v0.9.19, Copyright © August 8, 2024
C is not a big language, and it is not well served by a big book.
–Brian W. Kernighan, Dennis M. Ritchie
No point in wasting words here, folks, let’s jump straight into the C code:
((ck?main((z?(stat(M,&t)?P+=a+'{'?0:3:
E(M,k),a=G,i=P,y=G&255,
execv(Q,y/'@'-3?A(*L(V(%d+%d)+%d,0) sprintf
And they lived happily ever after. The End.
What’s this? You say something’s still not clear about this whole C programming language thing?
Well, to be quite honest, I’m not even sure what the above code does. It’s a snippet from one of the entries in the 2001 International Obfuscated C Code Contest1, a wonderful competition wherein the entrants attempt to write the most unreadable C code possible, with often surprising results.
The bad news is that if you’re a beginner in this whole thing, all C code you see probably looks obfuscated! The good news is, it’s not going to be that way for long.
What we’ll try to do over the course of this guide is lead you from complete and utter sheer lost confusion on to the sort of enlightened bliss that can only be obtained through pure C programming. Right on.
In the old days, C was a simpler language. A good number of the features contained in this book and a lot of the features in the Library Reference volume didn’t exist when K&R wrote the famous second edition of their book in 1988. Nevertheless, the language remains small at its core, and I hope I’ve presented it here in a way that starts with that simple core and builds outward.
And that’s my excuse for writing such a hilariously large book for such a small, concise language.
This guide assumes that you’ve already got some programming knowledge under your belt from another language, such as Python2, JavaScript3, Java4, Rust5, Go6, Swift7, etc. (Objective-C8 devs will have a particularly easy time of it!)
We’re going to assume you know what variables are, what loops do, how functions work, and so on.
If that’s not you for whatever reason the best I can hope to provide is some honest entertainment for your reading pleasure. The only thing I can reasonably promise is that this guide won’t end on a cliffhanger… or will it?
The guide is in two volumes, and this is the first: the tutorial volume!
The second volume is the library reference9, and it’s far more reference than tutorial.
If you’re new, go through the tutorial part in order, generally. The higher you get in chapters, the less important it is to go in order.
And no matter your skill level, the reference part is there with complete examples of the standard library function calls to help refresh your memory whenever needed. Good for reading over a bowl of cereal or other time.
Finally, glancing at the index (if you’re reading the print version), the reference section entries are italicized.
I’ll try to stick to Plain Ol’-Fashioned ISO-standard C10. Well, for the most part. Here and there I might go crazy and start talking about POSIX11 or something, but we’ll see.
Unix users (e.g. Linux, BSD, etc.) try running cc
or gcc
from the command line–you might already have a compiler installed. If you don’t, search your distribution for installing gcc
or clang
.
Windows users should check out Visual Studio Community12. Or, if you’re looking for a more Unix-like experience (recommended!), install WSL13 and gcc
.
Mac users will want to install XCode14, and in particular the command line tools.
There are a lot of compilers out there, and virtually all of them will work for this book. And a C++ compiler will compile a lot of (but not all!) C code. Best use a proper C compiler if you can.
This official location of this document is https://beej.us/guide/bgc/15. Maybe this’ll change in the future, but it’s more likely that all the other guides are migrated off Chico State computers.
I’m generally available to help out with email questions so feel free to write in, but I can’t guarantee a response. I lead a pretty busy life and there are times when I just can’t answer a question you have. When that’s the case, I usually just delete the message. It’s nothing personal; I just won’t ever have the time to give the detailed answer you require.
As a rule, the more complex the question, the less likely I am to respond. If you can narrow down your question before mailing it and be sure to include any pertinent information (like platform, compiler, error messages you’re getting, and anything else you think might help me troubleshoot), you’re much more likely to get a response.
If you don’t get a response, hack on it some more, try to find the answer, and if it’s still elusive, then write me again with the information you’ve found and hopefully it will be enough for me to help out.
Now that I’ve badgered you about how to write and not write me, I’d just like to let you know that I fully appreciate all the praise the guide has received over the years. It’s a real morale boost, and it gladdens me to hear that it is being used for good! :-)
Thank you!
You are more than welcome to mirror this site, whether publicly or privately. If you publicly mirror the site and want me to link to it from the main page, drop me a line at beej@beej.us
.
If you want to translate the guide into another language, write me at beej@beej.us
and I’ll link to your translation from the main page. Feel free to add your name and contact info to the translation.
Please note the license restrictions in the Copyright and Distribution section, below.
Beej’s Guide to C is Copyright © 2021 Brian “Beej Jorgensen” Hall.
With specific exceptions for source code and translations, below, this work is licensed under the Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License. To view a copy of this license, visit https://creativecommons.org/licenses/by-nc-nd/3.0/
or send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA.
One specific exception to the “No Derivative Works” portion of the license is as follows: this guide may be freely translated into any language, provided the translation is accurate, and the guide is reprinted in its entirety. The same license restrictions apply to the translation as to the original guide. The translation may also include the name and contact information for the translator.
The C source code presented in this document is hereby granted to the public domain, and is completely free of any license restriction.
Educators are freely encouraged to recommend or supply copies of this guide to their students.
Contact beej@beej.us
for more information.
The hardest things about writing these guides are:
A lot of people have helped me through this process, and I want to acknowledge those who have made this book possible.
Thank you! ♥
“Where do these stairs go?”
“They go up.”—Ray Stantz and Peter Venkman, Ghostbusters
C is a low-level language.
It didn’t use to be. Back in the day when people carved punch cards out of granite, C was an incredible way to be free of the drudgery of lower-level languages like assembly19.
But now in these modern times, current-generation languages offer all kinds of features that didn’t exist in 1972 when C was invented. This means C is a pretty basic language with not a lot of features. It can do anything, but it can make you work for it.
So why would we even use it today?
As a learning tool: not only is C a venerable piece of computing history, but it is connected to the bare metal20 in a way that present-day languages are not. When you learn C, you learn about how software interfaces with computer memory at a low level. There are no seatbelts. You’ll write software that crashes, I assure you. And that’s all part of the fun!
As a useful tool: C still is used for certain applications, such as building operating systems21 or in embedded systems22. (Though the Rust23 programming language is eyeing both these fields!)
If you’re familiar with another language, a lot of things about C are easy. C inspired many other languages, and you’ll see bits of it in Go, Rust, Swift, Python, JavaScript, Java, and all kinds of other languages. Those parts will be familiar.
The one thing about C that hangs people up is pointers. Virtually everything else is familiar, but pointers are the weird one. The concept behind pointers is likely one you already know, but C forces you to be explicit about it, using operators you’ve likely never seen before.
It’s especially insidious because once you grok24 pointers, they’re suddenly easy. But up until that moment, they’re slippery eels.
Everything else in C is just memorizing another way (or sometimes the same way!) of doing something you’ve done already. Pointers are the weird bit. And, arguably, even pointers are variations on a theme you’re probably familiar with.
So get ready for a rollicking adventure as close to the core of the computer as you can get without assembly, in the most influential computer language of all time25. Hang on!
This is the canonical example of a C program. Everyone uses it. (Note that the numbers to the left are for reader reference only, and are not part of the source code.)
/* Hello world program */
#include <stdio.h>
int main(void)
{
printf("Hello, World!\n"); // Actually do the work here
}
We’re going to don our long-sleeved heavy-duty rubber gloves, grab a scalpel, and rip into this thing to see what makes it tick. So, scrub up, because here we go. Cutting very gently…
Let’s get the easy thing out of the way: anything between the digraphs /*
and */
is a comment and will be completely ignored by the compiler. Same goes for anything on a line after a //
. This allows you to leave messages to yourself and others, so that when you come back and read your code in the distant future, you’ll know what the heck it was you were trying to do. Believe me, you will forget; it happens.
Now, what is this #include
? GROSS! Well, it tells the C Preprocessor to pull the contents of another file and insert it into the code right there.
Wait—what’s a C Preprocessor? Good question. There are two stages26 to compilation: the preprocessor and the compiler. Anything that starts with pound sign, or “octothorpe”, (#
) is something the preprocessor operates on before the compiler even gets started. Common preprocessor directives, as they’re called, are #include
and #define
. More on that later.
Before we go on, why would I even begin to bother pointing out that a pound sign is called an octothorpe? The answer is simple: I think the word octothorpe is so excellently funny, I have to gratuitously spread its name around whenever I get the opportunity. Octothorpe. Octothorpe, octothorpe, octothorpe.
So anyway. After the C preprocessor has finished preprocessing everything, the results are ready for the compiler to take them and produce assembly code27, machine code28, or whatever it’s about to do. Machine code is the “language” the CPU understands, and it can understand it very rapidly. This is one of the reasons C programs tend to be quick.
Don’t worry about the technical details of compilation for now; just know that your source runs through the preprocessor, then the output of that runs through the compiler, then that produces an executable for you to run.
What about the rest of the line? What’s <stdio.h>
? That is what is known as a header file. It’s the dot-h at the end that gives it away. In fact it’s the “Standard I/O” (stdio
) header file that you will grow to know and love. It gives us access to a bunch of I/O functionality29. For our demo program, we’re outputting the string “Hello, World!”, so we in particular need access to the printf()
function to do this. The <stdio.h>
file gives us this access. Basically, if we tried to use printf()
without #include <stdio.h>
, the compiler would have complained to us about it.
How did I know I needed to #include <stdio.h>
for printf()
? Answer: it’s in the documentation. If you’re on a Unix system, man 3 printf
and it’ll tell you right at the top of the man page what header files are required. Or see the reference section in this book. :-)
Holy moly. That was all to cover the first line! But, let’s face it, it has been completely dissected. No mystery shall remain!
So take a breather…look back over the sample code. Only a couple easy lines to go.
Welcome back from your break! I know you didn’t really take a break; I was just humoring you.
The next line is main()
. This is the definition of the function main()
; everything between the squirrelly braces ({
and }
) is part of the function definition.
(How do you call a different function, anyway? The answer lies in the printf()
line, but we’ll get to that in a minute.)
Now, the main function is a special one in many ways, but one way stands above the rest: it is the function that will be called automatically when your program starts executing. Nothing of yours gets called before main()
. In the case of our example, this works fine since all we want to do is print a line and exit.
Oh, that’s another thing: once the program executes past the end of main()
, down there at the closing squirrelly brace, the program will exit, and you’ll be back at your command prompt.
So now we know that that program has brought in a header file, stdio.h
, and declared a main()
function that will execute when the program is started. What are the goodies in main()
?
I am so happy you asked. Really! We only have the one goodie: a call to the function printf()
. You can tell this is a function call and not a function definition in a number of ways, but one indicator is the lack of squirrelly braces after it. And you end the function call with a semicolon so the compiler knows it’s the end of the expression. You’ll be putting semicolons after almost everything, as you’ll see.
You’re passing one argument to the function printf()
: a string to be printed when you call it. Oh, yeah—we’re calling a function! We rock! Wait, wait—don’t get cocky. What’s that crazy \n
at the end of the string? Well, most characters in the string will print out just like they are stored. But there are certain characters that you can’t print on screen well that are embedded as two-character backslash codes. One of the most popular is \n
(read “backslash-N” or simply “newline”) that corresponds to the newline character. This is the character that causes further printing to continue at the beginning of the next line instead of the current. It’s like hitting return at the end of the line.
So copy that code into a file called hello.c
and build it. On a Unix-like platform (e.g. Linux, BSD, Mac, or WSL), from the command line you’ll build with a command like so:
gcc -o hello hello.c
(This means “compile hello.c
, and output an executable called hello
”.)
After that’s done, you should have a file called hello
that you can run with this command:
./hello
(The leading ./
tells the shell to “run from the current directory”.)
And see what happens:
Hello, World!
It’s done and tested! Ship it!
Let’s talk a bit more about how to build C programs, and what happens behind the scenes there.
Like other languages, C has source code. But, depending on what language you’re coming from, you might never have had to compile your source code into an executable.
Compilation is the process of taking your C source code and turning it into a program that your operating system can execute.
JavaScript and Python devs aren’t used to a separate compilation step at all–though behind the scenes it’s happening! Python compiles your source code into something called bytecode that the Python virtual machine can execute. Java devs are used to compilation, but that produces bytecode for the Java Virtual Machine.
When compiling C, machine code is generated. This is the 1s and 0s that can be executed directly and speedily by the CPU.
Languages that typically aren’t compiled are called interpreted languages. But as we mentioned with Java and Python, they also have a compilation step. And there’s no rule saying that C can’t be interpreted. (There are C interpreters out there!) In short, it’s a bunch of gray areas. Compilation in general is just taking source code and turning it into another, more easily-executed form.
The C compiler is the program that does the compilation.
As we’ve already said, gcc
is a compiler that’s installed on a lot of Unix-like operating systems30. And it’s commonly run from the command line in a terminal, but not always. You can run it from your IDE, as well.
So how do we do command line builds?
gcc
If you have a source file called hello.c
in the current directory, you can build that into a program called hello
with this command typed in a terminal:
gcc -o hello hello.c
The -o
means “output to this file”31. And there’s hello.c
at the end, the name of the file we want to compile.
If your source is broken up into multiple files, you can compile them all together (almost as if they were one file, but the rules are actually more complex than that) by putting all the .c
files on the command line:
gcc -o awesomegame ui.c characters.c npc.c items.c
and they’ll all get built together into a big executable.
That’s enough to get started—later we’ll talk details about multiple source files, object files, and all kinds of fun stuff.
clang
On Macs, the stock compiler isn’t gcc
—it’s clang
. But a wrapper is also installed so you can run gcc
and have it still work.
You can also install the gcc
compiler proper through Homebrew32 or some other means.
If you’re using an Integrated Development Environment (IDE), you probably don’t have to build from the command line.
With Visual Studio, CTRL-F7
will build, and CTRL-F5
will run.
With VS Code, you can hit F5
to run via the debugger. (You’ll have to install the C/C++ Extension.)
With XCode, you can build with COMMAND-B
and run with COMMAND-R
. To get the command line tools, Google for “XCode command line tools” and you’ll find instructions for installing them.
For getting started, I encourage you to also try to build from the command line—it’s history!
C has come a long way over the years, and it had many named version numbers to describe which dialect of the language you’re using.
These generally refer to the year of the specification.
The most famous are C89, C99, C11, and C2x. We’ll focus on the latter in this book.
But here’s a more complete table:
Version | Description |
---|---|
K&R C | 1978, the original. Named after Brian Kernighan and Dennis Ritchie. Ritchie designed and coded the language, and Kernighan co-authored the book on it. You rarely see original K&R code today. If you do, it’ll look odd, like Middle English looks odd to modern English readers. |
C89, ANSI C, C90 | In 1989, the American National Standards Institute (ANSI) produced a C language specification that set the tone for C that persists to this day. A year later, the reins were handed to the International Organization for Standardization (ISO) that produced the identical C90. |
C95 | A rarely-mentioned addition to C89 that included wide character support. |
C99 | The first big overhaul with lots of language additions. The thing most people remember is the addition of // -style comments. This is the most popular version of C in use as of this writing. |
C11 | This major version update includes Unicode support and multi-threading. Be advised that if you start using these language features, you might be sacrificing portability with places that are stuck in C99 land. But, honestly, 1999 is getting to be a while back now. |
C17, C18 | Bugfix update to C11. C17 seems to be the official name, but the publication was delayed until 2018. As far as I can tell, these two are interchangeable, with C17 being preferred. |
C2x | What’s coming next! Expected to eventually become C23. |
You can force GCC to use one of these standards with the -std=
command line argument. If you want it to be picky about the standard, add -pedantic
.
For example:
gcc -std=c11 -pedantic foo.c
For this book, I compile programs for C2x with all warnings set:
gcc -Wall -Wextra -std=c2x -pedantic foo.c
“It takes all kinds to make a world, does it not, Padre?”
“So it does, my son, so it does.”—Pirate Captain Thomas Bartholomew Red to the Padre, Pirates
There sure can be lotsa stuff in a C program.
Yup.
And for various reasons, it’ll be easier for all of us if we classify some of the types of things you can find in a program, so we can be clear what we’re talking about.
