&R) that
    comments are replaced with white space.  However, since the need for
    pasting tokens was demonstrated and real, ANSI introduced a well-
    defined token-pasting operator, ##, which can be used like this:

         #define Paste(a, b) a##b

    Reference: ANSI Sec. 3.8.3.3 p. 91, Rationale pp. 66-7.

31. I'm getting strange syntax errors inside code which I've #ifdeffed
    out.

A:  Under ANSI C, the text inside a "turned off" #if, #ifdef, or #ifndef
    must still consist of "valid preprocessing tokens."  This means that
    there must be no unterminated comments or quotes (note particularly
    that an apostrophe within a contracted word in a comment looks like
    the beginning of a character constant), and no newlines inside
    quotes.  Therefore, natural-language comments should always be
    written between the "official" comment delimiters /* and */.

    References: ANSI Sec. 2.1.1.2 p. 6, Sec. 3.1 p. 19 line 37.

32. What's the best way to write a multi-statement cpp macro?

A:  The usual goal is to write a macro that can be invoked as if it were
    a single function-call statement.  This means that the "caller" will
    be supplying the final semicolon, so the macro body should not.  The
    macro body cannot be a simple brace-delineated compound statement,
    because syntax errors would result if it were invoked (apparently as
    a single statement, but with a resultant extra semicolon) as the if
    branch of an if/else statement with an explicit else clause.

    The traditional solution is to use

         #define Func() do { \
                 /* declarations */ \
                 stmt1; \
                 stmt2; \
                 /* ... */ \
                 } while(0)      /* (no trailing ; ) */

    When the "caller" appends a semicolon, this expansion becomes a
    single statement regardless of context.  (An optimizing compiler
    will remove any "dead" tests or branches on the constant condition
    0, although lint may complain.)

    If all of the statements in the intended macro are simple
    expressions, with no declarations, another technique is to separate
    them with commas and surround them with parentheses.

    Reference: CT&P Sec. 6.3 pp. 82-3.

33. How can I write a cpp macro which takes a variable number of
    arguments?

A:  One popular trick is to define the macro with a single argument, and
    call it with a double set of parentheses, which appear to the
    preprocessor to indicate a single argument:

         #define DEBUG(args) {printf("DEBUG: "); printf args;}

         if(n != 0) DEBUG(("n is %d\n", n));

    The obvious disadvantage to this trick is that the caller must
    always remember to use the extra parentheses.  (It is often best to
    use a bona-fide function, which can take a variable number of
    arguments in a well-defined way, rather than a macro.  See questions
    34 and 35 below.)


Section 6. Variable-Length Argument Lists

34. How can I write a function that takes a variable number of
    arguments?

A:  Use varargs or stdarg.

    Here is a function which concatenates an arbitrary number of strings
    into malloc'ed memory, using stdarg:

         #include <stddef.h>             /* for NULL, size_t */
         #include <stdarg.h>             /* for va_ stuff */
         #include <string.h>             /* for strcat et al */
         #include <stdlib.h>             /* for malloc */

         /* VARARGS1 */

         char *vstrcat(char *first, ...)
         {
                 size_t len = 0;
                 char *retbuf;
                 va_list argp;
                 char *p;

                 if(first == NULL)
                         return NULL;

                 len = strlen(first);

                 va_start(argp, first);

                 while((p = va_arg(argp, char *)) != NULL)
                         len += strlen(p);

                 va_end(argp);

                 retbuf = malloc(len + 1);       /* +1 for trailing \0 */

                 if(retbuf == NULL)
                         return NULL;            /* error */

                 (void)strcpy(retbuf, first);

                 va_start(argp, first);

                 while((p = va_arg(argp, char *)) != NULL)
                         (void)strcat(retbuf, p);

                 va_end(argp);

                 return retbuf;
         }

    Usage is something like

         char *str = vstrcat("Hello, ", "world!", (char *)NULL);

    Note the cast on the last argument.  (Also note that the caller must
    free the returned, malloc'ed storage.)

    Under a pre-ANSI compiler, rewrite the function definition without a
    prototype ("char *vstrcat(first) char *first; {"), #include
    <stdio.h> rather than <stddef.h>, replace "#include <stdlib.h>" with
    "extern char *malloc();", and use int instead of size_t.  You may
    also have to delete the (void) casts, and use the older varargs
    package instead of stdarg.  See the next question for hints.

    (If you know enough about your machine's architecture, it is
    possible to pick arguments off of the stack "by hand," but there is
    little reason to do so, since portable mechanisms exist.  If you
    know how to access arguments "by hand," but have access to neither
    <stdarg.h> nor <varargs.h>, you could as easily implement one of
    them yourself, leaving your code portable.)

    References: K&R II Sec. 7.3 p. 155, Sec. B7 p. 254; H&S Sec. 13.4
    pp. 286-9; ANSI Secs. 4.8 through 4.8.1.3 .

35. How can I write a function that takes a format string and a variable
    number of arguments, like printf, and passes them to printf to do
    most of the work?

A:  Use vprintf, vfprintf, or vsprintf.

    Here is an "error" routine which prints an error message, preceded
    by the string "error: " and terminated with a newline:

         #include <stdio.h>
         #include <stdarg.h>

         void
         error(char *fmt, ...)
         {
                 va_list argp;
                 fprintf(stderr, "error: ");
                 va_start(argp, fmt);
                 vfprintf(stderr, fmt, argp);
                 va_end(argp);
                 fprintf(stderr, "\n");
         }

    To use varargs, instead of stdarg, change the function header to:

         void error(va_alist)
         va_dcl
         {
                 char *fmt;

    change the va_start line to

         va_start(argp);

    and add the line

         fmt = va_arg(argp, char *);

    between the calls to va_start and vfprintf.  (Note that there is no
    semicolon after va_dcl.)

