(86) 01 Sep 90 10:36:20 By: Steve Summit To: All Re: Answers to Frequently Asked Questions (FAQ) on comp.lang.c St: ------------------------------------------------------------------------------ @UFGATE newsin 1.27 From: scs@adam.mit.edu (Steve Summit) Date: 1 Sep 90 04:04:35 GMT Organization: Thermal Technologies, Inc. Message-ID: <1990Sep1.040435.5598@athena.mit.edu> Newsgroups: comp.lang.c Certain topics come up again and again on this newsgroup. They are good questions, and the answers may not be immediately obvious, but each time they recur, much net bandwidth and reader time is wasted on repetitive responses, and on tedious corrections to the incorrect answers which are inevitably posted. This article, which will be reposted periodically, attempts to answer these common questions definitively and succinctly, so that net discussion can move on to more constructive topics without continual regression to first principles. This article does not, and cannot, provide an exhaustive discussion of all of the subtle points and counterarguments which could be mentioned with respect to these topics. Cross-references to standard C publications have been provided, for further study by the interested and dedicated reader. A few of the more perplexing and pervasive topics may be further explored in some in-depth minitreatises posted in conjunction with this article. No mere newsgroup article can substitute for thoughtful perusal of a full-length language reference manual. Anyone interested enough in C to be following this newsgroup should also be interested enough to read and study one or more such manuals, preferably several times. Some vendors' compiler manuals are unfortunately inadequate; a few even perpetuate some of the myths which this article attempts to debunk. Two invaluable references, which are an excellent addition to any serious programmer's library, are: The C Programming Language, by Brian W. Kernighan and Dennis M. Ritchie. C: A Reference Manual, by Samuel P. Harbison and Guy L. Steele, Jr. Both exist in several editions. Andrew Koenig's book _C Traps and Pitfalls_ also covers many of the difficulties frequently discussed here. If you have a question about C which is not answered in this article, please try to answer it by referring to these or other books, or to knowledgeable colleagues, before posing your question to the net at large. There are many people on the net who are happy to answer questions, but the volume of repetitive answers posted to one question, as well as the growing numbers of questions as the net attracts more readers, can become oppressive. If you have questions or comments prompted by this article, please reply by mail rather than following up -- this article is meant to decrease net traffic, not increase it. This article is always being improved. Your input is welcomed. Send your comments to scs@adam.mit.edu and/or scs%adam.mit.edu@mit.edu; this article's From: line may be unuseable. Herewith, some frequently-asked questions and their answers: Null Pointers 1. What is this infamous null pointer, anyway? A: The language definition states that for each pointer type, there is a special value -- the "null pointer" -- which is distinguishable from all other pointer values and which is not the address of any object. That is, the address-of operator & will never "return" a null pointer, nor will a successful call to malloc. (malloc returns a null pointer when it fails, and this is a typical use of null pointers: as a "special" pointer value with some other meaning, usually "not allocated" or "not pointing anywhere yet.") A null pointer is different from an uninitialized pointer. A null pointer is known not to point to any object; an uninitialized pointer might point anywhere (that is, at some random object, or at a garbage or unallocated address). See also question 34. As mentioned in the definition above, there is a null pointer for each pointer type, and the internal values of null pointers for different types may be different. Although programmers need not know the internal values, the compiler must always be informed which null pointer is required, so it can make the distinction if necessary (see below). References: K&R I Sec. 5.4 pp. 97-8; K&R II Sec. 5.4 p. 102; H&S Sec. 5.3 p. 91; ANSI X3.159-1989 Sec. 3.2.2.3 . 2. How do I "get" a null pointer in my programs? A: According to the language definition, a constant 0 in a pointer context is converted into a null pointer at compile time. That is, in an initialization, assignment, or comparison when one side is a variable or expression of pointer type, the compiler can tell that a constant 0 on the other side requests a null pointer, and generate the correctly-typed null pointer value. Therefore, the following fragments are perfectly legal: char *p = 0; if(p != 0) However, an argument being passed to a function is not necessarily recognizable as a pointer context, and the compiler may not be able to tell that an unadorned 0 "means" a null pointer. For instance, the Unix system call "execl" takes a variable-length, null pointer- terminated list of character pointer arguments. To generate a null pointer in a function call context, an explicit cast is typically required: execl("/bin/sh", "sh", "-c", "ls", (char *)0); If the (char *) cast were omitted, the compiler would not know to pass a null pointer, and would pass an integer 0 instead. (Note that many Unix manuals get this example wrong.) When function prototypes are in scope, argument passing becomes an "assignment context," and casts may safely be omitted, since the prototype tells the compiler that a pointer is required, and of which type, enabling it to correctly cast unadorned 0's. Function prototypes cannot provide the types for variable arguments in variable-length argument lists, however, so explicit casts are still required for those arguments. It is safest always to cast null pointer function arguments, to guard against varargs functions or those without prototypes, to allow interim use of non-ANSI compilers, and to demonstrate that you know what you are doing. Summary: unadorned 0 okay: explicit cast required: initialization function call, no prototype in scope assignments variable argument to comparisons varargs function function call, prototype in scope, fixed argument References: K&R I Sec. A7.7 p. 190, Sec. A7.14 p. 192; K&R II Sec. A7.10 p. 207, Sec. A7.17 p. 209; H&S Sec. 4.6.3 p. 72; ANSI X3.159- 1989 Sec. 3.2.2.3 . 3. But aren't pointers the same as ints? A: Not since the early days. Attempting to push pointers into integers, or build pointers out of integers, has always been machine-dependent and unportable, and doing so is strongly discouraged. (Any object pointer may be cast to the "universal" pointer type void *, or char * under a pre-ANSI compiler, when heterogeneous pointers must be passed around.) References: K&R I Sec. 5.6 pp. 102-3; ANSI X3.159-1989 Sec. 3.3.4 . 