From scs@eskimo.comTue Aug  1 23:05:49 1995
Date: Tue, 1 AUG 1995 13:37:49 GMT 
From: Steve Summit <scs@eskimo.com>
Newsgroups: comp.lang.c, comp.answers, news.answers
Subject: comp.lang.c Answers to Frequently Asked Questions (FAQ List) 

Archive-name: C-faq/faq
Comp-lang-c-archive-name: C-FAQ-list
URL: http://www.eskimo.com/~scs/C-faq.top.html

Copyright 1990-1995 by Steve Summit; see the full copyright notice at
the end for redistribution information.

[Last modified August 1, 1995 by scs.]

WARNING: A major update to this FAQ list is imminent, probably on
September 1, 1995.  Many questions will be rearranged and renumbered;
the sections may be rearranged and renumbered, also.  If you're in the
habit of referring people to "question m.n in the FAQ list" or even
"section m in the FAQ list," they may be confused if they have a newer
version than this one.  During the changeover, the safest way to refer
people to sections is by name ("the section on memory allocation").
There isn't a good symbolic way to refer to a particular question, but
if you mention what the question is about, your recipient should be able
to find it.

                  *     *     *

Certain topics come up again and again on this newsgroup.  They are good
questions, and the answers may not be immediately obvious, but each time
they recur, much net bandwidth and reader time is wasted on repetitive
responses, and on tedious corrections to the incorrect answers which are
inevitably posted.

This article, which is posted monthly, attempts to answer these common
questions definitively and succinctly, so that net discussion can move
on to more constructive topics without continual regression to first
principles.

No mere newsgroup article can substitute for thoughtful perusal of a
full-length tutorial or language reference manual.  Anyone interested
enough in C to be following this newsgroup should also be interested
enough to read and study one or more such manuals, preferably several
times.  Some C books and compiler manuals are unfortunately inadequate;
a few even perpetuate some of the myths which this article attempts to
refute.  Several noteworthy books on C are listed in this article's
bibliography.  Many of the questions and answers are cross-referenced to
these books, for further study by the interested and dedicated reader
(but beware of ANSI vs. ISO C Standard section numbers; see question
5.1).

If you have a question about C which is not answered in this article,
first try to answer it by checking a few of the referenced books, or by
asking knowledgeable colleagues, before posing your question to the net
at large.  There are many people on the net who are happy to answer
questions, but the volume of repetitive answers posted to one question,
as well as the growing number of questions as the net attracts more
readers, can become oppressive.  If you have questions or comments
prompted by this article, please reply by mail rather than following up
-- this article is meant to decrease net traffic, not increase it.

Besides listing frequently-asked questions, this article also summarizes
frequently-posted answers.  Even if you know all the answers, it's worth
skimming through this list once in a while, so that when you see one of
its questions unwittingly posted, you won't have to waste time
answering.

This article was last modified on August 1, 1995, and its travels may
have taken it far from its original home on Usenet.  It may now be
out-of-date, particularly if you are looking at a printed copy or one
retrieved from a tertiary archive site or CD-ROM.  You can always obtain
the most up-to-date copy by anonymous ftp from sites ftp.eskimo.com,
rtfm.mit.edu, or ftp.uu.net (see questions 17.12 and 17.33), or by
sending the e-mail message "help" to mail-server@rtfm.mit.edu .
Since this list is modified from time to time, its question numbers may
not match those in older or newer copies which are in circulation; be
careful when referring to FAQ list entries by number alone.

This article was produced for free redistribution.  You should not need
to pay anyone for a copy of it.

Other versions of this document are also available.  Posted along with
it are an abridged version and (when there are changes) a list of
differences with respect to the previous version.  A few preliminary
hypertext versions are available on the world-wide web (WWW); see URL's
<http://www.cis.ohio-state.edu/hypertext/faq/usenet/FAQ-List.html> and
<http://www.lysator.liu.se/c/c-faq/index.html>.  Finally, for those who
might prefer a bound, hardcopy version (and even longer answers to even
more questions!), a book-length version will be published by
Addison-Wesley in November, 1995 (ISBN 0-201-84519-9).

This article is always being improved.  Your input is welcomed.  Send
your comments to scs@eskimo.com .

The questions answered here are divided into several categories:

       1. Null Pointers
       2. Arrays and Pointers
       3. Memory Allocation
       4. Expressions
       5. ANSI C
       6. C Preprocessor
       7. Variable-Length Argument Lists
       8. Boolean Expressions and Variables
       9. Structs, Enums, and Unions
      10. Declarations
      11. Stdio
      12. Library Subroutines
      13. Lint
      14. Style
      15. Floating Point
      16. System Dependencies
      17. Miscellaneous (Fortran to C converters, YACC grammars, etc.)

Herewith, some frequently-asked questions and their answers:


Section 1. Null Pointers

1.1:  What is this infamous null pointer, anyway?

A:    The language definition states that for each pointer type, there
      is a special value -- the "null pointer" -- which is
      distinguishable from all other pointer values and which is not
      the address of any object or function.  That is, the address-of
      operator & will never yield a null pointer, nor will a
      successful call to malloc.  (malloc returns a null pointer when
      it fails, and this is a typical use of null pointers: as a
      "special" pointer value with some other meaning, usually "not
      allocated" or "not pointing anywhere yet.")

      A null pointer is conceptually different from an uninitialized
      pointer.  A null pointer is known not to point to any object; an
      uninitialized pointer might point anywhere.  See also questions
      3.1, 3.13, and 17.1.

      As mentioned in the definition above, there is a null pointer
      for each pointer type, and the internal values of null pointers
      for different types may be different.  Although programmers need
      not know the internal values, the compiler must always be
      informed which type of null pointer is required, so it can make
      the distinction if necessary (see below).

      References: K&R I Sec. 5.4 pp. 97-8; K&R II Sec. 5.4 p. 102; H&S
      Sec. 5.3 p. 91; ANSI Sec. 3.2.2.3 p. 38.

1.2:  How do I "get" a null pointer in my programs?

A:    According to the language definition, a constant 0 in a pointer
      context is converted into a null pointer at compile time.  That
      is, in an initialization, assignment, or comparison when one
      side is a variable or expression of pointer type, the compiler
      can tell that a constant 0 on the other side requests a null
      pointer, and generate the correctly-typed null pointer value.
      Therefore, the following fragments are perfectly legal:

            char *p = 0;
            if(p != 0)

      However, an argument being passed to a function is not
      necessarily recognizable as a pointer context, and the compiler
      may not be able to tell that an unadorned 0 "means" a null
      pointer.  For instance, the Unix system call "execl" takes a
      variable-length, null-pointer-terminated list of character
      pointer arguments.  To generate a null pointer in a function
      call context, an explicit cast is typically required, to force
      the 0 to be in a pointer context:

            execl("/bin/sh", "sh", "-c", "ls", (char *)0);

      If the (char *) cast were omitted, the compiler would not know
      to pass a null pointer, and would pass an integer 0 instead.
      (Note that many Unix manuals get this example wrong.)

      When function prototypes are in scope, argument passing becomes
      an "assignment context," and most casts may safely be omitted,
      since the prototype tells the compiler that a pointer is
      required, and of which type, enabling it to correctly convert
      unadorned 0's.  Function prototypes cannot provide the types for
      variable arguments in variable-length argument lists, however,
      so explicit casts are still required for those arguments.  It is
      safest always to cast null pointer function arguments, to guard
      against varargs functions or those without prototypes, to allow
      interim use of non-ANSI compilers, and to demonstrate that you
      know what you are doing.  (Incidentally, it's also a simpler
      rule to remember.)

      Summary:

            Unadorned 0 okay: Explicit cast required:

            initialization          function call,
                              no prototype in scope
            assignment
                              variable argument in
            comparison        varargs function call

            function call,
            prototype in scope,
            fixed argument

      References: K&R I Sec. A7.7 p. 190, Sec. A7.14 p. 192; K&R II
      Sec. A7.10 p. 207, Sec. A7.17 p. 209; H&S Sec. 4.6.3 p. 72; ANSI
      Sec. 3.2.2.3 .

1.3:  What is NULL and how is it #defined?

A:    As a matter of style, many people prefer not to have unadorned
      0's scattered throughout their programs.  For this reason, the
      preprocessor macro NULL is #defined (by <stdio.h> or
      <stddef.h>), with value 0 (or (void *)0, about which more
      later).  A programmer who wishes to make explicit the
      distinction between 0 the integer and 0 the null pointer can
      then use NULL whenever a null pointer is required.  This is a
      stylistic convention only; the preprocessor turns NULL back to 0
      which is then recognized by the compiler (in pointer contexts)
      as before.  In particular, a cast may still be necessary before
      NULL (as before 0) in a function call argument.  (The table
      under question 1.2 above applies for NULL as well as 0.)

      NULL should _only_ be used for pointers; see question 1.8.

      References: K&R I Sec. 5.4 pp. 97-8; K&R II Sec. 5.4 p. 102; H&S
      Sec. 13.1 p. 283; ANSI Sec. 4.1.5 p. 99, Sec. 3.2.2.3 p. 38,
      Rationale Sec. 4.1.5 p. 74.

1.4:  How should NULL be #defined on a machine which uses a nonzero
      bit pattern as the internal representation of a null pointer?

A:    Programmers should never need to know the internal
      representation(s) of null pointers, because they are normally
      taken care of by the compiler.  If a machine uses a nonzero bit
      pattern for null pointers, it is the compiler's responsibility
      to generate it when the programmer requests, by writing "0" or
      "NULL," a null pointer.  Therefore, #defining NULL as 0 on a
      machine for which internal null pointers are nonzero is as valid
      as on any other, because the compiler must (and can) still
      generate the machine's correct null pointers in response to
      unadorned 0's seen in pointer contexts.

1.5:  If NULL were defined as follows:

            #define NULL ((char *)0)

      wouldn't that make function calls which pass an uncast NULL
      work?

A:    Not in general.  The problem is that there are machines which
      use different internal representations for pointers to different
      types of data.  The suggested #definition would make uncast NULL
      arguments to functions expecting pointers to characters to work
      correctly, but pointer arguments to other types would still be
      problematical, and legal constructions such as

            FILE *fp = NULL;

      could fail.

      Nevertheless, ANSI C allows the alternate

            #define NULL ((void *)0)

      definition for NULL.  Besides helping incorrect programs to work
      (but only on machines with homogeneous pointers, thus
      questionably valid assistance) this definition may catch
      programs which use NULL incorrectly (e.g. when the ASCII  NUL
      character was really intended; see question 1.8).

      References: ANSI Rationale Sec. 4.1.5 p. 74.

1.6:  I use the preprocessor macro

            #define Nullptr(type) (type *)0

      to help me build null pointers of the correct type.

A:    This trick, though popular in some circles, does not buy much.
      It is not needed in assignments and comparisons; see question
      1.2.  It does not even save keystrokes.  Its use suggests to the
      reader that the author is shaky on the subject of null pointers,
      and requires the reader to check the #definition of the macro,
      its invocations, and _all_ other pointer usages much more
      carefully.  See also question 8.1.

1.7:  Is the abbreviated pointer comparison "if(p)" to test for non-
      null pointers valid?  What if the internal representation for
      null pointers is nonzero?

A:    When C requires the boolean value of an expression (in the if,
      while, for, and do statements, and with the &&, ||, !, and ?:
      operators), a false value is produced when the expression
      compares equal to zero, and a true value otherwise.  That is,
      whenever one writes

            if(expr)

      where "expr" is any expression at all, the compiler essentially
      acts as if it had been written as

            if(expr != 0)

      Substituting the trivial pointer expression "p" for "expr," we
      have

            if(p) is equivalent to        if(p != 0)

      and this is a comparison context, so the compiler can tell that
      the (implicit) 0 is a null pointer, and use the correct value.
      There is no trickery involved here; compilers do work this way,
      and generate identical code for both statements.  The internal
      representation of a pointer does _not_ matter.

      The boolean negation operator, !, can be described as follows:

            !expr is essentially equivalent to  expr?0:1

      It is left as an exercise for the reader to show that

            if(!p)      is equivalent to        if(p == 0)

      "Abbreviations" such as if(p), though perfectly legal, are
      considered by some to be bad style.

      See also question 8.2.

      References: K&R II Sec. A7.4.7 p. 204; H&S Sec. 5.3 p. 91; ANSI
      Secs. 3.3.3.3, 3.3.9, 3.3.13, 3.3.14, 3.3.15, 3.6.4.1, and
      3.6.5 .

1.8:  If "NULL" and "0" are equivalent, which should I use?

A:    Many programmers believe that "NULL" should be used in all
      pointer contexts, as a reminder that the value is to be thought
      of as a pointer.  Others feel that the confusion surrounding
      "NULL" and "0" is only compounded by hiding "0" behind a
      #definition, and prefer to use unadorned "0" instead.  There is
      no one right answer.  C programmers must understand that "NULL"
      and "0" are interchangeable and that an uncast "0" is perfectly
      acceptable in initialization, assignment, and comparison
      contexts.  Any usage of "NULL" (as opposed to "0") should be
      considered a gentle reminder that a pointer is involved;
      programmers should not depend on it (either for their own
      understanding or the compiler's) for distinguishing pointer 0's
      from integer 0's.

      NULL should _not_ be used when another kind of 0 is required,
      even though it might work, because doing so sends the wrong
      stylistic message.  (ANSI allows the #definition of NULL to be
      (void *)0, which will not work in non-pointer contexts.)  In
      particular, do not use NULL when the ASCII null character (NUL)
      is desired.  Provide your own definition

            #define NUL '\0'

      if you must.

      References: K&R II Sec. 5.4 p. 102.

1.9:  But wouldn't it be better to use NULL (rather than 0) in case
      the value of NULL changes, perhaps on a machine with nonzero
      null pointers?

A:    No.  Although symbolic constants are often used in place of
      numbers because the numbers might change, this is _not_ the
      reason that NULL is used in place of 0.  Once again, the
      language guarantees that source-code 0's (in pointer contexts)
      generate null pointers.  NULL is used only as a stylistic
      convention.

1.10: I'm confused.  NULL is guaranteed to be 0, but the null pointer
      is not?

A:    When the term "null" or "NULL" is casually used, one of several
      things may be meant:

      1.    The conceptual null pointer, the abstract language
            concept defined in question 1.1.  It is implemented
            with...

      2.    The internal (or run-time) representation of a null
            pointer, which may or may not be all-bits-0 and which
            may be different for different pointer types.  The
            actual values should be of concern only to compiler
            writers.  Authors of C programs never see them, since
            they use...

      3.    The source code syntax for null pointers, which is the
            single character "0".  It is often hidden behind...

      4.    The NULL macro, which is #defined to be "0" or
            "(void *)0".  Finally, as red herrings, we have...

      5.    The ASCII null character (NUL), which does have all bits
            zero, but has no necessary relation to the null pointer
            except in name; and...

      6.    The "null string," which is another name for an empty
            string ("").  The term "null string" can be confusing in
            C (and should perhaps be avoided), because it involves a
            null ('\0') character, but not a null pointer, which
            brings us full circle...

      This article always uses the phrase "null pointer" (in lower
      case) for sense 1, the character "0" for sense 3, and the
      capitalized word "NULL" for sense 4.

1.11: Why is there so much confusion surrounding null pointers?  Why
      do these questions come up so often?

A:    C programmers traditionally like to know more than they need to
      about the underlying machine implementation.  The fact that null
      pointers are represented both in source code, and internally to
      most machines, as zero invites unwarranted assumptions.  The use
      of a preprocessor macro (NULL) suggests that the value might
      change later, or on some weird machine.  The construct
      "if(p == 0)" is easily misread as calling for conversion of p to
      an integral type, rather than 0 to a pointer type, before the
      comparison.  Finally, the distinction between the several uses
      of the term "null" (listed above) is often overlooked.

      One good way to wade out of the confusion is to imagine that C
      had a keyword (perhaps "nil", like Pascal) with which null
      pointers were requested.  The compiler could either turn "nil"
      into the correct type of null pointer, when it could determine
      the type from the source code, or complain when it could not.
      Now, in fact, in C the keyword for a null pointer is not "nil"
      but "0", which works almost as well, except that an uncast "0"
      in a non-pointer context generates an integer zero instead of an
      error message, and if that uncast 0 was supposed to be a null
      pointer, the code may not work.

1.12: I'm still confused.  I just can't understand all this null
      pointer stuff.

A:    Follow these two simple rules:

      1.    When you want to refer to a null pointer in source code,
            use "0" or "NULL".

      2.    If the usage of "0" or "NULL" is an argument in a
            function call, cast it to the pointer type expected by
            the function being called.

      The rest of the discussion has to do with other people's
      misunderstandings, or with the internal representation of null
      pointers (which you shouldn't need to know), or with ANSI C
      refinements.  Understand questions 1.1, 1.2, and 1.3, and
      consider 1.8 and 1.11, and you'll do fine.

1.13: Given all the confusion surrounding null pointers, wouldn't it
      be easier simply to require them to be represented internally by
      zeroes?

A:    If for no other reason, doing so would be ill-advised because it
      would unnecessarily constrain implementations which would
      otherwise naturally represent null pointers by special, nonzero
      bit patterns, particularly when those values would trigger
      automatic hardware traps for invalid accesses.