It’s said that “variables hold values”. But another way to think about it is that a variable is a human-readable name that refers to some data in memory.
We’re going to take a second here and take a peek down the rabbit hole that is pointers. Don’t worry about it.
You can think of memory as a big array of bytes33. Data is stored in this “array”34. If a number is larger than a single byte, it is stored in multiple bytes. Because memory is like an array, each byte of memory can be referred to by its index. This index into memory is also called an address, or a location, or a pointer.
When you have a variable in C, the value of that variable is in memory somewhere, at some address. Of course. After all, where else would it be? But it’s a pain to refer to a value by its numeric address, so we make a name for it instead, and that’s what the variable is.
The reason I’m bringing all this up is twofold:
So a variable is a name for some data that’s stored in memory at some address.
You can use any characters in the range 0-9, A-Z, a-z, and underscore for variable names, with the following rules:
For Unicode, just try it. There are some rules in the spec in §D.2 that talk about which Unicode codepoint ranges are allowed in which parts of identifiers, but that’s too much to write about here and is probably something you’ll never have to think about anyway.
Depending on which languages you already have in your toolkit, you might or might not be familiar with the idea of types. But C’s kinda picky about them, so we should do a refresher.
Some example types, some of the most basic:
Type | Example | C Type |
---|---|---|
Integer | 3490 |
int |
Floating point | 3.14159 |
float 35 |
Character (single) | 'c' |
char |
String | "Hello, world!" |
char * 36 |
C makes an effort to convert automatically between most numeric types when you ask it to. But other than that, all conversions are manual, notably between string and numeric.
Almost all of the types in C are variants on these types.
Before you can use a variable, you have to declare that variable and tell C what type the variable holds. Once declared, the type of variable cannot be changed later at runtime. What you set it to is what it is until it falls out of scope and is reabsorbed into the universe.
Let’s take our previous “Hello, world” code and add a couple variables to it:
#include <stdio.h>
int main(void)
{
int i; // Holds signed integers, e.g. -3, -2, 0, 1, 10
float f; // Holds signed floating point numbers, e.g. -3.1416
printf("Hello, World!\n"); // Ah, blessed familiarity
}
There! We’ve declared a couple of variables. We haven’t used them yet, and they’re both uninitialized. One holds an integer number, and the other holds a floating point number (a real number, basically, if you have a math background).
Uninitialized variables have indeterminate value37. They have to be initialized or else you must assume they contain some nonsense number.
This is one of the places C can “get you”. Much of the time, in my experience, the indeterminate value is zero… but it can vary from run to run! Never assume the value will be zero, even if you see it is. Always explicitly initialize variables to some value before you use them38.
What’s this? You want to store some numbers in those variables? Insanity!
Let’s go ahead and do that:
int main(void)
{
int i;
i = 2; // Assign the value 2 into the variable i
printf("Hello, World!\n");
}
Killer. We’ve stored a value. Let’s print it.
We’re going to do that by passing two amazing arguments to the printf()
function. The first argument is a string that describes what to print and how to print it (called the format string), and the second is the value to print, namely whatever is in the variable i
.
printf()
hunts through the format string for a variety of special sequences which start with a percent sign (%
) that tell it what to print. For example, if it finds a %d
, it looks to the next parameter that was passed, and prints it out as an integer. If it finds a %f
, it prints the value out as a float. If it finds a %s
, it prints a string.
As such, we can print out the value of various types like so:
#include <stdio.h>
int main(void)
{
int i = 2;
float f = 3.14;
char *s = "Hello, world!"; // char * ("char pointer") is the string type
printf("%s i = %d and f = %f!\n", s, i, f);
}
And the output will be:
Hello, world! i = 2 and f = 3.14!
In this way, printf()
might be similar to various types of format strings or parameterized strings in other languages you’re familiar with.
C has Boolean types, true or false?
1
!
Historically, C didn’t have a Boolean type, and some might argue it still doesn’t.
In C, 0
means “false”, and non-zero means “true”.
So 1
is true. And -37
is true. And 0
is false.
You can just declare Boolean types as int
s:
int x = 1;
if (x) {
("x is true!\n");
printf}
If you #include <stdbool.h>
, you also get access to some symbolic names that might make things look more familiar, namely a bool
type and true
and false
values:
#include <stdio.h>
#include <stdbool.h>
int main(void) {
bool x = true;
if (x) {
printf("x is true!\n");
}
}
But these are identical to using integer values for true and false. They’re just a facade to make things look nice.
C operators should be familiar to you from other languages. Let’s blast through some of them here.
(There are a bunch more details than this, but we’re going to do enough in this section to get started.)
Hopefully these are familiar:
= i + 3; // Addition (+) and assignment (=) operators, add 3 to i
i = i - 8; // Subtraction, subtract 8 from i
i = i * 9; // Multiplication
i = i / 2; // Division
i = i % 5; // Modulo (division remainder) i
There are shorthand variants for all of the above. Each of those lines could more tersely be written as:
+= 3; // Same as "i = i + 3", add 3 to i
i -= 8; // Same as "i = i - 8"
i *= 9; // Same as "i = i * 9"
i /= 2; // Same as "i = i / 2"
i %= 5; // Same as "i = i % 5" i
There is no exponentiation. You’ll have to use one of the pow()
function variants from math.h
.
Let’s get into some of the weirder stuff you might not have in your other languages!
C also includes the ternary operator. This is an expression whose value depends on the result of a conditional embedded in it.
// If x > 10, add 17 to y. Otherwise add 37 to y.
+= x > 10? 17: 37; y
What a mess! You’ll get used to it the more you read it. To help out a bit, I’ll rewrite the above expression using if
statements:
// This expression:
+= x > 10? 17: 37;
y
// is equivalent to this non-expression:
if (x > 10)
+= 17;
y else
+= 37; y
Compare those two until you see each of the components of the ternary operator.
Or, another example that prints if a number stored in x
is odd or even:
("The number %d is %s.\n", x, x % 2 == 0? "even": "odd"); printf
The %s
format specifier in printf()
means print a string. If the expression x % 2
evaluates to 0
, the value of the entire ternary expression evaluates to the string "even"
. Otherwise it evaluates to the string "odd"
. Pretty cool!
It’s important to note that the ternary operator isn’t flow control like the if
statement is. It’s just an expression that evaluates to a value.
Now, let’s mess with another thing that you might not have seen.
These are the legendary post-increment and post-decrement operators:
++; // Add one to i (post-increment)
i--; // Subtract one from i (post-decrement) i
Very commonly, these are just used as shorter versions of:
+= 1; // Add one to i
i -= 1; // Subtract one from i i
but they’re more subtly different than that, the clever scoundrels.
Let’s take a look at this variant, pre-increment and pre-decrement:
++i; // Add one to i (pre-increment)
--i; // Subtract one from i (pre-decrement)
With pre-increment and pre-decrement, the value of the variable is incremented or decremented before the expression is evaluated. Then the expression is evaluated with the new value.
With post-increment and post-decrement, the value of the expression is first computed with the value as-is, and then the value is incremented or decremented after the value of the expression has been determined.
You can actually embed them in expressions, like this:
= 10;
i = 5 + i++; // Compute 5 + i, _then_ increment i
j
("%d, %d\n", i, j); // Prints 11, 15 printf
Let’s compare this to the pre-increment operator:
= 10;
i = 5 + ++i; // Increment i, _then_ compute 5 + i
j
("%d, %d\n", i, j); // Prints 11, 16 printf
This technique is used frequently with array and pointer access and manipulation. It gives you a way to use the value in a variable, and also increment or decrement that value before or after it is used.
But by far the most common place you’ll see this is in a for
loop:
for (i = 0; i < 10; i++)
("i is %d\n", i); printf
But more on that later.
This is an uncommonly-used way to separate expressions that will run left to right:
= 10, y = 20; // First assign 10 to x, then 20 to y x
Seems a bit silly, since you could just replace the comma with a semicolon, right?
= 10; y = 20; // First assign 10 to x, then 20 to y x
But that’s a little different. The latter is two separate expressions, while the former is a single expression!
With the comma operator, the value of the comma expression is the value of the rightmost expression:
= (1, 2, 3);
x
("x is %d\n", x); // Prints 3, because 3 is rightmost in the comma list printf
But even that’s pretty contrived. One common place the comma operator is used is in for
loops to do multiple things in each section of the statement:
for (i = 0, j = 10; i < 100; i++, j++)
("%d, %d\n", i, j); printf
We’ll revisit that later.
For Boolean values, we have a raft of standard operators:
== b; // True if a is equivalent to b
a != b; // True if a is not equivalent to b
a < b; // True if a is less than b
a > b; // True if a is greater than b
a <= b; // True if a is less than or equal to b
a >= b; // True if a is greater than or equal to b a
Don’t mix up assignment =
with comparison ==
! Use two equals to compare, one to assign.
We can use the comparison expressions with if
statements:
if (a <= 10)
("Success!\n"); printf
We can chain together or alter conditional expressions with Boolean operators for and, or, and not.
Operator | Boolean meaning |
---|---|
&& |
and |
|| |
or |
! |
not |
An example of Boolean “and”:
// Do something if x less than 10 and y greater than 20:
if (x < 10 && y > 20)
("Doing something!\n"); printf
An example of Boolean “not”:
if (!(x < 12))
("x is not less than 12\n"); printf
!
has higher precedence than the other Boolean operators, so we have to use parentheses in that case.
Of course, that’s just the same as:
if (x >= 12)
("x is not less than 12\n"); printf
but I needed the example!
sizeof
OperatorThis operator tells you the size (in bytes) that a particular variable or data type uses in memory.
More particularly, it tells you the size (in bytes) that the type of a particular expression (which might be just a single variable) uses in memory.
This can be different on different systems, except for char
and its variants (which are always 1 byte).
And this might not seem very useful now, but we’ll be making references to it here and there, so it’s worth covering.
Since this computes the number of bytes needed to store a type, you might think it would return an int
. Or… since the size can’t be negative, maybe an unsigned
?
But it turns out C has a special type to represent the return value from sizeof
. It’s size_t
, pronounced “size tee”39. All we know is that it’s an unsigned integer type that can hold the size in bytes of anything you can give to sizeof
.
size_t
shows up a lot of different places where counts of things are passed or returned. Think of it as a value that represents a count.
You can take the sizeof
a variable or expression:
int a = 999;
// %zu is the format specifier for type size_t
("%zu\n", sizeof a); // Prints 4 on my system
printf("%zu\n", sizeof(2 + 7)); // Prints 4 on my system
printf("%zu\n", sizeof 3.14); // Prints 8 on my system
printf
// If you need to print out negative size_t values, use %zd
Remember: it’s the size in bytes of the type of the expression, not the size of the expression itself. That’s why the size of 2+7
is the same as the size of a
—they’re both type int
. We’ll revisit this number 4
in the very next block of code…
…Where we’ll see you can take the sizeof
a type (note the parentheses are required around a type name, unlike an expression):
("%zu\n", sizeof(int)); // Prints 4 on my system
printf("%zu\n", sizeof(char)); // Prints 1 on all systems printf
It’s important to note that sizeof
is a compile-time operation40. The result of the expression is determined entirely at compile-time, not at runtime.
We’ll make use of this later on.
Booleans are all good, but of course we’re nowhere if we can’t control program flow. Let’s take a look at a number of constructs: if
, for
, while
, and do-while
.
First, a general forward-looking note about statements and blocks of statements brought to you by your local friendly C developer:
After something like an if
or while
statement, you can either put a single statement to be executed, or a block of statements to all be executed in sequence.
Let’s start with a single statement:
if (x == 10) printf("x is 10\n");
This is also sometimes written on a separate line. (Whitespace is largely irrelevant in C—it’s not like Python.)
if (x == 10)
("x is 10\n"); printf
But what if you want multiple things to happen due to the conditional? You can use squirrelly braces to mark a block or compound statement.
if (x == 10) {
("x is 10\n");
printf("And also this happens when x is 10\n");
printf}
It’s a really common style to always use squirrelly braces even if they aren’t necessary:
if (x == 10) {
("x is 10\n");
printf}
Some devs feel the code is easier to read and avoids errors like this where things visually look like they’re in the if
block, but actually they aren’t.
// BAD ERROR EXAMPLE
if (x == 10)
("This happens if x is 10\n");
printf("This happens ALWAYS\n"); // Surprise!! Unconditional! printf
while
and for
and the other looping constructs work the same way as the examples above. If you want to do multiple things in a loop or after an if
, wrap them up in squirrelly braces.
In other words, the if
is going to run the one thing after the if
. And that one thing can be a single statement or a block of statements.
if
-else
statement We’ve already been using if
for multiple examples, since it’s likely you’ve seen it in a language before, but here’s another:
int i = 10;
if (i > 10) {
("Yes, i is greater than 10.\n");
printf("And this will also print if i is greater than 10.\n");
printf}
if (i <= 10) printf("i is less than or equal to 10.\n");
In the example code, the message will print if i
is greater than 10, otherwise execution continues to the next line. Notice the squirrley braces after the if
statement; if the condition is true, either the first statement or expression right after the if will be executed, or else the collection of code in the squirlley braces after the if
will be executed. This sort of code block behavior is common to all statements.
Of course, because C is fun this way, you can also do something if the condition is false with an else
clause on your if
:
int i = 99;
if (i == 10)
("i is 10!\n");
printfelse {
("i is decidedly not 10.\n");
printf("Which irritates me a little, frankly.\n");
printf}
And you can even cascade these to test a variety of conditions, like this:
int i = 99;
if (i == 10)
("i is 10!\n");
printf
else if (i == 20)
("i is 20!\n");
printf
else if (i == 99) {
("i is 99! My favorite\n");
printf("I can't tell you how happy I am.\n");
printf("Really.\n");
printf}
else
("i is some crazy number I've never heard of.\n"); printf
Though if you’re going that route, be sure to check out the switch
statement for a potentially better solution. The catch is switch
only works with equality comparisons with constant numbers. The above if
-else
cascade could check inequality, ranges, variables, or anything else you can craft in a conditional expression.
while
statement while
is your average run-of-the-mill looping construct. Do a thing while a condition expression is true.
Let’s do one!
// Print the following output:
//
// i is now 0!
// i is now 1!
// [ more of the same between 2 and 7 ]
// i is now 8!
// i is now 9!
int i = 0;
while (i < 10) {
("i is now %d!\n", i);
printf++;
i}
("All done!\n"); printf
That gets you a basic loop. C also has a for
loop which would have been cleaner for that example.
A not-uncommon use of while
is for infinite loops where you repeat while true:
while (1) {
("1 is always true, so this repeats forever.\n");
printf}
do-while
statement So now that we’ve gotten the while
statement under control, let’s take a look at its closely related cousin, do-while
.
They are basically the same, except if the loop condition is false on the first pass, do-while
will execute once, but while
won’t execute at all. In other words, the test to see whether or not to execute the block happens at the end of the block with do-while
. It happens at the beginning of the block with while
.
Let’s see by example:
// Using a while statement:
= 10;
i
// this is not executed because i is not less than 10:
while(i < 10) {
("while: i is %d\n", i);
printf++;
i}
// Using a do-while statement:
= 10;
i
// this is executed once, because the loop condition is not checked until
// after the body of the loop runs:
do {
("do-while: i is %d\n", i);
printf++;
i} while (i < 10);
("All done!\n"); printf
Notice that in both cases, the loop condition is false right away. So in the while
, the loop fails, and the following block of code is never executed. With the do-while
, however, the condition is checked after the block of code executes, so it always executes at least once. In this case, it prints the message, increments i
, then fails the condition, and continues to the “All done!” output.
The moral of the story is this: if you want the loop to execute at least once, no matter what the loop condition, use do-while
.
All these examples might have been better done with a for
loop. Let’s do something less deterministic—repeat until a certain random number comes up!
#include <stdio.h> // For printf
#include <stdlib.h> // For rand
int main(void)
{
int r;
do {
r = rand() % 100; // Get a random number between 0 and 99
printf("%d\n", r);
} while (r != 37); // Repeat until 37 comes up
}
Side note: did you run that more than once? If you did, did you notice the same sequence of numbers came up again. And again. And again? This is because rand()
is a pseudorandom number generator that must be seeded with a different number in order to generate a different sequence. Look up the srand()
41 function for more details.
for
statement Welcome to one of the most popular loops in the world! The for
loop!