4. What is NULL and how is it #defined? A: As a stylistic convention, many people prefer not to have unadorned 0's scattered throughout their programs. For this reason, the preprocessor macro NULL is #defined (by stdio.h or stddef.h), with value 0 (or (void *)0, about which more later). A programmer who wishes to make explicit the distinction between 0 the integer and 0 the null pointer can then use NULL whenever a null pointer is required. This is a stylistic convention only; the preprocessor turns NULL back to 0 which is then recognized by the compiler (in pointer contexts) as before. In particular, a cast may still be necessary before NULL (as before 0) in a function call argument. (The table under question 2 above applies for NULL as well as 0.) NULL should _only_ be used for pointers. It should not be used when another kind of 0 is required, even though it might work, because doing so sends the wrong stylistic message. (ANSI allows the #definition of NULL to be (void *)0, which will not work in non- pointer contexts.) In particular, do not use NULL when the ASCII null character (NUL) is desired. Provide your own definition #define NUL '\0' if you must. References: K&R I Sec. 5.4 pp. 97-8; K&R II Sec. 5.4 p. 102; H&S Sec. 13.1 p. 283; ANSI X3.159-1989 Sec. 4.1.5 p. 99, Sec. 3.2.2.3 p. 38, Rationale Sec. 4.1.5 p. 74. 5. How should NULL be #defined on a machine which uses a nonzero bit pattern as the internal representation of a null pointer? A: Programmers should never need to know the internal representation(s) of null pointers, because they are normally taken care of by the compiler. If a machine uses a nonzero bit pattern for null pointers, it is the compiler's responsibility to generate it when the programmer requests, by writing "0" or "NULL," a null pointer. Therefore #defining NULL as 0 on a machine for which internal null pointers are nonzero is as valid as on any other, because the compiler must (and can) still generate the machine's correct null pointers in response to unadorned 0's seen in pointer contexts. 6. If NULL were defined as follows: #define NULL (char *)0 wouldn't that make function calls which pass an uncast NULL work? A: Not in general. The problem is that there are machines which use different internal representations for pointers to different types of data. The suggested #definition would make uncast NULL arguments to functions expecting pointers to characters to work correctly, but pointer arguments to other types would still be problematical, and legal constructions such as FILE *fp = NULL; could fail. Nevertheless, ANSI C allows the alternate #define NULL (void *)0 definition for NULL. Besides helping incorrect programs to work (but only on machines with all pointers the same, thus questionably valid assistance) this definition may catch programs which use NULL incorrectly (e.g. when the ASCII nul character was really intended). 7. Is the abbreviated pointer comparison "if(p)" to test for non-null pointers valid? What if the internal representation for null pointers is nonzero? A: When C requires the boolean value of an expression (in the if, while, for, and do statements, and with the &&, ||, !, and ?: operators), a false value is produced when the expression compares equal to zero, and a true value otherwise. That is, whenever one writes if(expr) where "expr" is any expression at all, the compiler essentially acts as if it had been written as if(expr != 0) Substituting the trivial pointer expression "p" for "expr," we have if(p) is equivalent to if(p != 0) and this is a comparison context, so the compiler can tell that the (implicit) 0 is a null pointer, and use the correct value. There is no trickery involved here; compilers do work this way, and generate identical code for both statements. The internal representation of a pointer does not matter. The boolean negation operator, !, can be described as follows: !expr is essentially equivalent to expr?0:1 It is left as an exercise for the reader to show that if(!p) is equivalent to if(p == 0) See also question 48. References: K&R II Sec. A7.4.7 p. 204; H&S Sec. 5.3 p. 91; ANSI X3.159-1989 Secs. 3.3.3.3, 3.3.9, 3.3.13, 3.3.14, 3.3.15, 3.6.4.1, and 3.6.5 . 8. If "NULL" and "0" are equivalent, which should I use? A: Many programmers believe that "NULL" should be used in all pointer contexts, as a reminder that the value is to be thought of as a pointer. Others feel that the confusion surrounding "NULL" and "0" is only compounded by hiding "0" behind a #definition, and prefer to use unadorned "0" instead. There is no one right answer. C programmers must understand that "NULL" and "0" are interchangeable and that an uncast "0" is perfectly acceptable in initialization, assignment, and comparison contexts. Any usage of "NULL" (as opposed to "0") should be considered a gentle reminder that a pointer is involved; programmers should not depend on it (either for their own understanding or the compiler's) for distinguishing pointer 0's from integer 0's. Again, NULL should not be used for other than pointers. References: K&R II Sec. 5.4 p. 102. 9. But wouldn't it be better to use NULL (rather than 0) in case the value of NULL changes, perhaps on a machine with nonzero null pointers? A: No. Although preprocessor macros are often used in place of numbers because the numbers might change, this is _not_ the reason that NULL is used in place of 0. The language guarantees that source-code 0's (in pointer contexts) generate null pointers. NULL is used only as a stylistic convention. 10. But I once used a compiler that wouldn't work unless NULL was used. A: This compiler was broken. In general, making decisions about a language based on the behavior of one particular compiler is likely to be counterproductive. 11. I'm confused. NULL is guaranteed to be 0, but the null pointer is not? A: A "null pointer" (written in lower case in this article) is a language concept whose particular internal value does not matter. (On some machines the internal value is 0; on others it is not.) A "null pointer" is requested in source code with the character "0". "NULL" (always in capital letters) is a preprocessor macro, which is always #defined as 0 (or (void *)0). When the term "null" or "NULL" is casually used, one of several things may be meant: 1. The conceptual null pointer, the abstract language concept defined in question 1. It is implemented with... 2. The internal (or run-time) representation of a null pointer, which may be different for different pointer types. The actual values should be of concern only to compiler writers. Authors of C programs never see them, since they use... 3. The source code syntax for null pointers, which is the single character "0". It is often hidden behind... 