    References: K&R II Sec. 8.3 p. 174, Sec. B1.2 p. 245; H&S Sec. 17.12
    p. 337; ANSI Secs. 4.9.6.7, 4.9.6.8, 4.9.6.9 .

36. How can I write a function analogous to scanf?

A:  Unfortunately, vscanf and the like are not standard.  You're on your
    own.

37. How can I discover how many arguments a function was actually called
    with?

A:  This information is not available to a portable program.  Some
    systems have a nonstandard nargs() function available, but its use
    is questionable, since it typically returns the number of words
    pushed, not the number of arguments.  (Floating point values and
    structures are usually passed as several words.)

    Any function which takes a variable number of arguments must be able
    to determine from the arguments themselves how many of them there
    are.  printf-like functions do this by looking for formatting
    specifiers (%d and the like) in the format string (which is why
    these functions fail badly if the format string does not match the
    argument list).  Another common technique (useful when the arguments
    are all of the same type) is to use a sentinel value (often 0, -1,
    or an appropriately-cast null pointer) at the end of the list (see
    the vstrcat and execl examples under questions 34 and 2 above).

38. How can I write a function which takes a variable number of
    arguments and passes them to some other function (which takes a
    variable number of arguments)?

A:  In general, you cannot.  You must provide a version of that other
    function which accepts a va_list pointer, as does vfprintf in the
    example above.  If the arguments must be passed directly as actual
    arguments (not indirectly through a va_list pointer) to another
    function which is itself variadic (for which you do not have the
    option of creating an alternate, va_list-accepting version) no
    portable solution is possible.  (The problem can be solved by
    resorting to machine-specific assembly language.)


Section 7. Lint

39. I just typed in this program, and it's acting strangely.  Can you
    see anything wrong with it?

A:  Try running lint first.  Most C compilers are really only half-
    compilers, electing not to diagnose numerous source code
    difficulties which would not actively preclude code generation.
    That the "other half," better error detection, was deferred to lint,
    was a fairly deliberate decision on the part of the earliest Unix C
    compiler authors, but is inexcusable (in the absence of a supplied,
    consistent lint) in a modern compiler.

40. How can I shut off the "warning: possible pointer alignment problem"
    message lint gives me for each call to malloc?

A:  The problem is that traditional versions of lint do not know, and
    cannot be told, that malloc "returns a pointer to space suitably
    aligned for storage of any type of object."  It is possible to
    provide a pseudoimplementation of malloc, using a #define inside of
    #ifdef lint, which effectively shuts this warning off, but a
    simpleminded #definition will also suppress meaningful messages
    about truly incorrect invocations.  It may be easier simply to
    ignore the message, perhaps in an automated way with grep -v.

41. Where can I get an ANSI-compatible lint?

A:  A product called FlexeLint is available (in "shrouded source form,"
    for compilation on 'most any system) from

         Gimpel Software
         3207 Hogarth Lane
         Collegeville, PA  19426  USA
         (+1) 215 584 4261

    Another product is MKS lint, from Mortice Kern Systems.  At the
    moment, I don't have their address, but you can send email to
    inquiry at mks.com .

42. Don't ANSI function prototypes render lint obsolete?

A:  No.  First of all, prototypes work well only if the programmer works
    assiduously to maintain them, and the effort to do so (plus the
    extra recompilations required by numerous, more-frequently-modified
    header files) can rival the toil of keeping function calls correct
    manually.  Secondly, an independent program like lint will probably
    always be more scrupulous at enforcing compatible, portable coding
    practices than will a particular, implementation-specific, feature-
    and extension-laden compiler.  (Some vendors seem to introduce
    incompatible extensions deliberately, perhaps to lock in market
    share.)


Section 8. Memory Allocation

43. Why doesn't this program work?

         main()
         {
                 char *answer;
                 printf("Type something:\n");
                 gets(answer);
                 printf("You typed \"%s\"\n", answer);
         }

A:  The pointer variable "answer," which is handed to the gets function
    as the location into which the response should be stored, has not
    been set to point to any valid storage.  It is an uninitialized
    variable, just as is the variable i in this example:

         main()
         {
                 int i;
                 printf("i = %d\n", i);
         }

    That is, we cannot say where the pointer "answer" points.  (Since
    local variables are not initialized, and typically contain garbage,
    it is not even guaranteed that "answer" starts out as a null
    pointer.)

    The simplest way to correct the question-asking program is to use a
    local array, instead of a pointer, and let the compiler worry about
    allocation:

         #include <stdio.h>
         #include <string.h>
         main()
         {
                 char answer[100], *p;
                 printf("Type something:\n");
                 fgets(answer, 100, stdin);
                 if((p = strchr(answer, '\n')) != NULL)
                         *p = '\0';
                 printf("You typed \"%s\"\n", answer);
         }

    Note that this example also uses fgets instead of gets (always a
    good idea), so that the size of the array can be specified, so that
    fgets will not overwrite the end of the array if the user types an
    overly-long line.  (Unfortunately, fgets does not automatically
    delete the trailing \n, as gets would.)  It would also be possible
    to use malloc to allocate the answer buffer, and/or to parameterize
    its size (#define ANSWERSIZE 100).

44. I can't get strcat to work.  I tried

         #include <string.h>
         main()
         {
                 char *s1 = "Hello, ";
                 char *s2 = "world!";
                 char *s3 = strcat(s1, s2);
                 printf("%s\n", s3);
         }

    but I got strange results.