      Besides, what would this requirement really accomplish?  Proper
      understanding of null pointers does not require knowledge of the
      internal representation, whether zero or nonzero.  Assuming that
      null pointers are internally zero does not make any code easier
      to write (except for a certain ill-advised usage of calloc; see
      question 3.13).  Known-zero internal pointers would not obviate
      casts in function calls, because the _size_ of the pointer might
      still be different from that of an int.  (If "nil" were used to
      request null pointers rather than "0," as mentioned in question
      1.11, the urge to assume an internal zero representation would
      not even arise.)

1.14: Seriously, have any actual machines really used nonzero null
      pointers, or different representations for pointers to different
      types?

A:    The Prime 50 series used segment 07777, offset 0 for the null
      pointer, at least for PL/I.  Later models used segment 0, offset
      0 for null pointers in C, necessitating new instructions such as
      TCNP (Test C Null Pointer), evidently as a sop to all the extant
      poorly-written C code which made incorrect assumptions.  Older,
      word-addressed Prime machines were also notorious for requiring
      larger byte pointers (char *'s) than word pointers (int *'s).

      The Eclipse MV series from Data General has three
      architecturally supported pointer formats (word, byte, and bit
      pointers), two of which are used by C compilers: byte pointers
      for char * and void *, and word pointers for everything else.

      Some Honeywell-Bull mainframes use the bit pattern 06000 for
      (internal) null pointers.

      The CDC Cyber 180 Series has 48-bit pointers consisting of a
      ring, segment, and offset.  Most users (in ring 11) have null
      pointers of 0xB00000000000.

      The Symbolics Lisp Machine, a tagged architecture, does not even
      have conventional numeric pointers; it uses the pair <NIL, 0>
      (basically a nonexistent <object, offset> handle) as a C null
      pointer.

      Depending on the "memory model" in use, 80*86 processors (PC's)
      may use 16 bit data pointers and 32 bit function pointers, or
      vice versa.

      The old HP 3000 series computers use a different addressing
      scheme for byte addresses than for word addresses; void and char
      pointers therefore have a different representation than an int
      (structure, etc.) pointer to the same address would have.

1.15: What does a run-time "null pointer assignment" error mean?  How
      do I track it down?

A:    This message, which occurs only under MS-DOS (see, therefore,
      section 16) means that you've written, via an unintialized
      and/or null pointer, to location zero.

      A debugger will usually let you set a data breakpoint on
      location 0.  Alternately, you could write a bit of code to copy
      20 or so bytes from location 0 into another buffer, and
      periodically check that it hasn't changed.


Section 2. Arrays and Pointers

2.1:  I had the definition char a[6] in one source file, and in
      another I declared extern char *a.  Why didn't it work?

A:    The declaration extern char *a simply does not match the actual
      definition.  The type "pointer-to-type-T" is not the same as
      "array-of-type-T."  Use extern char a[].

      References: CT&P Sec. 3.3 pp. 33-4, Sec. 4.5 pp. 64-5.

2.2:  But I heard that char a[] was identical to char *a.

A:    Not at all.  (What you heard has to do with formal parameters to
      functions; see question 2.4.)  Arrays are not pointers.  The
      array declaration "char a[6];" requests that space for six
      characters be set aside, to be known by the name "a."  That is,
      there is a location named "a" at which six characters can sit.
      The pointer declaration "char *p;" on the other hand, requests a
      place which holds a pointer.  The pointer is to be known by the
      name "p," and can point to any char (or contiguous array of
      chars) anywhere.

      As usual, a picture is worth a thousand words.  The statements

            char a[] = "hello";
            char *p = "world";

      would result in data structures which could be represented like
      this:

               +---+---+---+---+---+---+
            a: | h | e | l | l | o |\0 |
               +---+---+---+---+---+---+

               +-----+     +---+---+---+---+---+---+
            p: |  *======> | w | o | r | l | d |\0 |
               +-----+     +---+---+---+---+---+---+

      It is important to realize that a reference like x[3] generates
      different code depending on whether x is an array or a pointer.
      Given the declarations above, when the compiler sees the
      expression a[3], it emits code to start at the location "a,"
      move three past it, and fetch the character there.  When it sees
      the expression p[3], it emits code to start at the location "p,"
      fetch the pointer value there, add three to the pointer, and
      finally fetch the character pointed to.  In the example above,
      both a[3] and p[3] happen to be the character 'l', but the
      compiler gets there differently.  (See also questions 17.19 and
      17.20.)

2.3:  So what is meant by the "equivalence of pointers and arrays" in
      C?

A:    Much of the confusion surrounding pointers in C can be traced to
      a misunderstanding of this statement.  Saying that arrays and
      pointers are "equivalent" neither means that they are identical
      nor even interchangeable.

      "Equivalence" refers to the following key definition:

            An lvalue [see question 2.5] of type array-of-T
            which appears in an expression decays (with
            three exceptions) into a pointer to its first
            element; the type of the resultant pointer is
            pointer-to-T.

      (The exceptions are when the array is the operand of a sizeof or
      & operator, or is a literal string initializer for a character
      array.)

      As a consequence of this definition, there is no apparent
      difference in the behavior of the "array subscripting" operator
      [] as it applies to arrays and pointers.  In an expression of
      the form a[i], the array reference "a" decays into a pointer,
      following the rule above, and is then subscripted just as would
      be a pointer variable in the expression p[i] (although the
      eventual memory accesses will be different, as explained in
      question 2.2).  In either case, the expression x[i] (where x is
      an array or a pointer) is, by definition, identical to
      *((x)+(i)).

      References: K&R I Sec. 5.3 pp. 93-6; K&R II Sec. 5.3 p. 99; H&S
      Sec. 5.4.1 p. 93; ANSI Sec. 3.2.2.1, Sec. 3.3.2.1, Sec. 3.3.6 .

2.4:  Then why are array and pointer declarations interchangeable as
      function formal parameters?

A:    Since arrays decay immediately into pointers, an array is never
      actually passed to a function.  As a convenience, any parameter
      declarations which "look like" arrays, e.g.

            f(a)
            char a[];

      are treated by the compiler as if they were pointers, since that
      is what the function will receive if an array is passed:

            f(a)
            char *a;

      This conversion holds only within function formal parameter
      declarations, nowhere else.  If this conversion bothers you,
      avoid it; many people have concluded that the confusion it
      causes outweighs the small advantage of having the declaration
      "look like" the call and/or the uses within the function.

      References: K&R I Sec. 5.3 p. 95, Sec. A10.1 p. 205; K&R II
      Sec. 5.3 p. 100, Sec. A8.6.3 p. 218, Sec. A10.1 p. 226; H&S
      Sec. 5.4.3 p. 96; ANSI Sec. 3.5.4.3, Sec. 3.7.1, CT&P Sec. 3.3
      pp. 33-4.

2.5:  How can an array be an lvalue, if you can't assign to it?

A:    The ANSI C Standard defines a "modifiable lvalue," which an
      array is not.

      References: ANSI Sec. 3.2.2.1 p. 37.

2.6:  Why doesn't sizeof properly report the size of an array which is
      a parameter to a function?

A:    The sizeof operator reports the size of the pointer parameter
      which the function actually receives (see question 2.4).

2.7:  Someone explained to me that arrays were really just constant
      pointers.

A:    This is a bit of an oversimplification.  An array name is
      "constant" in that it cannot be assigned to, but an array is
      _not_ a pointer, as the discussion and pictures in question 2.2
      should make clear.

2.8:  Practically speaking, what is the difference between arrays and
      pointers?

A:    Arrays automatically allocate space, but can't be relocated or
      resized.  Pointers must be explicitly assigned to point to
      allocated space (perhaps using malloc), but can be reassigned
      (i.e. pointed at different objects) at will, and have many other
      uses besides serving as the base of blocks of memory.

      Due to the so-called equivalence of arrays and pointers (see
      question 2.3), arrays and pointers often seem interchangeable,
      and in particular a pointer to a block of memory assigned by
      malloc is frequently treated (and can be referenced using []
      exactly) as if it were a true array.  (See question 2.14; see
      also question 17.20.)

2.9:  I came across some "joke" code containing the "expression"
      5["abcdef"] .  How can this be legal C?

A:    Yes, Virginia, array subscripting is commutative in C.  This
      curious fact follows from the pointer definition of array
      subscripting, namely that a[e] is identical to *((a)+(e)), for
      _any_ expression e and primary expression a, as long as one of
      them is a pointer expression and one is integral.  This
      unsuspected commutativity is often mentioned in C texts as if it
      were something to be proud of, but it finds no useful
      application outside of the Obfuscated C Contest (see question
      17.13).

      References: ANSI Rationale Sec. 3.3.2.1 p. 41.

2.10: My compiler complained when I passed a two-dimensional array to
      a routine expecting a pointer to a pointer.

A:    The rule by which arrays decay into pointers is not applied
      recursively.  An array of arrays (i.e. a two-dimensional array
      in C) decays into a pointer to an array, not a pointer to a
      pointer.  Pointers to arrays can be confusing, and must be
      treated carefully.  (The confusion is heightened by the
      existence of incorrect compilers, including some versions of pcc
      and pcc-derived lint's, which improperly accept assignments of
      multi-dimensional arrays to multi-level pointers.)  If you are
      passing a two-dimensional array to a function:

            int array[NROWS][NCOLUMNS];
            f(array);

      the function's declaration should match:

            f(int a[][NCOLUMNS]) {...}
      or
            f(int (*ap)[NCOLUMNS]) {...}   /* ap is a pointer to an array */

      In the first declaration, the compiler performs the usual
      implicit parameter rewriting of "array of array" to "pointer to
      array;" in the second form the pointer declaration is explicit.
      Since the called function does not allocate space for the array,
      it does not need to know the overall size, so the number of
      "rows," NROWS, can be omitted.  The "shape" of the array is
      still important, so the "column" dimension NCOLUMNS (and, for 3-
      or more dimensional arrays, the intervening ones) must be
      included.

      If a function is already declared as accepting a pointer to a
      pointer, it is probably incorrect to pass a two-dimensional
      array directly to it.

      References: K&R I Sec. 5.10 p. 110; K&R II Sec. 5.9 p. 113.

2.11: How do I write functions which accept 2-dimensional arrays when
      the "width" is not known at compile time?

A:    It's not easy.  One way is to pass in a pointer to the [0][0]
      element, along with the two dimensions, and simulate array
      subscripting "by hand:"

            f2(aryp, nrows, ncolumns)
            int *aryp;
            int nrows, ncolumns;
            { ... ary[i][j] is really aryp[i * ncolumns + j] ... }

      This function could be called with the array from question 2.10
      as

            f2(&array[0][0], NROWS, NCOLUMNS);

      It must be noted, however, that a program which performs
      multidimensional array subscripting "by hand" in this way is not
      in strict conformance with the ANSI C Standard; the behavior of
      accessing (&array[0][0])[x] is not defined for x > NCOLUMNS.

      gcc allows local arrays to be declared having sizes which are
      specified by a function's arguments, but this is a nonstandard
      extension.

      See also question 2.15.

2.12: How do I declare a pointer to an array?

A:    Usually, you don't want to.  When people speak casually of a
      pointer to an array, they usually mean a pointer to its first
      element.

      Instead of a pointer to an array, consider using a pointer to
      one of the array's elements.  Arrays of type T decay into
      pointers to type T (see question 2.3), which is convenient;
      subscripting or incrementing the resultant pointer accesses the
      individual members of the array.  True pointers to arrays, when
      subscripted or incremented, step over entire arrays, and are
      generally only useful when operating on arrays of arrays, if at
      all.  (See question 2.10 above.)

      If you really need to declare a pointer to an entire array, use
      something like "int (*ap)[N];" where N is the size of the array.
      (See also question 10.4.)  If the size of the array is unknown,
      N can be omitted, but the resulting type, "pointer to array of
      unknown size," is useless.

2.13: Since array references decay to pointers, given

            int array[NROWS][NCOLUMNS];

      what's the difference between array and &array?

A:    Under ANSI/ISO Standard C, &array yields a pointer, of type
      pointer-to-array-of-T, to the entire array (see also question
      2.12).  Under pre-ANSI C, the & in &array generally elicited a
      warning, and was generally ignored.  Under all C compilers, an
      unadorned reference to an array yields a pointer, of type
      pointer-to-T, to the array's first element.  (See also question
      2.3.)

2.14: How can I dynamically allocate a multidimensional array?

A:    It is usually best to allocate an array of pointers, and then
      initialize each pointer to a dynamically-allocated "row."  Here
      is a two-dimensional example:

            int **array1 = (int **)malloc(nrows * sizeof(int *));
            for(i = 0; i < nrows; i++)
                  array1[i] = (int *)malloc(ncolumns * sizeof(int));

      (In "real" code, of course, malloc would be declared correctly,
      and each return value checked.)

      You can keep the array's contents contiguous, while making later
      reallocation of individual rows difficult, with a bit of
      explicit pointer arithmetic:

            int **array2 = (int **)malloc(nrows * sizeof(int *));
            array2[0] = (int *)malloc(nrows * ncolumns * sizeof(int));
            for(i = 1; i < nrows; i++)
                  array2[i] = array2[0] + i * ncolumns;

      In either case, the elements of the dynamic array can be
      accessed with normal-looking array subscripts: array[i][j].

      If the double indirection implied by the above schemes is for
      some reason unacceptable, you can simulate a two-dimensional
      array with a single, dynamically-allocated one-dimensional
      array:

            int *array3 = (int *)malloc(nrows * ncolumns * sizeof(int));

      However, you must now perform subscript calculations manually,
      accessing the i,jth element with array3[i * ncolumns + j].  (A
      macro can hide the explicit calculation, but invoking it then
      requires parentheses and commas which don't look exactly like
      multidimensional array subscripts.)

      Finally, you can use pointers-to-arrays:

            int (*array4)[NCOLUMNS] =
                  (int (*)[NCOLUMNS])malloc(nrows * sizeof(*array4));

      , but the syntax gets horrific and all but one dimension must be
      known at compile time.

      With all of these techniques, you may of course need to remember
      to free the arrays (which may take several steps; see question
      3.9) when they are no longer needed, and you cannot necessarily
      intermix the dynamically-allocated arrays with conventional,
      statically-allocated ones (see question 2.15 below, and also
      question 2.10).

2.15: How can I use statically- and dynamically-allocated
      multidimensional arrays interchangeably when passing them to
      functions?

A:    There is no single perfect method.  Given the declarations

            int array[NROWS][NCOLUMNS];
            int **array1;
            int **array2;
            int *array3;
            int (*array4)[NCOLUMNS];

      as initialized in the code fragments in questions 2.10 and 2.14,
      and functions declared as

            f1(int a[][NCOLUMNS], int m, int n);
            f2(int *aryp, int nrows, int ncolumns);
            f3(int **pp, int m, int n);

      (see questions 2.10 and 2.11), the following calls should work
      as expected:

            f1(array, NROWS, NCOLUMNS);
            f1(array4, nrows, NCOLUMNS);
            f2(&array[0][0], NROWS, NCOLUMNS);
            f2(*array2, nrows, ncolumns);
            f2(array3, nrows, ncolumns);
            f2(*array4, nrows, NCOLUMNS);
            f3(array1, nrows, ncolumns);
            f3(array2, nrows, ncolumns);

      The following two calls would probably work, but involve
      questionable casts, and work only if the dynamic ncolumns
      matches the static NCOLUMNS:

            f1((int (*)[NCOLUMNS])(*array2), nrows, ncolumns);
            f1((int (*)[NCOLUMNS])array3, nrows, ncolumns);

      It must again be noted that passing &array[0][0] to f2() is not
      strictly conforming; see question 2.11.

      If you can understand why all of the above calls work and are
      written as they are, and if you understand why the combinations
      that are not listed would not work, then you have a _very_ good
      understanding of arrays and pointers (and several other areas)
      in C.

2.16: Here's a neat trick: if I write

            int realarray[10];
            int *array = &realarray[-1];

      I can treat "array" as if it were a 1-based array.

A:    Although this technique is attractive (and was used in old
      editions of the book Numerical Recipes in C), it does not
      conform to the C standards.  Pointer arithmetic is defined only
      as long as the pointer points within the same allocated block of
      memory, or to the imaginary "terminating" element one past it;
      otherwise, the behavior is undefined, _even if the pointer is
      not dereferenced_.  The code above could fail if, while
      subtracting the offset, an illegal address were generated
      (perhaps because the address tried to "wrap around" past the
      beginning of some memory segment).

      References: ANSI Sec. 3.3.6 p. 48, Rationale Sec. 3.2.2.3 p. 38;
      K&R II Sec. 5.3 p. 100, Sec. 5.4 pp. 102-3, Sec. A7.7 pp. 205-6.

2.17: I passed a pointer to a function which initialized it:

            ...
            int *ip;
            f(ip);
            ...

            void f(ip)
            int *ip;
            {
                  static int dummy = 5;
                  ip = &dummy;
            }

      , but the pointer in the caller was unchanged.

A:    Did the function try to initialize the pointer itself, or just
      what it pointed to?  Remember that arguments in C are passed by
      value.  The called function altered only the passed copy of the
      pointer.  You'll either want to pass the address of the pointer
      (the function will end up accepting a pointer-to-a-pointer), or
      have the function return the pointer.

2.18: I have a char * pointer that happens to point to some ints, and
      I want to step it over them.  Why doesn't

            ((int *)p)++;

      work?