4. The NULL macro, which is #defined to be "0" or "(void *)0". Finally, as a red herring, we have 5. The ASCII null character (NUL), which does have all bits zero, but has no relation to the null pointer except in name. This article always uses the phrase "null pointer" for sense 1, the character "0" for sense 3, and the capitalized word "NULL" for sense 4. 12. Why is there so much confusion surrounding null pointers? Why do these questions come up so often? A: C programmers traditionally like to know more than they need to about the underlying machine implementation. The construct "if(p == 0)" is easily misread as calling for conversion of p to an integral type, rather than 0 to a pointer type, before the comparison. The fact that null pointers are represented both in source code, and internally to most machines, as zero invites unwarranted assumptions. The fact that a preprocessor macro (NULL) is often used suggests that this is done because the value might change later, or on some weird machine. Finally, the distinction between the several uses of the term "null" (listed above) is often overlooked. One good way to wade out of the confusion is to imagine that C had a keyword (perhaps "nil", like Pascal) with which null pointers were requested. The compiler could either turn "nil" into the correct type of null pointer, when it could determine the type from the source code (as it does with 0's in reality), or complain when it could not. Now, in fact, in C the keyword for a null pointer is not "nil" but "0", which works almost as well, except that an uncast "0" in a non-pointer context generates an integer zero. If the null pointer keyword were "nil" the compiler could emit an error message for an ambiguous usage, but since it is "0" the compiler may end up emitting incorrect code. 13. I'm still confused. I just can't understand all this null pointer stuff. A: Follow these two simple rules: 1. When you want to refer to a null pointer in source code, use "0" or "NULL". 2. If the usage of "0" or "NULL" is in a function call, cast it to the pointer type expected by the function being called. The rest of the discussion has to do with other people's misunderstandings, or with the internal representation of null pointers, which you shouldn't need to know. Arrays and Pointers 14. I had the declaration char a[5] in one source file, and in another I declared extern char *a. Why didn't it work? A: The declaration extern char *a simply does not match the actual definition. The type "pointer-to-type-T" is not the same as "array-of-type-T." Use extern char a[]. 15. But I heard that char a[] was identical to char *a. A: This identity (that a pointer declaration is interchangeable with an array declaration, usually unsized) holds _only_ for formal parameters to functions. This identity is related to the fact that arrays "turn into" pointers in expressions. That is, when an array name is mentioned in an expression, it is converted immediately into a pointer to the array's first element. Therefore, an array is never passed to a function; rather a pointer to its first element is passed instead. Allowing pointer parameters to be declared as arrays is a simply a way of making it look as though the array was actually being passed. Some programmers prefer, as a matter of style, to use this syntax to indicate that the pointer parameter is expected to point to the start of an array rather than to a single value. Since functions can never receive arrays as parameters, any parameter declarations which "look like" arrays, e.g. f(a) char a[]; are treated as if they were pointers, since that is what the function will receive if an array is passed: f(a) char *a; To repeat, however, this conversion holds only within function formal parameter declarations, nowhere else. If this conversion confuses you, don't use it; many people have concluded that the confusion it causes outweighs the small advantage of having the declaration "look like" the call and/or the uses within the function. References: K&R I Sec. 5.3 p. 95, Sec. A10.1 p. 205; K&R II Sec. 5.3 p. 100, Sec. A8.6.3 p. 218, Sec. A10.1 p. 226; H&S Sec. 5.4.3 p. 96; ANSI X3.159-1989 Sec. 3.5.4.3, Sec. 3.7.1 . 16. So what is meant by the "equivalence of pointers and arrays" in C? A: Perhaps no aspect of C is more confusing than pointers, and the confusion is compounded by statements like the one above. Saying that arrays and pointers are "equivalent" does not by any means imply that they are interchangeable. (The fact that, as formal parameters to functions, array-style and pointer-style declarations are in fact interchangeable does nothing to reduce the confusion.) "Equivalence" refers to the fact (mentioned above) that arrays decay into pointers within expressions, and that pointers and arrays can both be dereferenced using array-like subscript notation. That is, if we have char a[10]; char *p; int i; we can refer to a[i] and p[i]. (That pointers can be subscripted like arrays is hardly surprising, since arrays have decayed into pointers by the time they are subscripted.) References: K&R I Sec. 5.3 pp. 93-6; K&R II Sec. 5.3 p. 99; H&S Sec. 5.4.1 p. 93; ANSI X3.159-1989 Sec. 3.3.2.1, Sec. 3.3.6 . 17. My compiler complained when I passed a two-dimensional array to a routine expecting a pointer to a pointer. A: The rule by which arrays decay into pointers is not applied recursively. An array of arrays (i.e. a two-dimensional array in C) decays into a pointer to an array, not a pointer to a pointer. Pointers to arrays are confusing, and it is best to avoid them. (The confusion is heightened by incorrect compilers, including some versions of pcc and pcc-derived lint's, which incorrectly accept assignments of multi-dimensional arrays to multi-level pointers.) If you are passing a two-dimensional array to a function: int array[YSIZE][XSIZE]; f(array); the function's declaration should match: f(int a[][XSIZE]) {...} or f(int (*a)[XSIZE]) {...} In the first declaration, the compiler performs the usual implicit rewriting of "array of array" to "pointer to array;" in the second form the pointer declaration is explicit. The called function does not care how big the array is, but it must know its shape, so the "column" dimension XSIZE must be included. In both cases the number of "rows" is irrelevant, and omitted. If a function is already declared as accepting a pointer to a pointer, an intermediate pointer would need to be used when attempting to call it with a two-dimensional array: int *ip = &a[0][0]; g(&ip); ... g(int **ipp) {...} Note that this usage is liable to be misleading (if not incorrect), since the array has been "flattened" (its shape has been lost). 18. How do I declare a pointer to an array? A: Usually, you don't want one. Think about using a pointer to one of the array's elements instead. Arrays of type T decay into pointers to type T, which is convenient; subscripting or incrementing the resultant pointer accesses the individual members of the array. True pointers to arrays, when subscripted or incremented, step over entire arrays, and are generally only useful when operating on multidimensional arrays. (See the question above.) 