A:  Again, the problem is that space for the concatenated result is not
    properly allocated.  C does not provide a true string type.  C
    programmers use char *'s for strings, but must always keep
    allocation in mind.  The compiler will only allocate memory for
    objects explicitly mentioned in the source code (in the case of
    "strings," this includes character arrays and string literals).  The
    programmer must arrange (explicitly) for sufficient space for the
    results of run-time operations such as string concatenation,
    typically by declaring arrays, or calling malloc.

    The simple strcat example could be fixed with something like

         char s1[20] = "Hello, ";
         char *s2 = "world!";

    Note, however, that strcat appends the string pointed to by its
    second argument to that pointed to by the first, and merely returns
    its first argument, so the s3 variable is superfluous.

    Reference: CT&P Sec. 3.2 p. 32.

45. But the man page for strcat says that it takes two char *'s as
    arguments.  How am I supposed to know to allocate things?

A:  In general, when using pointers you _always_ have to consider memory
    allocation, at least to make sure that the compiler is doing it for
    you.

    The Synopsis section at the top of a Unix-style man page can be
    misleading.  The code fragments presented there are closer to the
    function definition used by the call's implementor than the
    invocation used by the caller.  In particular, many routines accept
    pointers (e.g. to strings or structs), and the caller usually passes
    the address of some object (an array, or an entire struct).  Another
    common example is stat().

46. You can't use dynamically-allocated memory after you free it, can
    you?

A:  No.  Some early man pages for malloc stated that the contents of
    freed memory was "left undisturbed;" this ill-advised guarantee is
    not universal and is not required by ANSI.

    Few programmers would use the contents of freed memory deliberately,
    but it is easy to do so accidentally.  Consider the following
    (correct) code for freeing a singly-linked list:

         struct list *listp, *nextp;
         for(listp = base; listp != NULL; listp = nextp) {
                 nextp = listp->next;
                 free((char *)listp);
         }

    and notice what would happen if the more-obvious loop iteration
    expression listp = listp->next were used, without the temporary
    nextp pointer.

    References: ANSI Rationale Sec. 4.10.3.2 p. 102; CT&P Sec. 7.10
    p. 95.

47. What is alloca and why is its use discouraged?

A:  alloca allocates memory which is automatically freed when the
    function from which alloca was called returns.  That is, memory
    allocated with alloca is local to a particular function's "stack
    frame" or context.

    alloca cannot be written portably, and is difficult to implement on
    machines without a stack.  Its use is problematical (and the obvious
    implementation on a stack-based machine fails) when its return value
    is passed directly to another function, as in
    fgets(alloca(100), 100, stdin).

    For these reasons, alloca cannot be used in programs which must be
    widely portable, no matter how useful it might be.


Section 9. Structures

48. I heard that structures could be assigned to variables and passed to
    and from functions, but K&R I says not.

A:  What K&R I said was that the restrictions on struct operations would
    be lifted in a forthcoming version of the compiler, and in fact
    struct assignment and passing were fully functional in Ritchie's
    compiler even as K&R I was being published.  Although a few early C
    compilers lacked struct assignment, all modern compilers support it,
    and it is part of the ANSI C standard, so there should be no
    reluctance to use it.

    References: K&R I Sec. 6.2 p. 121; K&R II Sec. 6.2 p. 129; H&S Sec.
    5.6.2 p. 103; ANSI Secs. 3.1.2.5, 3.2.2.1, 3.3.16 .

49. How does struct passing and returning work?

A:  When structures are passed as arguments to functions, the entire
    struct is typically pushed on the stack, using as many words as are
    required.  (Pointers to structures are often chosen precisely to
    avoid this overhead.)

    Structures are typically returned from functions in a location
    pointed to by an extra, "hidden" argument to the function.  Older
    compilers often used a special, static location for structure
    returns, although this made struct-valued functions nonreentrant,
    which ANSI C disallows.

    Reference: ANSI Sec. 2.2.3 p. 13.

50. The following program works correctly, but it dumps core after it
    finishes.  Why?

         struct list
                 {
                 char *item;
                 struct list *next;
                 }

         /* Here is the main program. */

         main(argc, argv)
         ...

A:  A missing semicolon causes the compiler to believe that main returns
    a struct list.  (The connection is hard to see because of the
    intervening comment.)  When struct-valued functions are implemented
    by adding a hidden return pointer, the generated code tries to store
    a struct with respect to a pointer which was not actually passed (in
    this case, by the C start-up code).  Attempting to store a structure
    into memory pointed to by the argc or argv value on the stack (where
    the compiler expected to find the hidden return pointer) causes the
    core dump.

    Reference: CT&P Sec. 2.3 pp. 21-2.

51. Why can't you compare structs?

A:  There is no reasonable way for a compiler to implement struct
    comparison which is consistent with C's low-level flavor.  A byte-
    by-byte comparison could be invalidated by random bits present in
    unused "holes" in the structure (such padding is used to keep the
    alignment of later fields correct).  A field-by-field comparison
    would require unacceptable amounts of repetitive, in-line code for
    large structures.  Either method would not necessarily "do the right
    thing" with pointer fields: oftentimes, equality should be judged by
    equality of the things pointed to rather than strict equality of the
    pointers themselves.

    If you want to compare two structures, you must write your own
    function to do so.  C++ (among other languages) would let you
    arrange for the == operator to map to your function.

    References: K&R II Sec. 6.2 p. 129; H&S Sec. 5.6.2 p. 103; ANSI
    Rationale Sec. 3.3.9 p. 47.