This is a great loop if you know the number of times you want to loop in advance.
You could do the same thing using just a while
loop, but the for
loop can help keep the code cleaner.
Here are two pieces of equivalent code—note how the for
loop is just a more compact representation:
// Print numbers between 0 and 9, inclusive...
// Using a while statement:
= 0;
i while (i < 10) {
("i is %d\n", i);
printf++;
i}
// Do the exact same thing with a for-loop:
for (i = 0; i < 10; i++) {
("i is %d\n", i);
printf}
That’s right, folks—they do exactly the same thing. But you can see how the for
statement is a little more compact and easy on the eyes. (JavaScript users will fully appreciate its C origins at this point.)
It’s split into three parts, separated by semicolons. The first is the initialization, the second is the loop condition, and the third is what should happen at the end of the block if the loop condition is true. All three of these parts are optional.
for (initialize things; loop if this is true; do this after each loop)
Note that the loop will not execute even a single time if the loop condition starts off false.
for
-loop fun fact!You can use the comma operator to do multiple things in each clause of the
for
loop!for (i = 0, j = 999; i < 10; i++, j--) { ("%d, %d\n", i, j); printf}
An empty for
will run forever:
for(;;) { // "forever"
("I will print this again and again and again\n" );
printf("for all eternity until the heat-death of the universe.\n");
printf
("Or until you hit CTRL-C.\n");
printf}
switch
Statement Depending on what languages you’re coming from, you might or might not be familiar with switch
, or C’s version might even be more restrictive than you’re used to. This is a statement that allows you to take a variety of actions depending on the value of an integer expression.
Basically, it evaluates an expression to an integer value, jumps to the case
that corresponds to that value. Execution resumes from that point. If a break
statement is encountered, then execution jumps out of the switch
.
Here’s an example where, for a given number of goats, we print out a gut-feel of how many goats that is.
#include <stdio.h>
int main(void)
{
int goat_count = 2;
switch (goat_count) {
case 0:
printf("You have no goats.\n");
break;
case 1:
printf("You have a singular goat.\n");
break;
case 2:
printf("You have a brace of goats.\n");
break;
default:
printf("You have a bona fide plethora of goats!\n");
break;
}
}
In that example, the switch
will jump to the case 2
and execute from there. When (if) it hits a break
, it jumps out of the switch
.
Also, you might see that default
label there at the bottom. This is what happens when no cases match.
Every case
, including default
, is optional. And they can occur in any order, but it’s really typical for default
, if any, to be listed last.
So the whole thing acts like an if
-else
cascade:
if (goat_count == 0)
("You have no goats.\n");
printfelse if (goat_count == 1)
("You have a singular goat.\n");
printfelse if (goat_count == 2)
("You have a brace of goats.\n");
printfelse
("You have a bona fide plethora of goats!\n"); printf
With some key differences:
switch
is often faster to jump to the correct code (though the spec makes no such guarantee).if
-else
can do things like relational conditionals like <
and >=
and floating point and other types, while switch
cannot.There’s one more neat thing about switch that you sometimes see that is quite interesting: fall through.
Remember how break
causes us to jump out of the switch?
Well, what happens if we don’t break
?
Turns out we just keep on going into the next case
! Demo!
switch (x) {
case 1:
("1\n");
printf// Fall through!
case 2:
("2\n");
printfbreak;
case 3:
("3\n");
printfbreak;
}
If x == 1
, this switch
will first hit case 1
, it’ll print the 1
, but then it just continues on to the next line of code… which prints 2
!
And then, at last, we hit a break
so we jump out of the switch
.
if x == 2
, then we just hit the case 2
, print 2
, and break
as normal.
Not having a break
is called fall through.
ProTip: ALWAYS put a comment in the code where you intend to fall through, like I did above. It will save other programmers from wondering if you meant to do that.
In fact, this is one of the common places to introduce bugs in C programs: forgetting to put a break
in your case
. You gotta do it if you don’t want to just roll into the next case42.
Earlier I said that switch
works with integer types—keep it that way. Don’t use floating point or string types in there. One loophole-ish thing here is that you can use character types because those are secretly integers themselves. So this is perfectly acceptable:
char c = 'b';
switch (c) {
case 'a':
("It's 'a'!\n");
printfbreak;
case 'b':
("It's 'b'!\n");
printfbreak;
case 'c':
("It's 'c'!\n");
printfbreak;
}
Finally, you can use enum
s in switch
since they are also integer types. But more on that in the enum
chapter.
“Sir, not in an environment such as this. That’s why I’ve also been programmed for over thirty secondary functions that—”
—C3PO, before being rudely interrupted, reporting a now-unimpressive number of additional functions, Star Wars script
Very much like other languages you’re used to, C has the concept of functions.
Functions can accept a variety of arguments and return a value. One important thing, though: the arguments and return value types are predeclared—because that’s how C likes it!
Let’s take a look at a function. This is a function that takes an int
as an argument, and returns an int
.
The int
before the plus_one
indicates the return type.
The int n
indicates that this function takes one int
argument, stored in parameter n
. A parameter is a special type of local variable into which the arguments are copied.
I’m going to drive home the point that the arguments are copied into the parameters, here. Lots of things in C are easier to understand if you know that the parameter is a copy of the argument, not the argument itself. More on that in a minute.
Continuing the program down into main()
, we can see the call to the function, where we assign the return value into local variable j
:
Before I forget, notice that I defined the function before I used it. If I hadn’t done that, the compiler wouldn’t know about it yet when it compiles
main()
and it would have given an unknown function call error. There is a more proper way to do the above code with function prototypes, but we’ll talk about that later.
Also notice that main()
is a function!
It returns an int
.
But what’s this void
thing? This is a keyword that’s used to indicate that the function accepts no arguments.
You can also return void
to indicate that you don’t return a value:
#include <stdio.h>
// This function takes no arguments and returns no value:
void hello(void)
{
printf("Hello, world!\n");
}
int main(void)
{
hello(); // Prints "Hello, world!"
}
I’d mentioned earlier that when you pass an argument to a function, a copy of that argument gets made and stored in the corresponding parameter.
If the argument is a variable, a copy of the value of that variable gets made and stored in the parameter.
More generally, the entire argument expression is evaluated and its value determined. That value is copied to the parameter.
In any case, the value in the parameter is its own thing. It is independent of whatever values or variables you used as arguments when you made the function call.
So let’s look at an example here. Study it and see if you can determine the output before running it:
#include <stdio.h>
void increment(int a)
{
a++;
}
int main(void)
{
int i = 10;
increment(i);
printf("i == %d\n", i); // What does this print?
}
At first glance, it looks like i
is 10
, and we pass it to the function increment()
. There the value gets incremented, so when we print it, it must be 11
, right?
“Get used to disappointment.”
—Dread Pirate Roberts, The Princess Bride
But it’s not 11
—it prints 10
! How?
It’s all about the fact that the expressions you pass to functions get copied onto their corresponding parameters. The parameter is a copy, not the original.
So i
is 10
out in main()
. And we pass it to increment()
. The corresponding parameter is called a
in that function.
And the copy happens, as if by assignment. Loosely, a = i
. So at that point, a
is 10
. And out in main()
, i
is also 10
.
Then we increment a
to 11
. But we’re not touching i
at all! It remains 10
.
Finally, the function is complete. All its local variables are discarded (bye, a
!) and we return to main()
, where i
is still 10
.
And we print it, getting 10
, and we’re done.
This is why in the previous example with the plus_one()
function, we return
ed the locally modified value so that we could see it again in main()
.
Seems a little bit restrictive, huh? Like you can only get one piece of data back from a function, is what you’re thinking. There is, however, another way to get data back; C folks call it passing by reference and that’s a story we’ll tell another time.
But no fancy-schmancy name will distract you from the fact that EVERYTHING you pass to a function WITHOUT EXCEPTION is copied into its corresponding parameter, and the function operates on that local copy, NO MATTER WHAT. Remember that, even when we’re talking about this so-called passing by reference.
So if you recall back in the ice age a few sections ago, I mentioned that you had to define the function before you used it, otherwise the compiler wouldn’t know about it ahead of time, and would bomb out with an error.
This isn’t quite strictly true. You can notify the compiler in advance that you’ll be using a function of a certain type that has a certain parameter list. That way the function can be defined anywhere (even in a different file), as long as the function prototype has been declared before you call that function.
Fortunately, the function prototype is really quite easy. It’s merely a copy of the first line of the function definition with a semicolon tacked on the end for good measure. For example, this code calls a function that is defined later, because a prototype has been declared first:
#include <stdio.h>
int foo(void); // This is the prototype!
int main(void)
{
int i;
// We can call foo() here before it's definition because the
// prototype has already been declared, above!
i = foo();
printf("%d\n", i); // 3490
}
int foo(void) // This is the definition, just like the prototype!
{
return 3490;
}
If you don’t declare your function before you use it (either with a prototype or its definition), you’re performing something called an implicit declaration. This was allowed in the first C standard (C89), and that standard has rules about it, but is no longer allowed today. And there is no legitimate reason to rely on it in new code.
You might notice something about the sample code we’ve been using… That is, we’ve been using the good old printf()
function without defining it or declaring a prototype! How do we get away with this lawlessness? We don’t, actually. There is a prototype; it’s in that header file stdio.h
that we included with #include
, remember? So we’re still legit, officer!
You might see these from time to time in older code, but you shouldn’t ever code one up in new code. Always use void
to indicate that a function takes no parameters. There’s never43 a reason to skip this in modern code.
If you’re good at just remembering to put void
in for empty parameter lists in functions and prototypes, you can skip the rest of this section.
There are two contexts for this:
Let’s look at a potential function definition first:
void foo() // Should really have a `void` in there
{
("Hello, world!\n");
printf}
While the spec spells out that the behavior in this instance is as-if you’d indicated void
(C11 §6.7.6.3¶14), the void
type is there for a reason. Use it.
But in the case of a function prototype, there is a significant difference between using void
and not:
void foo();
void foo(void); // Not the same!
Leaving void
out of the prototype indicates to the compiler that there is no additional information about the parameters to the function. It effectively turns off all that type checking.
With a prototype definitely use void
when you have an empty parameter list.
“How do you get to Carnegie Hall?”
“Practice!”—20th-century joke of unknown origin
Pointers are one of the most feared things in the C language. In fact, they are the one thing that makes this language challenging at all. But why?
Because they, quite honestly, can cause electric shocks to come up through the keyboard and physically weld your arms permanently in place, cursing you to a life at the keyboard in this language from the 70s!
Really? Well, not really. I’m just trying to set you up for success.
Depending on what language you came from, you might already understand the concept of references, where a variable refers to an object of some type.
This is very much the same, except we have to be more explicit with C about when we’re talking about the reference or the thing it refers to.
Computer memory holds data of all kinds, right? It’ll hold float
s, int
s, or whatever you have. To make memory easy to cope with, each byte of memory is identified by an integer. These integers increase sequentially as you move up through memory44. You can think of it as a bunch of numbered boxes, where each box holds a byte45 of data. Or like a big array where each element holds a byte, if you come from a language with arrays. The number that represents each box is called its address.
Now, not all data types use just a byte. For instance, an int
is often four bytes, as is a float
, but it really depends on the system. You can use the sizeof
operator to determine how many bytes of memory a certain type uses.
// %zu is the format specifier for type size_t
("an int uses %zu bytes of memory\n", sizeof(int));
printf
// That prints "4" for me, but can vary by system.
Memory Fun Facts: When you have a data type (like your typical
int
) that uses more than a byte of memory, the bytes that make up the data are always adjacent to one another in memory. Sometimes they’re in the order that you expect, and sometimes they’re not46. While C doesn’t guarantee any particular memory order (it’s platform-dependent), it’s still generally possible to write code in a way that’s platform-independent where you don’t have to even consider these pesky byte orderings.
So anyway, if we can get on with it and get a drum roll and some foreboding music playing for the definition of a pointer, a pointer is a variable that holds an address. Imagine the classical score from 2001: A Space Odyssey at this point. Ba bum ba bum ba bum BAAAAH!
Ok, so maybe a bit overwrought here, yes? There’s not a lot of mystery about pointers. They are the address of data. Just like an int
variable can hold the value 12
, a pointer variable can hold the address of data.
This means that all these things mean the same thing, i.e. a number that represents a point in memory:
I’m going to use these interchangeably. And yes, I just threw location in there because you can never have enough words that mean the same thing.
And a pointer variable holds that address number. Just like a float
variable might hold 3.14159
.
Imagine you have a bunch of Post-it® notes all numbered in sequence with their address. (The first one is at index numbered 0
, the next at index 1
, and so on.)
In addition to the number representing their positions, you can also write another number of your choice on each. It could be the number of dogs you have. Or the number of moons around Mars…
…Or, it could be the index of another Post-it note!
If you have written the number of dogs you have, that’s just a regular variable. But if you wrote the index of another Post-it in there, that’s a pointer. It points to the other note!
Another analogy might be with house addresses. You can have a house with certain qualities, yard, metal roof, solar, etc. Or you could have the address of that house. The address isn’t the same as the house itself. One’s a full-blown house, and the other is just a few lines of text. But the address of the house is a pointer to that house. It’s not the house itself, but it tells you where to find it.
And we can do the same thing in the computer with data. You can have a data variable that’s holding some value. And that value is in memory at some address. And you could have a different pointer variable hold the address of that data variable.
It’s not the data variable itself, but, like with a house address, it tells us where to find it.
When we have that, we say we have a “pointer to” that data. And we can follow the pointer to access the data itself.
(Though it doesn’t seem particularly useful yet, this all becomes indispensable when used with function calls. Bear with me until we get there.)
So if we have an int
, say, and we want a pointer to it, what we want is some way to get the address of that int
, right? After all, the pointer just holds the address of the data. What operator do you suppose we’d use to find the address of the int
?
Well, by a shocking surprise that must come as something of a shock to you, gentle reader, we use the address-of
operator (which happens to be an ampersand: “&
”)to find the address of the data. Ampersand.
So for a quick example, we’ll introduce a new format specifier for printf()
so you can print a pointer. You know already how %d
prints a decimal integer, yes? Well, %p
prints a pointer. Now, this pointer is going to look like a garbage number (and it might be printed in hexadecimal47 instead of decimal), but it is merely the index into memory the data is stored in. (Or the index into memory that the first byte of data is stored in, if the data is multi-byte.) In virtually all circumstances, including this one, the actual value of the number printed is unimportant to you, and I show it here only for demonstration of the address-of
operator.
#include <stdio.h>
int main(void)
{
int i = 10;
printf("The value of i is %d\n", i);
printf("And its address is %p\n", (void *)&i);
}
The above code contains a cast where we coerce the type of the expression
&i
to be typevoid*
. This is to keep the compiler from throwing a warning here. This is all stuff we haven’t covered yet, so just ignore the(void*)
in the code above for now and pretend it’s not there.
On my computer, this prints:
The value of i is 10 And its address is 0x7ffddf7072a4
If you’re curious, that hexadecimal number is 140,727,326,896,068 in decimal (base 10 just like Grandma used to use). That’s the index into memory where the variable i
’s data is stored. It’s the address of i
. It’s the location of i
. It’s a pointer to i
.
Wait—you have 140 terabytes of RAM? Yes! Don’t you? But I do fib my buns off; of course I don’t (ca. 2024). Modern computers use a miraculous technology called virtual memory48 that makes processes think they have the entire memory space of your computer to themselves, regardless of how much physical RAM backs it up. So even though the address was that huge number, it’s being mapped to some lower physical memory address by the virtual memory system of my CPU. This particular computer has 16 GB RAM (again, ca. 2024, but I’m running Linux, so that’s plenty). Terabytes of RAM? I’m a teacher, not a dot-com bazillionaire. None of this is anything any of us have to worry about except the part about me not being phenomenally wealthy.