19. How can I dynamically allocate a multidimensional array? A: It is usually best to allocate an array of pointers, and then initialize each pointer to a dynamically-allocated "row." The resulting "ragged" array often saves space, although it may not be contiguous in memory as a real array would be. int **array = (int **)malloc(nrows * sizeof(int *)); for(i = 0; i < nrows; i++) array[i] = (int *)malloc(ncolumns * sizeof(int)); (In "real" code, of course, malloc's return value should be checked.) You can keep the array's contents contiguous, while losing the ability to have rows of varying and different lengths, with a bit of explicit pointer arithmetic: int **array = (int **)malloc(nrows * sizeof(int *)); array[0] = (int *)malloc(nrows * ncolumns * sizeof(int)); for(i = 1; i < nrows; i++) array[i] = array[0] + i * ncolumns; In either case, the elements of the dynamic array can be accessed with normal-looking array subscripts: array[i][j]. If the double indirection implied by the above scheme is for some reason unacceptable, you can simulate a two-dimensional array with a single, dynamically-allocated one-dimensional array: int *array = (int *)malloc(nrows * ncolumns * sizeof(int)); However, you must now perform subscript calculations manually, accessing array[i, j] with array[i * ncolumns + j]. (A macro can hide the explicit calculation, but invoking it then requires parentheses and commas which don't look exactly like multidimensional array subscripts.) Order of Evaluation 20. Under my compiler, the code int i = 7; printf("%d\n", i++ * i++); prints 49. Regardless of the order of evaluation, shouldn't it print 56? A: Although the postincrement and postdecrement operators ++ and -- perform the operations after yielding the former value, many people misunderstand the implication of "after." It is _not_ guaranteed that the operation is performed immediately after giving up the previous value and before any other part of the expression is evaluated. It is merely guaranteed that the update will be performed sometime before the expression is considered "finished" (before the next "sequence point," in ANSI C's terminology). In the example, the compiler chose to multiply the previous value by itself and to perform both increments afterwards. The order of other embedded side effects is similarly undefined. For example, the expression i + (i = 2) may or may not have the value 4. ANSI allows compilers to reject code which contains such ambiguous or undefined side effects. References: K&R I Sec. 2.12 p. 50; K&R II Sec. 2.12 p. 54; ANSI X3.159-1989 Sec. 3.3 . 21. But what about the &&, ||, ?:, and comma operators? I see code like "if((c = getchar()) == EOF || c == '\n')" ... A: There is a special exception for those operators; each of them does imply a sequence point (i.e. left-to-right evaluation is guaranteed). References: ANSI X3.159-1989 Secs. 3.3.2.2, 3.3.13, 3.3.14, 3.3.15 . ANSI C 22. What is the "ANSI C Standard?" A: In 1983, the American National Standards Institute commissioned a committee, X3J11, to standardize the C language. After a long and arduous process, this C standard was finally ratified as an American National Standard, X3.159-1989, on December 14, 1989, and published in the spring of 1990. For the most part, ANSI C standardizes existing practice, with a few additions from C++ (most notably function prototypes) and support for multinational character sets (including the much-lambasted trigraph sequences for transfer of source code between machines with deficient or multinational character sets). The ANSI C standard also formalizes the C run-time library support routines, an unprecedented effort. 23. How can I get a copy of the ANSI C standard? A: Copies are available from American National Standards Institute 1430 Broadway New York, NY 10018 (212) 642-4900 or Global Engineering Documents 2805 McGaw Avenue Irvine, CA 92714 (714) 261-1455 The cost is approximately $50.00, plus $6.00 shipping. Quantity discounts are available. 24. Does anyone have a tool for converting old-style C programs to ANSI C, or for automatically generating prototypes? A: There are several such programs, many in the public domain. Check your nearest comp.sources archive. (See also questions 61 and 62.) 25. My ANSI compiler complains about a mismatch when it sees extern int func(float); int func(x) float x; {... A: You have mixed the new-style declaration "extern int func(float);" with the old-style definition "int func(x) float x;". Old C (and ANSI C, in the absence of prototypes) silently promotes floats to doubles when passing them as arguments, and makes a corresponding silent change to formal parameter declarations, so the old-style definition actually says that func takes a double. The problem can be fixed either by using new-style syntax consistently in the definition: int func(float x) { ... } or by changing the new-style prototype declaration to match the old-style definition: extern int func(double); (In this case, it would be clearest to change the old-style definition to use double as well). References: ANSI X3.159-1989 Sec. 3.3.2.2 . C Preprocessor 26. How can I write a macro to swap two values? A: There is no good answer to this question. If the values are integers, a well-known trick using exclusive-OR could perhaps be used, but it will not work for floating-point values or pointers. If the macro is intended to be used on values of arbitrary type (the usual goal), it cannot use a temporary, since it doesn't know what type of temporary it needs, and standard C does not provide a typeof operator. (GNU C does.) The best all-around solution is probably to forget about using a macro. If you're worried about the use of an ugly temporary, and know that your machine provides an exchange instruction, convince your compiler vendor to recognize the standard three-assignment swap idiom in the optimization phase. Alternatively, use a language which supports multiple, parallel assignment (a,b := b,a). 27. I'm getting strange syntax errors inside code which I've #ifdeffed out. A: Under ANSI C, the text inside a "turned off" #if, #ifdef, or #ifndef must still consist of "valid preprocessing tokens." This means that there must be no unterminated comments or quotes (note particularly that an apostrophe within a contracted word looks like the beginning of a character constant) and no newlines inside quotes. Therefore, natural-language comments should always be written between the "official" comment delimiters /* and */. 