A:    In C, a cast operator does not mean "pretend these bits have a
      different type, and treat them accordingly;" it is a conversion
      operator, and by definition it yields an rvalue, which cannot be
      assigned to, or incremented with ++.  (It is an anomaly in pcc-
      derived compilers, and an extension in gcc, that expressions
      such as the above are ever accepted.)  Say what you mean: use

            p = (char *)((int *)p + 1);

      , or simply

            p += sizeof(int);

      References: ANSI Sec. 3.3.4, Rationale Sec. 3.3.2.4 p. 43.

2.19: Can I use a void ** pointer to pass a generic pointer to a
      function by reference?

A:    Not portably.  There is no generic pointer-to-pointer type in C.
      void * acts as a generic pointer only because conversions are
      applied automatically when other pointer types are assigned to
      and from void *'s; these conversions cannot be performed (the
      correct underlying pointer type is not known) if an attempt is
      made to indirect upon a void ** value which points at something
      other than a void *.


Section 3. Memory Allocation

3.1:  Why doesn't this fragment work?

            char *answer;
            printf("Type something:\n");
            gets(answer);
            printf("You typed \"%s\"\n", answer);

A:    The pointer variable "answer," which is handed to the gets
      function as the location into which the response should be
      stored, has not been set to point to any valid storage.  That
      is, we cannot say where the pointer "answer" points.  (Since
      local variables are not initialized, and typically contain
      garbage, it is not even guaranteed that "answer" starts out as a
      null pointer.  See question 17.1.)

      The simplest way to correct the question-asking program is to
      use a local array, instead of a pointer, and let the compiler
      worry about allocation:

            #include <string.h>

            char answer[100], *p;
            printf("Type something:\n");
            fgets(answer, sizeof(answer), stdin);
            if((p = strchr(answer, '\n')) != NULL)
                  *p = '\0';
            printf("You typed \"%s\"\n", answer);

      Note that this example also uses fgets() instead of gets()
      (always a good idea; see question 11.6), allowing the size of
      the array to be specified, so that the end of the array will not
      be overwritten if the user types an overly-long line.
      (Unfortunately for this example, fgets() does not automatically
      delete the trailing \n, as gets() would.)  It would also be
      possible to use malloc() to allocate the answer buffer.

3.2:  I can't get strcat to work.  I tried

            char *s1 = "Hello, ";
            char *s2 = "world!";
            char *s3 = strcat(s1, s2);

      but I got strange results.

A:    Again, the problem is that space for the concatenated result is
      not properly allocated.  C does not provide an automatically-
      managed string type.  C compilers only allocate memory for
      objects explicitly mentioned in the source code (in the case of
      "strings," this includes character arrays and string literals).
      The programmer must arrange (explicitly) for sufficient space
      for the results of run-time operations such as string
      concatenation, typically by declaring arrays, or by calling
      malloc.  (See also question 17.20.)

      strcat performs no allocation; the second string is appended to
      the first one, in place.  Therefore, one fix would be to declare
      the first string as an array with sufficient space:

            char s1[20] = "Hello, ";

      Since strcat returns the value of its first argument (s1, in
      this case), the s3 variable is superfluous.

      References: CT&P Sec. 3.2 p. 32.

3.3:  But the man page for strcat says that it takes two char *'s as
      arguments.  How am I supposed to know to allocate things?

A:    In general, when using pointers you _always_ have to consider
      memory allocation, at least to make sure that the compiler is
      doing it for you.  If a library routine's documentation does not
      explicitly mention allocation, it is usually the caller's
      problem.

      The Synopsis section at the top of a Unix-style man page can be
      misleading.  The code fragments presented there are closer to
      the function definition used by the call's implementor than the
      invocation used by the caller.  In particular, many routines
      which accept pointers (e.g. to structs or strings), are usually
      called with the address of some object (a struct, or an array --
      see questions 2.3 and 2.4.)  Another common example is stat().

3.4:  I have a function that is supposed to return a string, but when
      it returns to its caller, the returned string is garbage.

A:    Make sure that the memory to which the function returns a
      pointer is correctly allocated.  The returned pointer should be
      to a statically-allocated buffer, or to a buffer passed in by
      the caller, or to memory obtained with malloc(), but _not_ to a
      local (auto) array.  In other words, never do something like

            char *f()
            {
                  char buf[10];
                  /* ... */
                  return buf;
            }

      One fix (which is imperfect, especially if f() is called
      recursively, or if several of its return values are needed
      simultaneously) would to to declare the buffer as

                  static char buf[10];

      See also question 17.5.

3.5:  Why does some code carefully cast the values returned by malloc
      to the pointer type being allocated?

A:    Before ANSI/ISO Standard C introduced the void * generic pointer
      type, these casts were typically required to silence warnings
      about assignment between incompatible pointer types.  (Under
      ANSI/ISO Standard C, these casts are not required.)

3.6:  You can't use dynamically-allocated memory after you free it,
      can you?

A:    No.  Some early documentation for malloc stated that the
      contents of freed memory was "left undisturbed;" this ill-
      advised guarantee was never universal and is not required by
      ANSI.

      Few programmers would use the contents of freed memory
      deliberately, but it is easy to do so accidentally.  Consider
      the following (correct) code for freeing a singly-linked list:

            struct list *listp, *nextp;
            for(listp = base; listp != NULL; listp = nextp) {
                  nextp = listp->next;
                  free((char *)listp);
            }

      and notice what would happen if the more-obvious loop iteration
      expression listp = listp->next were used, without the temporary
      nextp pointer.

      References: ANSI Rationale Sec. 4.10.3.2 p. 102; CT&P Sec. 7.10
      p. 95.

3.7:  How does free() know how many bytes to free?

A:    The malloc/free package remembers the size of each block it
      allocates and returns, so it is not necessary to remind it of
      the size when freeing.

3.8:  So can I query the malloc package to find out how big an
      allocated block is?

A:    Not portably.

3.9:  I'm allocating structures which contain pointers to other
      dynamically-allocated objects.  When I free a structure, do I
      have to free each subsidiary pointer first?

A:    Yes.  In general, you must arrange that each pointer returned
      from malloc be individually passed to free, exactly once (if it
      is freed at all).

3.10: I have a program which mallocs but then frees a lot of memory,
      but memory usage (as reported by ps) doesn't seem to go back
      down.

A:    Most implementations of malloc/free do not return freed memory
      to the operating system (if there is one), but merely make it
      available for future malloc calls within the same process.

3.11: Must I free allocated memory before the program exits?

A:    You shouldn't have to.  A real operating system definitively
      reclaims all memory when a program exits.  Nevertheless, some
      personal computers are said not to reliably recover memory, and
      all that can be inferred from the ANSI/ISO C Standard is that it
      is a "quality of implementation issue."

      References: ANSI Sec. 4.10.3.2 .

3.12: Is it legal to pass a null pointer as the first argument to
      realloc()?  Why would you want to?

A:    ANSI C sanctions this usage (and the related realloc(..., 0),
      which frees), but several earlier implementations do not support
      it, so it is not widely portable.  Passing an initially-null
      pointer to realloc can make it easier to write a self-starting
      incremental allocation algorithm.

      References: ANSI Sec. 4.10.3.4 .

3.13: What is the difference between calloc and malloc?  Is it safe to
      use calloc's zero-fill guarantee for pointer and floating-point
      values?  Does free work on memory allocated with calloc, or do
      you need a cfree?

A:    calloc(m, n) is essentially equivalent to

            p = malloc(m * n);
            memset(p, 0, m * n);

      The zero fill is all-bits-zero, and does not therefore guarantee
      useful zero values for pointers (see section 1 of this list) or
      floating-point values.  free can (and should) be used to free
      the memory allocated by calloc.

      References: ANSI Secs. 4.10.3 to 4.10.3.2 .

3.14: What is alloca and why is its use discouraged?

A:    alloca allocates memory which is automatically freed when the
      function which called alloca returns.  That is, memory allocated
      with alloca is local to a particular function's "stack frame" or
      context.

      alloca cannot be written portably, and is difficult to implement
      on machines without a stack.  Its use is problematical (and the
      obvious implementation on a stack-based machine fails) when its
      return value is passed directly to another function, as in
      fgets(alloca(100), 100, stdin).

      For these reasons, alloca cannot be used in programs which must
      be widely portable, no matter how useful it might be.

      References: ANSI Rationale Sec. 4.10.3 p. 102.


Section 4. Expressions

4.1:  Why doesn't this code:

            a[i] = i++;

      work?

A:    The subexpression i++ causes a side effect -- it modifies i's
      value -- which leads to undefined behavior if i is also
      referenced elsewhere in the same expression.  (Note that
      although the language in K&R suggests that the behavior of this
      expression is unspecified, the ANSI/ISO C Standard makes the
      stronger statement that it is undefined -- see question 5.23.)

      References: ANSI Sec. 3.3 p. 39.

4.2:  Under my compiler, the code

            int i = 7;
            printf("%d\n", i++ * i++);

      prints 49.  Regardless of the order of evaluation, shouldn't it
      print 56?

A:    Although the postincrement and postdecrement operators ++ and --
      perform the operations after yielding the former value, the
      implication of "after" is often misunderstood.  It is _not_
      guaranteed that the operation is performed immediately after
      giving up the previous value and before any other part of the
      expression is evaluated.  It is merely guaranteed that the
      update will be performed sometime before the expression is
      considered "finished" (before the next "sequence point," in ANSI
      C's terminology).  In the example, the compiler chose to
      multiply the previous value by itself and to perform both
      increments afterwards.

      The behavior of code which contains multiple, ambiguous side
      effects has always been undefined (see question 5.23).  Don't
      even try to find out how your compiler implements such things
      (contrary to the ill-advised exercises in many C textbooks); as
      K&R wisely point out, "if you don't know _how_ they are done on
      various machines, that innocence may help to protect you."

      References: K&R I Sec. 2.12 p. 50; K&R II Sec. 2.12 p. 54; ANSI
      Sec. 3.3 p. 39; CT&P Sec. 3.7 p. 47; PCS Sec. 9.5 pp. 120-1.
      (Ignore H&S Sec. 7.12 pp. 190-1, which is obsolete.)

4.3:  I've experimented with the code

            int i = 2;
            i = i++;

      on several compilers.  Some gave i the value 2, some gave 3, but
      one gave 4.  I know the behavior is undefined, but how could it
      give 4?

A:    Undefined behavior means _anything_ can happen.  See question
      5.23.

4.4:  People keep saying the behavior is undefined, but I just tried
      it on an ANSI-conforming compiler, and got the results I
      expected.

A:    A compiler may do anything it likes when faced with undefined
      behavior (and, within limits, with implementation-defined and
      unspecified behavior), including doing what you expect.  It's
      unwise to depend on it, though.  See also question 5.18.

4.5:  Can I use explicit parentheses to force the order of evaluation
      I want?  Even if I don't, doesn't precedence dictate it?

A:    Operator precedence and explicit parentheses impose only a
      partial ordering on the evaluation of an expression.  Consider
      the expression

            f() + g() * h()

      -- although we know that the multiplication will happen before
      the addition, there is no telling which of the three functions
      will be called first.

4.6:  But what about the &&, ||, and comma operators?
      I see code like "if((c = getchar()) == EOF || c == '\n')" ...

A:    There is a special exception for those operators, (as well as
      the ?: operator); each of them does imply a sequence point (i.e.
      left-to-right evaluation is guaranteed).  Any book on C should
      make this clear.

      References: K&R I Sec. 2.6 p. 38, Secs. A7.11-12 pp. 190-1;
      K&R II Sec. 2.6 p. 41, Secs. A7.14-15 pp. 207-8; ANSI
      Secs. 3.3.13 p. 52, 3.3.14 p. 52, 3.3.15 p. 53, 3.3.17 p. 55,
      CT&P Sec. 3.7 pp. 46-7.

4.7:  If I'm not using the value of the expression, should I use i++
      or ++i to increment a variable?

A:    Since the two forms differ only in the value yielded, they are
      entirely equivalent when only their side effect is needed.

4.8:  Why doesn't the code

            int a = 1000, b = 1000;
            long int c = a * b;

      work?

A:    Under C's integral promotion rules, the multiplication is
      carried out using int arithmetic, and the result may overflow
      and/or be truncated before being assigned to the long int left-
      hand-side.  Use an explicit cast to force long arithmetic:

            long int c = (long int)a * b;

      Note that the code (long int)(a * b) would _not_ have the
      desired effect.


Section 5. ANSI C

5.1:  What is the "ANSI C Standard?"

A:    In 1983, the American National Standards Institute (ANSI)
      commissioned a committee, X3J11, to standardize the C language.
      After a long, arduous process, including several widespread
      public reviews, the committee's work was finally ratified as ANS
      X3.159-1989, on December 14, 1989, and published in the spring
      of 1990.  For the most part, ANSI C standardizes existing
      practice, with a few additions from C++ (most notably function
      prototypes) and support for multinational character sets
      (including the much-lambasted trigraph sequences).  The ANSI C
      standard also formalizes the C run-time library support
      routines.

      The published Standard includes a "Rationale," which explains
      many of its decisions, and discusses a number of subtle points,
      including several of those covered here.  (The Rationale is "not
      part of ANSI Standard X3.159-1989, but is included for
      information only.")

      The Standard has been adopted as an international standard,
      ISO/IEC 9899:1990, although the sections are numbered
      differently (briefly, ANSI sections 2 through 4 correspond
      roughly to ISO sections 5 through 7), and the Rationale is
      currently not included.

5.2:  How can I get a copy of the Standard?

A:    ANSI X3.159 has been officially superseded by ISO 9899.  Copies
      are available in the United States from

            American National Standards Institute
            11 W. 42nd St., 13th floor
            New York, NY  10036  USA
            (+1) 212 642 4900

      or

            Global Engineering Documents
            2805 McGaw Avenue
            Irvine, CA  92714  USA
            (+1) 714 261 1455
            (800) 854 7179  (U.S. & Canada)

      In other countries, contact the appropriate national standards
      body, or ISO in Geneva at:

            ISO Sales
            Case Postale 56
            CH-1211 Geneve 20
            Switzerland

      The cost is $130.00 from ANSI or $162.50 from Global.  Copies of
      the original X3.159 (including the Rationale) are still
      available at $205.00 from ANSI or $200.50 from Global.  Note
      that ANSI derives revenues to support its operations from the
      sale of printed standards, so electronic copies are _not_
      available.

      The mistitled _Annotated ANSI C Standard_, with annotations by
      Herbert Schildt, contains all but a few pages of ISO 9899; it is
      published by Osborne/McGraw-Hill, ISBN 0-07-881952-0, and sells
      in the U.S. for approximately $40.  (It has been suggested that
      the price differential between this work and the official
      standard reflects the value of the annotations.)

      The text of the Rationale (not the full Standard) is now
      available for anonymous ftp from ftp.uu.net (see question 17.12)
      in directory doc/standards/ansi/X3.159-1989 .  The Rationale has
      also been printed by Silicon Press, ISBN 0-929306-07-4.

5.3:  Does anyone have a tool for converting old-style C programs to
      ANSI C, or vice versa, or for automatically generating
      prototypes?

A:    Two programs, protoize and unprotoize, convert back and forth
      between prototyped and "old style" function definitions and
      declarations.  (These programs do _not_ handle full-blown
      translation between "Classic" C and ANSI C.)  These programs
      were once patches to the FSF GNU C compiler, gcc, but are now
      part of the main gcc distribution; look in pub/gnu at
      prep.ai.mit.edu (18.71.0.38), or at several other FSF archive
      sites.

      The unproto program (/pub/unix/unproto5.shar.Z on
      ftp.win.tue.nl) is a filter which sits between the preprocessor
      and the next compiler pass, converting most of ANSI C to
      traditional C on-the-fly.

      The GNU GhostScript package comes with a little program called
      ansi2knr.

      Several prototype generators exist, many as modifications to
      lint.  Version 3 of CPROTO was posted to comp.sources.misc in
      March, 1992.  There is another program called "cextract."  See
      also question 17.12.

      Finally, are you sure you really need to convert lots of old
      code to ANSI C?  The old-style function syntax is still
      acceptable.

5.4:  I'm trying to use the ANSI "stringizing" preprocessing operator
      # to insert the value of a symbolic constant into a message, but
      it keeps stringizing the macro's name rather than its value.

A:    You must use something like the following two-step procedure to
      force the macro to be expanded as well as stringized:

            #define str(x) #x
            #define xstr(x) str(x)
            #define OP plus
            char *opname = xstr(OP);

      This sets opname to "plus" rather than "OP".

      An equivalent circumlocution is necessary with the token-pasting
      operator ## when the values (rather than the names) of two
      macros are to be concatenated.

      References: ANSI Sec. 3.8.3.2, Sec. 3.8.3.5 example p. 93.

5.5:  I don't understand why I can't use const values in initializers
      and array dimensions, as in

            const int n = 5;
            int a[n];

A:    The const qualifier really means "read-only;" an object so
      qualified is a normal run-time object which cannot (normally) be
      assigned to.  The value of a const-qualified object is therefore
      _not_ a constant expression in the full sense of the term.  (C
      is unlike C++ in this regard.)  When you need a true compile-
      time constant, use a preprocessor #define.

      References: ANSI Sec. 3.4 .

5.6:  What's the difference between "char const *p" and
      "char * const p"?