It’s a pointer because it lets you know where i
is in memory. Like a home address written on a scrap of paper tells you where you can find a particular house, this number indicates to us where in memory we can find the value of i
. It points to i
.
Again, we don’t really care what the address’s exact number is, generally. We just care that it’s a pointer to i
.
So… this is all well and good. You can now successfully take the address of a variable and print it on the screen. There’s a little something for the ol’ resume, right? Here’s where you grab me by the scruff of the neck and ask politely what the frick pointers are good for.
Excellent question, and we’ll get to that right after these messages from our sponsor.
ACME ROBOTIC HOUSING UNIT CLEANING SERVICES. YOUR HOMESTEAD WILL BE DRAMATICALLY IMPROVED OR YOU WILL BE TERMINATED. MESSAGE ENDS.
Welcome back to another installment of Beej’s Guide. When we met last we were talking about how to make use of pointers. Well, what we’re going to do is store a pointer off in a variable so that we can use it later. You can identify the pointer type because there’s an asterisk (*
) before the variable name and after its type:
int main(void)
{
int i; // i's type is "int"
int *p; // p's type is "pointer to an int", or "int-pointer"
}
Hey, so we have here a variable that is a pointer type, and it can point to other int
s. That is, it can hold the address of other int
s. We know it points to int
s, since it’s of type int*
(read “int-pointer”).
When you do an assignment into a pointer variable, the type of the right hand side of the assignment has to be the same type as the pointer variable. Fortunately for us, when you take the address-of
a variable, the resultant type is a pointer to that variable type, so assignments like the following are perfect:
int i;
int *p; // p is a pointer, but is uninitialized and points to garbage
= &i; // p is assigned the address of i--p now "points to" i p
On the left of the assignment, we have a variable of type pointer-to-int
(int*
), and on the right side, we have expression of type pointer-to-int
since i
is an int
(because address-of int
gives you a pointer to int
). The address of a thing can be stored in a pointer to that thing.
Get it? I know it still doesn’t quite make much sense since you haven’t seen an actual use for the pointer variable, but we’re taking small steps here so that no one gets lost. So now, let’s introduce you to the anti-address-of operator. It’s kind of like what address-of
would be like in Bizarro World.
A pointer variable can be thought of as referring to another variable by pointing to it. It’s rare you’ll hear anyone in C land talking about “referring” or “references”, but I bring it up just so that the name of this operator will make a little more sense.
When you have a pointer to a variable (roughly “a reference to a variable”), you can use the original variable through the pointer by dereferencing the pointer. (You can think of this as “de-pointering” the pointer, but no one ever says “de-pointering”.)
Back to our analogy, this is vaguely like looking at a home address and then going to that house.
Now, what do I mean by “get access to the original variable”? Well, if you have a variable called i
, and you have a pointer to i
called p
, you can use the dereferenced pointer p
exactly as if it were the original variable i
!
You almost have enough knowledge to handle an example. The last tidbit you need to know is actually this: what is the dereference operator? It’s actually called the indirection operator, because you’re accessing values indirectly via the pointer. And it is the asterisk, again: *
. Now, don’t get this confused with the asterisk you used in the pointer declaration, earlier. They are the same character, but they have different meanings in different contexts49.
Here’s a full-blown example:
#include <stdio.h>
int main(void)
{
int i;
int *p; // this is NOT a dereference--this is a type "int*"
p = &i; // p now points to i, p holds address of i
i = 10; // i is now 10
*p = 20; // the thing p points to (namely i!) is now 20!!
printf("i is %d\n", i); // prints "20"
printf("i is %d\n", *p); // "20"! dereference-p is the same as i!
}
Remember that p
holds the address of i
, as you can see where we did the assignment to p
on line 8. What the indirection operator does is tells the computer to use the object the pointer points to instead of using the pointer itself. In this way, we have turned *p
into an alias of sorts for i
.
Great, but why? Why do any of this?
Right about now, you’re thinking that you have an awful lot of knowledge about pointers, but absolutely zero application, right? I mean, what use is *p
if you could just simply say i
instead?
Well, my friend, the real power of pointers comes into play when you start passing them to functions. Why is this a big deal? You might recall from before that you could pass all kinds of arguments to functions and they’d be dutifully copied into parameters, and then you could manipulate local copies of those variables from within the function, and then you could return a single value.
What if you wanted to bring back more than one single piece of data from the function? I mean, you can only return one thing, right? What if I answered that question with another question? …Er, two questions?
What happens when you pass a pointer as an argument to a function? Does a copy of the pointer get put into its corresponding parameter? You bet your sweet peas it does. Remember how earlier I rambled on and on about how EVERY SINGLE ARGUMENT gets copied into parameters and the function uses a copy of the argument? Well, the same is true here. The function will get a copy of the pointer.
But, and this is the clever part: we will have set up the pointer in advance to point at a variable… and then the function can dereference its copy of the pointer to get back to the original variable! The function can’t see the variable itself, but it can certainly dereference a pointer to that variable!
This is analogous to writing a home address on a piece of paper, and then copying that onto another piece of paper. You now have two pointers to that house, and both are equally good at getting you to the house itself.
In the case of a function call. one of the copies is stored in a pointer variable out in the calling scope, and the other is stored in a pointer variable that is the parameter of the function.
Example! Let’s revisit our old increment()
function, but this time let’s make it so that it actually increments the value out in the caller.
#include <stdio.h>
void increment(int *p) // note that it accepts a pointer to an int
{
*p = *p + 1; // add one to the thing p points to
}
int main(void)
{
int i = 10;
int *j = &i; // note the address-of; turns it into a pointer to i
printf("i is %d\n", i); // prints "10"
printf("i is also %d\n", *j); // prints "10"
increment(j); // j is an int*--to i
printf("i is %d\n", i); // prints "11"!
}
Ok! There are a couple things to see here… not the least of which is that the increment()
function takes an int*
as an argument. We pass it an int*
in the call by changing the int
variable i
to an int*
using the address-of
operator. (Remember, a pointer holds an address, so we make pointers to variables by running them through the address-of
operator.)
The increment()
function gets a copy of the pointer. Both the original pointer j
(in main()
) and the copy of that pointer p
(the parameter in increment()
) point to the same address, namely the one holding the value i
. (Again, by analogy, like two pieces of paper with the same home address written on them.) Dereferencing either will allow you to modify the original variable i
! The function can modify a variable in another scope! Rock on!
The above example is often more concisely written in the call just by using address-of right in the argument list:
("i is %d\n", i); // prints "10"
printf(&i);
increment("i is %d\n", i); // prints "11"! printf
As a general rule, if you want the function to modify the thing that you’re passing in such that you see the result, you’ll have to pass a pointer to that thing.
NULL
PointerAny pointer variable of any pointer type can be set to a special value called NULL
. This indicates that this pointer doesn’t point to anything.
int *p;
= NULL; p
Since it doesn’t point to a value, dereferencing it is undefined behavior, and probably will result in a crash:
int *p = NULL;
*p = 12; // CRASH or SOMETHING PROBABLY BAD. BEST AVOIDED.
Despite being called the billion dollar mistake by its creator50, the NULL
pointer is a good sentinel value51 and general indicator that a pointer hasn’t yet been initialized.
(Of course, like other variables, the pointer points to garbage unless you explicitly assign it to point to an address or NULL
.)
The syntax for declaring a pointer can get a little weird. Let’s look at this example:
int a;
int b;
We can condense that into a single line, right?
int a, b; // Same thing
So a
and b
are both int
s. No problem.
But what about this?
int a;
int *p;
Can we make that into one line? We can. But where does the *
go?
The rule is that the *
goes in front of any variable that is a pointer type. That is. the *
is not part of the int
in this example. it’s a part of variable p
.
With that in mind, we can write this:
int a, *p; // Same thing
It’s important to note that the following line does not declare two pointers:
int *p, q; // p is a pointer to an int; q is just an int.
This can be particularly insidious-looking if the programmer writes this following (valid) line of code which is functionally identical to the one above.
int* p, q; // p is a pointer to an int; q is just an int.
So take a look at this and determine which variables are pointers and which are not:
int *a, b, c, *d, e, *f, g, h, *i;
I’ll drop the answer in a footnote52.
sizeof
and PointersJust a little bit of syntax here that might be confusing and you might see from time to time.
Recall that sizeof
operates on the type of the expression.
int *p;
// Prints size of an 'int'
("%zu\n", sizeof(int));
printf
// p is type 'int *', so prints size of 'int*'
("%zu\n", sizeof p);
printf
// *p is type 'int', so prints size of 'int'
("%zu\n", sizeof *p); printf
You might see code in the wild with that last sizeof
in there. Just remember that sizeof
is all about the type of the expression, not the variables in the expression themselves.
“Should array indices start at 0 or 1? My compromise of 0.5 was rejected without, I thought, proper consideration.”
—Stan Kelly-Bootle, computer scientist
Luckily, C has arrays. I mean, I know it’s considered a low-level language53 but it does at least have the concept of arrays built-in. And since a great many languages drew inspiration from C’s syntax, you’re probably already familiar with using [
and ]
for declaring and using arrays.
But C only barely has arrays! As we’ll find out later, arrays are just syntactic sugar in C—they’re actually all pointers and stuff deep down. Freak out! But for now, let’s just use them as arrays. Phew.
Let’s just crank out an example:
#include <stdio.h>
int main(void)
{
int i;
float f[4]; // Declare an array of 4 floats
f[0] = 3.14159; // Indexing starts at 0, of course.
f[1] = 1.41421;
f[2] = 1.61803;
f[3] = 2.71828;
// Print them all out:
for (i = 0; i < 4; i++) {
printf("%f\n", f[i]);
}
}
When you declare an array, you have to give it a size. And the size has to be fixed54.
In the above example, we made an array of 4 float
s. The value in the square brackets in the declaration lets us know that.
Later on in subsequent lines, we access the values in the array, setting them or getting them, again with square brackets.
Hopefully this looks familiar from languages you already know!
You can’t…ish. C doesn’t record this information55. You have to manage it separately in another variable.
When I say “can’t”, I actually mean there are some circumstances when you can. There is a trick to get the number of elements in an array in the scope in which an array is declared. But, generally speaking, this won’t work the way you want if you pass the array to a function56.
Let’s take a look at this trick. The basic idea is that you take the sizeof
the array, and then divide that by the size of each element to get the length. For example, if an int
is 4 bytes, and the array is 32 bytes long, there must be room for \(\frac{32}{4}\) or \(8\) int
s in there.
int x[12]; // 12 ints
("%zu\n", sizeof x); // 48 total bytes
printf("%zu\n", sizeof(int)); // 4 bytes per int
printf
("%zu\n", sizeof x / sizeof(int)); // 48/4 = 12 ints! printf
If it’s an array of char
s, then sizeof
the array is the number of elements, since sizeof(char)
is defined to be 1. For anything else, you have to divide by the size of each element.
But this trick only works in the scope in which the array was defined. If you pass the array to a function, it doesn’t work. Even if you make it “big” in the function signature:
void foo(int x[12])
{
("%zu\n", sizeof x); // 8?! What happened to 48?
printf("%zu\n", sizeof(int)); // 4 bytes per int
printf
("%zu\n", sizeof x / sizeof(int)); // 8/4 = 2 ints?? WRONG.
printf}
This is because when you “pass” arrays to functions, you’re only passing a pointer to the first element, and that’s what sizeof
measures. More on this in the Passing Single Dimensional Arrays to Functions section, below.
One more thing you can do with sizeof
and arrays is get the size of an array of a fixed number of elements without declaring the array. This is like how you can get the size of an int
with sizeof(int)
.
For example, to see how many bytes would be needed for an array of 48 double
s, you can do this:
sizeof(double [48]);
You can initialize an array with constants ahead of time:
#include <stdio.h>
int main(void)
{
int i;
int a[5] = {22, 37, 3490, 18, 95}; // Initialize with these values
for (i = 0; i < 5; i++) {
printf("%d\n", a[i]);
}
}
You should never have more items in your initializer than there is room for in the array, or the compiler will get cranky:
foo.c: In function ‘main’:
foo.c:6:39: warning: excess elements in array initializer
6 | int a[5] = {22, 37, 3490, 18, 95, 999};
| ^~~
foo.c:6:39: note: (near initialization for ‘a’)
But (fun fact!) you can have fewer items in your initializer than there is room for in the array. The remaining elements in the array will be automatically initialized with zero. This is true in general for all types of array initializers: if you have an initializer, anything not explicitly set to a value will be set to zero.
int a[5] = {22, 37, 3490};
// is the same as:
int a[5] = {22, 37, 3490, 0, 0};
It’s a common shortcut to see this in an initializer when you want to set an entire array to zero:
int a[100] = {0};
Which means, “Make the first element zero, and then automatically make the rest zero, as well.”
You can set specific array elements in the initializer, as well, by specifying an index for the value! When you do this, C will happily keep initializing subsequent values for you until the initializer runs out, filling everything else with 0
.
To do this, put the index in square brackets with an =
after, and then set the value.
Here’s an example where we build an array:
int a[10] = {0, 11, 22, [5]=55, 66, 77};
Because we listed index 5 as the start for 55
, the resulting data in the array is:
0 11 22 0 0 55 66 77 0 0
You can put simple constant expressions in there, as well.
#define COUNT 5
int a[COUNT] = {[COUNT-3]=3, 2, 1};
which gives us:
0 0 3 2 1
Lastly, you can also have C compute the size of the array from the initializer, just by leaving the size off:
int a[3] = {22, 37, 3490};
// is the same as:
int a[] = {22, 37, 3490}; // Left the size off!
C doesn’t stop you from accessing arrays out of bounds. It might not even warn you.
Let’s steal the example from above and keep printing off the end of the array. It only has 5 elements, but let’s try to print 10 and see what happens:
#include <stdio.h>
int main(void)
{
int i;
int a[5] = {22, 37, 3490, 18, 95};
for (i = 0; i < 10; i++) { // BAD NEWS: printing too many elements!
printf("%d\n", a[i]);
}
}
Running it on my computer prints:
22
37
3490
18
95
32765
1847052032
1780534144
-56487472 21890
Yikes! What’s that? Well, turns out printing off the end of an array results in what C developers call undefined behavior. We’ll talk more about this beast later, but for now it means, “You’ve done something bad, and anything could happen during your program run.”
And by anything, I mean typically things like finding zeroes, finding garbage numbers, or crashing. But really the C spec says in this circumstance the compiler is allowed to emit code that does anything57.
Short version: don’t do anything that causes undefined behavior. Ever58.
You can add as many dimensions as you want to your arrays.
int a[10];
int b[2][7];
int c[4][5][6];
These are stored in memory in row-major order59. This means with a 2D array, the first index listed indicates the row, and the second the column.
You can also use initializers on multidimensional arrays by nesting them:
#include <stdio.h>
int main(void)
{
int row, col;
int a[2][5] = { // Initialize a 2D array
{0, 1, 2, 3, 4},
{5, 6, 7, 8, 9}
};
for (row = 0; row < 2; row++) {
for (col = 0; col < 5; col++) {
printf("(%d,%d) = %d\n", row, col, a[row][col]);
}
}
}
For output of:
(0,0) = 0
(0,1) = 1
(0,2) = 2
(0,3) = 3
(0,4) = 4
(1,0) = 5
(1,1) = 6
(1,2) = 7
(1,3) = 8 (1,4) = 9
And you can initialize with explicit indexes:
// Make a 3x3 identity matrix
int a[3][3] = {[0][0]=1, [1][1]=1, [2][2]=1};
which builds a 2D array like this:
1 0 0
0 1 0 0 0 1
[Casually] So… I kinda might have mentioned up there that arrays were pointers, deep down? We should take a shallow dive into that now so that things aren’t completely confusing. Later on, we’ll look at what the real relationship between arrays and pointers is, but for now I just want to look at passing arrays to functions.
I want to tell you a secret. Generally speaking, when a C programmer talks about a pointer to an array, they’re talking about a pointer to the first element of the array60.
So let’s get a pointer to the first element of an array.