52. I came across some code that declared a structure like this:

         struct name
                 {
                 int namelen;
                 char name[1];
                 };

    and then did some tricky allocation to make the name array act like
    it had several elements.  Is this legal and/or portable?

A:  This trick is popular, although Dennis Ritchie has called it
    "unwarranted chumminess with the compiler."  The ANSI C standard
    allows it only implicitly.  It seems to be portable to all known
    implementations.  (Debugging, array-bounds-checking compilers might
    issue warnings.)

53. How can I determine the byte offset of a field within a structure?

A:  ANSI C defines the offsetof macro, which should be used if
    available.  If you don't have it, a suggested implementation is

         #define offsetof(type, mem) ((size_t) \
                 ((char *)&((type *) 0)->mem - (char *)((type *) 0)))

    This implementation is not 100% portable; some compilers may
    legitimately refuse to accept it.

    See the next question for a usage hint.

    Reference: ANSI Sec. 4.1.5 .

54. How can I access structure fields by name at run time?

A:  Build a table of names and offsets, using the offsetof() macro.  The
    offset of field b in struct a is

         offsetb = offsetof(struct a, b)

    If structp is a pointer to an instance of this structure, and b is
    an int field with offset as computed above, b's value can be set
    indirectly with

         *(int *)((char *)structp + offsetb) = value;


Section 10. Declarations

55. I can't seem to define a linked list node which contains a pointer
    to itself.  I tried

         typedef struct
                 {
                 char *item;
                 NODEPTR next;
                 } NODE, *NODEPTR;

    but the compiler gave me error messages.  Can't a struct in C
    contain a pointer to itself?

A:  Structs in C can certainly contain pointers to themselves; the
    discussion and example in section 6.5 of K&R make this clear.  The
    problem is that the example above attempts to hide the struct
    pointer behind a typedef, which is not complete at the time it is
    used.  First, rewrite it without a typedef:

         struct node
                 {
                 char *item;
                 struct node *next;
                 };

    Then, if you wish to use typedefs, define them after the fact:

         typedef struct node NODE, *NODEPTR;

    Alternatively, define the typedefs first (using the line just above)
    and follow it with the full definition of struct node, which can
    then use the NODEPTR typedef for the "next" field.

    References: K&R I Sec. 6.5 p. 101; K&R II Sec. 6.5 p. 139; H&S Sec.
    5.6.1 p. 102; ANSI Sec. 3.5.2.3 .

56. How can I define a pair of mutually referential structures?  I tried

         typedef struct
                 {
                 int structafield;
                 STRUCTB *bpointer;
                 } STRUCTA;

         typedef struct
                 {
                 int structbfield;
                 STRUCTA *apointer;
                 } STRUCTB;

    but the compiler doesn't know about STRUCTB when it is used in
    struct a.

A:  Again, the problem is not the pointers but the typedefs.  First,
    define the two structures without using typedefs:

         struct a
                 {
                 int structafield;
                 struct b *bpointer;
                 };

         struct b
                 {
                 int structbfield;
                 struct a *apointer;
                 };

    The compiler can accept the field declaration struct b *bpointer
    within struct a, even though it has not yet heard of struct b.
    Occasionally it is necessary to precede this couplet with the empty
    declaration

         struct b;

    to mask the declarations (if in an inner scope) from a different
    struct b in an outer scope.

    Again, the typedefs could also be defined before, and then used
    within, the definitions for struct a and struct b.  Problems arise
    only when an attempt is made to define and use a typedef within the
    same declaration.

    References: H&S Sec. 5.6.1 p. 102; ANSI Sec. 3.5.2.3 .

57. How do I declare an array of pointers to functions returning
    pointers to functions returning pointers to characters?

A:  This question can be answered in at least three ways (all assume the
    hypothetical array is to have 5 elements):

    1.   char *(*(*a[5])())();

    2.   Build it up in stages, using typedefs:

              typedef char *cp;        /* pointer to char */
              typedef cp fpc();        /* function returning pointer to char */
              typedef fpc *pfpc;       /* pointer to above */
              typedef pfpc fpfpc();    /* function returning... */
              typedef fpfpc *pfpfpc;   /* pointer to... */
              pfpfpc a[5];             /* array of... */

    3.   Use the cdecl program, which turns English into C and vice
         versa:

              $ cdecl
              cdecl> declare a as array 5 of pointer to function returning
                         pointer to function returning pointer to char
              char *(*(*a[5])())()
              cdecl>

         cdecl can also explain complicated declarations, help with
         casts, and indicate which set of parentheses the arguments go
         in (for complicated function definitions).

    Any good book on C should explain techniques for reading these
    complicated C declarations "inside out" to understand them
    ("declaration mimics use").

    Reference: H&S Sec. 5.10.1 p. 116.

58. So where can I get cdecl?

A:  Several public-domain versions are available.  One is in volume 14
    of comp.sources.unix .  (Commercial versions may also be available,
    at least one of which was shamelessly lifted from the public domain
    copy submitted by Graham Ross, one of cdecl's originators.) See
    question 82.

    Reference: K&R II Sec. 5.12 .

59. I finally figured out the syntax for declaring pointers to
    functions, but now how do I initialize one?

A:  Use something like

         extern int func();
         int (*fp)() = func;

    When the name of a function appears in an expression but is not
    being called (i.e. is not followed by a "("), it "decays" into a
    pointer (i.e. its address is implicitly taken), analagously to the
    implicit decay of an array into a pointer to its first element.

    An explicit extern declaration for the function is normally needed,
    since implicit external function declaration does not happen in this
    case (again, because the function name is not followed by a "(").