A:    "char const *p" is a pointer to a constant character (you can't
      change the character); "char * const p" is a constant pointer to
      a (variable) character (i.e. you can't change the pointer).
      (Read these "inside out" to understand them.  See question
      10.4.)

      References: ANSI Sec. 3.5.4.1 .

5.7:  Why can't I pass a char ** to a function which expects a
      const char **?

A:    You can use a pointer-to-T (for any type T) where a pointer-to-
      const-T is expected, but the rule (an explicit exception) which
      permits slight mismatches in qualified pointer types is not
      applied recursively, but only at the top level.

      You must use explicit casts (e.g. (const char **) in this case)
      when assigning (or passing) pointers which have qualifier
      mismatches at other than the first level of indirection.

      References: ANSI Sec. 3.1.2.6 p. 26, Sec. 3.3.16.1 p. 54,
      Sec. 3.5.3 p. 65.

5.8:  My ANSI compiler complains about a mismatch when it sees

            extern int func(float);

            int func(x)
            float x;
            {...

A:    You have mixed the new-style prototype declaration
      "extern int func(float);" with the old-style definition
      "int func(x) float x;".  It is usually safe to mix the two
      styles (see question 5.9), but not in this case.  Old C (and
      ANSI C, in the absence of prototypes, and in variable-length
      argument lists) "widens" certain arguments when they are passed
      to functions.  floats are promoted to double, and characters and
      short integers are promoted to ints.  (For old-style function
      definitions, the values are automatically converted back to the
      corresponding narrower types within the body of the called
      function, if they are declared that way there.)

      This problem can be fixed either by using new-style syntax
      consistently in the definition:

            int func(float x) { ... }

      or by changing the new-style prototype declaration to match the
      old-style definition:

            extern int func(double);

      (In this case, it would be clearest to change the old-style
      definition to use double as well, as long as the address of that
      parameter is not taken.)

      It may also be safer to avoid "narrow" (char, short int, and
      float) function arguments and return types.

      References: ANSI Sec. 3.3.2.2 .

5.9:  Can you mix old-style and new-style function syntax?

A:    Doing so is perfectly legal, as long as you're careful (see
      especially question 5.8).  Note however that old-style syntax is
      marked as obsolescent, and support for it may be removed some
      day.

      References: ANSI Secs. 3.7.1, 3.9.5 .

5.10: Why does the declaration

            extern f(struct x {int s;} *p);

      give me an obscure warning message about "struct x introduced in
      prototype scope"?

A:    In a quirk of C's normal block scoping rules, a struct declared
      only within a prototype cannot be compatible with other structs
      declared in the same source file, nor can the struct tag be used
      later as you'd expect (it goes out of scope at the end of the
      prototype).

      To resolve the problem, precede the prototype with the vacuous-
      looking declaration

            struct x;

      , which will reserve a place at file scope for struct x's
      definition, which will be completed by the struct declaration
      within the prototype.

      References: ANSI Sec. 3.1.2.1 p. 21, Sec. 3.1.2.6 p. 26,
      Sec. 3.5.2.3 p. 63.

5.11: I'm getting strange syntax errors inside code which I've
      #ifdeffed out.

A:    Under ANSI C, the text inside a "turned off" #if, #ifdef, or
      #ifndef must still consist of "valid preprocessing tokens."
      This means that there must be no unterminated comments or quotes
      (note particularly that an apostrophe within a contracted word
      could look like the beginning of a character constant), and no
      newlines inside quotes.  Therefore, natural-language comments
      and pseudocode should always be written between the "official"
      comment delimiters /* and */.  (But see also question 17.14, and
      6.7.)

      References: ANSI Sec. 2.1.1.2 p. 6, Sec. 3.1 p. 19 line 37.

5.12: Can I declare main as void, to shut off these annoying "main
      returns no value" messages?  (I'm calling exit(), so main
      doesn't return.)

A:    No.  main must be declared as returning an int, and as taking
      either zero or two arguments (of the appropriate type).  If
      you're calling exit() but still getting warnings, you'll have to
      insert a redundant return statement (or use some kind of
      "notreached" directive, if available).

      Declaring a function as void does not merely silence warnings;
      it may also result in a different function call/return sequence,
      incompatible with what the caller (in main's case, the C run-
      time startup code) expects.

      References: ANSI Sec. 2.1.2.2.1 pp. 7-8.

5.13: Is exit(status) truly equivalent to returning status from main?

A:    Formally, yes, although discrepancies arise under a few older,
      nonconforming systems, or if data local to main() might be needed
      during cleanup (due perhaps to a setbuf or atexit call), or if
      main() is called recursively.

      References: ANSI Sec. 2.1.2.2.3 p. 8.

5.14: Why does the ANSI Standard not guarantee more than six monocase
      characters of external identifier significance?

A:    The problem is older linkers which are neither under the control
      of the ANSI standard nor the C compiler developers on the
      systems which have them.  The limitation is only that
      identifiers be _significant_ in the first six characters, not
      that they be restricted to six characters in length.  This
      limitation is annoying, but certainly not unbearable, and is
      marked in the Standard as "obsolescent," i.e. a future revision
      will likely relax it.

      This concession to current, restrictive linkers really had to be
      made, no matter how vehemently some people oppose it.  (The
      Rationale notes that its retention was "most painful.")  If you
      disagree, or have thought of a trick by which a compiler
      burdened with a restrictive linker could present the C
      programmer with the appearance of more significance in external
      identifiers, read the excellently-worded section 3.1.2 in the
      X3.159 Rationale (see question 5.1), which discusses several
      such schemes and explains why they could not be mandated.

      References: ANSI Sec. 3.1.2 p. 21, Sec. 3.9.1 p. 96, Rationale
      Sec. 3.1.2 pp. 19-21.

5.15: What is the difference between memcpy and memmove?

A:    memmove offers guaranteed behavior if the source and destination
      arguments overlap.  memcpy makes no such guarantee, and may
      therefore be more efficiently implementable.  When in doubt,
      it's safer to use memmove.

      References: ANSI Secs. 4.11.2.1, 4.11.2.2, Rationale
      Sec. 4.11.2 .

5.16: My compiler is rejecting the simplest possible test programs,
      with all kinds of syntax errors.

A:    Perhaps it is a pre-ANSI compiler, unable to accept function
      prototypes and the like.  See also questions 5.17 and 17.2.

5.17: Why are some ANSI/ISO Standard library routines showing up as
      undefined, even though I've got an ANSI compiler?

A:    It's not unusual to have a compiler available which accepts ANSI
      syntax, but not to have ANSI-compatible header files or run-time
      libraries installed.  See also questions 5.16 and 17.2.

5.18: Why won't the Frobozz Magic C Compiler, which claims to be ANSI
      compliant, accept this code?  I know that the code is ANSI,
      because gcc accepts it.

A:    Most compilers support a few non-Standard extensions, gcc more
      so than most.  Are you sure that the code being rejected doesn't
      rely on such an extension?  It is usually a bad idea to perform
      experiments with a particular compiler to determine properties
      of a language; the applicable standard may permit variations, or
      the compiler may be wrong.  See also question 4.4.

5.19: Why can't I perform arithmetic on a void * pointer?

A:    The compiler doesn't know the size of the pointed-to objects.
      Before performing arithmetic, cast the pointer either to char *
      or to the type you're trying to manipulate (but see question
      2.18).

5.20: Is char a[3] = "abc"; legal?  What does it mean?

A:    It is legal in ANSI C (and perhaps in a few pre-ANSI systems),
      though questionably useful.  It declares an array of size three,
      initialized with the three characters 'a', 'b', and 'c', without
      the usual terminating '\0' character; the array is therefore not
      a true C string and cannot be used with strcpy, printf %s, etc.

      References: ANSI Sec. 3.5.7 pp. 72-3.

5.21: What are #pragmas and what are they good for?

A:    The #pragma directive provides a single, well-defined "escape
      hatch" which can be used for all sorts of implementation-
      specific controls and extensions: source listing control,
      structure packing, warning suppression (like the old lint
      /* NOTREACHED */ comments), etc.

      References: ANSI Sec. 3.8.6 .

5.22: What does "#pragma once" mean?  I found it in some header files.

A:    It is an extension implemented by some preprocessors to help
      make header files idempotent; it is essentially equivalent to
      the #ifndef trick mentioned in question 6.4.

5.23: People seem to make a point of distinguishing between
      implementation-defined, unspecified, and undefined behavior.
      What's the difference?

A:    Briefly: implementation-defined means that an implementation
      must choose some behavior and document it.  Unspecified means
      that an implementation should choose some behavior, but need not
      document it.  Undefined means that absolutely anything might
      happen.  In no case does the Standard impose requirements; in
      the first two cases it occasionally suggests (and may require a
      choice from among) a small set of likely behaviors.

      If you're interested in writing portable code, you can ignore
      the distinctions, as you'll want to avoid code that depends on
      any of the three behaviors.

      References: ANSI Sec. 1.6, especially the Rationale.


Section 6. C Preprocessor

6.1:  How can I write a generic macro to swap two values?

A:    There is no good answer to this question.  If the values are
      integers, a well-known trick using exclusive-OR could perhaps be
      used, but it will not work for floating-point values or
      pointers, or if the two values are the same variable (and the
      "obvious" supercompressed implementation for integral types
      a^=b^=a^=b is in fact illegal due to multiple side-effects; see
      questions 4.1 and 4.2).  If the macro is intended to be used on
      values of arbitrary type (the usual goal), it cannot use a
      temporary, since it does not know what type of temporary it
      needs, and standard C does not provide a typeof operator.

      The best all-around solution is probably to forget about using a
      macro, unless you're willing to pass in the type as a third
      argument.

6.2:  I have some old code that tries to construct identifiers with a
      macro like

            #define Paste(a, b) a/**/b

      but it doesn't work any more.

A:    That comments disappeared entirely and could therefore be used
      for token pasting was an undocumented feature of some early
      preprocessor implementations, notably Reiser's.  ANSI affirms
      (as did K&R) that comments are replaced with white space.
      However, since the need for pasting tokens was demonstrated and
      real, ANSI introduced a well-defined token-pasting operator, ##,
      which can be used like this:

            #define Paste(a, b) a##b

      (See also question 5.4.)

      References: ANSI Sec. 3.8.3.3 p. 91, Rationale pp. 66-7.

6.3:  What's the best way to write a multi-statement cpp macro?

A:    The usual goal is to write a macro that can be invoked as if it
      were a single function-call statement.  This means that the
      "caller" will be supplying the final semicolon, so the macro
      body should not.  The macro body cannot be a simple brace-
      delineated compound statement, because syntax errors would
      result if it were invoked (apparently as a single statement, but
      with a resultant extra semicolon) as the if branch of an if/else
      statement with an explicit else clause.

      The traditional solution is to use

            #define Func() do { \
                  /* declarations */ \
                  stmt1; \
                  stmt2; \
                  /* ... */ \
                  } while(0)  /* (no trailing ; ) */

      When the "caller" appends a semicolon, this expansion becomes a
      single statement regardless of context.  (An optimizing compiler
      will remove any "dead" tests or branches on the constant
      condition 0, although lint may complain.)

      If all of the statements in the intended macro are simple
      expressions, with no declarations or loops, another technique is
      to write a single, parenthesized expression using one or more
      comma operators.  (See the example under question 6.10 below.
      This technique also allows a value to be "returned.")

      References: CT&P Sec. 6.3 pp. 82-3.

6.4:  Is it acceptable for one header file to #include another?

A:    It's a question of style, and thus receives considerable debate.
      Many people believe that "nested #include files" are to be
      avoided: the prestigious Indian Hill Style Guide (see question
      14.3) disparages them; they can make it harder to find relevant
      definitions; they can lead to multiple-declaration errors if a
      file is #included twice; and they make manual Makefile
      maintenance very difficult.  On the other hand, they make it
      possible to use header files in a modular way (a header file
      #includes what it needs itself, rather than requiring each
      #includer to do so, a requirement that can lead to intractable
      headaches); a tool like grep (or a tags file) makes it easy to
      find definitions no matter where they are; a popular trick:

            #ifndef HEADERUSED
            #define HEADERUSED
            ...header file contents...
            #endif

      makes a header file "idempotent" so that it can safely be
      #included multiple times; and automated Makefile maintenance
      tools (which are a virtual necessity in large projects anyway)
      handle dependency generation in the face of nested #include
      files easily.  See also section 14.

6.5:  Does the sizeof operator work in preprocessor #if directives?

A:    No.  Preprocessing happens during an earlier pass of
      compilation, before type names have been parsed.  Consider using
      the predefined constants in ANSI's <limits.h>, if applicable, or
      a "configure" script, instead.  (Better yet, try to write code
      which is inherently insensitive to type sizes.)

      References: ANSI Sec. 2.1.1.2 pp. 6-7, Sec. 3.8.1 p. 87
      footnote 83.

6.6:  How can I use a preprocessor #if expression to tell if a machine
      is big-endian or little-endian?

A:    You probably can't.  (Preprocessor arithmetic uses only long
      ints, and there is no concept of addressing.)  Are you sure you
      need to know the machine's endianness explicitly?  Usually it's
      better to write code which doesn't care.

6.7:  I've got this tricky processing I want to do at compile time and
      I can't figure out a way to get cpp to do it.

A:    cpp is not intended as a general-purpose preprocessor.  Rather
      than forcing it to do something inappropriate, consider writing
      your own little special-purpose preprocessing tool, instead.
      You can easily get a utility like make(1) to run it for you
      automatically.

      If you are trying to preprocess something other than C, consider
      using a general-purpose preprocessor (such as m4).

6.8:  I inherited some code which contains far too many #ifdef's for
      my taste.  How can I preprocess the code to leave only one
      conditional compilation set, without running it through cpp and
      expanding all of the #include's and #define's as well?

A:    There are programs floating around called unifdef, rmifdef, and
      scpp which do exactly this.  (See question 17.12.)

6.9:  How can I list all of the pre#defined identifiers?

A:    There's no standard way, although it is a frequent need.  If the
      compiler documentation is unhelpful, the most expedient way is
      probably to extract printable strings from the compiler or
      preprocessor executable with something like the Unix strings(1)
      utility.  Beware that many traditional system-selective
      pre#defined identifiers (e.g. "unix") are non-Standard (because
      they clash with the user's namespace) and are being removed or
      renamed.

6.10: How can I write a cpp macro which takes a variable number of
      arguments?

A:    One popular trick is to define the macro with a single argument,
      and call it with a double set of parentheses, which appear to
      the preprocessor to indicate a single argument:

            #define DEBUG(args) (printf("DEBUG: "), printf args)

            if(n != 0) DEBUG(("n is %d\n", n));

      The obvious disadvantage is that the caller must always remember
      to use the extra parentheses.  Other solutions are to use
      different macros (DEBUG1, DEBUG2, etc.) depending on the number
      of arguments, or to play games with commas:

            #define DEBUG(args) (printf("DEBUG: "), printf(args))
            #define _ ,
            DEBUG("i = %d" _ i)

      It is often better to use a bona-fide function, which can take a
      variable number of arguments in a well-defined way.  See
      questions 7.1 and 7.2.


Section 7. Variable-Length Argument Lists

7.1:  How can I write a function that takes a variable number of
      arguments?

A:    Use the <stdarg.h> header (or, if you must, the older
      <varargs.h>).

      Here is a function which concatenates an arbitrary number of
      strings into malloc'ed memory:

            #include <stdlib.h>           /* for malloc, NULL, size_t */
            #include <stdarg.h>           /* for va_ stuff */
            #include <string.h>           /* for strcat et al */

            char *vstrcat(char *first, ...)
            {
                  size_t len = 0;
                  char *retbuf;
                  va_list argp;
                  char *p;

                  if(first == NULL)
                        return NULL;

                  len = strlen(first);

                  va_start(argp, first);

                  while((p = va_arg(argp, char *)) != NULL)
                        len += strlen(p);

                  va_end(argp);

                  retbuf = malloc(len + 1);     /* +1 for trailing \0 */

                  if(retbuf == NULL)
                        return NULL;            /* error */

                  (void)strcpy(retbuf, first);

                  va_start(argp, first);

                  while((p = va_arg(argp, char *)) != NULL)
                        (void)strcat(retbuf, p);

                  va_end(argp);

                  return retbuf;
            }

      Usage is something like

            char *str = vstrcat("Hello, ", "world!", (char *)NULL);

      Note the cast on the last argument.  (Also note that the caller
      must free the returned, malloc'ed storage.)

      Under a pre-ANSI compiler, rewrite the function definition
      without a prototype ("char *vstrcat(first) char *first; {"),
      include <stdio.h> rather than <stdlib.h>, add "extern
      char *malloc();", and use int instead of size_t.  You may also
      have to delete the (void) casts, and use the older varargs
      package instead of stdarg.  See the next question for hints.

      Remember that in variable-length argument lists, function
      prototypes do not supply parameter type information; therefore,
      default argument promotions apply (see question 5.8), and null
      pointer arguments must be typed explicitly (see question 1.2).

      References: K&R II Sec. 7.3 p. 155, Sec. B7 p. 254; H&S
      Sec. 13.4 pp. 286-9; ANSI Secs. 4.8 through 4.8.1.3 .

7.2:  How can I write a function that takes a format string and a
      variable number of arguments, like printf, and passes them to
      printf to do most of the work?