28. How can I write a cpp macro which takes a variable number of arguments? One popular trick is to define the macro with a single argument, and call it with a double set of parentheses, which appear to the compiler to indicate a single argument: #define DEBUG(args) {printf("DEBUG: ");printf args;} if(n != 0) DEBUG(("n is %d\n", n)); The obvious disadvantage to this trick is that the caller must always remember to use the extra parentheses. (It is often best to use a bona-fide function, which can take a variable number of arguments in a well-defined way, rather than a macro. See questions 29 and 30 below.) Variable-Length Argument Lists 29. How can I write a function that takes a variable number of arguments? A: Use varargs or stdarg. Here is a function which concatenates an arbitrary number of strings into malloc'ed memory, using stdarg: #include /* for NULL */ #include /* for va_ stuff */ #include /* for strcat et al */ #include /* for malloc */ extern char *malloc(); /* redundant */ /* VARARGS1 */ char * vstrcat(char *first, ...) { int len = 0; char *retbuf; va_list argp; char *p; if(first == NULL) return NULL; len = strlen(first); va_start(argp, first); while((p = va_arg(argp, char *)) != NULL) len += strlen(p); va_end(argp); retbuf = malloc(len + 1); /* +1 for trailing \0 */ if(retbuf == NULL) return NULL; (void)strcpy(retbuf, first); va_start(argp, first); while((p = va_arg(argp, char *)) != NULL) (void)strcat(retbuf, p); va_end(argp); return retbuf; } Usage is something like char *str = vstrcat("Hello, ", "world!", (char *)NULL); Note the cast on the last argument. (Also note that the caller must free the returned, malloc'ed storage.) Using the older varargs package, rather than stdarg, requires a few changes which are not discussed here, in the interests of brevity. See the next question for hints. References: K&R II Sec. 7.3 p. 155, Sec. B7 p. 254; H&S Sec. 13.4 pp. 286-9; ANSI X3.159-1989 Secs. 4.8 through 4.8.1.3 . 30. How can I write a function that takes a format string and a variable number of arguments, like printf, and passes them to printf to do most of the work? A: Use vprintf, vfprintf, or vsprintf. Here is an "error" routine which prints an error message, preceded by the string "error: " and terminated with a newline: #include #include void error(char *fmt, ...) { va_list argp; fprintf(stderr, "error: "); va_start(argp, fmt); vfprintf(stderr, fmt, argp); va_end(argp); fprintf(stderr, "\n"); } To use varargs, instead of stdarg, change the function header to: void error(va_alist) va_dcl { char *fmt; change the va_start line to va_start(argp); and add the line fmt = va_arg(argp, char *); between the calls to va_start and vfprintf. (Note that there is no semicolon after va_dcl.) References: K&R II Sec. 8.3 p. 174, Sec. B1.2 p. 245; H&S Sec. 17.12 p. 337; ANSI X3.159-1989 Secs. 4.9.6.7, 4.9.6.8, 4.9.6.9 . 31. How can I write a function analogous to scanf? A: Unfortunately, vscanf and the like are not standard. You're on your own. 32. How can I discover how many arguments a function was actually called with? A: This information is not available to a portable program. Some systems have a nonstandard nargs() function available, but its use is questionable, since it typically returns the number of words pushed, not the number of arguments. (Floating point values and structures are usually passed as several words.) Any function which takes a variable number of arguments must be able to determine from the arguments themselves how many of them there are. printf-like functions do this by looking for formatting specifiers (%d and the like) in the format string (which is why these functions fail badly if the format string does not match the argument list). Another common technique (useful when the arguments are all of the same type) is to use a sentinel value (often 0, -1, or an appropriately-cast null pointer) at the end of the list (see the vstrcat and execl examples under questions 29 and 2 above). 33. How can I write a function which takes a variable number of arguments and passes them to some other function (which takes a variable number of arguments)? A: In general, you cannot. You must provide a version of that other function which accepts a va_list pointer, as does vfprintf in the example above. If the arguments must be passed directly as actual arguments (not indirectly through a va_list pointer) to another function which is itself variadic (for which you do not have the option of creating an alternate, va_list-accepting version) no portable solution is possible. (The problem can often be solved by resorting to machine-specific assembly language.) Memory Allocation 34. Why doesn't this program work? main() { char *answer; printf("Type something:\n"); gets(answer); printf("You typed \"%s\"\n", answer); } A: The pointer variable "answer," which is handed to the gets function as the location into which the response should be stored, has not been set to point to any valid storage. It is an uninitialized variable, just as is the variable i in this example: main() { int i; printf("i = %d\n", i); } That is, we cannot say where the pointer "answer" points. (Since local variables are not initialized, and typically contain garbage, it is not even guaranteed that "answer" starts out as a null pointer.) The simplest way to correct the question-asking program is to use a local array, instead of a pointer, and let the compiler worry about allocation: #include main() { char answer[100]; printf("Type something:\n"); fgets(answer, 100, stdin); printf("You typed \"%s\"\n", answer); } Note that this example also uses fgets instead of gets (always a good idea), so that the size of the array can be specified, so that fgets will not overwrite the end of the array if the user types an overly-long line. (Unfortunately, gets and fgets differ in their treatment of the trailing \n.) It would also be possible to use malloc to allocate the answer buffer, and/or to parameterize its size (#define ANSWERSIZE 100). 35. You can't use dynamically-allocated memory after you free it, can you? A: No. Some early man pages for malloc stated that the contents of freed memory was "left undisturbed;" this ill-advised guarantee is not universal and is not required by ANSI. Few programmers would use the contents of freed memory deliberately, but it is easy to do so accidentally. Consider the following (correct) code for freeing a singly-linked list: struct list *listp, *nextp; for(listp = base; listp != NULL; listp = nextp) { nextp = listp->next; free((char *)listp); } and notice what would happen if the more-obvious loop iteration expression listp = listp->next were used, without the temporary nextp pointer. 