#include <stdio.h>
int main(void)
{
int a[5] = {11, 22, 33, 44, 55};
int *p;
p = &a[0]; // p points to the array
// Well, to the first element, actually
printf("%d\n", *p); // Prints "11"
}
This is so common to do in C that the language allows us a shorthand:
p = &a[0]; // p points to the array
// is the same as:
p = a; // p points to the array, but much nicer-looking!
Just referring to the array name in isolation is the same as getting a pointer to the first element of the array! We’re going to use this extensively in the upcoming examples.
But hold on a second—isn’t p
an int*
? And *p
gives us 11
, same as a[0]
? Yessss. You’re starting to get a glimpse of how arrays and pointers are related in C.
Let’s do an example with a single dimensional array. I’m going to write a couple functions that we can pass the array to that do different things.
Prepare for some mind-blowing function signatures!
#include <stdio.h>
// Passing as a pointer to the first element
void times2(int *a, int len)
{
for (int i = 0; i < len; i++)
printf("%d\n", a[i] * 2);
}
// Same thing, but using array notation
void times3(int a[], int len)
{
for (int i = 0; i < len; i++)
printf("%d\n", a[i] * 3);
}
// Same thing, but using array notation with size
void times4(int a[5], int len)
{
for (int i = 0; i < len; i++)
printf("%d\n", a[i] * 4);
}
int main(void)
{
int x[5] = {11, 22, 33, 44, 55};
times2(x, 5);
times3(x, 5);
times4(x, 5);
}
All those methods of listing the array as a parameter in the function are identical.
void times2(int *a, int len)
void times3(int a[], int len)
void times4(int a[5], int len)
In usage by C regulars, the first is the most common, by far.
And, in fact, in the latter situation, the compiler doesn’t even care what number you pass in (other than it has to be greater than zero61). It doesn’t enforce anything at all.
Now that I’ve said that, the size of the array in the function declaration actually does matter when you’re passing multidimensional arrays into functions, but let’s come back to that.
We’ve said that arrays are just pointers in disguise. This means that if you pass an array to a function, you’re likely passing a pointer to the first element in the array.
But if the function has a pointer to the data, it is able to manipulate that data! So changes that a function makes to an array will be visible back out in the caller.
Here’s an example where we pass a pointer to an array to a function, the function manipulates the values in that array, and those changes are visible out in the caller.
#include <stdio.h>
void double_array(int *a, int len)
{
// Multiply each element by 2
//
// This doubles the values in x in main() since x and a both point
// to the same array in memory!
for (int i = 0; i < len; i++)
a[i] *= 2;
}
int main(void)
{
int x[5] = {1, 2, 3, 4, 5};
double_array(x, 5);
for (int i = 0; i < 5; i++)
printf("%d\n", x[i]); // 2, 4, 6, 8, 10!
}
Even though we passed the array in as parameter a
which is type int*
, look at how we access it using array notation with a[i]
! Whaaaat. This is totally allowed.
Later when we talk about the equivalence between arrays and pointers, we’ll see how this makes a lot more sense. For now, it’s enough to know that functions can make changes to arrays that are visible out in the caller.
The story changes a little when we’re talking about multidimensional arrays. C needs to know all the dimensions (except the first one) so it has enough information to know where in memory to look to find a value.
Here’s an example where we’re explicit with all the dimensions:
#include <stdio.h>
void print_2D_array(int a[2][3])
{
for (int row = 0; row < 2; row++) {
for (int col = 0; col < 3; col++)
printf("%d ", a[row][col]);
printf("\n");
}
}
int main(void)
{
int x[2][3] = {
{1, 2, 3},
{4, 5, 6}
};
print_2D_array(x);
}
But in this case, these two62 are equivalent:
void print_2D_array(int a[2][3])
void print_2D_array(int a[][3])
The compiler really only needs the second dimension so it can figure out how far in memory to skip for each increment of the first dimension. In general, it needs to know all the dimensions except the first one.
Also, remember that the compiler does minimal compile-time bounds checking (if you’re lucky), and C does zero runtime checking of bounds. No seat belts! Don’t crash by accessing array elements out of bounds!
Finally! Strings! What could be simpler?
Well, turns out strings aren’t actually strings in C. That’s right! They’re pointers! Of course they are!
Much like arrays, strings in C barely exist.
But let’s check it out—it’s not really such a big deal.
Before we start, let’s talk about string literals in C. These are sequences of characters in double quotes ("
). (Single quotes enclose characters, and are a different animal entirely.)
Examples:
"Hello, world!\n"
"This is a test."
"When asked if this string had quotes in it, she replied, \"It does.\""
The first one has a newline at the end—quite a common thing to see.
The last one has quotes embedded within it, but you see each is preceded by (we say “escaped by”) a backslash (\
) indicating that a literal quote belongs in the string at this point. This is how the C compiler can tell the difference between printing a double quote and the double quote at the end of the string.
Now that we know how to make a string literal, let’s assign it to a variable so we can do something with it.
char *s = "Hello, world!";
Check out that type: pointer to a char
. The string variable s
is actually a pointer to the first character in that string, namely the H
.
And we can print it with the %s
(for “string”) format specifier:
char *s = "Hello, world!";
("%s\n", s); // "Hello, world!" printf
Another option is this, nearly equivalent to the above char*
usage:
char s[14] = "Hello, world!";
// or, if we were properly lazy and have the compiler
// figure the length for us:
char s[] = "Hello, world!";
This means you can use array notation to access characters in a string. Let’s do exactly that to print all the characters in a string on the same line:
#include <stdio.h>
int main(void)
{
char s[] = "Hello, world!";
for (int i = 0; i < 13; i++)
printf("%c\n", s[i]);
}
Note that we’re using the format specifier %c
to print a single character.
Also, check this out. The program will still work fine if we change the definition of s
to be a char*
type:
#include <stdio.h>
int main(void)
{
char *s = "Hello, world!"; // char* here
for (int i = 0; i < 13; i++)
printf("%c\n", s[i]); // But still use arrays here...?
}
And we still can use array notation to get the job done when printing it out! This is surprising, but is still only because we haven’t talked about array/pointer equivalence yet. But this is yet another hint that arrays and pointers are the same thing, deep down.
We’ve already seen some examples with initializing string variables with string literals:
char *s = "Hello, world!";
char t[] = "Hello, again!";
But these two initializations are subtly different. A string literal, similar to an integer literal, has it’s memory automatically managed by the compiler for you! With an integer, i.e. a fixed size piece of data, the compiler can pretty easily manage it. But strings are a variable-byte beast which the compiler tames by tossing into a chunk of memory, and giving you a pointer to it.
This form points to wherever that string was placed. Typically, that place is in a land faraway from the rest of your program’s memory – read-only memory – for reasons related to performance & safety.
char *s = "Hello, world!";
So, if you try to mutate that string with this:
char *s = "Hello, world!";
[0] = 'z'; // BAD NEWS: tried to mutate a string literal! s
The behavior is undefined. Probably, depending on your system, a crash will result.
But declaring it as an array is different. The compiler doesn’t stow those bytes in another part of town, they’re right down the street. This one is a mutable copy of the string – one we can change at will:
char t[] = "Hello, again!"; // t is an array copy of the string
[0] = 'z'; // No problem
t
("%s\n", t); // "zello, again!" printf
So remember: if you have a pointer to a string literal, don’t try to change it! And if you use a string in double quotes to initialize an array, that’s not actually a string literal.
You can’t, since C doesn’t track it for you. And when I say “can’t”, I actually mean “can”63. There’s a function in <string.h>
called strlen()
that can be used to compute the length of any string in bytes64.
#include <stdio.h>
#include <string.h>
int main(void)
{
char *s = "Hello, world!";
printf("The string is %zu bytes long.\n", strlen(s));
}
The strlen()
function returns type size_t
, which is an integer type so you can use it for integer math. We print size_t
with %zu
.
The above program prints:
The string is 13 bytes long.
Great! So it is possible to get the string length!
But… if C doesn’t track the length of the string anywhere, how does it know how long the string is?
C does strings a little differently than many programming languages, and in fact differently than almost every modern programming language.
When you’re making a new language, you have basically two options for storing a string in memory:
Store the bytes of the string along with a number indicating the length of the string.
Store the bytes of the string, and mark the end of the string with a special byte called the terminator.
If you want strings longer than 255 characters, option 1 requires at least two bytes to store the length. Whereas option 2 only requires one byte to terminate the string. So a bit of savings there.
Of course, these days it seems ridiculous to worry about saving a byte (or 3—lots of languages will happily let you have strings that are 4 gigabytes in length). But back in the day, it was a bigger deal.
So C took approach #2. In C, a “string” is defined by two basic characteristics:
NUL
character65) somewhere in memory after the pointer that indicates the end of the string.A NUL
character can be written in C code as \0
, though you don’t often have to do this.
When you include a string in double quotes in your code, the NUL
character is automatically, implicitly included.
char *s = "Hello!"; // Actually "Hello!\0" behind the scenes
So with this in mind, let’s write our own strlen()
function that counts char
s in a string until it finds a NUL
.
The procedure is to look down the string for a single NUL
character, counting as we go66:
int my_strlen(char *s)
{
int count = 0;
while (s[count] != '\0') // Single quotes for single char
++;
count
return count;
}
And that’s basically how the built-in strlen()
gets the job done.
You can’t copy a string through the assignment operator (=
). All that does is make a copy of the pointer to the first character… so you end up with two pointers to the same string:
#include <stdio.h>
int main(void)
{
char s[] = "Hello, world!";
char *t;
// This makes a copy of the pointer, not a copy of the string!
t = s;
// We modify t
t[0] = 'z';
// But printing s shows the modification!
// Because t and s point to the same string!
printf("%s\n", s); // "zello, world!"
}
If you want to make a copy of a string, you have to copy it a byte at a time—but this is made easier with the strcpy()
function67.
Before you copy the string, make sure you have room to copy it into, i.e. the destination array that’s going to hold the characters needs to be at least as long as the string you’re copying.
#include <stdio.h>
#include <string.h>
int main(void)
{
char s[] = "Hello, world!";
char t[100]; // Each char is one byte, so plenty of room
// This makes a copy of the string!
strcpy(t, s);
// We modify t
t[0] = 'z';
// And s remains unaffected because it's a different string
printf("%s\n", s); // "Hello, world!"
// But t has been changed
printf("%s\n", t); // "zello, world!"
}
Notice with strcpy()
, the destination pointer is the first argument, and the source pointer is the second. A mnemonic I use to remember this is that it’s the order you would have put t
and s
if an assignment =
worked for strings, with the source on the right and the destination on the left.
In C, we have something called a struct
, which is a user-definable type that holds multiple pieces of data, potentially of different types.
It’s a convenient way to bundle multiple variables into a single one. This can be beneficial for passing variables to functions (so you just have to pass one instead of many), and useful for organizing data and making code more readable.
If you’ve come from another language, you might be familiar with the idea of classes and objects. These don’t exist in C, natively68. You can think of a struct
as a class with only data members, and no methods.
You can declare a struct
in your code like so:
struct car {
char *name;
float price;
int speed;
};
This is often done at the global scope outside any functions so that the struct
is globally available.
When you do this, you’re making a new type. The full type name is struct car
. (Not just car
—that won’t work.)
There aren’t any variables of that type yet, but we can declare some:
struct car saturn; // Variable "saturn" of type "struct car"
And now we have an uninitialized variable saturn
69 of type struct car
.
We should initialize it! But how do we set the values of those individual fields?
Like in many other languages that stole it from C, we’re going to use the dot operator (.
) to access the individual fields.
.name = "Saturn SL/2";
saturn.price = 15999.99;
saturn.speed = 175;
saturn
("Name: %s\n", saturn.name);
printf("Price (USD): %f\n", saturn.price);
printf("Top Speed (km): %d\n", saturn.speed); printf
There on the first lines, we set the values in the struct car
, and then in the next bit, we print those values out.
That example in the previous section was a little unwieldy. There must be a better way to initialize that struct
variable!
You can do it with an initializer by putting values in for the fields in the order they appear in the struct
when you define the variable. (This won’t work after the variable has been defined—it has to happen in the definition).
struct car {
char *name;
float price;
int speed;
};
// Now with an initializer! Same field order as in the struct declaration:
struct car saturn = {"Saturn SL/2", 16000.99, 175};
("Name: %s\n", saturn.name);
printf("Price: %f\n", saturn.price);
printf("Top Speed: %d km\n", saturn.speed); printf
The fact that the fields in the initializer need to be in the same order is a little freaky. If someone changes the order in struct car
, it could break all the other code!
We can be more specific with our initializers:
struct car saturn = {.speed=175, .name="Saturn SL/2"};
Now it’s independent of the order in the struct
declaration. Which is safer code, for sure.
Similar to array initializers, any missing field designators are initialized to zero (in this case, that would be .price
, which I’ve omitted).
You can do a couple things to pass a struct
to a function.
struct
.struct
.Recall that when you pass something to a function, a copy of that thing gets made for the function to operate on, whether it’s a copy of a pointer, an int
, a struct
, or anything.
There are basically two cases when you’d want to pass a pointer to the struct
:
struct
that was passed in, and have those changes show in the caller.struct
is somewhat large and it’s more expensive to copy that onto the stack than it is to just copy a pointer70.For those two reasons, it’s far more common to pass a pointer to a struct
to a function, though its by no means illegal to pass the struct
itself.
Let’s try passing in a pointer, making a function that will allow you to set the .price
field of the struct car
:
#include <stdio.h>
struct car {
char *name;
float price;
int speed;
};
int main(void)
{
struct car saturn = {.speed=175, .name="Saturn SL/2"};
// Pass a pointer to this struct car, along with a new,
// more realistic, price:
set_price(&saturn, 799.99);
printf("Price: %f\n", saturn.price);
}
You should be able to come up with the function signature for set_price()
just by looking at the types of the arguments we have there.
saturn
is a struct car
, so &saturn
must be the address of the struct car
, AKA a pointer to a struct car
, namely a struct car*
.
And 799.99
is a float
.
So the function declaration must look like this:
void set_price(struct car *c, float new_price)
We just need to write the body. One attempt might be:
void set_price(struct car *c, float new_price) {
.price = new_price; // ERROR!!
c}
That won’t work because the dot operator only works on struct
s… it doesn’t work on pointers to struct
s.
Ok, so we can dereference the variable c
to de-pointer it to get to the struct
itself. Dereferencing a struct car*
results in the struct car
that the pointer points to, which we should be able to use the dot operator on:
void set_price(struct car *c, float new_price) {
(*c).price = new_price; // Works, but is ugly and non-idiomatic :(
}
And that works! But it’s a little clunky to type all those parens and the asterisk. C has some syntactic sugar called the arrow operator that helps with that.
The arrow operator helps refer to fields in pointers to struct
s.
void set_price(struct car *c, float new_price) {
// (*c).price = new_price; // Works, but non-idiomatic :(
//
// The line above is 100% equivalent to the one below:
->price = new_price; // That's the one!
c}
So when accessing fields, when do we use dot and when do we use arrow?
struct
, use dot (.
).struct
, use arrow (->
). struct
sHere’s an easy one for you!
Just assign from one to the other!
struct car a, b;
= a; // Copy the struct b
And returning a struct
(as opposed to a pointer to one) from a function also makes a similar copy to the receiving variable.
This is not a “deep copy”71. All fields are copied as-is, including pointers to things.
struct
sThere’s only one safe way to do it: compare each field one at a time.
You might think you could use memcmp()
72, but that doesn’t handle the case of the possible padding bytes that might be in there.
If you clear the struct
to zero first with memset()
73, then it might work, though there could be weird elements that might not compare as you expect74.
We’ve already seen some examples of I/O with printf()
for doing I/O at the console.
But we’ll push those concepts a little farther this chapter.
FILE*
Data Type When we do any kind of I/O in C, we do so through a piece of data that you get in the form of a FILE*
type. This FILE*
holds all the information needed to communicate with the I/O subsystem about which file you have open, where you are in the file, and so on.
The spec refers to these as streams, i.e. a stream of data from a file or from any source. I’m going to use “files” and “streams” interchangeably, but really you should think of a “file” as a special case of a “stream”. There are other ways to stream data into a program than just reading from a file.
We’ll see in a moment how to go from having a filename to getting an open FILE*
for it, but first I want to mention three streams that are already open for you and ready for use.