A:    Use vprintf, vfprintf, or vsprintf.

      Here is an "error" routine which prints an error message,
      preceded by the string "error: " and terminated with a newline:

            #include <stdio.h>
            #include <stdarg.h>

            void
            error(char *fmt, ...)
            {
                  va_list argp;
                  fprintf(stderr, "error: ");
                  va_start(argp, fmt);
                  vfprintf(stderr, fmt, argp);
                  va_end(argp);
                  fprintf(stderr, "\n");
            }

      To use the older <varargs.h> package, instead of <stdarg.h>,
      change the function header to:

            void error(va_alist)
            va_dcl
            {
                  char *fmt;

      change the va_start line to

            va_start(argp);

      and add the line

            fmt = va_arg(argp, char *);

      between the calls to va_start and vfprintf.  (Note that there is
      no semicolon after va_dcl.)

      References: K&R II Sec. 8.3 p. 174, Sec. B1.2 p. 245; H&S
      Sec. 17.12 p. 337; ANSI Secs. 4.9.6.7, 4.9.6.8, 4.9.6.9 .

7.3:  How can I discover how many arguments a function was actually
      called with?

A:    This information is not available to a portable program.  Some
      old systems provided a nonstandard nargs() function, but its use
      was always questionable, since it typically returned the number
      of words passed, not the number of arguments.  (Structures and
      floating point values are usually passed as several words.)

      Any function which takes a variable number of arguments must be
      able to determine from the arguments themselves how many of them
      there are.  printf-like functions do this by looking for
      formatting specifiers (%d and the like) in the format string
      (which is why these functions fail badly if the format string
      does not match the argument list).  Another common technique
      (useful when the arguments are all of the same type) is to use a
      sentinel value (often 0, -1, or an appropriately-cast null
      pointer) at the end of the list (see the execl and vstrcat
      examples under questions 1.2 and 7.1 above).

7.4:  I can't get the va_arg macro to pull in an argument of type
      pointer-to-function.

A:    The type-rewriting games which the va_arg macro typically plays
      are stymied by overly-complicated types such as pointer-to-
      function.  If you use a typedef for the function pointer type,
      however, all will be well.

      References: ANSI Sec. 4.8.1.2 p. 124.

7.5:  How can I write a function which takes a variable number of
      arguments and passes them to some other function (which takes a
      variable number of arguments)?

A:    In general, you cannot.  You must provide a version of that
      other function which accepts a va_list pointer, as does vfprintf
      in the example above.  If the arguments must be passed directly
      as actual arguments (not indirectly through a va_list pointer)
      to another function which is itself variadic (for which you do
      not have the option of creating an alternate, va_list-accepting
      version) no portable solution is possible.  (The problem can be
      solved by resorting to machine-specific assembly language.)

7.6:  How can I call a function with an argument list built up at run
      time?

A:    There is no guaranteed or portable way to do this.  If you're
      curious, ask this list's editor, who has a few wacky ideas you
      could try...  (See also question 16.11.)


Section 8. Boolean Expressions and Variables

8.1:  What is the right type to use for boolean values in C?  Why
      isn't it a standard type?  Should #defines or enums be used for
      the true and false values?

A:    C does not provide a standard boolean type, because picking one
      involves a space/time tradeoff which is best decided by the
      programmer.  (Using an int for a boolean may be faster, while
      using char may save data space.)

      The choice between #defines and enums is arbitrary and not
      terribly interesting (see also question 9.1).  Use any of

            #define TRUE  1               #define YES 1
            #define FALSE 0               #define NO  0

            enum bool {false, true};      enum bool {no, yes};

      or use raw 1 and 0, as long as you are consistent within one
      program or project.  (An enum may be preferable if your debugger
      expands enum values when examining variables.)

      Some people prefer variants like

            #define TRUE (1==1)
            #define FALSE (!TRUE)

      or define "helper" macros such as

            #define Istrue(e) ((e) != 0)

      These don't buy anything (see question 8.2 below; see also
      question 1.6).

8.2:  Isn't #defining TRUE to be 1 dangerous, since any nonzero value
      is considered "true" in C?  What if a built-in boolean or
      relational operator "returns" something other than 1?

A:    It is true (sic) that any nonzero value is considered true in C,
      but this applies only "on input", i.e. where a boolean value is
      expected.  When a boolean value is generated by a built-in
      operator, it is guaranteed to be 1 or 0.  Therefore, the test

            if((a == b) == TRUE)

      will work as expected (as long as TRUE is 1), but it is
      obviously silly.  In general, explicit tests against TRUE and
      FALSE are undesirable, because some library functions (notably
      isupper, isalpha, etc.) return, on success, a nonzero value
      which is _not_ necessarily 1.  (Besides, if you believe that
      "if((a == b) == TRUE)" is an improvement over "if(a == b)", why
      stop there?  Why not use "if(((a == b) == TRUE) == TRUE)"?)  A
      good rule of thumb is to use TRUE and FALSE (or the like) only
      for assignment to a Boolean variable or function parameter, or
      as the return value from a Boolean function, but never in a
      comparison.

      The preprocessor macros TRUE and FALSE are used for code
      readability, not because the underlying values might ever
      change.  (See also questions 1.7 and 1.9.)

      References: K&R I Sec. 2.7 p. 41; K&R II Sec. 2.6 p. 42,
      Sec. A7.4.7 p. 204, Sec. A7.9 p. 206; ANSI Secs. 3.3.3.3, 3.3.8,
      3.3.9, 3.3.13, 3.3.14, 3.3.15, 3.6.4.1, 3.6.5; Achilles and the
      Tortoise.


Section 9. Structs, Enums, and Unions

9.1:  What is the difference between an enum and a series of
      preprocessor #defines?

A:    At the present time, there is little difference.  Although many
      people might have wished otherwise, the ANSI standard says that
      enumerations may be freely intermixed with integral types,
      without errors.  (If such intermixing were disallowed without
      explicit casts, judicious use of enums could catch certain
      programming errors.)

      Some advantages of enums are that the numeric values are
      automatically assigned, that a debugger may be able to display
      the symbolic values when enum variables are examined, and that
      they obey block scope.  (A compiler may also generate nonfatal
      warnings when enums and ints are indiscriminately mixed, since
      doing so can still be considered bad style even though it is not
      strictly illegal).  A disadvantage is that the programmer has
      little control over the size (or over those nonfatal warnings).

      References: K&R II Sec. 2.3 p. 39, Sec. A4.2 p. 196; H&S
      Sec. 5.5 p. 100; ANSI Secs. 3.1.2.5, 3.5.2, 3.5.2.2 .

9.2:  I heard that structures could be assigned to variables and
      passed to and from functions, but K&R I says not.

A:    What K&R I said was that the restrictions on struct operations
      would be lifted in a forthcoming version of the compiler, and in
      fact struct assignment and passing were fully functional in
      Ritchie's compiler even as K&R I was being published.  Although
      a few early C compilers lacked struct assignment, all modern
      compilers support it, and it is part of the ANSI C standard, so
      there should be no reluctance to use it.

      References: K&R I Sec. 6.2 p. 121; K&R II Sec. 6.2 p. 129; H&S
      Sec. 5.6.2 p. 103; ANSI Secs. 3.1.2.5, 3.2.2.1, 3.3.16 .

9.3:  How does struct passing and returning work?

A:    When structures are passed as arguments to functions, the entire
      struct is typically pushed on the stack, using as many words as
      are required.  (Programmers often choose to use pointers to
      structures instead, precisely to avoid this overhead.)

      Structures are often returned from functions in a location
      pointed to by an extra, compiler-supplied "hidden" argument to
      the function.  Some older compilers used a special, static
      location for structure returns, although this made struct-valued
      functions nonreentrant, which ANSI C disallows.

      References: ANSI Sec. 2.2.3 p. 13.

9.4:  The following program works correctly, but it dumps core after
      it finishes.  Why?

            struct list
                  {
                  char *item;
                  struct list *next;
                  }

            /* Here is the main program. */

            main(argc, argv)
            ...

A:    A missing semicolon causes the compiler to believe that main
      returns a structure.  (The connection is hard to see because of
      the intervening comment.)  Since struct-valued functions are
      usually implemented by adding a hidden return pointer, the
      generated code for main() tries to accept three arguments,
      although only two are passed (in this case, by the C start-up
      code).  See also question 17.21.

      References: CT&P Sec. 2.3 pp. 21-2.

9.5:  Why can't you compare structs?

A:    There is no reasonable way for a compiler to implement struct
      comparison which is consistent with C's low-level flavor.  A
      byte-by-byte comparison could be invalidated by random bits
      present in unused "holes" in the structure (such padding is used
      to keep the alignment of later fields correct; see questions
      9.10 and 9.11).  A field-by-field comparison would require
      unacceptable amounts of repetitive, in-line code for large
      structures.

      If you want to compare two structures, you must write your own
      function to do so.  C++ would let you arrange for the ==
      operator to map to your function.

      References: K&R II Sec. 6.2 p. 129; H&S Sec. 5.6.2 p. 103; ANSI
      Rationale Sec. 3.3.9 p. 47.

9.6:  How can I read/write structs from/to data files?

A:    It is relatively straightforward to write a struct out using
      fwrite:

            fwrite((char *)&somestruct, sizeof(somestruct), 1, fp);

      and a corresponding fread invocation can read it back in.
      However, data files so written will _not_ be very portable (see
      questions 9.11 and 17.3).  Note also that on many systems you
      must use the "b" flag when fopening the files.

9.7:  I came across some code that declared a structure like this:

            struct name
                  {
                  int namelen;
                  char name[1];
                  };

      and then did some tricky allocation to make the name array act
      like it had several elements.  Is this legal and/or portable?

A:    This technique is popular, although Dennis Ritchie has called it
      "unwarranted chumminess with the C implementation."  An ANSI
      Interpretation Ruling has deemed it (more precisely, access
      beyond the declared size of the name field) to be not strictly
      conforming, although a thorough treatment of the arguments
      surrounding the legality of the technique is beyond the scope of
      this list.  It seems, however, to be portable to all known
      implementations.  (Compilers which check array bounds carefully
      might issue warnings.)

      To be on the safe side, it may be preferable to declare the
      variable-size element very large, rather than very small; in the
      case of the above example:

            ...
            char name[MAXSIZE];
            ...

      where MAXSIZE is larger than any name which will be stored.
      (The trick so modified is said to be in conformance with the
      Standard.)

      References: ANSI Rationale Sec. 3.5.4.2 pp. 54-5.

9.8:  How can I determine the byte offset of a field within a
      structure?

A:    ANSI C defines the offsetof macro, which should be used if
      available; see <stddef.h>.  If you don't have it, a suggested
      implementation is

            #define offsetof(type, mem) ((size_t) \
                  ((char *)&((type *) 0)->mem - (char *)((type *) 0)))

      This implementation is not 100% portable; some compilers may
      legitimately refuse to accept it.

      See the next question for a usage hint.

      References: ANSI Sec. 4.1.5, Rationale Sec. 3.5.4.2 p. 55.

9.9:  How can I access structure fields by name at run time?

A:    Build a table of names and offsets, using the offsetof() macro.
      The offset of field b in struct a is

            offsetb = offsetof(struct a, b)

      If structp is a pointer to an instance of this structure, and b
      is an int field with offset as computed above, b's value can be
      set indirectly with

            *(int *)((char *)structp + offsetb) = value;

9.10: Why does sizeof report a larger size than I expect for a
      structure type, as if there was padding at the end?

A:    Structures may have this padding (as well as internal padding;
      see also question 9.5), so that alignment properties will be
      preserved when an array of contiguous structures is allocated.

9.11: My compiler is leaving holes in structures, which is wasting
      space and preventing "binary" I/O to external data files.  Can I
      turn off the padding, or otherwise control the alignment of
      structs?

A:    Your compiler may provide an extension to give you this control
      (perhaps a #pragma), but there is no standard method.  See also
      question 17.3.

9.12: Can I initialize unions?

A:    ANSI Standard C allows an initializer for the first member of a
      union.  There is no standard way of initializing the other
      members (nor, under a pre-ANSI compiler, is there generally any
      way of initializing any of them).

9.13: How can I pass constant values to routines which accept struct
      arguments?

A:    C has no way of generating anonymous struct values.  You will
      have to use a temporary struct variable.


Section 10. Declarations

10.1: How do you decide which integer type to use?

A:    If you might need large values (above 32767 or below -32767),
      use long.  Otherwise, if space is very important (there are
      large arrays or many structures), use short.  Otherwise, use
      int.  If well-defined overflow characteristics are important
      and/or negative values are not, use the corresponding unsigned
      types.  (But beware of mixing signed and unsigned in
      expressions.)  Similar arguments apply when deciding between
      float and double.

      Although char or unsigned char can be used as a "tiny" int type,
      doing so is often more trouble than it's worth, due to
      unpredictable sign extension and increased code size.

      These rules obviously don't apply if the address of a variable
      is taken and must have a particular type.

      If for some reason you need to declare something with an _exact_
      size (usually the only good reason for doing so is when
      attempting to conform to some externally-imposed storage layout,
      but see question 17.3), be sure to encapsulate the choice behind
      an appropriate typedef.

10.2: What should the 64-bit type on new, 64-bit machines be?

A:    Some vendors of C products for 64-bit machines support 64-bit
      long ints.  Others fear that too much existing code depends on
      sizeof(int) == sizeof(long) == 32 bits, and introduce a new 64-
      bit long long (or __longlong) type instead.

      Programmers interested in writing portable code should therefore
      insulate their 64-bit type needs behind appropriate typedefs.
      Vendors who feel compelled to introduce a new, longer integral
      type should advertise it as being "at least 64 bits" (which is
      truly new; a type traditional C doesn't have), and not "exactly
      64 bits."

10.3: I can't seem to define a linked list successfully.  I tried

            typedef struct
                  {
                  char *item;
                  NODEPTR next;
                  } *NODEPTR;

      but the compiler gave me error messages.  Can't a struct in C
      contain a pointer to itself?

A:    Structs in C can certainly contain pointers to themselves; the
      discussion and example in section 6.5 of K&R make this clear.
      The problem with this example is that the NODEPTR typedef is not
      complete at the point where the "next" field is declared.  To
      fix it, first give the structure a tag ("struct node").  Then,
      declare the "next" field as "struct node *next;", and/or move
      the typedef declaration wholly before or wholly after the struct
      declaration.  One corrected version would be

            struct node
                  {
                  char *item;
                  struct node *next;
                  };

            typedef struct node *NODEPTR;

      , and there are at least three other equivalently correct ways
      of arranging it.

      A similar problem, with a similar solution, can arise when
      attempting to declare a pair of typedef'ed mutually referential
      structures.

      References: K&R I Sec. 6.5 p. 101; K&R II Sec. 6.5 p. 139; H&S
      Sec. 5.6.1 p. 102; ANSI Sec. 3.5.2.3 .

10.4: How do I declare an array of N pointers to functions returning
      pointers to functions returning pointers to characters?

A:    This question can be answered in at least three ways:

      1.  char *(*(*a[N])())();

      2.  Build the declaration up in stages, using typedefs:

            typedef char *pc; /* pointer to char */
            typedef pc fpc(); /* function returning pointer to char */
            typedef fpc *pfpc;      /* pointer to above */
            typedef pfpc fpfpc();   /* function returning... */
            typedef fpfpc *pfpfpc;  /* pointer to... */
            pfpfpc a[N];            /* array of... */

      3.  Use the cdecl program, which turns English into C and vice
          versa:

            cdecl> declare a as array of pointer to function returning
                   pointer to function returning pointer to char
            char *(*(*a[])())()

          cdecl can also explain complicated declarations, help with
          casts, and indicate which set of parentheses the arguments
          go in (for complicated function definitions, like the
          above).  Versions of cdecl are in volume 14 of
          comp.sources.unix (see question 17.12) and K&R II.

      Any good book on C should explain how to read these complicated
      C declarations "inside out" to understand them ("declaration
      mimics use").

      References: K&R II Sec. 5.12 p. 122; H&S Sec. 5.10.1 p. 116.

10.5: I'm building a state machine with a bunch of functions, one for
      each state.  I want to implement state transitions by having
      each function return a pointer to the next state function.  I
      find a limitation in C's declaration mechanism: there's no way
      to declare these functions as returning a pointer to a function
      returning a pointer to a function returning a pointer to a
      function...

A:    You can't do it directly.  Either have the function return a
      generic function pointer type, and apply a cast before calling
      through it; or have it return a structure containing only a
      pointer to a function returning that structure.

10.6: My compiler is complaining about an invalid redeclaration of a
      function, but I only define it once and call it once.

A:    Functions which are called without a declaration in scope (or
      before they are declared) are assumed to be declared as
      returning int, leading to discrepancies if the function is later
      declared otherwise.  Non-int functions must be declared before
      they are called.

      References: K&R I Sec. 4.2 pp. 70; K&R II Sec. 4.2 p. 72; ANSI
      Sec. 3.3.2.2 .

10.7: What's the best way to declare and define global variables?

A:    First, though there can be many _declarations_ (and in many
      translation units) of a single "global" (strictly speaking,
      "external") variable (or function), there must be exactly one
      _definition_.  (The definition is the declaration that actually
      allocates space, and provides an initialization value, if any.)
      It is best to place the definition in some central (to the
      program, or to the module) .c file, with an external declaration
      in a header (".h") file, which is #included wherever the
      declaration is needed.  The .c file containing the definition
      should also #include the header file containing the external
      declaration, so that the compiler can check that the
      declarations match.