36. What is alloca and why is its use discouraged? A: alloca allocates memory which is automatically freed when the function from which alloca was called returns. That is, memory allocated with alloca is local to a particular function's "stack frame" or context. alloca cannot be written portably, and is difficult to implement on machines without a stack. Its use is problematical (and the obvious implementation on a stack-based machine fails) when its return value is passed directly to another function, as in fgets(alloca(100), stdin, 100). For these reasons, alloca cannot be used in programs which must be widely portable, no matter how useful it might be. Structures 37. I heard that structures could be assigned to variables and passed to and from functions, but K&R I says not. A: What K&R I said was that the restrictions on struct operations would be lifted in a forthcoming version of the compiler, and in fact struct assignment and passing were fully functional in Ritchie's compiler even as K&R I was being published. Although a few early C compilers lacked struct assignment, all modern compilers support it, and it is part of the ANSI C standard, so there should be no reluctance to use it. References: K&R I Sec. 6.2 p. 121; K&R II Sec. 6.2 p. 129; H&S Sec. 5.6.2 p. 103; ANSI X3.159-1989 Secs. 3.1.2.5, 3.2.2.1, 3.3.16 . 38. How does struct passing and returning work? A: When structures are passed as arguments to functions, the entire struct is pushed on the stack, which may involve significant overhead for large structures. It may be preferable in such cases to pass a pointer to the structure instead. Structures are returned from functions either in a special, static place (which may make struct-valued functions nonreentrant) or in a location pointed to by an extra, "hidden" argument to the function. 39. The following program works correctly, but it dumps core after it finishes. Why? struct list { char *item; struct list *next; } /* Here is the main program. */ main(argc, argv) ... A: A missing semicolon causes the compiler to believe that main returns a struct list. (The connection is hard to see because of the intervening comment.) When struct-valued functions are implemented by adding a hidden return pointer, the generated code tries to store a struct with respect to a pointer which was not actually passed (in this case, by the C start-up code). Attempting to store a structure into memory pointed to by the argc or argv value on the stack (where the compiler expected to find the hidden return pointer) causes the core dump. 40. Why can't you compare structs? A: There is no reasonable way for a compiler to implement struct comparison which is consistent with C's low-level flavor. A byte- by-byte comparison could be invalidated by random bits present in unused "holes" in the structure (such padding is used to keep the alignment of later fields correct). A field-by-field comparison would require unacceptable amounts of repetitive, in-line code for large structures. Either method would not necessarily "do the right thing" with pointer fields: oftentimes, equality should be judged by equality of the things pointed to rather than strict equality of the pointers themselves. If you want to compare two structures, you must write your own function to do so. C++ (among other languages) would let you arrange for the == operator to map to your function. References: K&R II Sec. 6.2 p. 129; H&S Sec. 5.6.2 p. 103. 41. How can I determine the byte offset of a field within a structure? A: ANSI C defines the offsetof macro, which should be used if available. If you don't have it, a suggested implementation is #define offsetof(type, mem) ((size_t) \ ((char *)&((type *) 0)->mem - (char *)((type *) 0))) This implementation is not 100% portable; some compilers may legitimately refuse to accept it. See the next question for a usage hint. References: ANSI X3.159-1989 Sec. 4.1.5 . 42. How can I access structure fields by name at run time? A: Build a table of names and offsets, using the offsetof() macro. The offset of field b in struct a is offsetof(struct a, b) If structp is a pointer to an instance of this structure, and b is an int field with offset as computed above, b's value can be set indirectly with *(int *)((char *)structp + offset) = value; Declarations 43. I can't seem to define a linked list node which contains a pointer to itself. I tried typedef struct { char *item; NODEPTR next; } NODE, *NODEPTR; but the compiler gave me error messages. Can't a struct in C contain a pointer to itself? A: Structs in C can certainly contain pointers to themselves; the discussion and example in section 6.5 of K&R make this clear. The problem is that the example above attempts to hide the struct pointer behind a typedef, which is not complete at the time it is used. First, rewrite it without a typedef: struct node { char *item; struct node *next; }; Then, if you feel you must use typedefs, define them after the fact: typedef struct node NODE, *NODEPTR; Alternatively, define the typedefs first (using the line just above) and follow it with the full definition of struct node, which can then use the NODEPTR typedef for the "next" field. References: K&R I Sec. 6.5 p. 101; K&R II Sec. 6.5 p. 139; H&S Sec. 5.6.1 p. 102; ANSI X3.159-1989 Sec. 3.5.2.3 . 44. How can I define a pair of mutually referential structures? I tried typedef struct { int structafield; STRUCTB *bpointer; } STRUCTA; typedef struct { int structbfield; STRUCTA *apointer; } STRUCTB; but the compiler doesn't know about STRUCTB when it is used in struct a. A: Again, the problem is not the pointers but the typedefs. First, define the two structures without using typedefs: struct a { int structafield; struct b *bpointer; }; struct b { int structbfield; struct a *apointer; }; The compiler can accept the field declaration struct b *bpointer within struct a, even though it has not yet heard of struct b. Occasionally it is necessary to precede this couplet with the empty declaration struct b; to mask the declaration (if in an inner scope) from a different struct b in an outer scope. Again, the typedefs could also be defined before, and then used within, the definitions for struct a and struct b. Problems arise only when an attempt is made to define and use a typedef within the same declaration. References: H&S Sec. 5.6.1 p. 102; ANSI X3.159-1989 Sec. 3.5.2.3 . 45. How do I declare a pointer to a function returning a pointer to a double? A: There are at least three answers to this question: 1. double *(*p)(); 2. Build it up in stages, using typedefs: typedef double *pd; /* pointer to double */ typedef pd fpd(); /* func returning ptr to double */ typedef fpd *pfpd; /* ptr to func ret ptr to double */ pfpd p; 3. Use the cdecl program, which turns English into C and vice versa: $ cdecl cdecl> declare p as pointer to function returning pointer to double double *(*p)(); cdecl> cdecl can also explain complicated declarations, help with casts, and indicate which set of parentheses the arguments go in (for complicated function definitions). References: H&S Sec. 5.10.1 p. 116. 