60. I've seen different methods used for calling through pointers to
    functions.  What's the story?

A:  Originally, a pointer to a function had to be "turned into" a "real"
    function, with the * operator (and an extra pair of parentheses, to
    keep the precedence straight), before calling:

         int r, f(), (*fp)() = f;
         r = (*fp)();

    Another analysis holds that functions are always called through
    pointers, but that "real" functions decay implicitly into pointers
    (in expressions, as they do in initializations) and so cause no
    trouble.  This reasoning, which was adopted in the ANSI standard,
    means that

         r = fp();

    is legal and works correctly, whether fp is a function or a pointer
    to one.  (The usage has always been unambiguous; there is nothing
    you ever could have done with a function pointer followed by an
    argument list except call through it).  An explicit * is harmless,
    and still allowed (and recommended, if portability to older
    compilers is important).

    References: ANSI Sec. 3.3.2.2 p. 41, Rationale p. 41.


Section 11. Boolean Expressions and Variables

61. What is the right type to use for boolean values in C?  Why isn't it
    a standard type?  Should #defines or enums be used for the true and
    false values?

A:  C does not provide a standard boolean type, because picking one
    involves a space/time tradeoff which is best decided by the
    programmer.  (Using an int for a boolean may be faster, while using
    char will probably save data space.)

    The choice between #defines and enums is arbitrary and not terribly
    interesting.  Use any of

         #define TRUE  1             #define YES 1
         #define FALSE 0             #define NO  0

         enum bool {false, true};    enum bool {no, yes};

    or use raw 1 and 0, as long as you are consistent within one program
    or project.  (The enum may be preferable if your debugger expands
    enum values when examining variables.)

    Some people prefer variants like

         #define TRUE (1==1)
         #define FALSE (!TRUE)

    or define "helper" macros such as

         #define Istrue(e) ((e) != 0)

    These don't buy anything (see below).

62. Isn't #defining TRUE to be 1 dangerous, since any nonzero value is
    considered "true" in C?  What if a built-in boolean or relational
    operator "returns" something other than 1?

A:  It is true (sic) that any nonzero value is considered true in C, but
    this applies only "on input", i.e. where a boolean value is
    expected.  When a boolean value is generated by a built-in operator,
    it is guaranteed to be 1 or 0.  Therefore, the test

         if((a == b) == TRUE)

    will work as expected (as long as TRUE is 1), but it is obviously
    silly.  In general, explicit tests against TRUE and FALSE are
    undesirable, because some library functions (notably isupper,
    isalpha, etc.) return, on success, a nonzero value which is _not_
    necessarily 1.  (Besides, if you believe that "if((a == b) == TRUE)"
    is an improvement over "if(a == b)", why stop there?  Why not use
    "if(((a == b) == TRUE) == TRUE)"?)  A good rule of thumb is to use
    TRUE and FALSE (or the like) only for assignment to a Boolean
    variable, or as the return value from a Boolean function, never in a
    comparison.

    Preprocessor macros like TRUE and FALSE (and, in fact, NULL) are
    used for code readability, not because the underlying values might
    ever change.  That "true" is 1 and "false" (and source-code null
    pointers) 0 is guaranteed by the language.  (See also question 8.)

    References: K&R I Sec. 2.7 p. 41; K&R II Sec. 2.6 p. 42, Sec. A7.4.7
    p. 204, Sec. A7.9 p. 206; ANSI Secs. 3.3.3.3, 3.3.8, 3.3.9, 3.3.13,
    3.3.14, 3.3.15, 3.6.4.1, 3.6.5 .

63. What is the difference between an enum and a series of preprocessor
    #defines?

A:  At the present time, there is little difference.  Although many
    people might have wished otherwise, the ANSI standard says that
    enumerations may be freely intermixed with integral types, without
    errors.  (If such intermixing were disallowed without explicit
    casts, judicious use of enums could catch certain programming
    errors.)

    The advantages of enums are that the numeric values are
    automatically assigned, that a debugger may be able to display the
    symbolic values when enum variables are examined, and that a
    compiler may generate nonfatal warnings when enums and ints are
    indiscriminately mixed (such mixing can still be considered bad
    style even though it is not strictly illegal).

    References: K&R II Sec. 2.3 p. 39, Sec. A4.2 p. 196; H&S Sec. 5.5
    p. 100; ANSI Secs. 3.1.2.5, 3.5.2, 3.5.2.2 .


Section 12. Operating System Dependencies

64. How can I read a single character from the keyboard without waiting
    for a newline?

A:  Contrary to popular belief and many people's wishes, this is not a
    C-related question.  The delivery of characters from a "keyboard" to
    a C program is a function of the operating system in use, and cannot
    be standardized by the C language.  If you are using curses, use its
    cbreak() function.  Under UNIX, use ioctl to play with the terminal
    driver modes (CBREAK or RAW under "classic" versions; ICANON,
    c_cc[VMIN] and c_cc[VTIME] under System V or Posix systems).  Under
    MS-DOS, use getch().  Under other operating systems, you're on your
    own.  Beware that some operating systems make this sort of thing
    impossible, because character collection into input lines is done by
    peripheral processors not under direct control of the CPU running
    your program.

    Operating system specific questions are not appropriate for
    comp.lang.c .  Many common questions are answered in frequently-
    asked questions postings in such groups as comp.unix.questions and
    comp.os.msdos.programmer .  Note that the answers are often not
    unique even across different variants of Unix.  Bear in mind when
    answering system-specific questions that the answer that applies to
    your system may not apply to everyone else's.

    References: PCS Sec. 10 pp. 128-9, Sec. 10.1 pp. 130-1.