      This rule promotes a high degree of portability, and is
      consistent with the requirements of the ANSI C Standard.  Note
      that Unix compilers and linkers typically use a "common model"
      which allows multiple (uninitialized) definitions.  A few very
      odd systems may require an explicit initializer to distinguish a
      definition from an external declaration.

      It is possible to use preprocessor tricks to arrange that the
      declaration need only be typed once, in the header file, and
      "turned into" a definition, during exactly one #inclusion, via a
      special #define.

      References: K&R I Sec. 4.5 pp. 76-7; K&R II Sec. 4.4 pp. 80-1;
      ANSI Sec. 3.1.2.2 (esp. Rationale), Secs. 3.7, 3.7.2,
      Sec. F.5.11; H&S Sec. 4.8 pp. 79-80; CT&P Sec. 4.2 pp. 54-56.

10.8: What does extern mean in a function declaration?

A:    It can be used as a stylistic hint to indicate that the
      function's definition is probably in another source file, but
      there is no formal difference between

            extern int f();
      and
            int f();

      References: ANSI Sec. 3.1.2.2 .

10.9: I finally figured out the syntax for declaring pointers to
      functions, but now how do I initialize one?

A:    Use something like

            extern int func();
            int (*fp)() = func;

      When the name of a function appears in an expression but is not
      being called (i.e. is not followed by a "("), it "decays" into a
      pointer (i.e. it has its address implicitly taken), much as an
      array name does.

      An explicit extern declaration for the function is normally
      needed, since implicit external function declaration does not
      happen in this case (again, because the function name is not
      followed by a "(").

10.10:      I've seen different methods used for calling through pointers to
      functions.  What's the story?

A:    Originally, a pointer to a function had to be "turned into" a
      "real" function, with the * operator (and an extra pair of
      parentheses, to keep the precedence straight), before calling:

            int r, func(), (*fp)() = func;
            r = (*fp)();

      It can also be argued that functions are always called through
      pointers, but that "real" functions decay implicitly into
      pointers (in expressions, as they do in initializations) and so
      cause no trouble.  This reasoning, made widespread through pcc
      and adopted in the ANSI standard, means that

            r = fp();

      is legal and works correctly, whether fp is a function or a
      pointer to one.  (The usage has always been unambiguous; there
      is nothing you ever could have done with a function pointer
      followed by an argument list except call through it.)  An
      explicit * is harmless, and still allowed (and recommended, if
      portability to older compilers is important).

      References: ANSI Sec. 3.3.2.2 p. 41, Rationale p. 41.

10.11:      What's the auto keyword good for?

A:    Nothing; it's obsolete.


Section 11. Stdio

11.1: What's wrong with this code:

            char c;
            while((c = getchar()) != EOF)...

A:    For one thing, the variable to hold getchar's return value must
      be an int.  getchar can return all possible character values, as
      well as EOF.  By passing getchar's return value through a char,
      either a normal character might be misinterpreted as EOF, or the
      EOF might be altered (particularly if type char is unsigned) and
      so never seen.

      References: CT&P Sec. 5.1 p. 70.

11.2: How can I print a '%' character in a printf format string?  I
      tried \%, but it didn't work.

A:    Simply double the percent sign: %% .

      References: K&R I Sec. 7.3 p. 147; K&R II Sec. 7.2 p. 154; ANSI
      Sec. 4.9.6.1 .

11.3: Why doesn't the code scanf("%d", i); work?

A:    scanf needs pointers to the variables it is to fill in; you must
      call scanf("%d", &i);

11.4: Why doesn't this code:

            double d;
            scanf("%f", &d);

      work?

A:    scanf uses %lf for values of type double, and %f for float.
      (Note the discrepancy with printf, which uses %f for both double
      and float, due to C's default argument promotion rules.)

11.5: Why won't the code

            while(!feof(infp)) {
                  fgets(buf, MAXLINE, infp);
                  fputs(buf, outfp);
            }

      work?

A:    C's I/O is not like Pascal's.  EOF is only indicated _after_ an
      input routine has tried to read, and has reached end-of-file.
      Usually, you should just check the return value of the input
      routine (fgets in this case); often, you don't need to use
      feof() at all.

11.6: Why does everyone say not to use gets()?

A:    It cannot be told the size of the buffer it's to read into, so
      it cannot be prevented from overflowing that buffer.  See
      question 3.1 for a code fragment illustrating the replacement of
      gets() with fgets().

11.7: Why does errno contain ENOTTY after a call to printf?

A:    Many implementations of the stdio package adjust their behavior
      slightly if stdout is a terminal.  To make the determination,
      these implementations perform an operation which fails (with
      ENOTTY) if stdout is not a terminal.  Although the output
      operation goes on to complete successfully, errno still contains
      ENOTTY.

      References: CT&P Sec. 5.4 p. 73.

11.8: My program's prompts and intermediate output don't always show
      up on the screen, especially when I pipe the output through
      another program.

A:    It is best to use an explicit fflush(stdout) whenever output
      should definitely be visible.  Several mechanisms attempt to
      perform the fflush for you, at the "right time," but they tend
      to apply only when stdout is a terminal.  (See question 11.7.)

11.9: When I read from the keyboard with scanf, it seems to hang until
      I type one extra line of input.

A:    scanf was designed for free-format input, which is seldom what
      you want when reading from the keyboard.  In particular, "\n" in
      a format string does _not_ mean to expect a newline, but rather
      to read and discard characters as long as each is a whitespace
      character.

      A related problem is that unexpected non-numeric input can cause
      scanf to "jam."  Because of these problems, it is usually better
      to use fgets to read a whole line, and then use sscanf or other
      string functions to pick apart the line buffer.  If you do use
      sscanf, don't forget to check the return value to make sure that
      the expected number of items were found.

11.10:      I'm trying to update a file in place, by using fopen mode "r+",
      then reading a certain string, and finally writing back a
      modified string, but it's not working.

A:    Be sure to call fseek before you write, both to seek back to the
      beginning of the string you're trying to overwrite, and because
      an fseek or fflush is always required between reading and
      writing in the read/write "+" modes.  Also, remember that you
      can only overwrite characters with the same number of
      replacement characters; see also question 17.4.

      References: ANSI Sec. 4.9.5.3 p. 131.

11.11:      How can I read one character at a time, without waiting for the
      RETURN key?

A:    See question 16.1.

11.12:      How can I flush pending input so that a user's typeahead isn't
      read at the next prompt?  Will fflush(stdin) work?

A:    fflush is defined only for output streams.  Since its definition
      of "flush" is to complete the writing of buffered characters
      (not to discard them), discarding unread input would not be an
      analogous meaning for fflush on input streams.  There is no
      standard way to discard unread characters from a stdio input
      buffer, nor would such a way be sufficient; unread characters
      can also accumulate in other, OS-level input buffers.

11.13:      How can I redirect stdin or stdout to a file from within a
      program?

A:    Use freopen.

11.14:      Once I've used freopen, how can I get the original stdout (or
      stdin) back?

A:    If you need to switch back and forth, the best all-around
      solution is not to use freopen in the first place.  Try using
      your own explicit output (or input) stream variable, which you
      can reassign at will, while leaving the original stdout (or
      stdin) undisturbed.

11.15:      How can I recover the file name given an open file descriptor?

A:    This problem is, in general, insoluble.  Under Unix, for
      instance, a scan of the entire disk, (perhaps requiring special
      permissions) would theoretically be required, and would fail if
      the file descriptor was a pipe or referred to a deleted file
      (and could give a misleading answer for a file with multiple
      links).  It is best to remember the names of files yourself when
      you open them (perhaps with a wrapper function around fopen).


Section 12. Library Subroutines

12.1: Why does strncpy not always place a '\0' termination in the
      destination string?

A:    strncpy was first designed to handle a now-obsolete data
      structure, the fixed-length, not-necessarily-\0-terminated
      "string."  strncpy is admittedly a bit cumbersome to use in
      other contexts, since you must often append a '\0' to the
      destination string by hand.

12.2: I'm trying to sort an array of strings with qsort, using strcmp
      as the comparison function, but it's not working.

A:    By "array of strings" you probably mean "array of pointers to
      char."  The arguments to qsort's comparison function are
      pointers to the objects being sorted, in this case, pointers to
      pointers to char.  (strcmp, of course, accepts simple pointers
      to char.)

      The comparison routine's arguments are expressed as "generic
      pointers," const void * or char *.  They must be converted back
      to what they "really are" (char **) and dereferenced, yielding
      char *'s which can be usefully compared.  Write a comparison
      function like this:

            int pstrcmp(p1, p2)     /* compare strings through pointers */
            char *p1, *p2;          /* const void * for ANSI C */
            {
                  return strcmp(*(char **)p1, *(char **)p2);
            }

      Beware of the discussion in K&R II Sec. 5.11 pp. 119-20, which
      is not discussing Standard library qsort.

12.3: Now I'm trying to sort an array of structures with qsort.  My
      comparison routine takes pointers to structures, but the
      compiler complains that the function is of the wrong type for
      qsort.  How can I cast the function pointer to shut off the
      warning?

A:    The conversions must be in the comparison function, which must
      be declared as accepting "generic pointers" (const void * or
      char *) as discussed in question 12.2 above.  The code might
      look like

            int mystructcmp(p1, p2)
            char *p1, *p2;          /* const void * for ANSI C */
            {
                  struct mystruct *sp1 = (struct mystruct *)p1;
                  struct mystruct *sp2 = (struct mystruct *)p2;
                  /* now compare sp1->whatever and sp2-> ... */
            }

      (If, on the other hand, you're sorting pointers to structures,
      you'll need indirection, as in question 12.2:
      sp1 = *(struct mystruct **)p1 .)

12.4: How can I convert numbers to strings (the opposite of atoi)?  Is
      there an itoa function?

A:    Just use sprintf.  (You'll have to allocate space for the result
      somewhere anyway; see questions 3.1 and 3.2.  Don't worry that
      sprintf may be overkill, potentially wasting run time or code
      space; it works well in practice.)

      References: K&R I Sec. 3.6 p. 60; K&R II Sec. 3.6 p. 64.

12.5: How can I get the current date or time of day in a C program?

A:    Just use the time, ctime, and/or localtime functions.  (These
      routines have been around for years, and are in the ANSI
      standard.)  Here is a simple example:

            #include <stdio.h>
            #include <time.h>

            main()
            {
                  time_t now = time((time_t *)NULL);
                  printf("It's %.24s.\n", ctime(&now));
                  return 0;
            }

      References: ANSI Sec. 4.12 .

12.6: I know that the library routine localtime will convert a time_t
      into a broken-down struct tm, and that ctime will convert a
      time_t to a printable string.  How can I perform the inverse
      operations of converting a struct tm or a string into a time_t?

A:    ANSI C specifies a library routine, mktime, which converts a
      struct tm to a time_t.  Several public-domain versions of this
      routine are available in case your compiler does not support it
      yet.

      Converting a string to a time_t is harder, because of the wide
      variety of date and time formats which should be parsed.  Some
      systems provide a strptime function; another popular routine is
      partime (widely distributed with the RCS package), but these are
      less likely to become standardized.

      References: K&R II Sec. B10 p. 256; H&S Sec. 20.4 p. 361; ANSI
      Sec. 4.12.2.3 .

12.7: How can I add n days to a date?  How can I find the difference
      between two dates?

A:    The ANSI/ISO Standard C mktime and difftime functions provide
      some support for both problems.  mktime() accepts non-normalized
      dates, so it is straightforward to take a filled-in struct tm,
      add or subtract from the tm_mday field, and call mktime() to
      normalize the year, month, and day fields (and convert to a
      time_t value).  difftime() computes the difference, in seconds,
      between two time_t values; mktime() can be used to compute
      time_t values for two dates to be subtracted.  (Note, however,
      that these solutions only work for dates in the range which can
      be represented as time_t's, and that not all days are 86400
      seconds long.)  See also questions 12.6 and 17.28.

      References: K&R II Sec. B10 p. 256; H&S Secs. 20.4, 20.5
      pp. 361-362; ANSI Secs. 4.12.2.2, 4.12.2.3 .

12.8: I need a random number generator.

A:    The standard C library has one: rand().  The implementation on
      your system may not be perfect, but writing a better one isn't
      necessarily easy, either.

      References: ANSI Sec. 4.10.2.1 p. 154; Knuth Vol. 2 Chap. 3
      pp. 1-177.

12.9: How can I get random integers in a certain range?

A:    The obvious way,

            rand() % N

      (where N is of course the range) is poor, because the low-order
      bits of many random number generators are distressingly non-
      random.  (See question 12.11.)  A better method is something
      like

            (int)((double)rand() / ((double)RAND_MAX + 1) * N)

      If you're worried about using floating point, you could try

            rand() / (RAND_MAX / N + 1)

      Both methods obviously require knowing RAND_MAX (which ANSI
      defines in <stdlib.h>), and assume that N is much less than
      RAND_MAX.

12.10:      Each time I run my program, I get the same sequence of numbers
      back from rand().

A:    You can call srand() to seed the pseudo-random number generator
      with a more random initial value.  Popular seed values are the
      time of day, or the elapsed time before the user presses a key
      (although keypress times are hard to determine portably; see
      question 16.10).

      References: ANSI Sec. 4.10.2.2 p. 154.

12.11:      I need a random true/false value, so I'm taking rand() % 2, but
      it's just alternating 0, 1, 0, 1, 0...

A:    Poor pseudorandom number generators (such as the ones
      unfortunately supplied with some systems) are not very random in
      the low-order bits.  Try using the higher-order bits.  See
      question 12.9.

12.12:      I'm trying to port this       A:  Those routines are variously
      old program.  Why do I            obsolete; you should
      get "undefined external"          instead:
      errors for:

      index?                            use strchr.
      rindex?                           use strrchr.
      bcopy?                            use memmove, after
                                  interchanging the first and
                                  second arguments (see also
                                  question 5.15).
      bcmp?                       use memcmp.
      bzero?                            use memset, with a second
                                  argument of 0.

12.13:      I keep getting errors due to library routines being undefined,
      but I'm #including all the right header files.

A:    In some cases (especially if the routines are nonstandard) you
      may have to explicitly ask for the correct libraries to be
      searched when you link the program.  See also question 15.2.

12.14:      I'm still getting errors due to library routines being
      undefined, even though I'm using -l to request the libraries
      while linking.

A:    Many linkers make one pass over the list of object files and
      libraries you specify, and extract from libraries only those
      modules which satisfy references which have so far come up as
      undefined.  Therefore, the order in which libraries are listed
      with respect to object files (and each other) is significant;
      usually, you want to search the libraries last.  (For example,
      under Unix, put any -l switches towards the end of the command
      line.)

12.15:      I need some code to do regular expression matching.

A:    Look for the regexp library (supplied with many Unix systems),
      or get Henry Spencer's regexp package from ftp.cs.toronto.edu in
      pub/regexp.shar.Z (see also question 17.12).

12.16:      How can I split up a command line into whitespace-separated
      arguments, like main's argc and argv?

A:    Most systems have a routine called strtok, although it can be
      tricky to use and it may not do everything you want it to (e.g.,
      quoting).

      References: ANSI Sec. 4.11.5.8; K&R II Sec. B3 p. 250; H&S
      Sec. 15.7; PCS p. 178.


Section 13. Lint

13.1: I just typed in this program, and it's acting strangely.  Can
      you see anything wrong with it?

A:    Try running lint first (perhaps with the -a, -c, -h, -p and/or
      other options).  Many C compilers are really only half-
      compilers, electing not to diagnose numerous source code
      difficulties which would not actively preclude code generation.

13.2: How can I shut off the "warning: possible pointer alignment
      problem" message lint gives me for each call to malloc?

A:    The problem is that traditional versions of lint do not know,
      and cannot be told, that malloc "returns a pointer to space
      suitably aligned for storage of any type of object."  It is
      possible to provide a pseudoimplementation of malloc, using a
      #define inside of #ifdef lint, which effectively shuts this
      warning off, but a simpleminded #definition will also suppress
      meaningful messages about truly incorrect invocations.  It may
      be easier simply to ignore the message, perhaps in an automated
      way with grep -v.

13.3: Where can I get an ANSI-compatible lint?

A:    A product called FlexeLint is available (in "shrouded source
      form," for compilation on 'most any system) from

            Gimpel Software
            3207 Hogarth Lane
            Collegeville, PA  19426  USA
            (+1) 610 584 4261
            gimpel@netaxs.com

      The System V release 4 lint is ANSI-compatible, and is available
      separately (bundled with other C tools) from UNIX Support Labs
      or from System V resellers.

      Another ANSI-compatible lint (which can also perform higher-
      level formal verification) is LCLint, available via anonymous
      ftp from larch.lcs.mit.edu://pub/Larch/lclint/ .

      In the absence of lint, many modern compilers attempt to
      diagnose almost as many problems as a good lint does.

Section 14. Style

14.1: Here's a neat trick:

            if(!strcmp(s1, s2))

      Is this good style?

A:    It is not particularly good style, although it is a popular
      idiom.  The test succeeds if the two strings are equal, but its
      form suggests that it tests for inequality.