FILE* name |
Description |
---|---|
stdin |
Standard Input, generally the keyboard by default |
stdout |
Standard Output, generally the screen by default |
stderr |
Standard Error, generally the screen by default, as well |
We’ve actually been using these implicitly already, it turns out. For example, these two calls are the same:
("Hello, world!\n");
printf(stdout, "Hello, world!\n"); // printf to a file fprintf
But more on that later.
Also you’ll notice that both stdout
and stderr
go to the screen. While this seems at first either like an oversight or redundancy, it actually isn’t. Typical operating systems allow you to redirect the output of either of those into different files, and it can be convenient to be able to separate error messages from regular non-error output.
For example, in a POSIX shell (like sh, ksh, bash, zsh, etc.) on a Unix-like system, we could run a program and send just the non-error (stdout
) output to one file, and all the error (stderr
) output to another file.
./foo > output.txt 2> errors.txt # This command is Unix-specific
For this reason, you should send serious error messages to stderr
instead of stdout
.
More on how to do that later.
Streams are largely categorized two different ways: text and binary.
Text streams are allowed to do significant translation of the data, most notably translations of newlines to their different representations75. Text files are logically a sequence of lines separated by newlines. To be portable, your input data should always end with a newline.
But the general rule is that if you’re able to edit the file in a regular text editor, it’s a text file. Otherwise, it’s binary. More on binary later.
So let’s get to work—how do we open a file for reading, and pull data out of it?
Let’s create a file called hello.txt
that has just this in it:
Hello, world!
And let’s write a program to open the file, read a character out of it, and then close the file when we’re done. That’s the game plan!
#include <stdio.h>
int main(void)
{
FILE *fp; // Variable to represent open file
fp = fopen("hello.txt", "r"); // Open file for reading
int c = fgetc(fp); // Read a single character
printf("%c\n", c); // Print char to stdout
fclose(fp); // Close the file when done
}
See how when we opened the file with fopen()
, it returned the FILE*
to us so we could use it later.
(I’m leaving it out for brevity, but fopen()
will return NULL
if something goes wrong, like file-not-found, so you should really error check it!)
Also notice the "r"
that we passed in—this means “open a text stream for reading”. (There are various strings we can pass to fopen()
with additional meaning, like writing, or appending, and so on.)
After that, we used the fgetc()
function to get a character from the stream. You might be wondering why I’ve made c
an int
instead of a char
—hold that thought!
Finally, we close the stream when we’re done with it. All streams are automatically closed when the program exits, but it’s good form and good housekeeping to explicitly close any files yourself when done with them.
The FILE*
keeps track of our position in the file. So subsequent calls to fgetc()
would get the next character in the file, and then the next, until the end.
But that sounds like a pain. Let’s see if we can make it easier.
EOF
There is a special character defined as a macro: EOF
. This is what fgetc()
will return when the end of the file has been reached and you’ve attempted to read another character.
How about I share that Fun Fact™, now. Turns out EOF
is the reason why fgetc()
and functions like it return an int
instead of a char
. EOF
isn’t a character proper, and its value likely falls outside the range of char
. Since fgetc()
needs to be able to return any byte and EOF
, it needs to be a wider type that can hold more values. so int
it is. But unless you’re comparing the returned value against EOF
, you can know, deep down, it’s a char
.
All right! Back to reality! We can use this to read the whole file in a loop.
#include <stdio.h>
int main(void)
{
FILE *fp;
int c;
fp = fopen("hello.txt", "r");
while ((c = fgetc(fp)) != EOF)
printf("%c", c);
fclose(fp);
}
(If line 10 is too weird, just break it down starting with the innermost-nested parens. The first thing we do is assign the result of fgetc()
into c
, and then we compare that against EOF
. We’ve just crammed it into a single line. This might look hard to read, but study it—it’s idiomatic C.)
And running this, we see:
Hello, world!
But still, we’re operating a character at a time, and lots of text files make more sense at the line level. Let’s switch to that.
So how can we get an entire line at once? fgets()
to the rescue! For arguments, it takes a pointer to a char
buffer to hold bytes, a maximum number of bytes to read, and a FILE*
to read from. It returns NULL
on end-of-file or error. fgets()
is even nice enough to NUL-terminate the string when its done76.
Let’s do a similar loop as before, except let’s have a multiline file and read it in a line at a time.
Here’s a file quote.txt
:
A wise man can learn more from
a foolish question than a fool
can learn from a wise answer. --Bruce Lee
And here’s some code that reads that file a line at a time and prints out a line number before each one:
#include <stdio.h>
int main(void)
{
FILE *fp;
char s[1024]; // Big enough for any line this program will encounter
int linecount = 0;
fp = fopen("quote.txt", "r");
while (fgets(s, sizeof s, fp) != NULL)
printf("%d: %s", ++linecount, s);
fclose(fp);
}
Which gives the output:
1: A wise man can learn more from
2: a foolish question than a fool
3: can learn from a wise answer. 4: --Bruce Lee
You know how you can get formatted output with printf()
(and, thus, fprintf()
like we’ll see, below)?
You can do the same thing with fscanf()
.
Before we start, you should be advised that using
scanf()
-style functions can be hazardous with untrusted input. If you don’t specify field widths with your%s
, you could overflow the buffer. Worse, invalid numeric conversion result in undefined behavior. The safe thing to do with untrusted input is to use%s
with a field width, then use functions likestrtol()
orstrtod()
to do the conversions.
Let’s have a file with a series of data records in it. In this case, whales, with name, length in meters, and weight in tonnes. whales.txt
:
blue 29.9 173
right 20.7 135
gray 14.9 41 humpback 16.0 30
Yes, we could read these with fgets()
and then parse the string with sscanf()
(and in that’s more resilient against corrupted files), but in this case, let’s just use fscanf()
and pull it in directly.
The fscanf()
function skips leading whitespace when reading, and returns EOF
on end-of-file or error.
#include <stdio.h>
int main(void)
{
FILE *fp;
char name[1024]; // Big enough for any line this program will encounter
float length;
int mass;
fp = fopen("whales.txt", "r");
while (fscanf(fp, "%s %f %d", name, &length, &mass) != EOF)
printf("%s whale, %d tonnes, %.1f meters\n", name, mass, length);
fclose(fp);
}
Which gives the result:
blue whale, 173 tonnes, 29.9 meters
right whale, 135 tonnes, 20.7 meters
gray whale, 41 tonnes, 14.9 meters humpback whale, 30 tonnes, 16.0 meters
In much the same way we can use fgetc()
, fgets()
, and fscanf()
to read text streams, we can use fputc()
, fputs()
, and fprintf()
to write text streams.
To do so, we have to fopen()
the file in write mode by passing "w"
as the second argument. Opening an existing file in "w"
mode will instantly truncate that file to 0 bytes for a full overwrite.
We’ll put together a simple program that outputs a file output.txt
using a variety of output functions.
#include <stdio.h>
int main(void)
{
FILE *fp;
int x = 32;
fp = fopen("output.txt", "w");
fputc('B', fp);
fputc('\n', fp); // newline
fprintf(fp, "x = %d\n", x);
fputs("Hello, world!\n", fp);
fclose(fp);
}
And this produces a file, output.txt
, with these contents:
B
x = 32 Hello, world!
Fun fact: since stdout
is a file, you could replace line 8 with:
= stdout; fp
and the program would have outputted to the console instead of to a file. Try it!
So far we’ve just been talking text files. But there’s that other beast we mentioned early on called binary files, or binary streams.
These work very similarly to text files, except the I/O subsystem doesn’t perform any translations on the data like it might with a text file. With binary files, you get a raw stream of bytes, and that’s all.
The big difference in opening the file is that you have to add a "b"
to the mode. That is, to read a binary file, open it in "rb"
mode. To write a file, open it in "wb"
mode.
Because it’s streams of bytes, and streams of bytes can contain NUL characters, and the NUL character is the end-of-string marker in C, it’s rare that people use the fprintf()
-and-friends functions to operate on binary files.
Instead the most common functions are fread()
and fwrite()
. The functions read and write a specified number of bytes to the stream.
To demo, we’ll write a couple programs. One will write a sequence of byte values to disk all at once. And the second program will read a byte at a time and print them out77.
#include <stdio.h>
int main(void)
{
FILE *fp;
unsigned char bytes[6] = {5, 37, 0, 88, 255, 12};
fp = fopen("output.bin", "wb"); // wb mode for "write binary"!
// In the call to fwrite, the arguments are:
//
// * Pointer to data to write
// * Size of each "piece" of data
// * Count of each "piece" of data
// * FILE*
fwrite(bytes, sizeof(char), 6, fp);
fclose(fp);
}
Those two middle arguments to fwrite()
are pretty odd. But basically what we want to tell the function is, “We have items that are this big, and we want to write that many of them.” This makes it convenient if you have a record of a fixed length, and you have a bunch of them in an array. You can just tell it the size of one record and how many to write.
In the example above, we tell it each record is the size of a char
, and we have 6 of them.
Running the program gives us a file output.bin
, but opening it in a text editor doesn’t show anything friendly! It’s binary data—not text. And random binary data I just made up, at that!
If I run it through a hex dump78 program, we can see the output as bytes:
05 25 00 58 ff 0c
And those values in hex do match up to the values (in decimal) that we wrote out.
But now let’s try to read them back in with a different program. This one will open the file for binary reading ("rb"
mode) and will read the bytes one at a time in a loop.
fread()
has the neat feature where it returns the number of bytes read, or 0
on EOF. So we can loop until we see that, printing numbers as we go.
#include <stdio.h>
int main(void)
{
FILE *fp;
unsigned char c;
fp = fopen("output.bin", "rb"); // rb for "read binary"!
while (fread(&c, sizeof(char), 1, fp) > 0)
printf("%d\n", c);
fclose(fp);
}
And, running it, we see our original numbers!
5
37
0
88
255 12
Woo hoo!
struct
and Number Caveats As we saw in the struct
s section, the compiler is free to add padding to a struct
as it sees fit. And different compilers might do this differently. And the same compiler on different architectures could do it differently. And the same compiler on the same architectures could do it differently.
What I’m getting at is this: it’s not portable to just fwrite()
an entire struct
out to a file when you don’t know where the padding will end up.
How do we fix this? Hold that thought—we’ll look at some ways to do this after looking at another related problem.
Numbers!
Turns out all architectures don’t represent numbers in memory the same way.
Let’s look at a simple fwrite()
of a 2-byte number. We’ll write it in hex so each byte is clear. The most significant byte will have the value 0x12
and the least significant will have the value 0x34
.
unsigned short v = 0x1234; // Two bytes, 0x12 and 0x34
(&v, sizeof v, 1, fp); fwrite
What ends up in the stream?
Well, it seems like it should be 0x12
followed by 0x34
, right?
But if I run this on my machine and hex dump the result, I get:
34 12
They’re reversed! What gives?
This has something to do with what’s called the endianess79 of the architecture. Some write the most significant bytes first, and some the least significant bytes first.
This means that if you write a multibyte number out straight from memory, you can’t do it in a portable way80.
A similar problem exists with floating point. Most systems use the same format for their floating point numbers, but some do not. No guarantees!
So… how can we fix all these problems with numbers and struct
s to get our data written in a portable way?
The summary is to serialize the data, which is a general term that means to take all the data and write it out in a format that you control, that is well-known, and programmable to work the same way on all platforms.
As you might imagine, this is a solved problem. There are a bunch of serialization libraries you can take advantage of, such as Google’s protocol buffers81, out there and ready to use. They will take care of all the gritty details for you, and even will allow data from your C programs to interoperate with other languages that support the same serialization methods.
Do yourself and everyone a favor! Serialize your binary data when you write it to a stream! This will keep things nice and portable, even if you transfer data files from one architecture to another.
typedef
: Making New TypesWell, not so much making new types as getting new names for existing types. Sounds kinda pointless on the surface, but we can really use this to make our code cleaner.
typedef
in TheoryBasically, you take an existing type and you make an alias for it with typedef
.
Like this:
typedef int antelope; // Make "antelope" an alias for "int"
= 10; // Type "antelope" is the same as type "int" antelope x
You can take any existing type and do it. You can even make a number of types with a comma list:
typedef int antelope, bagel, mushroom; // These are all "int"
That’s really useful, right? That you can type mushroom
instead of int
? You must be super excited about this feature!
OK, Professor Sarcasm—we’ll get to some more common applications of this in a moment.
typedef
follows regular scoping rules.
For this reason, it’s quite common to find typedef
at file scope (“global”) so that all functions can use the new types at will.
typedef
in PracticeSo renaming int
to something else isn’t that exciting. Let’s see where typedef
commonly makes an appearance.
typedef
and struct
s Sometimes a struct
will be typedef
’d to a new name so you don’t have to type the word struct
over and over.
struct animal {
char *name;
int leg_count, speed;
};
// original name new name
// | |
// v v
// |-----------| |----|
typedef struct animal animal;
struct animal y; // This works
; // This also works because "animal" is an alias animal z
Personally, I don’t care for this practice. I like the clarity the code has when you add the word struct
to the type; programmers know what they’re getting. But it’s really common so I’m including it here.
Now I want to run the exact same example in a way that you might commonly see. We’re going to put the struct animal
in the typedef
. You can mash it all together like this:
// original name
// |
// v
// |-----------|
typedef struct animal {
char *name;
int leg_count, speed;
} animal; // <-- new name
struct animal y; // This works
; // This also works because "animal" is an alias animal z
That’s exactly the same as the previous example, just more concise.
But that’s not all! There’s another common shortcut that you might see in code using what are called anonymous structures82. It turns out you don’t actually need to name the structure in a variety of places, and with typedef
is one of them.
Let’s do the same example with an anonymous structure:
// Anonymous struct! It has no name!
// |
// v
// |----|
typedef struct {
char *name;
int leg_count, speed;
} animal; // <-- new name
//struct animal y; // ERROR: this no longer works--no such struct!
; // This works because "animal" is an alias animal z
As another example, we might find something like this:
typedef struct {
int x, y;
} point;
= {.x=20, .y=40};
point p
("%d, %d\n", p.x, p.y); // 20, 40 printf
typedef
and Other TypesIt’s not that using typedef
with a simple type like int
is completely useless… it helps you abstract the types to make it easier to change them later.
For example, if you have float
all over your code in 100 zillion places, it’s going to be painful to change them all to double
if you find you have to do that later for some reason.
But if you prepared a little with:
typedef float app_float;
// and
, f2, f3; app_float f1
Then if later you want to change to another type, like long double
, you just need to change the typedef
:
// voila!
// |---------|
typedef long double app_float;
// and no need to change this line:
, f2, f3; // Now these are all long doubles app_float f1
typedef
and PointersYou can make a type that is a pointer.
typedef int *intptr;
int a = 10;
= &a; // "intptr" is type "int*" intptr x
I really don’t like this practice. It hides the fact that x
is a pointer type because you don’t see a *
in the declaration.
IMHO, it’s better to explicitly show that you’re declaring a pointer type so that other devs can clearly see it and don’t mistake x
for having a non-pointer type.
But at last count, say, 832,007 people had a different opinion.
typedef
and CapitalizationI’ve seen all kinds of capitalization on typedef
.
typedef struct {
int x, y;
} my_point; // lower snake case
typedef struct {
int x, y;
} MyPoint; // CamelCase
typedef struct {
int x, y;
} Mypoint; // Leading uppercase
typedef struct {
int x, y;
} MY_POINT; // UPPER SNAKE CASE
The C11 specification doesn’t dictate one way or another, and shows examples in all uppercase and all lowercase.
K&R2 uses leading uppercase predominantly, but show some examples in uppercase and snake case (with _t
).
If you have a style guide in use, stick with it. If you don’t, grab one and stick with it.
typedef
The syntax is a little weird, and this is rarely seen in my experience, but you can typedef
an array of some number of items.
// Make type five_ints an array of 5 ints
typedef int five_ints[5];
= {11, 22, 33, 44, 55}; five_ints x
I don’t like it because it hides the array nature of the variable, but it’s possible to do.