65. How can I find out if there are characters available for reading
    (and if so, how many)?  Alternatively, how can I do a read that will
    not block if there are no characters available?

A:  These, too, are entirely operating-system-specific.  Some versions
    of curses have a nodelay() function.  Depending on your system, you
    may also be able to use "nonblocking I/O", or a system call named
    "select", or the FIONREAD ioctl, or kbhit(), or rdchk(), or the
    O_NDELAY option to open() or fcntl().

66. How can my program discover the complete pathname to the executable
    file from which it was invoked?

A:  Depending on the operating system, argv[0] may contain all or part
    of the pathname.  (It may also contain nothing.)  You may be able to
    duplicate the command language interpreter's search path logic to
    locate the executable if the name in argv[0] is incomplete.
    However, there is no guaranteed or portable solution.

67. How can a process change an environment variable in its caller?

A:  In general, it cannot.  Different operating systems implement
    name/value functionality similar to the Unix environment in many
    different ways.  Whether the "environment" can be usefully altered
    by a running program, and if so, how, is entirely system-dependent.

    Under Unix, a process can modify its own environment (some systems
    provide setenv() or putenv() functions to do this), and the modified
    environment is passed on to any child processes, but it is _not_
    propagated back to the parent process.  (The environment of the
    parent process can only be altered if the parent is explicitly set
    up to listen for some kind of change requests.  The conventional
    execution of the BSD "tset" program in .profile and .login files
    effects such a scheme.)

68. How can a file be shortened in-place without completely clearing or
    rewriting it?

A:  BSD systems provide ftruncate(), and several others supply chsize(),
    but there is no truly portable solution.


Section 13. Stdio

69. Why does errno contain ENOTTY after a call to printf?

A:  Many implementations of the stdio package adjust their behavior
    slightly if stdout is a terminal.  To make the determination, these
    implementations perform an operation which fails (with ENOTTY) if
    stdout is not a terminal.  Although the output operation goes on to
    complete successfully, errno still contains ENOTTY.  This behavior
    can be mildly confusing, but it is not strictly incorrect, because
    it is only meaningful for a program to inspect the contents of errno
    after an error has occurred (that is, after a library function that
    sets errno on error has returned an error code).

    Reference: CT&P Sec. 5.4 p. 73.

70. My program's prompts and intermediate output don't always show up on
    the screen, especially when I pipe the output through another
    program.

A:  It is best to use an explicit fflush(stdout) at any point within
    your program at which output should definitely be visible.  Several
    mechanisms attempt to perform the fflush for you, at the "right
    time," but they do not always work, particularly when stdout is a
    pipe rather than a terminal.

71. When I read from the keyboard with scanf(), it seems to hang until I
    type one extra line of input.

A:  scanf() was designed for free-format input, which is seldom what you
    want when reading from the keyboard.  In particular, "\n" in a
    format string does not mean "expect a newline", it means "discard
    all whitespace".  But the only way to discard all whitespace is to
    continue reading the stream until a non-whitespace character is seen
    (which is then left in the buffer for the next input), so the effect
    is that it keeps going until it sees a nonblank line.

72. So what should I use instead?

A:  You could use a "%c" format, which will read one character that you
    can then manually compare against a newline; or "%*c" and no
    variable if you're willing to trust the user to hit a newline; or
    "%*[^\n]%*c" to discard everything up to and including the newline.
    Usually the best solution is to use fgets() to read a whole line,
    and then use sscanf() or other string functions to parse the line
    buffer.

73. How can I recover the file name given an open file descriptor?

A:  This problem is, in general, insoluble.  Under Unix, for instance, a
    scan of the entire disk, (perhaps requiring special permissions)
    would be required, and would fail if the file descriptor were a pipe
    (and could give a misleading answer for a file with multiple links).
    It is best to remember the names of open files yourself (perhaps
    with a wrapper function around fopen).


Section 14. Style

74. Here's a neat trick:

         if(!strcmp(s1, s2))

    Is this good style?

A:  No.  This is a classic example of C minimalism carried to an
    obnoxious degree.  The test succeeds if the two strings are equal,
    but its form strongly suggests that it tests for inequality.

A much better solution is to use a macro:

     #define Streq(s1, s2) (strcmp(s1, s2) == 0)

75. What's the best style for code layout in C?

A:  K&R, while providing the example most often copied, also supply a
    good excuse for avoiding it:

          The position of braces is less important; we have
          chosen one of several popular styles.  Pick a style
          that suits you, then use it consistently.

     It is more important that the layout chosen be consistent (with
     itself, and with nearby or common code) than that it be "perfect."
     If your coding environment (i.e. local custom or company policy)
     does not suggest a style, and you don't feel like inventing your
     own, just copy K&R.  (The tradeoffs between various indenting and
     brace placement options can be exhaustively and minutely examined,
     but don't warrant repetition here.  See also the Indian Hill Style
     Guide.)

     Reference: K&R I Sec. 1.2 p. 10.

76. Where can I get the "Indian Hill Style Guide" and other coding
    standards?

A:  Various documents are available for anonymous ftp from:

         Site:                     File or directory:

         cs.washington.edu         ~ftp/pub/cstyle.tar.Z
         (128.95.1.4)              (the updated Indian Hill guide)

         cs.toronto.edu            doc/programming

         giza.cis.ohio-state.edu   pub/style-guide

         prep.ai.mit.edu           pub/gnu/standards.text


Section 15. Miscellaneous

77. Can someone tell me how to write itoa (the inverse of atoi)?

A:  Just use sprintf.  (You'll have to allocate space for the result
    somewhere anyway; see questions 43 and 44.  Don't worry that sprintf
    may be overkill, potentially wasting run time or code space; it
    works well in practice.)