      Another solution is to use a macro:

            #define Streq(s1, s2) (strcmp((s1), (s2)) == 0)

      Opinions on code style, like those on religion, can be debated
      endlessly.  Though good style is a worthy goal, and can usually
      be recognized, it cannot be codified.

14.2: What's the best style for code layout in C?

A:    K&R, while providing the example most often copied, also supply
      a good excuse for avoiding it:

            The position of braces is less important,
            although people hold passionate beliefs.  We
            have chosen one of several popular styles.  Pick
            a style that suits you, then use it
            consistently.

      It is more important that the layout chosen be consistent (with
      itself, and with nearby or common code) than that it be
      "perfect."  If your coding environment (i.e. local custom or
      company policy) does not suggest a style, and you don't feel
      like inventing your own, just copy K&R.  (The tradeoffs between
      various indenting and brace placement options can be
      exhaustively and minutely examined, but don't warrant repetition
      here.  See also the Indian Hill Style Guide.)

      The elusive quality of "good style" involves much more than mere
      code layout details; don't spend time on formatting to the
      exclusion of more substantive code quality issues.

      References: K&R Sec. 1.2 p. 10.

14.3: Where can I get the "Indian Hill Style Guide" and other coding
      standards?

A:    Various documents are available for anonymous ftp from:

            Site:             File or directory:

            cs.washington.edu pub/cstyle.tar.Z
            (128.95.1.4)            (the updated Indian Hill guide)

            ftp.cs.toronto.edu      doc/programming

            ftp.cs.umd.edu          pub/style-guide


Section 15. Floating Point

15.1: My floating-point calculations are acting strangely and giving
      me different answers on different machines.

A:    First, make sure that you have #included <math.h>, and correctly
      declared other functions returning double.

      If the problem isn't that simple, recall that most digital
      computers use floating-point formats which provide a close but
      by no means exact simulation of real number arithmetic.
      Underflow, cumulative precision loss, and other anomalies are
      often troublesome.

      Don't assume that floating-point results will be exact, and
      especially don't assume that floating-point values can be
      compared for equality.  (Don't throw haphazard "fuzz factors"
      in, either.)

      These problems are no worse for C than they are for any other
      computer language.  Floating-point semantics are usually defined
      as "however the processor does them;" otherwise a compiler for a
      machine without the "right" model would have to do prohibitively
      expensive emulations.

      This article cannot begin to list the pitfalls associated with,
      and workarounds appropriate for, floating-point work.  A good
      programming text should cover the basics.

      References: EoPS Sec. 6 pp. 115-8.

15.2: I'm trying to do some simple trig, and I am #including <math.h>,
      but I keep getting "undefined: _sin" compilation errors.

A:    Make sure you're linking with the correct math library.  For
      instance, under Unix, you usually need to use the -lm option,
      and at the _end_ of the command line, when compiling/linking.
      See also question 12.14.

15.3: Why doesn't C have an exponentiation operator?

A:    Because few processors have an exponentiation instruction.
      Instead, you can #include <math.h> and use the pow() function,
      although explicit multiplication is often better for small
      positive integral exponents.

      References: ANSI Sec. 4.5.5.1 .

15.4: How do I round numbers?

A:    The simplest and most straightforward way is with code like

            (int)(x + 0.5)

      This won't work properly for negative numbers, though.

15.5: How do I test for IEEE NaN and other special values?

A:    Many systems with high-quality IEEE floating-point
      implementations provide facilities (e.g. an isnan() macro) to
      deal with these values cleanly, and the Numerical C Extensions
      Group (NCEG) is working to formally standardize such facilities.
      A crude but usually effective test for NaN is exemplified by

            #define isnan(x) ((x) != (x))

      although non-IEEE-aware compilers may optimize the test away.

15.6: I'm having trouble with a Turbo C program which crashes and says
      something like "floating point formats not linked."

A:    Some compilers for small machines, including Turbo C (and
      Ritchie's original PDP-11 compiler), leave out floating point
      support if it looks like it will not be needed.  In particular,
      the non-floating-point versions of printf and scanf save space
      by not including code to handle %e, %f, and %g.  It happens that
      Turbo C's heuristics for determining whether the program uses
      floating point are insufficient, and the programmer must
      sometimes insert an extra, explicit call to a floating-point
      library routine to force loading of floating-point support.


Section 16. System Dependencies

16.1: How can I read a single character from the keyboard without
      waiting for a newline?

A:    Contrary to popular belief and many people's wishes, this is not
      a C-related question.  (Nor are closely-related questions
      concerning the echo of keyboard input.)  The delivery of
      characters from a "keyboard" to a C program is a function of the
      operating system in use, and has not been standardized by the C
      language.  Some versions of curses have a cbreak() function
      which does what you want.  If you're specifically trying to read
      a short password without echo, you might try getpass().  Under
      Unix, use ioctl to play with the terminal driver modes (CBREAK
      or RAW under "classic" versions; ICANON, c_cc[VMIN] and
      c_cc[VTIME] under System V or Posix systems).  Under MS-DOS, use
      getch().  Under VMS, try the Screen Management (SMG$) routines,
      or curses, or issue low-level $QIO's with the IO$_READVBLK (and
      perhaps IO$M_NOECHO) function codes to ask for one character at
      a time.  Under other operating systems, you're on your own.
      Beware that some operating systems make this sort of thing
      impossible, because character collection into input lines is
      done by peripheral processors not under direct control of the
      CPU running your program.

      Operating system specific questions are not appropriate for
      comp.lang.c .  Many common questions are answered in
      frequently-asked questions postings in such groups as
      comp.unix.questions and comp.os.msdos.programmer .  Note that
      the answers are often not unique even across different variants
      of a system; bear in mind when answering system-specific
      questions that the answer that applies to your system may not
      apply to everyone else's.

      References: PCS Sec. 10 pp. 128-9, Sec. 10.1 pp. 130-1.

16.2: How can I find out if there are characters available for reading
      (and if so, how many)?  Alternatively, how can I do a read that
      will not block if there are no characters available?

A:    These, too, are entirely operating-system-specific.  Some
      versions of curses have a nodelay() function.  Depending on your
      system, you may also be able to use "nonblocking I/O", or a
      system call named "select", or the FIONREAD ioctl, or kbhit(),
      or rdchk(), or the O_NDELAY option to open() or fcntl().

16.3: How can I clear the screen?  How can I print things in inverse
      video?

A:    Such things depend on the terminal type (or display) you're
      using.  You will have to use a library such as termcap or
      curses, or some system-specific routines, to perform these
      functions.

16.4: How do I read the mouse?

A:    Consult your system documentation, or ask on an appropriate
      system-specific newsgroup (but check its FAQ list first).  Mouse
      handling is completely different under the X window system, MS-
      DOS, Macintosh, and probably every other system.

16.5: How can my program discover the complete pathname to the
      executable file from which it was invoked?

A:    argv[0] may contain all or part of the pathname, or it may
      contain nothing.  You may be able to duplicate the command
      language interpreter's search path logic to locate the
      executable if the name in argv[0] is present but incomplete.
      However, there is no guaranteed or portable solution.

16.6: How can a process change an environment variable in its caller?

A:    In general, it cannot.  Different operating systems implement
      name/value functionality similar to the Unix environment in
      different ways.  Whether the "environment" can be usefully
      altered by a running program, and if so, how, is system-
      dependent.

      Under Unix, a process can modify its own environment (some
      systems provide setenv() and/or putenv() functions to do this),
      and the modified environment is usually passed on to any child
      processes, but it is _not_ propagated back to the parent
      process.

16.7: How can I check whether a file exists?  I want to query the user
      before overwriting existing files.

A:    On Unix-like systems, you can try the access() routine, although
      it's got a few problems.  (It isn't atomic with respect to the
      following action, and can have anomalies if used in setuid
      programs.)  Another option (perhaps preferable) is to call
      stat() on the file.  Otherwise, the only guaranteed and portable
      way to test for file existence is to try opening the file (which
      doesn't help if you're trying to avoid overwriting an existing
      file, unless you've got something like the BSD Unix O_EXCL open
      option available).

16.8: How can I find out the size of a file, prior to reading it in?

A:    If the "size of a file" is the number of characters you'll be
      able to read from it in C, it is in general impossible to
      determine this number in advance.  Under Unix, the stat call
      will give you an exact answer, and several other systems supply
      a Unix-like stat which will give an approximate answer.  You can
      fseek to the end and then use ftell, but this usage is
      nonportable (it gives you an accurate answer only under Unix,
      and otherwise a quasi-accurate answer only for ANSI C "binary"
      files).  Some systems provide routines called filesize or
      filelength.

      Are you sure you have to determine the file's size in advance?
      Since the most accurate way of determining the size of a file as
      a C program will see it is to open the file and read it, perhaps
      you can rearrange the code to learn the size as it reads.

16.9: How can a file be shortened in-place without completely clearing
      or rewriting it?

A:    BSD systems provide ftruncate(), several others supply chsize(),
      and a few may provide a (possibly undocumented) fcntl option
      F_FREESP.  Under MS-DOS, you can sometimes use write(fd, "", 0).
      However, there is no truly portable solution.

16.10:      How can I implement a delay, or time a user's response, with
      sub-second resolution?

A:    Unfortunately, there is no portable way.  V7 Unix, and derived
      systems, provided a fairly useful ftime() routine with
      resolution up to a millisecond, but it has disappeared from
      System V and Posix.  Other routines you might look for on your
      system include nap(), setitimer(), msleep(), usleep(), clock(),
      and gettimeofday().  The select() and poll() calls (if
      available) can be pressed into service to implement simple
      delays.  On MS-DOS machines, it is possible to reprogram the
      system timer and timer interrupts.

16.11:      How can I read in an object file and jump to routines in it?

A:    You want a dynamic linker and/or loader.  It is possible to
      malloc some space and read in object files, but you have to know
      an awful lot about object file formats, relocation, etc.  Under
      BSD Unix, you could use system() and ld -A to do the linking for
      you.  Many (most?) versions of SunOS and System V have the -ldl
      library which allows object files to be dynamically loaded.
      There is also a GNU package called "dld".  See also question
      7.6.

16.12:      How can I invoke an operating system command from within a
      program?

A:    Use system().

      References: K&R II Sec. B6 p. 253; ANSI Sec. 4.10.4.5; H&S
      Sec. 21.2; PCS Sec. 11 p. 179;

16.13:      How can I invoke an operating system command and trap its
      output?

A:    Unix and some other systems provide a popen() routine, which
      sets up a stdio stream on a pipe connected to the process
      running a command, so that the output can be read (or the input
      supplied).  Alternately, invoke the command simply (see question
      16.12) in such a way that it writes its output to a file, then
      open and read that file.

      References: PCS Sec. 11 p. 169 .

16.14:      How can I read a directory in a C program?

A:    See if you can use the opendir() and readdir() routines, which
      are available on most Unix systems.  Implementations also exist
      for MS-DOS, VMS, and other systems.  (MS-DOS also has FINDFIRST
      and FINDNEXT routines which do essentially the same thing.)

16.15:      How can I do serial ("comm") port I/O?

A:    It's system-dependent.  Under Unix, you typically open, read,
      and write a device in /dev, and use the facilities of the
      terminal driver to adjust its characteristics.  Under MS-DOS,
      you can either use some primitive BIOS interrupts, or (if you
      require decent performance) one of any number of interrupt-
      driven serial I/O packages.


Section 17. Miscellaneous

17.1: What can I safely assume about the initial values of variables
      which are not explicitly initialized?  If global variables start
      out as "zero," is that good enough for null pointers and
      floating-point zeroes?

A:    Variables with "static" duration (that is, those declared
      outside of functions, and those declared with the storage class
      static), are guaranteed initialized (just once, at program
      startup) to zero, as if the programmer had typed "= 0".
      Therefore, such variables are initialized to the null pointer
      (of the correct type; see also Section 1) if they are pointers,
      and to 0.0 if they are floating-point.

      Variables with "automatic" duration (i.e. local variables
      without the static storage class) start out containing garbage,
      unless they are explicitly initialized.  Nothing useful can be
      predicted about the garbage.

      Dynamically-allocated memory obtained with malloc and realloc is
      also likely to contain garbage, and must be initialized by the
      calling program, as appropriate.  Memory obtained with calloc
      contains all-bits-0, but this is not necessarily useful for
      pointer or floating-point values (see question 3.13, and section
      1).

17.2: This code, straight out of a book, isn't compiling:

            f()
            {
            char a[] = "Hello, world!";
            }

A:    Perhaps you have a pre-ANSI compiler, which doesn't allow
      initialization of "automatic aggregates" (i.e. non-static local
      arrays and structures).  As a workaround, you can make the array
      global or static, and initialize it with strcpy when f is
      called.  (You can always initialize local char * variables with
      string literals, but see question 17.20).  See also questions
      5.16 and 5.17.

17.3: How can I write data files which can be read on other machines
      with different word size, byte order, or floating point formats?

A:    The best solution is to use text files (usually ASCII), written
      with fprintf and read with fscanf or the like.  (Similar advice
      also applies to network protocols.)  Be skeptical of arguments
      which imply that text files are too big, or that reading and
      writing them is too slow.  Not only is their efficiency
      frequently acceptable in practice, but the advantages of being
      able to manipulate them with standard tools can be overwhelming.

      If you must use a binary format, you can improve portability,
      and perhaps take advantage of prewritten I/O libraries, by
      making use of standardized formats such as Sun's XDR (RFC 1014),
      OSI's ASN.1, CCITT's X.409, or ISO 8825 "Basic Encoding Rules."
      See also question 9.11.

17.4: How can I insert or delete a line (or record) in the middle of a
      file?

A:    Short of rewriting the file, you probably can't.  See also
      question 16.9.

17.5: How can I return several values from a function?

A:    Either pass pointers to locations which the function can fill
      in, or have the function return a structure containing the
      desired values, or (in a pinch) consider global variables.  See
      also questions 2.17, 3.4, and 9.2.

17.6: If I have a char * variable pointing to the name of a function
      as a string, how can I call that function?

A:    The most straightforward thing to do is maintain a
      correspondence table of names and function pointers:

            int function1(), function2();

            struct {char *name; int (*funcptr)(); } symtab[] =
                  {
                  "function1",      function1,
                  "function2",      function2,
                  };

      Then, just search the table for the name, and call through the
      associated function pointer.  See also questions 9.9 and 16.11.

17.7: I seem to be missing the system header file <sgtty.h>.  Can
      someone send me a copy?

A:    Standard headers exist in part so that definitions appropriate
      to your compiler, operating system, and processor can be
      supplied.  You cannot just pick up a copy of someone else's
      header file and expect it to work, unless that person is using
      exactly the same environment.  Ask your compiler vendor why the
      file was not provided (or to send a replacement copy).

17.8: How can I call FORTRAN (C++, BASIC, Pascal, Ada, LISP) functions
      from C?  (And vice versa?)

A:    The answer is entirely dependent on the machine and the specific
      calling sequences of the various compilers in use, and may not
      be possible at all.  Read your compiler documentation very
      carefully; sometimes there is a "mixed-language programming
      guide," although the techniques for passing arguments and
      ensuring correct run-time startup are often arcane.  More
      information may be found in FORT.gz by Glenn Geers, available
      via anonymous ftp from suphys.physics.su.oz.au in the src
      directory.

      cfortran.h, a C header file, simplifies C/FORTRAN interfacing on
      many popular machines.  It is available via anonymous ftp from
      zebra.desy.de (131.169.2.244).

      In C++, a "C" modifier in an external function declaration
      indicates that the function is to be called using C calling
      conventions.

17.9: Does anyone know of a program for converting Pascal or FORTRAN
      (or LISP, Ada, awk, "Old" C, ...) to C?

A:    Several public-domain programs are available:

      p2c   A Pascal to C converter written by Dave Gillespie,
            posted to comp.sources.unix in March, 1990 (Volume 21);
            also available by anonymous ftp from
            csvax.cs.caltech.edu, file pub/p2c-1.20.tar.Z .

      ptoc  Another Pascal to C converter, this one written in
            Pascal (comp.sources.unix, Volume 10, also patches in
            Volume 13?).

      f2c   A Fortran to C converter jointly developed by people
            from Bell Labs, Bellcore, and Carnegie Mellon.  To find
            out more about f2c, send the mail message "send index
            from f2c" to netlib@research.att.com or research!netlib.
            (It is also available via anonymous ftp on
            netlib.att.com, in directory netlib/f2c.)

      This FAQ list's maintainer also has available a list of other
      commercial translation products, and some for more obscure
      languages.

      See also question 5.3.

17.10:      Is C++ a superset of C?  Can I use a C++ compiler to compile C
      code?

A:    C++ was derived from C, and is largely based on it, but there
      are some legal C constructs which are not legal C++.  (Many C
      programs will nevertheless compile correctly in a C++
      environment.)

17.11:      I need:                       A:  Look for programs (see also
                                  question 17.12) named:

      a C cross-reference               cflow, calls, cscope
      generator

      a C beautifier/pretty-            cb, indent
      printer

17.12:      Where can I get copies of all these public-domain programs?

A:    If you have access to Usenet, see the regular postings in the
      comp.sources.unix and comp.sources.misc newsgroups, which
      describe, in some detail, the archiving policies and how to
      retrieve copies.  The usual approach is to use anonymous ftp
      and/or uucp from a central, public-spirited site, such as uunet
      (ftp.uu.net, 192.48.96.9).  However, this article cannot track
      or list all of the available archive sites and how to access
      them.