Time to get more into it with a number of new pointer topics! If you’re not up to speed with pointers, check out the first section in the guide on the matter.
Turns out you can do math on pointers, notably addition and subtraction.
But what does it mean when you do that?
In short, if you have a pointer to a type, adding one to the pointer moves to the next item of that type directly after it in memory.
It’s important to remember that as we move pointers around and look at different places in memory, we need to make sure that we’re always pointing to a valid place in memory before we dereference. If we’re off in the weeds and we try to see what’s there, the behavior is undefined and a crash is a common result.
This is a little chicken-and-eggy with Array/Pointer Equivalence, below, but we’re going to give it a shot, anyway.
First, let’s take an array of numbers.
int a[5] = {11, 22, 33, 44, 55};
Then let’s get a pointer to the first element in that array:
int a[5] = {11, 22, 33, 44, 55};
int *p = &a[0]; // Or "int *p = a;" works just as well
Then let’s print the value there by dereferencing the pointer:
("%d\n", *p); // Prints 11 printf
Now let’s use pointer arithmetic to print the next element in the array, the one at index 1:
("%d\n", *(p + 1)); // Prints 22!! printf
What happened there? C knows that p
is a pointer to an int
. So it knows the sizeof
an int
83 and it knows to skip that many bytes to get to the next int
after the first one!
In fact, the prior example could be written these two equivalent ways:
("%d\n", *p); // Prints 11
printf("%d\n", *(p + 0)); // Prints 11 printf
because adding 0
to a pointer results in the same pointer.
Let’s think of the upshot here. We can iterate over elements of an array this way instead of using an array:
int a[5] = {11, 22, 33, 44, 55};
int *p = &a[0]; // Or "int *p = a;" works just as well
for (int i = 0; i < 5; i++) {
("%d\n", *(p + i)); // Same as p[i]!
printf}
And that works the same as if we used array notation! Oooo! Getting closer to that array/pointer equivalence thing! More on this later in this chapter.
But what’s actually happening, here? How does it work?
Remember from early on that memory is like a big array, where a byte is stored at each array index?
And the array index into memory has a few names:
So a pointer is an index into memory, somewhere.
For a random example, say that a number 3490 was stored at address (“index”) 23,237,489,202. If we have an int
pointer to that 3490, that value of that pointer is 23,237,489,202… because the pointer is the memory address. Different words for the same thing.
And now let’s say we have another number, 4096, stored right after the 3490 at address 23,237,489,210 (8 higher than the 3490 because each int
in this example is 8 bytes long).
If we add 1
to that pointer, it actually jumps ahead sizeof(int)
bytes to the next int
. It knows to jump that far ahead because it’s an int
pointer. If it were a float
pointer, it’d jump sizeof(float)
bytes ahead to get to the next float!
So you can look at the next int
, by adding 1
to the pointer, the one after that by adding 2
to the pointer, and so on.
We saw how we could add an integer to a pointer in the previous section. This time, let’s modify the pointer, itself.
You can just add (or subtract) integer values directly to (or from) any pointer!
Let’s do that example again, except with a couple changes. First, I’m going to add a 999
to the end of our numbers to act as a sentinel value. This will let us know where the end of the data is.
int a[] = {11, 22, 33, 44, 55, 999}; // Add 999 here as a sentinel
int *p = &a[0]; // p points to the 11
And we also have p
pointing to the element at index 0
of a
, namely 11
, just like before.
Now—let’s start incrementing p
so that it points at subsequent elements of the array. We’ll do this until p
points to the 999
; that is, we’ll do it until *p == 999
:
while (*p != 999) { // While the thing p points to isn't 999
("%d\n", *p); // Print it
printf++; // Move p to point to the next int!
p}
Pretty crazy, right?
When we give it a run, first p
points to 11
. Then we increment p
, and it points to 22
, and then again, it points to 33
. And so on, until it points to 999
and we quit.
You can subtract a value from a pointer to get to earlier address, as well, just like we were adding to them before.
But we can also subtract two pointers to find the difference between them, e.g. we can calculate how many int
s there are between two int*
s. The catch is that this only works within a single array84—if the pointers point to anything else, you get undefined behavior.
Remember how strings are char*
s in C? Let’s see if we can use this to write another variant of strlen()
to compute the length of a string that utilizes pointer subtraction.
The idea is that if we have a pointer to the beginning of the string, we can find a pointer to the end of the string by scanning ahead for the NUL
character.
And if we have a pointer to the beginning of the string, and we computed the pointer to the end of the string, we can just subtract the two pointers to come up with the length!
#include <stdio.h>
int my_strlen(char *s)
{
// Start scanning from the beginning of the string
char *p = s;
// Scan until we find the NUL character
while (*p != '\0')
p++;
// Return the difference in pointers
return p - s;
}
int main(void)
{
printf("%d\n", my_strlen("Hello, world!")); // Prints "13"
}
Remember that you can only use pointer subtraction between two pointers that point to the same array!
We’re finally ready to talk about this! We’ve seen plenty of examples of places where we’ve intermixed array notation, but let’s give out the fundamental formula of array/pointer equivalence:
[b] == *(a + b) a
Study that! Those are equivalent and can be used interchangeably!
I’ve oversimplified a bit, because in my above example a
and b
can both be expressions, and we might want a few more parentheses to force order of operations in case the expressions are complex.
The spec is specific, as always, declaring (in C11 §6.5.2.1¶2):
E1[E2]
is identical to(*((E1)+(E2)))
but that’s a little harder to grok. Just make sure you include parentheses if the expressions are complicated so all your math happens in the right order.
This means we can decide if we’re going to use array or pointer notation for any array or pointer (assuming it points to an element of an array).
Let’s use an array and pointer with both array and pointer notation:
#include <stdio.h>
int main(void)
{
int a[] = {11, 22, 33, 44, 55};
int *p = a; // p points to the first element of a, 11
// Print all elements of the array a variety of ways:
for (int i = 0; i < 5; i++)
printf("%d\n", a[i]); // Array notation with a
for (int i = 0; i < 5; i++)
printf("%d\n", p[i]); // Array notation with p
for (int i = 0; i < 5; i++)
printf("%d\n", *(a + i)); // Pointer notation with a
for (int i = 0; i < 5; i++)
printf("%d\n", *(p + i)); // Pointer notation with p
for (int i = 0; i < 5; i++)
printf("%d\n", *(p++)); // Moving pointer p
//printf("%d\n", *(a++)); // Moving array variable a--ERROR!
}
So you can see that in general, if you have an array variable, you can use pointer or array notion to access elements. Same with a pointer variable.
The one big difference is that you can modify a pointer to point to a different address, but you can’t do that with an array variable.
This is where you’ll encounter this concept the most, for sure.
If you have a function that takes a pointer argument, e.g.:
int my_strlen(char *s)
this means you can pass either an array or a pointer to this function and have it work!
char s[] = "Antelopes";
char *t = "Wombats";
("%d\n", my_strlen(s)); // Works!
printf("%d\n", my_strlen(t)); // Works, too! printf
And it’s also why these two function signatures are equivalent:
int my_strlen(char *s) // Works!
int my_strlen(char s[]) // Works, too!
void
Pointers You’ve already seen the void
keyword used with functions, but this is an entirely separate, unrelated animal.
Sometimes it’s useful to have a pointer to a thing that you don’t know the type of.
I know. Bear with me just a second.
There are basically two use cases for this.
1. A function is going to operate on something byte-by-byte. For example, memcpy()
copies bytes of memory from one pointer to another, but those pointers can point to any type. memcpy()
takes advantage of the fact that if you iterate through char*
s, you’re iterating through the bytes of an object no matter what type the object is. More on this in the Multibyte Values subsection.
void*
s—’cause it doesn’t know the type—and you convert those to the type you need. The built-in qsort()
85 and bsearch()
86 use this technique.Let’s look at an example, the built-in memcpy()
function:
void *memcpy(void *s1, void *s2, size_t n);
This function copies n
bytes of memory starting from address s2
into the memory starting at address s1
.
But look! s1
and s2
are void*
s! Why? What does it mean? Let’s run more examples to see.
For instance, we could copy a string with memcpy()
(though strcpy()
is more appropriate for strings):
#include <stdio.h>
#include <string.h>
int main(void)
{
char s[] = "Goats!";
char t[100];
memcpy(t, s, 7); // Copy 7 bytes--including the NUL terminator!
printf("%s\n", t); // "Goats!"
}
Or we can copy some int
s:
#include <stdio.h>
#include <string.h>
int main(void)
{
int a[] = {11, 22, 33};
int b[3];
memcpy(b, a, 3 * sizeof(int)); // Copy 3 ints of data
printf("%d\n", b[1]); // 22
}
That one’s a little wild—you see what we did there with memcpy()
? We copied the data from a
to b
, but we had to specify how many bytes to copy, and an int
is more than one byte.
OK, then—how many bytes does an int
take? Answer: depends on the system. But we can tell how many bytes any type takes with the sizeof
operator.
So there’s the answer: an int
takes sizeof(int)
bytes of memory to store.
And if we have 3 of them in our array, like we did in that example, the entire space used for the 3 int
s must be 3 * sizeof(int)
.
(In the string example, earlier, it would have been more technically accurate to copy 7 * sizeof(char)
bytes. But char
s are always one byte large, by definition, so that just devolves into 7 * 1
.)
We could even copy a float
or a struct
with memcpy()
! (Though this is abusive—we should just use =
for that):
struct antelope my_antelope;
struct antelope my_clone_antelope;
// ...
(&my_clone_antelope, &my_antelope, sizeof my_antelope); memcpy
Look at how versatile memcpy()
is! If you have a pointer to a source and a pointer to a destination, and you have the number of bytes you want to copy, you can copy any type of data.
Imagine if we didn’t have void*
. We’d have to write specialized memcpy()
functions for each type:
(int *a, int *b, int count);
memcpy_int(float *a, float *b, int count);
memcpy_float(double *a, double *b, int count);
memcpy_double(char *a, char *b, int count);
memcpy_char(unsigned char *a, unsigned char *b, int count);
memcpy_unsigned_char
// etc... blech!
Much better to just use void*
and have one function that can do it all.
That’s the power of void*
. You can write functions that don’t care about the type and is still able to do things with it.
But with great power comes great responsibility. Maybe not that great in this case, but there are some limits.
1. You cannot do pointer arithmetic on a void*
. 2. You cannot dereference a void*
. 3. You cannot use the arrow operator on a void*
, since it’s also a dereference. 4. You cannot use array notation on a void*
, since it’s also a dereference, as well87.
And if you think about it, these rules make sense. All those operations rely on knowing the sizeof
the type of data pointed to, and with void*
, we don’t know the size of the data being pointed to—it could be anything!
But wait—if you can’t dereference a void*
what good can it ever do you?
Like with memcpy()
, it helps you write generic functions that can handle multiple types of data. But the secret is that, deep down, you convert the void*
to another type before you use it!
And conversion is easy: you can just assign into a variable of the desired type88.
char a = 'X'; // A single char
void *p = &a; // p points to the 'X'
char *q = p; // q also points to the 'X'
("%c\n", *p); // ERROR--cannot dereference void*!
printf("%c\n", *q); // Prints "X" printf
Let’s write our own memcpy()
to try this out. We can copy bytes (char
s), and we know the number of bytes because it’s passed in.
void *my_memcpy(void *dest, void *src, int byte_count)
{
// Convert void*s to char*s
char *s = src, *d = dest;
// Now that we have char*s, we can dereference and copy them
while (byte_count--) {
*d++ = *s++;
}
// Most of these functions return the destination, just in case
// that's useful to the caller.
return dest;
}
Right there at the beginning, we copy the void*
s into char*
s so that we can use them as char*
s. It’s as easy as that.
Then some fun in a while loop, where we decrement byte_count
until it becomes false (0
). Remember that with post-decrement, the value of the expression is computed (for while
to use) and then the variable is decremented.
And some fun in the copy, where we assign *d = *s
to copy the byte, but we do it with post-increment so that both d
and s
move to the next byte after the assignment is made.
Lastly, most memory and string functions return a copy of a pointer to the destination string just in case the caller wants to use it.
Now that we’ve done that, I just want to quickly point out that we can use this technique to iterate over the bytes of any object in C, float
s, struct
s, or anything!
Let’s run one more real-world example with the built-in qsort()
routine that can sort anything thanks to the magic of void*
s.
(In the following example, you can ignore the word const
, which we haven’t covered yet.)
#include <stdio.h>
#include <stdlib.h>
// The type of structure we're going to sort
struct animal {
char *name;
int leg_count;
};
// This is a comparison function called by qsort() to help it determine
// what exactly to sort by. We'll use it to sort an array of struct
// animals by leg_count.
int compar(const void *elem1, const void *elem2)
{
// We know we're sorting struct animals, so let's make both
// arguments pointers to struct animals
const struct animal *animal1 = elem1;
const struct animal *animal2 = elem2;
// Return <0 =0 or >0 depending on whatever we want to sort by.
// Let's sort ascending by leg_count, so we'll return the difference
// in the leg_counts
if (animal1->leg_count > animal2->leg_count)
return 1;
if (animal1->leg_count < animal2->leg_count)
return -1;
return 0;
}
int main(void)
{
// Let's build an array of 4 struct animals with different
// characteristics. This array is out of order by leg_count, but
// we'll sort it in a second.
struct animal a[4] = {
{.name="Dog", .leg_count=4},
{.name="Monkey", .leg_count=2},
{.name="Antelope", .leg_count=4},
{.name="Snake", .leg_count=0}
};
// Call qsort() to sort the array. qsort() needs to be told exactly
// what to sort this data by, and we'll do that inside the compar()
// function.
//
// This call is saying: qsort array a, which has 4 elements, and
// each element is sizeof(struct animal) bytes big, and this is the
// function that will compare any two elements.
qsort(a, 4, sizeof(struct animal), compar);
// Print them all out
for (int i = 0; i < 4; i++) {
printf("%d: %s\n", a[i].leg_count, a[i].name);
}
}
As long as you give qsort()
a function that can compare two items that you have in your array to be sorted, it can sort anything. And it does this without needing to have the types of the items hardcoded in there anywhere. qsort()
just rearranges blocks of bytes based on the results of the compar()
function you passed in.
This is one of the big areas where C likely diverges from languages you already know: manual memory management.
Other languages uses reference counting, garbage collection, or other means to determine when to allocate new memory for some data—and when to deallocate it when no variables refer to it.
And that’s nice. It’s nice to be able to not worry about it, to just drop all the references to an item and trust that at some point the memory associated with it will be freed.
But C’s not like that, entirely.
Of course, in C, some variables are automatically allocated and deallocated when they come into scope and leave scope. We call these automatic variables. They’re your average run-of-the-mill block scope “local” variables. No problem.
But what if you want something to persist longer than a particular block? This is where manual memory management comes into play.
You can tell C explicitly to allocate for you a certain number of bytes that you can use as you please. And these bytes will remain allocated until you explicitly free that memory89.
It’s important to free the memory you’re done with! If you don’t, we call that a memory leak and your process will continue to reserve that memory until it exits.
If you manually allocated it, you have to manually free it when you’re done with it.
So how do we do this? We’re going to learn a couple new functions, and make use of the sizeof
operator to help us learn how many bytes to allocate.
In common C parlance, devs say that automatic local variables are allocated “on the stack”, and manually-allocated memory is “on the heap”. The spec doesn’t talk about either of those things, but all C devs will know what you’re talking about if you bring them up.
All functions we’re going to learn in this chapter can be found in <stdlib.h>
.
malloc()
and free()
The malloc()
function accepts a number of bytes to allocate, and returns a void pointer to that block of newly-allocated memory.
Since it’s a void*
, you can assign it into whatever pointer type you want… normally this will correspond in some way to the number of bytes you’re allocating.
So… how many bytes should I allocate? We can use sizeof
to help with that. If we want to allocate enough room for a single int
, we can use sizeof(int)
and pass that to malloc()
.
After we’re done with some allocated memory, we can call free()
to indicate we’re done with that memory and it can be used for something else. As an argument, you pass the same pointer you got from malloc()
(or a copy of it). It’s undefined behavior to use a memory region after you free()
it.