78. I know that the library routine localtime will convert a time_t into
    a broken-down struct tm, and that ctime will convert a time_t to a
    printable string.  How can I perform the inverse operations of
    converting a struct tm or a string into a time_t?

A:  ANSI C specifies a library routine, mktime, which converts a
    struct tm to a time_t.  Several public-domain versions of this
    routine are available in case your compiler does not support it yet.

    Converting a string to a time_t is harder, because of the wide
    variety of date and time formats which should be parsed.  Public-
    domain routines have been written for performing this function, as
    well, but they are less likely to become standardized.

    References: K&R II Sec. B10 p. 256; H&S Sec. 20.4 p. 361; ANSI Sec.
    4.12.2.3 .

79. How can I write data files which can be read on other machines with
    different word size, byte order, or floating point formats?

A:  The best solution is to use a text file (usually ASCII), written
    with fprintf and read with fscanf or the like.  (Similar advice also
    applies to network protocols.)  Be very skeptical of arguments which
    imply that text files are too big, or that reading and writing them
    is too slow.  Not only is their efficiency frequently acceptable in
    practice, but the advantages of being able to manipulate them with
    standard tools can be overwhelming.

    If the binary format is being imposed on you by an existing program,
    first see if you can get that program changed to use a more portable
    format.

    If you must use a binary format, you can improve portability, and
    perhaps take advantage of prewritten I/O libraries, by making use of
    standardized formats such as Sun's XDR, OSI's ASN.1, or CCITT's
    X.409 .

80. I seem to be missing the system header file <sgtty.h>.  Can someone
    send me a copy?

A:  Standard headers exist in part so that definitions appropriate to
    your compiler, operating system, and processor can be supplied.  You
    cannot just pick up a copy of someone else's header file and expect
    it to work, unless that person is using exactly the same
    environment.  Ask your compiler vendor why the file was not provided
    (or to send a replacement copy).

81. Does anyone know of a program for converting Pascal (Fortran, lisp,
    "Old" C, ...) to C?

A:  Several public-domain programs are available:

    p2c             written by Dave Gillespie, and posted to
                    comp.sources.unix in March, 1990 (Volume 21).

    ptoc            another comp.sources.unix contribution, this one
                    written in Pascal (comp.sources.unix, Volume 10,
                    also patches in Volume 13?).

    f2c             jointly developed by people from Bell Labs,
                    Bellcore, and Carnegie Mellon.  To find about f2c,
                    send the mail message "send index from f2c" to
                    netlib at research.att.com or research!netlib.  (It is
                    also available via anonymous ftp on
                    research.att.com, in directory dist/f2c.)

    FOR_C           Available from:

                         Cobalt Blue
                         2940 Union Ave., Suite C
                         San Jose, CA  95124
                         (408) 723-0474

    Promula.Fortran Available from

                         Promula Development Corp.
                         3620 N. High St., Suite 301
                         Columbus, OH 43214
                         (614) 263-5454

    The comp.sources.unix archives also contain converters between
    "K&R" C and ANSI C.

82. Where can I get copies of all these public-domain programs?

A:  If you have access to Usenet, see the regular postings in the
    comp.sources.unix and comp.sources.misc newsgroups, which describe,
    in some detail, the archiving policies and how to retrieve copies.
    The usual approach is to use anonymous ftp and/or uucp from a
    central, public-spirited site, such as uunet.uu.net.  However, this
    article cannot track or list all of the available archive sites and
    how to access them.  The comp.archives newsgroup contains numerous
    announcements of anonymous ftp availability of various items.

83. Where can I get the winners of the old Obfuscated C Contests?  When
    will the next contest be held?

A:  Send mail to {pacbell,uunet,utzoo}!hoptoad!obfuscate .  The contest
    is usually announced in March, with entries due in May.  Contest
    announcements are posted in several obvious places.  The winning
    entries are archived on uunet (see question 82).

84. How can I call Fortran (BASIC, Pascal, ADA, LISP) functions from C?
    (And vice versa?)

A:  The answer is entirely dependent on the machine and the specific
    calling sequences of the various compilers in use, and may not be
    possible at all.  Read your compiler documentation very carefully;
    sometimes there is a "mixed-language programming guide," although
    the techniques for passing arguments and ensuring correct run-time
    startup are often arcane.

85. Why don't C comments nest?  Are they legal inside quoted strings?

A:  Nested comments would cause more harm than good, mostly because of
    the possibility of accidentally leaving comments unclosed by
    including the characters "/*" within them.  For this reason, it is
    usually better to "comment out" large sections of code, which might
    contain comments, with #ifdef or #if 0.

    The character sequences /* and */ are not special within double-
    quoted strings, and do not therefore introduce comments, because a
    program (particularly one which is generating C code as output)
    might want to print them.  It is hard to imagine why anyone would
    want or need to place a comment inside a quoted string.  It is easy
    to imagine a program needing to print "/*".

    Reference: ANSI Rationale Sec. 3.1.9 p. 33.

86. My floating-point calculations are acting strangely and giving me
    different answers on different machines.

A:  Most digital computers use floating-point formats which provide a
    close but by no means exact simulation of real number arithmetic.
    Among other things, the associative and distributive laws do not
    hold completely (i.e. order of operation may be important, repeated
    addition is not necessarily equivalent to multiplication, and
    underflow or cumulative precision loss is often a problem).

    Don't assume that floating-point results will be exact, and
    especially don't assume that floating-point values can be compared
    for equality.  (Don't throw haphazard "fuzz factors" in, either.)