      Ajay Shah maintains an index of free numerical software; it is
      posted periodically, and available where this FAQ list is
      archived (see question 17.33).  The comp.archives newsgroup
      contains numerous announcements of anonymous ftp availability of
      various items.  The "archie" mailserver can tell you which
      anonymous ftp sites have which packages; send the mail message
      "help" to archie@quiche.cs.mcgill.ca for information.  Finally,
      the newsgroup comp.sources.wanted is generally a more
      appropriate place to post queries for source availability, but
      check _its_ FAQ list, "How to find sources," before posting
      there.

17.13:      When will the next International Obfuscated C Code Contest
      (IOCCC) be held?  How can I get a copy of the current and
      previous winning entries?

A:    The contest schedule is tied to the dates of the USENIX
      conferences at which the winners are announced.  At the time of
      this writing, it is expected that the yearly contest will open
      in October.  To obtain a current copy of the rules and
      guidelines, send e-mail with the Subject: line "send rules" to:

            {apple,pyramid,sun,uunet}!hoptoad!judges  or
            judges@toad.com

      (Note that these are _not_ the addresses for submitting
      entries.)

      Contest winners should be announced at the winter USENIX
      conference in January, and are posted to the net sometime
      thereafter.  Winning entries from previous years (to 1984) are
      archived at uunet (see question 17.12) under the directory
      ~/pub/ioccc.

      As a last resort, previous winners may be obtained by sending
      e-mail to the above address, using the Subject: "send YEAR
      winners", where YEAR is a single four-digit year, a year range,
      or "all".

17.14:      Why don't C comments nest?  How am I supposed to comment out
      code containing comments?  Are comments legal inside quoted
      strings?

A:    Nested comments would cause more harm than good, mostly because
      of the possibility of accidentally leaving comments unclosed by
      including the characters "/*" within them.  For this reason, it
      is usually better to "comment out" large sections of code, which
      might contain comments, with #ifdef or #if 0 (but see question
      5.11).

      The character sequences /* and */ are not special within
      double-quoted strings, and do not therefore introduce comments,
      because a program (particularly one which is generating C code
      as output) might want to print them.

      References: ANSI Appendix E p. 198, Rationale Sec. 3.1.9 p. 33.

17.15:      How can I get the ASCII value corresponding to a character, or
      vice versa?

A:    In C, characters are represented by small integers corresponding
      to their values (in the machine's character set) so you don't
      need a conversion routine: if you have the character, you have
      its value.

17.16:      How can I implement sets and/or arrays of bits?

A:    Use arrays of char or int, with a few macros to access the right
      bit at the right index (try using 8 for CHAR_BIT if you don't
      have <limits.h>):

            #include <limits.h>           /* for CHAR_BIT */

            #define BITMASK(bit) (1 << ((bit) % CHAR_BIT))
            #define BITSLOT(bit) ((bit) / CHAR_BIT)
            #define BITSET(ary, bit) ((ary)[BITSLOT(bit)] |= BITMASK(bit))
            #define BITTEST(ary, bit) ((ary)[BITSLOT(bit)] & BITMASK(bit))

17.17:      What is the most efficient way to count the number of bits which
      are set in a value?

A:    This and many other similar bit-twiddling problems can often be
      sped up and streamlined using lookup tables (but see the next
      question).

17.18:      How can I make this code more efficient?

A:    Efficiency, though a favorite comp.lang.c topic, is not
      important nearly as often as people tend to think it is.  Most
      of the code in most programs is not time-critical.  When code is
      not time-critical, it is far more important that it be written
      clearly and portably than that it be written maximally
      efficiently.  (Remember that computers are very, very fast, and
      that even "inefficient" code can run without apparent delay.)

      It is notoriously difficult to predict what the "hot spots" in a
      program will be.  When efficiency is a concern, it is important
      to use profiling software to determine which parts of the
      program deserve attention.  Often, actual computation time is
      swamped by peripheral tasks such as I/O and memory allocation,
      which can be sped up by using buffering and caching techniques.

      For the small fraction of code that is time-critical, it is
      vital to pick a good algorithm; it is less important to
      "microoptimize" the coding details.  Many of the "efficient
      coding tricks" which are frequently suggested (e.g. substituting
      shift operators for multiplication by powers of two) are
      performed automatically by even simpleminded compilers.
      Heavyhanded "optimization" attempts can make code so bulky that
      performance is degraded.

      For more discussion of efficiency tradeoffs, as well as good
      advice on how to increase efficiency when it is important, see
      chapter 7 of Kernighan and Plauger's The Elements of Programming
      Style, and Jon Bentley's Writing Efficient Programs.

17.19:      Are pointers really faster than arrays?  How much do function
      calls slow things down?  Is ++i faster than i = i + 1?

A:    Precise answers to these and many similar questions depend of
      course on the processor and compiler in use.  If you simply must
      know, you'll have to time test programs carefully.  (Often the
      differences are so slight that hundreds of thousands of
      iterations are required even to see them.  Check the compiler's
      assembly language output, if available, to see if two purported
      alternatives aren't compiled identically.)

      It is "usually" faster to march through large arrays with
      pointers rather than array subscripts, but for some processors
      the reverse is true.

      Function calls, though obviously incrementally slower than in-
      line code, contribute so much to modularity and code clarity
      that there is rarely good reason to avoid them.

      Before rearranging expressions such as i = i + 1, remember that
      you are dealing with a C compiler, not a keystroke-programmable
      calculator.  Any decent compiler will generate identical code
      for ++i, i += 1, and i = i + 1.  The reasons for using ++i or
      i += 1 over i = i + 1 have to do with style, not efficiency.
      (See also question 4.7.)

17.20:      Why does this code:

            char *p = "Hello, world!";
            p[0] = tolower(p[0]);

      crash?

A:    String literals are not necessarily modifiable, except (in
      effect) when they are used as array initializers.  Try

            char a[] = "Hello, world!";

      (For compiling old code, some compilers have a switch
      controlling whether strings are writable or not.)  See also
      questions 2.1, 2.2, 2.8, and 17.2.

      References: ANSI Sec. 3.1.4 .

17.21:      This program crashes before it even runs!  (When single-stepping
      with a debugger, it dies before the first statement in main.)

A:    You probably have one or more very large (kilobyte or more)
      local arrays.  Many systems have fixed-size stacks, and those
      which perform dynamic stack allocation automatically (e.g. Unix)
      can be confused when the stack tries to grow by a huge chunk all
      at once.

      It is often better to declare large arrays with static duration
      (unless of course you need a fresh set with each recursive
      call).

      (See also question 9.4.)

17.22:      What do "Segmentation violation" and "Bus error" mean?

A:    These generally mean that your program tried to access memory it
      shouldn't have, invariably as a result of improper pointer use,
      often involving uninitialized or improperly allocated pointers
      (see questions 3.1 and 3.2), or malloc (see question 17.23), or
      perhaps scanf (see question 11.3).

17.23:      My program is crashing, apparently somewhere down inside malloc,
      but I can't see anything wrong with it.

A:    It is unfortunately very easy to corrupt malloc's internal data
      structures, and the resulting problems can be hard to track
      down.  The most common source of problems is writing more to a
      malloc'ed region than it was allocated to hold; a particularly
      common bug is to malloc(strlen(s)) instead of strlen(s) + 1.
      Other problems involve freeing pointers not obtained from
      malloc, or trying to realloc a null pointer (see question 3.12).

      A number of debugging packages exist to help track down malloc
      problems; one popular one is Conor P. Cahill's "dbmalloc,"
      posted to comp.sources.misc in September of 1992.  Others are
      "leak," available in volume 27 of the comp.sources.unix
      archives; JMalloc.c and JMalloc.h in Fidonet's C_ECHO Snippets
      (or ask archie; see question 17.12); and MEMDEBUG from
      ftp.crpht.lu in pub/sources/memdebug .  See also question 17.12.

17.24:      Does anyone have a C compiler test suite I can use?

A:    Plum Hall (formerly in Cardiff, NJ; now in Hawaii) sells one.
      The FSF's GNU C (gcc) distribution includes a c-torture-
      test.tar.Z which checks a number of common problems with
      compilers.  Kahan's paranoia test, found in netlib/paranoia on
      netlib.att.com, strenuously tests a C implementation's floating
      point capabilities.

17.25:      Where can I get a YACC grammar for C?

A:    The definitive grammar is of course the one in the ANSI
      standard.  Another grammar, by Jim Roskind, is in pub/*grammar*
      at ics.uci.edu .  A fleshed-out, working instance of the ANSI
      grammar (due to Jeff Lee) is on uunet (see question 17.12) in
      usenet/net.sources/ansi.c.grammar.Z (including a companion
      lexer).  The FSF's GNU C compiler contains a grammar, as does
      the appendix to K&R II.

      References: ANSI Sec. A.2 .

17.26:      I need code to parse and evaluate expressions.

A:    Two available packages are "defunc," posted to comp.source.misc
      in December, 1993 (V41 i32,33), to alt.sources in January, 1994,
      and available from sunsite.unc.edu in
      pub/packages/development/libraries/defunc-1.3.tar.Z; and
      "parse," at lamont.ldgo.columbia.edu.

17.27:      I need a sort of an "approximate" strcmp routine, for comparing
      two strings for close, but not necessarily exact, equality.

A:    The traditional routine for doing this sort of thing involves
      the "soundex" algorithm, which maps similar-sounding words to
      the same numeric codes.  Soundex is described in the Searching
      and Sorting volume of Donald Knuth's classic _The Art of
      Computer Programming_.

17.28:      How can I find the day of the week given the date?

A:    Use mktime (see questions 12.6 and 12.7), or Zeller's
      congruence, or see the sci.math FAQ list, or try this code
      posted by Tomohiko Sakamoto:

            dayofweek(y, m, d)      /* 0 = Sunday */
            int y, m, d;            /* 1 <= m <= 12,  y > 1752 or so */
            {
                  static int t[] = {0, 3, 2, 5, 0, 3, 5, 1, 4, 6, 2, 4};
                  y -= m < 3;
                  return (y + y/4 - y/100 + y/400 + t[m-1] + d) % 7;
            }

17.29:      Will 2000 be a leap year?  Is (year % 4 == 0) an accurate test
      for leap years?

A:    Yes and no, respectively.  The full expression for the Gregorian
      calendar is

            year % 4 == 0 && (year % 100 != 0 || year % 400 == 0)

      See a good astronomical almanac or other reference for details.

17.30:      How do you pronounce "char"?

A:    You can pronounce the C keyword "char" in at least three ways:
      like the English words "char," "care," or "car;" the choice is
      arbitrary.

17.31:      What's a good book for learning C?

A:    Mitch Wright maintains an annotated bibliography of C and Unix
      books; it is available for anonymous ftp from ftp.rahul.net in
      directory pub/mitch/YABL.

      This FAQ list's editor maintains a collection of previous
      answers to this question, which is available upon request.

17.32:      Are there any C tutorials on the net?

A:    There are at least two of them:

      "Notes for C programmers," by Christopher Sawtell,
      available from:
      svr-ftp.eng.cam.ac.uk:misc/sawtell_C.shar
      garbo.uwasa.fi:/pc/c-lang/c-lesson.zip
      paris7.jussieu.fr:/contributions/docs

      Tim Love's "C for Programmers,"
      available from svr-ftp.eng.cam.ac.uk in the misc directory.

17.33:      Where can I get extra copies of this list?  What about back
      issues?

A:    For now, just pull it off the net; it is normally posted to
      comp.lang.c on the first of each month, with an Expires: line
      which should keep it around all month.  An abridged version is
      also available (and posted), as is a list of changes
      accompanying each significantly updated version.  These lists
      can also be found in the newsgroups comp.answers and
      news.answers .  Several sites archive news.answers postings and
      other FAQ lists, including this one; two sites are rtfm.mit.edu
      (directories pub/usenet/news.answers/C-faq/ and
      pub/usenet/comp.lang.c/ ) and ftp.uu.net (directory
      usenet/news.answers/C-faq/ ).  The archie server should help you
      find others; query it for "prog C-faq".  See the meta-FAQ list
      in news.answers for more information; see also question 17.12.

      This list is an evolving document of questions which have been
      Frequent since before the Great Renaming, not just a collection
      of this month's interesting questions.  Older copies are
      obsolete and don't contain much, except the occasional typo,
      that the current list doesn't.


Bibliography

ANSI  American National Standard for Information Systems --
      Programming Language -- C, ANSI X3.159-1989 (see question 5.2).

JLB   Jon Louis Bentley, Writing Efficient Programs, Prentice-Hall,
      1982, ISBN 0-13-970244-X.

H&S   Samuel P. Harbison and Guy L. Steele, C: A Reference Manual,
      Second Edition, Prentice-Hall, 1987, ISBN 0-13-109802-0.  (A
      third edition has recently been released.)

PCS   Mark R. Horton, Portable C Software, Prentice Hall, 1990,
      ISBN 0-13-868050-7.

EoPS  Brian W. Kernighan and P.J. Plauger, The Elements of Programming
      Style, Second Edition, McGraw-Hill, 1978, ISBN 0-07-034207-5.

K&R I Brian W. Kernighan and Dennis M. Ritchie, The C Programming
      Language, Prentice-Hall, 1978, ISBN 0-13-110163-3.

K&R II      Brian W. Kernighan and Dennis M. Ritchie, The C Programming
      Language, Second Edition, Prentice Hall, 1988, ISBN 0-13-
      110362-8, 0-13-110370-9.

Knuth Donald E. Knuth, The Art of Computer Programming, (3 vols.),
      Addison-Wesley, 1981.

CT&P  Andrew Koenig, C Traps and Pitfalls, Addison-Wesley, 1989,
      ISBN 0-201-17928-8.

      P.J. Plauger, The Standard C Library, Prentice Hall, 1992,
      ISBN 0-13-131509-9.

      Harry Rabinowitz and Chaim Schaap, Portable C, Prentice-Hall,
      1990, ISBN 0-13-685967-4.

There is a more extensive bibliography in the revised Indian Hill style
guide (see question 14.3).  See also question 17.31.


Acknowledgements

Thanks to Jamshid Afshar, Sudheer Apte, Randall Atkinson, Dan Bernstein,
Vincent Broman, Stan Brown, Joe Buehler, Gordon Burditt, Burkhard Burow,
Conor P. Cahill, D'Arcy J.M. Cain, Christopher Calabrese, Ian Cargill,
Paul Carter, Billy Chambless, Raymond Chen, Jonathan Coxhead, Lee
Crawford, Steve Dahmer, Andrew Daviel, James Davies, Jutta Degener, Norm
Diamond, Jeff Dunlop, Ray Dunn, Stephen M. Dunn, Michael J. Eager, Dave
Eisen, Bjorn Engsig, Chris Flatters, Rod Flores, Alexander Forst, Jeff
Francis, Dave Gillespie, Samuel Goldstein, Alasdair Grant, Ron
Guilmette, Doug Gwyn, Tony Hansen, Joe Harrington, Guy Harris, Elliotte
Rusty Harold, Jos Horsmeier, Blair Houghton, Ke Jin, Kirk Johnson, Larry
Jones, Kin-ichi Kitano, Peter Klausler, Andrew Koenig, Tom Koenig, Ajoy
Krishnan T, Markus Kuhn, John Lauro, Felix Lee, Mike Lee, Timothy J.
Lee, Tony Lee, Don Libes, Christopher Lott, Tim Love, Tim McDaniel,
Stuart MacMartin, John R. MacMillan, Bob Makowski, Evan Manning, Barry
Margolin, George Matas, Brad Mears, Bill Mitchell, Mark Moraes, Darren
Morby, Ken Nakata, Landon Curt Noll, David O'Brien, Richard A. O'Keefe,
Hans Olsson, Philip (lijnzaad@embl-heidelberg.de), Andrew Phillips,
Christopher Phillips, Francois Pinard, Dan Pop, Kevin D. Quitt, Pat
Rankin, J. M. Rosenstock, Erkki Ruohtula, Tomohiko Sakamoto, Rich Salz,
Chip Salzenberg, Paul Sand, DaviD W. Sanderson, Christopher Sawtell,
Paul Schlyter, Doug Schmidt, Rene Schmit, Russell Schulz, Patricia
Shanahan, Peter da Silva, Joshua Simons, Henry Spencer, David Spuler,
Melanie Summit, Erik Talvola, Clarke Thatcher, Wayne Throop, Chris
Torek, Andrew Tucker, Goran Uddeborg, Rodrigo Vanegas, Jim Van Zandt,
Wietse Venema, Ed Vielmetti, Larry Virden, Chris Volpe, Mark Warren,
Larry Weiss, Freek Wiedijk, Lars Wirzenius, Dave Wolverton, Mitch
Wright, Conway Yee, and Zhuo Zang, who have contributed, directly or
indirectly, to this article.  Special thanks to Karl Heuer, and
particularly to Mark Brader, who (to borrow a line from Steve Johnson)
have goaded me beyond my inclination, and occasionally beyond my
endurance, in relentless pursuit of a better FAQ list.

                              Steve Summit
                              scs@eskimo.com

This article is Copyright 1990-1995 by Steve Summit.
It may be freely redistributed so long as its content, the author's
name, and this notice are retained.
The C code in this article (vstrcat(), error(), etc.) is public domain
and may be used without restriction.