46. So where can I get cdecl? A: Several public-domain versions are available. One is in volume 14 of comp.sources.unix . (Commercial versions may also be available, at least one of which was shamelessly lifted from the public domain copy submitted by Graham Ross, one of cdecl's originators.) Boolean Expressions and Variables 47. What is the right type to use for boolean values in C? Why isn't it a standard type? Should #defines or enums be used for the true and false values? A: C does not provide a standard boolean type, because picking one involves a space/time tradeoff which is best decided by the programmer. (Using an int for a boolean may be faster, while using char will probably save data space.) The choice between #defines and enums is arbitrary and not terribly interesting. Use any of #define TRUE 1 #define YES 1 #define FALSE 0 #define NO 0 enum bool {false, true}; enum bool {no, yes}; as long as you are consistent within one program or project. (The enum may be preferable if your debugger expands enum values when examining variables.) Some people prefer variants like #define TRUE (1==1) #define FALSE (!TRUE) These don't buy anything (see below). 48. Isn't #defining TRUE to be 1 dangerous, since any nonzero value is considered "true" in C? What if a built-in boolean or relational operator "returns" something other than 1? A: It is true (sic) that any nonzero value is considered true in C, but this applies only "on input", i.e. where a boolean value is expected. When a boolean value is generated by a built-in operator, it is guaranteed to be 1 or 0. Therefore, the test if((a == b) == TRUE) will succeed (if a, in fact, equals b and TRUE is one), but this code is obviously silly. In general, explicit tests against TRUE and FALSE are undesirable, because some library functions (notably isupper, isalpha, etc.) return, on success, a nonzero value which is _not_ necessarily 1. A good rule of thumb is to use TRUE and FALSE (or the like) only for assignment to a Boolean variable or as the return value from a Boolean function, never in a comparison. Preprocessor macros like TRUE and FALSE (and, in fact, NULL) are used for code readability, not because the underlying values might ever change. That "true" is 1 and "false" (and source-code null pointers) 0 is guaranteed by the language. (See also question 7.) References: K&R I Sec. 2.7 p. 41; K&R II Sec. 2.6 p. 42, Sec. A7.4.7 p. 204, Sec. A7.9 p. 206; ANSI X3.159-1989 Secs. 3.3.3.3, 3.3.8, 3.3.9, 3.3.13, 3.3.14, 3.3.15, 3.6.4.1, 3.6.5 . 49. What is the difference between an enum and a series of preprocessor #defines? A: At the present time, there is little difference. Although many people might have wished otherwise, the ANSI standard says that enums may be freely intermixed with integral types, without errors. (If such intermixing were disallowed without explicit casts, judicious use of enums could catch certain programming errors.) The advantages of enums are that the numeric values are automatically assigned, that a debugger may be able to display the symbolic values when enum variables are examined, and that a compiler may generate nonfatal warnings when enums and ints are indiscriminately mixed (such mixing can still be considered bad style even though it is not strictly illegal) or when enum cases are left out of switch statements. References: K&R II Sec. 2.3 p. 39, Sec. A4.2 p. 196; H&S Sec. 5.5 p. 100; ANSI X3.159-1989 Secs. 3.1.2.5, 3.5.2, 3.5.2.2 . Operating System Dependencies 50. How can I read a single character from the keyboard without waiting for a newline? A: Contrary to popular belief and many people's wishes, this is not a C-related question. The delivery of characters from a "keyboard" to a C program is a function of the operating system, and cannot be standardized by the C language. If you are using curses, use its cbreak() function. Under UNIX, use ioctl to play with the terminal driver modes (CBREAK or RAW under "classic" versions; ICANON, c_cc[VMIN] and c_cc[VTIME] under System V or Posix systems). Under MS-DOS, use getch(). Under other operating systems, you're on your own. Beware that some operating systems make this sort of thing impossible, because character collection into input lines is done by peripheral processors not under direct control of the CPU running your program. Operating system specific questions are not appropriate for comp.lang.c . Several common questions are answered in frequently- asked questions postings in the comp.unix.questions and comp.sys.ibm.pc newsgroups. 51. How can I find out if there are characters available for reading (and if so, how many)? Alternatively, how can I do a read that will not block if there are no characters available? A: These, too, are entirely operating-system-specific. Depending on your system, you may be able to use "nonblocking I/O", or a system call named "select", or the FIONREAD ioctl, or O_NDELAY, or a kbhit() routine. 52. How can my program discover the complete pathname to the executable file from which it was invoked? A: Depending on the operating system, argv[0] may contain all or part of the pathname. (It may also contain nothing.) You may be able to duplicate the command language interpreter's search path logic to locate the executable if the name in argv[0] is incomplete. However, there is no guaranteed or portable solution. 53. How can a process change an environment variable in its caller? A: In general, it cannot. If the calling process is prepared to listen explicitly for some indication that its environment should be changed, a special-case scheme can be set up. (Under Unix, a child process cannot directly affect its parent at all. Other operating systems have different process environments which could intrinsically support such communication.) Stdio 54. Why does errno contain ENOTTY after a call to printf? A: Many implementations of the stdio package adjust their behavior slightly depending on whether stdout is a terminal or not. To make this determination, these implementations perform an operation which fails (with ENOTTY) if stdout is not a terminal. Although the output operation goes on to complete successfully, errno still contains ENOTTY. This behavior can be mildly confusing, but it is not strictly incorrect, because it is only meaningful for a program to inspect the contents of errno after an error has occurred (that is, after a library function that sets errno on error has returned an error code). 55. My program's prompts and intermediate output don't always show up on my screen, especially when I pipe the output through another program. A: It is best to use an explicit fflush(stdout) at any point within your program at which output should definitely be visible. Several mechanisms attempt to perform the fflush for you, at the "right time," but they do not always work, particularly when stdout is a pipe rather than a terminal. 