    These problems are no worse for C than they are for any other
    computer language.  Floating-point semantics are usually defined as
    "however the processor does them;" otherwise a compiler for a
    machine without the "right" model would have to do prohibitively
    expensive emulations.

    This article cannot begin to list the pitfalls associated with, and
    workarounds appropriate for, floating-point work.  A good
    programming text should cover the basics.  (Beware, though, that
    subtle problems can occupy numerical analysts for years.)

    References: K&P Sec. 6 pp. 115-8.

87. I'm having trouble with a Turbo C program which crashes and says
    something like "floating point not loaded."

A:  Some compilers for small machines, including Turbo C (and Ritchie's
    original PDP-11 compiler), leave out floating point support if it
    looks like it will not be needed.  In particular, the non-floating-
    point versions of printf and scanf save space by not including code
    to handle %e, %f, and %g.  It happens that Turbo C's heuristics for
    determining whether the program uses floating point are occasionally
    insufficient, and the programmer must insert one dummy explicit
    floating-point operation to force loading of floating-point support.
    Unfortunately, an apparently common sort of program (thus the
    frequency of the question) uses scanf to read, and/or printf to
    print, floating-point values upon which no arithmetic is done.

    In general, questions about a particular compiler are inappropriate
    for comp.lang.c .  Problems with PC compilers, for instance, will
    find a more receptive audience in a PC newsgroup (e.g.
    comp.os.msdos.programmer).

88. Does anyone have a C compiler test suite I can use?

A:  Plum Hall (1 Spruce Ave., Cardiff, NJ 08232, USA), among others,
    sells one.

89. Where can I get a YACC grammar for C?

A:  The definitive grammar is of course the one in the ANSI standard.
    Several copies are floating around; keep your eyes open.  There is
    one on uunet.uu.net (192.48.96.2) in net.sources/ansi.c.grammar.Z .
    FSF's GNU C compiler contains a grammar, as does the appendix to
    K&R II.

    References: ANSI Sec. A.2 .

90. How do you pronounce "char"?  What's that funny name for the "#"
    character?

A:  You can pronounce the C keyword "char" like the English words
    "char," "care," or "car;" the choice is arbitrary.  Bell Labs once
    proposed the (now obsolete) term "octothorpe" for the "#" character.

    Trivia questions like these aren't any more pertinent for
    comp.lang.c than they are for any of the other groups they
    frequently come up in.  The "jargon file" (also published as _The
    Hacker's Dictionary_) contains lots of tidbits like these, as does
    the official Usenet ASCII pronunciation list, maintained by Maarten
    Litmaath.  (The pronunciation list also appears in the jargon file
    under ASCII, as well as in the comp.unix frequently-asked questions
    list.)

91. Where can I get extra copies of this list?  What about back issues?

A:  For now, just pull it off the net; it is normally posted on the
    first of each month, with an Expiration: line which should keep it
    around all month.  Eventually, it may be available for anonymous
    ftp, or via a mailserver.  (Note that the size of the list is
    monotonically increasing; older copies are obsolete and don't
    contain much, except the occasional typo, that the current list
    doesn't.)


Bibliography

ANSI    American National Standard for Information Systems --
        Programming Language -- C, ANSI X3.159-1989.

H&S     Samuel P. Harbison and Guy L. Steele, C: A Reference Manual,
        Second Edition, Prentice-Hall, 1987, ISBN 0-13-109802-0.  (A
        third edition has recently been released.)

PCS     Mark R. Horton, Portable C Software, Prentice Hall, 1990, ISBN
        0-13-868050-7.

K&P     Brian W. Kernighan and P.J. Plaugher, The Elements of
        Programming Style, Second Edition, McGraw-Hill, 1978, ISBN 0-
        07-034207-5.

K&R I   Brian W. Kernighan and Dennis M. Ritchie, The C Programming
        Language, Prentice Hall, 1978, ISBN 0-13-110163-3.

K&R II  Brian W. Kernighan and Dennis M. Ritchie, The C Programming
        Language, Second Edition, Prentice Hall, 1988, ISBN 0-13-
        110362-8, 0-13-110370-9.

CT&P    Andrew Koenig, C Traps and Pitfalls, Addison-Wesley, 1989, ISBN
        0-201-17928-8.

There is a more extensive bibliography in the revised Indian Hill style
guide (see question 76).


Acknowledgements

Thanks to Sudheer Apte, Mark Brader, Joe Buehler, Raymond Chen,
Christopher Calabrese, James Davies, Norm Diamond, Ray Dunn, Stephen M.
Dunn, Bjorn Engsig, Doug Gwyn, Tony Hansen, Joe Harrington, Guy Harris,
Karl Heuer, Blair Houghton, Kirk Johnson, Andrew Koenig, John Lauro,
Christopher Lott, Tim McDaniel, Evan Manning, Mark Moraes, Francois
Pinard, randall at virginia, Rich Salz, Chip Salzenberg, Paul Sand, Doug
Schmidt, Patricia Shanahan, Joshua Simons, Henry Spencer, Erik Talvola,
Clarke Thatcher, Chris Torek, Ed Vielmetti, and Freek Wiedijk, who have
contributed, directly or indirectly, to this article.

                                             Steve Summit
                                             scs at adam.mit.edu
                                             scs%adam.mit.edu at mit.edu
                                             mit-eddie!adam!scs

This article is Copyright 1988, 1990 by Steve Summit.
It may be freely redistributed so long as the author's name, and this
notice, are retained.
The C code in this article (vstrcat, error, etc.) is public domain and
may be used without restriction.



More information about the Comp.lang.c mailing list