56. When I read from the keyboard with scanf(), it seems to hang until I type one extra line of input. A: scanf() was designed for free-format input, which is seldom what you want when reading from the keyboard. In particular, "\n" in a format string does not mean "expect a newline", it means "discard all whitespace". But the only way to discard all whitespace is to continue reading the stream until a non-whitespace character is seen (which is then left in the buffer for the next input), so the effect is that it keeps going until it sees a nonblank line. 57. So what should I use instead? A: You could use a "%c" format, which will read one character that you can then manually compare against a newline; or "%*c" and no variable if you're willing to trust the user to hit a newline; or "%*[^\n]%*c" to discard everything up to and including the newline. Or you could use fgets() to read a whole line, and then use sscanf() or other string functions to parse the line buffer. Miscellaneous 58. Can someone tell me how to write itoa (the inverse of atoi)? A: Just use sprintf. 59. I know that the library routine localtime will convert a time_t into a broken-down struct tm, and that ctime will convert a time_t to a printable string. How can I perform the inverse operations of converting a struct tm or a string into a time_t? A: ANSI C specifies a library routine, mktime, which converts a struct tm to a time_t. Several public-domain versions of this routine are available if your compiler does not support it yet. Converting a string to a time_t is harder, because of the wide variety of date and time formats which should be parsed. Public- domain routines have been written for performing this function, as well, but they are less likely to become standardized. References: K&R II Sec. B10 p. 256; H&S Sec. 20.4 p. 361; ANSI X3.159-1989 Sec. 4.12.2.3 . 60. I seem to be missing the system header file . Can someone send me a copy? A: Standard headers exist in part so that definitions appropriate to your compiler, operating system, and processor can be supplied. You cannot just pick up a copy of someone else's header file and expect it to work, unless that person uses exactly the same environment. Ask your vendor why the file was not provided (or to send another copy, if you've merely lost it). 61. Does anyone know of a program for converting Pascal (Fortran, lisp, "Old" C, ...) to C? A: Several public-domain programs are available: p2c written by Dave Gillespie, and posted to comp.sources.unix in March, 1990 (Volume 21). ptoc another comp.sources.unix contribution, this one written in Pascal (comp.sources.unix, Volume 10, also patches in Volume 13?). f2c jointly developed by people from Bell Labs, Bellcore, and Carnegie Mellon. To find about f2c, send the message "send index from f2c" to netlib@research.att.com or research!netlib. FOR_C Available from: Cobalt Blue 2940 Union Ave., Suite C San Jose, CA 95124 (408) 723-0474 Promula.Fortran Available from Promula Development Corp. 3620 N. High St., Suite 301 Columbus, OH 43214 (614) 263-5454 The comp.sources.unix archives also contain converters between "K&R" C and ANSI C. 62. Where can I get copies of all these public-domain programs? A: If you have access to Usenet, see the regular postings in the comp.sources.unix and comp.sources.misc newsgroups, which describe, in some detail, the archiving policies and how to retrieve copies. Otherwise, you can try anonymous ftp and/or uucp from a central, public-spirited site, such as uunet.uu.net, but this article cannot track or list all of the available sites and how to access them. 63. How can I call Fortran (BASIC, Pascal, ADA, LISP) functions from C? (And vice versa?) A: The answer is entirely dependent on the machine and the specific calling sequences of the various compilers in use, and may not be possible at all. Read your compiler documentation very carefully; sometimes there is a "mixed-language programming guide," although the techniques for passing arguments correctly are often arcane. 64. Why don't C comments nest? Are they legal inside quoted strings? A: Nested comments would cause more harm than good, mostly because of the possibility of accidentally leaving comments unclosed by including the characters "/*" within them. For this reason, it is usually better to "comment out" large sections of code, which might contain comments, with #ifdef or #if 0. The character sequences /* and */ are not special within double- quoted strings, and do not therefore introduce comments, because a program (particularly one which is generating C code as output) might want to print them. 65. I'm having trouble with a Turbo C program which crashes and says something like "floating point not loaded." A: Some compilers for small machines, including Turbo C and Ritchie's original pdp11 compiler, attempt to leave out floating point support if it looks like it will not be needed. In particular, the non- floating-point versions of printf and scanf save space by not including code to handle %e, %f, and %g. Occasionally the heuristics for "is the program using floating point?" are insufficient, and the programmer must insert one dummy explicit floating-point operation to force loading of floating-point support. Unfortunately, an apparently common sort of program (thus the frequency of the question) uses scanf to read, and/or printf to print, floating-point values upon which no arithmetic is done, which elicits the problem under Turbo C. In general, questions about a particular compiler are inappropriate for comp.lang.c . Problems with PC compilers, for instance, will find a more receptive audience in a PC newsgroup. 66. Does anyone have a C compiler test suite I can use? A: Plum Hall, (1 Spruce Ave., Cardiff, NJ 08232, USA), among others, sells one. 67. Where can I get a YACC grammar for C? A: Several grammars are floating around; keep your eyes open. There is one on uunet.uu.net (192.48.96.2) in net.sources/ansi.c.grammar.Z . FSF's GNU C compiler contains a grammar, as does the appendix to K&R II. Several have recently been posted to the net. 68. Where can I get the "Indian Hill Style Guide" and other coding standards? A: Various standards are available for anonymous ftp from: site file/directory cs.washington.edu ~ftp/pub/cstyle.tar.Z (128.95.1.4) cs.toronto.edu doc/programming giza.cis.ohio-state.edu pub/style-guide prep.ai.mit.edu pub/gnu/standards.text 69. Where can I get extra copies of this list? A: For now, just pull it off the net; it is normally posted on about the first of the month, with an Expiration: line which should keep it around all month. Eventually, it may be available for anonymous ftp, or via a mailserver. Thanks to Mark Brader, Joe Buehler, Christopher Calabrese, Stephen M. Dunn, Tony Hansen, Guy Harris, Karl Heuer, Blair Houghton, Kirk Johnson, Andrew Koenig, John Lauro, Christopher Lott, Rich Salz, Joshua Simons, and Erik Talvola, who have contributed, directly or indirectly, to this article. Steve Summit scs@adam.mit.edu scs%adam.mit.edu@mit.edu This article is Copyright 1988, 1990 by Steve Summit. It may be freely redistributed so long as the author's name, and this notice, are retained. The C code in this article (vstrcat, error, etc.) is public domain and may be used without restriction.