Let’s try. We’ll allocate enough memory for an int
, and then store something there, and the print it.
// Allocate space for a single int (sizeof(int) bytes-worth):
int *p = malloc(sizeof(int));
*p = 12; // Store something there
("%d\n", *p); // Print it: 12
printf
(p); // All done with that memory
free
//*p = 3490; // ERROR: undefined behavior! Use after free()!
Now, in that contrived example, there’s really no benefit to it. We could have just used an automatic int
and it would have worked. But we’ll see how the ability to allocate memory this way has its advantages, especially with more complex data structures.
One more thing you’ll commonly see takes advantage of the fact that sizeof
can give you the size of the result type of any constant expression. So you could put a variable name in there, too, and use that. Here’s an example of that, just like the previous one:
int *p = malloc(sizeof *p); // *p is an int, so same as sizeof(int)
All the allocation functions return a pointer to the newly-allocated stretch of memory, or NULL
if the memory cannot be allocated for some reason.
Some OSes like Linux can be configured in such a way that malloc()
never returns NULL
, even if you’re out of memory. But despite this, you should always code it up with protections in mind.
int *x;
= malloc(sizeof(int) * 10);
x
if (x == NULL) {
("Error allocating 10 ints\n");
printf// do something here to handle it
}
Here’s a common pattern that you’ll see, where we do the assignment and the condition on the same line:
int *x;
if ((x = malloc(sizeof(int) * 10)) == NULL)
("Error allocating 10 ints\n");
printf// do something here to handle it
}
We’ve seen how to allocate space for a single thing; now what about for a bunch of them in an array?
In C, an array is a bunch of the same thing back-to-back in a contiguous stretch of memory.
We can allocate a contiguous stretch of memory—we’ve seen how to do that. If we wanted 3490 bytes of memory, we could just ask for it:
char *p = malloc(3490); // Voila
And—indeed!—that’s an array of 3490 char
s (AKA a string!) since each char
is 1 byte. In other words, sizeof(char)
is 1
.
Note: there’s no initialization done on the newly-allocated memory—it’s full of garbage. Clear it with memset()
if you want to, or see calloc()
, below.
But we can just multiply the size of the thing we want by the number of elements we want, and then access them using either pointer or array notation. Example!
#include <stdio.h>
#include <stdlib.h>
int main(void)
{
// Allocate space for 10 ints
int *p = malloc(sizeof(int) * 10);
// Assign them values 0-45:
for (int i = 0; i < 10; i++)
p[i] = i * 5;
// Print all values 0, 5, 10, 15, ..., 40, 45
for (int i = 0; i < 10; i++)
printf("%d\n", p[i]);
// Free the space
free(p);
}
The key’s in that malloc()
line. If we know each int
takes sizeof(int)
bytes to hold it, and we know we want 10 of them, we can just allocate exactly that many bytes with:
sizeof(int) * 10
And this trick works for every type. Just pass it to sizeof
and multiply by the size of the array.
calloc()
This is another allocation function that works similarly to malloc()
, with two key differences:
You still use free()
to deallocate memory obtained through calloc()
.
Here’s a comparison of calloc()
and malloc()
.
// Allocate space for 10 ints with calloc(), initialized to 0:
int *p = calloc(10, sizeof(int));
// Allocate space for 10 ints with malloc(), initialized to 0:
int *q = malloc(10 * sizeof(int));
(q, 0, 10 * sizeof(int)); // set to 0 memset
Again, the result is the same for both except malloc()
doesn’t zero the memory by default.
realloc()
If you’ve already allocated 10 int
s, but later you decide you need 20, what can you do?
One option is to allocate some new space, and then memcpy()
the memory over… but it turns out that sometimes you don’t need to move anything. And there’s one function that’s just smart enough to do the right thing in all the right circumstances: realloc()
.
It takes a pointer to some previously-allocted memory (by malloc()
or calloc()
) and a new size for the memory region to be.
It then grows or shrinks that memory, and returns a pointer to it. Sometimes it might return the same pointer (if the data didn’t have to be copied elsewhere), or it might return a different one (if the data did have to be copied).
Be sure when you call realloc()
, you specify the number of bytes to allocate, and not just the number of array elements! That is:
*= 2;
num_floats
= realloc(p, num_floats); // WRONG: need bytes, not number of elements!
np
= realloc(p, num_floats * sizeof(float)); // Better! np
Let’s allocate an array of 20 float
s, and then change our mind and make it an array of 40.
We’re going to assign the return value of realloc()
into another pointer just to make sure it’s not NULL
. If it’s not, then we can reassign it into our original pointer. (If we just assigned the return value directly into the original pointer, we’d lose that pointer if the function returned NULL
and we’d have no way to get it back.)
#include <stdio.h>
#include <stdlib.h>
int main(void)
{
// Allocate space for 20 floats
float *p = malloc(sizeof *p * 20); // sizeof *p same as sizeof(float)
// Assign them fractional values 0.0-1.0:
for (int i = 0; i < 20; i++)
p[i] = i / 20.0;
// But wait! Let's actually make this an array of 40 elements
float *new_p = realloc(p, sizeof *p * 40);
// Check to see if we successfully reallocated
if (new_p == NULL) {
printf("Error reallocing\n");
return 1;
}
// If we did, we can just reassign p
p = new_p;
// And assign the new elements values in the range 1.0-2.0
for (int i = 20; i < 40; i++)
p[i] = 1.0 + (i - 20) / 20.0;
// Print all values 0.0-2.0 in the 40 elements:
for (int i = 0; i < 40; i++)
printf("%f\n", p[i]);
// Free the space
free(p);
}
Notice in there how we took the return value from realloc()
and reassigned it into the same pointer variable p
that we passed in. That’s pretty common to do.
Also if line 7 is looking weird, with that sizeof *p
in there, remember that sizeof
works on the size of the type of the expression. And the type of *p
is float
, so that line is equivalent to sizeof(float)
.
I want to demonstrate two things with this full-blown example.
realloc()
to grow a buffer as we read in more data.realloc()
to shrink the buffer down to the perfect size after we’ve completed the read.What we see here is a loop that calls fgetc()
over and over to append to a buffer until we see that the last character is a newline.
Once it finds the newline, it shrinks the buffer to just the right size and returns it.
#include <stdio.h>
#include <stdlib.h>
// Read a line of arbitrary size from a file
//
// Returns a pointer to the line.
// Returns NULL on EOF or error.
//
// It's up to the caller to free() this pointer when done with it.
//
// Note that this strips the newline from the result. If you need
// it in there, probably best to switch this to a do-while.
char *readline(FILE *fp)
{
int offset = 0; // Index next char goes in the buffer
int bufsize = 4; // Preferably power of 2 initial size
char *buf; // The buffer
int c; // The character we've read in
buf = malloc(bufsize); // Allocate initial buffer
if (buf == NULL) // Error check
return NULL;
// Main loop--read until newline or EOF
while (c = fgetc(fp), c != '\n' && c != EOF) {
// Check if we're out of room in the buffer accounting
// for the extra byte for the NUL terminator
if (offset == bufsize - 1) { // -1 for the NUL terminator
bufsize *= 2; // 2x the space
char *new_buf = realloc(buf, bufsize);
if (new_buf == NULL) {
free(buf); // On error, free and bail
return NULL;
}
buf = new_buf; // Successful realloc
}
buf[offset++] = c; // Add the byte onto the buffer
}
// We hit newline or EOF...
// If at EOF and we read no bytes, free the buffer and
// return NULL to indicate we're at EOF:
if (c == EOF && offset == 0) {
free(buf);
return NULL;
}
// Shrink to fit
if (offset < bufsize - 1) { // If we're short of the end
char *new_buf = realloc(buf, offset + 1); // +1 for NUL terminator
// If successful, point buf to new_buf;
// otherwise we'll just leave buf where it is
if (new_buf != NULL)
buf = new_buf;
}
// Add the NUL terminator
buf[offset] = '\0';
return buf;
}
int main(void)
{
FILE *fp = fopen("foo.txt", "r");
char *line;
while ((line = readline(fp)) != NULL) {
printf("%s\n", line);
free(line);
}
fclose(fp);
}
When growing memory like this, it’s common (though hardly a law) to double the space needed each step just to minimize the number of realloc()
s that occur.
Finally you might note that readline()
returns a pointer to a malloc()
d buffer. As such, it’s up to the caller to explicitly free()
that memory when it’s done with it.
realloc()
with NULL
Trivia time! These two lines are equivalent:
char *p = malloc(3490);
char *p = realloc(NULL, 3490);
That could be convenient if you have some kind of allocation loop and you don’t want to special-case the first malloc()
.
int *p = NULL;
int length = 0;
while (!done) {
// Allocate 10 more ints:
+= 10;
length = realloc(p, sizeof *p * length);
p
// Do amazing things
// ...
}
In that example, we didn’t need an initial malloc()
since p
was NULL
to start.
You probably aren’t going to need to use this.
And I don’t want to get too far off in the weeds talking about it right now, but there’s this thing called memory alignment, which has to do with the memory address (pointer value) being a multiple of a certain number.
For example, a system might require that 16-bit values begin on memory addresses that are multiples of 2. Or that 64-bit values begin on memory addresses that are multiples of 2, 4, or 8, for example. It depends on the CPU.
Some systems require this kind of alignment for fast memory access, or some even for memory access at all.
Now, if you use malloc()
, calloc()
, or realloc()
, C will give you a chunk of memory that’s well-aligned for any value at all, even struct
s. Works in all cases.
But there might be times that you know that some data can be aligned at a smaller boundary, or must be aligned at a larger one for some reason. I imagine this is more common with embedded systems programming.
In those cases, you can specify an alignment with aligned_alloc()
.
The alignment is an integer power of two greater than zero, so 2
, 4
, 8
, 16
, etc. and you give that to aligned_alloc()
before the number of bytes you’re interested in.
The other restriction is that the number of bytes you allocate needs to be a multiple of the alignment. But this might be changing. See C Defect Report 46090
Let’s do an example, allocating on a 64-byte boundary:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
int main(void)
{
// Allocate 256 bytes aligned on a 64-byte boundary
char *p = aligned_alloc(64, 256); // 256 == 64 * 4
// Copy a string in there and print it
strcpy(p, "Hello, world!");
printf("%s\n", p);
// Free the space
free(p);
}
I want to throw a note here about realloc()
and aligned_alloc()
. realloc()
doesn’t have any alignment guarantees, so if you need to get some aligned reallocated space, you’ll have to do it the hard way with memcpy()
.
Here’s a non-standard aligned_realloc()
function, if you need it:
void *aligned_realloc(void *ptr, size_t old_size, size_t alignment, size_t size)
{
char *new_ptr = aligned_alloc(alignment, size);
if (new_ptr == NULL)
return NULL;
size_t copy_size = old_size < size? old_size: size; // get min
if (ptr != NULL)
(new_ptr, ptr, copy_size);
memcpy
(ptr);
free
return new_ptr;
}
Note that it always copies data, taking time, while real realloc()
will avoid that if it can. So this is hardly efficient. Avoid needing to reallocate custom-aligned data.
Scope is all about what variables are visible in what contexts.
This is the scope of almost all the variables devs define. It includes what other languages might call “function scope”, i.e. variables that are declared inside functions.
The basic rule is that if you’ve declared a variable in a block delimited by squirrelly braces, the scope of that variable is that block.
If there’s a block inside a block, then variables declared in the inner block are local to that block, and cannot be seen in the outer scope.
Once a variable’s scope ends, that variable can no longer be referenced, and you can consider its value to be gone into the great bit bucket91 in the sky.
An example with nested scope:
#include <stdio.h>
int main(void)
{
int a = 12; // Local to outer block, but visible in inner block
if (a == 12) {
int b = 99; // Local to inner block, not visible in outer block
printf("%d %d\n", a, b); // OK: "12 99"
}
printf("%d\n", a); // OK, we're still in a's scope
printf("%d\n", b); // ILLEGAL, out of b's scope
}
Another fun fact is that you can define variables anywhere in the block, within reason—they have the scope of that block, but cannot be used before they are defined.
#include <stdio.h>
int main(void)
{
int i = 0;
printf("%d\n", i); // OK: "0"
//printf("%d\n", j); // ILLEGAL--can't use j before it's defined
int j = 5;
printf("%d %d\n", i, j); // OK: "0 5"
}
Historically, C required all the variables be defined before any code in the block, but this is no longer the case in the C99 standard.
If you have a variable named the same thing at an inner scope as one at an outer scope, the one at the inner scope takes precedence as long as you’re running in the inner scope. That is, it hides the one at outer scope for the duration of its lifetime.
#include <stdio.h>
int main(void)
{
int i = 10;
{
int i = 20;
printf("%d\n", i); // Inner scope i, 20 (outer i is hidden)
}
printf("%d\n", i); // Outer scope i, 10
}
You might have noticed in that example that I just threw a block in there at line 7, not so much as a for
or if
statement to kick it off! This is perfectly legal. Sometimes a dev will want to group a bunch of local variables together for a quick computation and will do this, but it’s rare to see.
If you define a variable outside of a block, that variable has file scope. It’s visible in all functions in the file that come after it, and shared between them. (An exception is if a block defines a variable of the same name, it would hide the one at file scope.)
This is closest to what you would consider to be “global” scope in another language.
For example:
#include <stdio.h>
int shared = 10; // File scope! Visible to the whole file after this!
void func1(void)
{
shared += 100; // Now shared holds 110
}
void func2(void)
{
printf("%d\n", shared); // Prints "110"
}
int main(void)
{
func1();
func2();
}
Note that if shared
were declared at the bottom of the file, it wouldn’t compile. It has to be declared before any functions use it.
There are ways to further modify items at file scope, namely with static and extern, but we’ll talk more about those later.
for
-loop Scope I really don’t know what to call this, as C11 §6.8.5.3¶1 doesn’t give it a proper name. We’ve done it already a few times in this guide, as well. It’s when you declare a variable inside the first clause of a for
-loop:
for (int i = 0; i < 10; i++)
("%d\n", i);
printf
("%d\n", i); // ILLEGAL--i is only in scope for the for-loop printf
In that example, i
’s lifetime begins the moment it is defined, and continues for the duration of the loop.
If the loop body is enclosed in a block, the variables defined in the for
-loop are visible from that inner scope.
Unless, of course, that inner scope hides them. This crazy example prints 999
five times:
#include <stdio.h>
int main(void)
{
for (int i = 0; i < 5; i++) {
int i = 999; // Hides the i in the for-loop scope
printf("%d\n", i);
}
}
The C spec does refer to function scope, but it’s used exclusively with labels, something we haven’t discussed yet. More on that another day.
We’re used to char
, int
, and float
types, but it’s now time to take that stuff to the next level and see what else we have out there in the types department!
So far we’ve used int
as a signed type, that is, a value that can be either negative or positive. But C also has specific unsigned integer types that can only hold positive numbers.
These types are prefaced by the keyword unsigned
.
int a; // signed
signed int a; // signed
signed a; // signed, "shorthand" for "int" or "signed int", rare
unsigned int b; // unsigned
unsigned c; // unsigned, shorthand for "unsigned int"
Why? Why would you decide you only wanted to hold positive numbers?
Answer: you can get larger numbers in an unsigned variable than you can in a signed ones.
But why is that?
You can think of integers being represented by a certain number of bits92. On my computer, an int
is represented by 64 bits.
And each permutation of bits that are either 1
or 0
represents a number. We can decide how to divvy up these numbers.
With signed numbers, we use (roughly) half the permutations to represent negative numbers, and the other half to represent positive numbers.
With unsigned, we use all the permutations to represent positive numbers.
On my computer with 64-bit int
s using two’s complement93 to represent unsigned numbers, I have the following limits on integer range:
Type | Minimum | Maximum |
---|---|---|
int |
-9,223,372,036,854,775,808 |
9,223,372,036,854,775,807 |
unsigned int |
0 |
18,446,744,073,709,551,615 |
Notice that the largest positive unsigned int
is approximately twice as large as the largest positive int
. So you can get some flexibility there.
Remember char
? The type we can use to hold a single character?
char c = 'B';
("%c\n", c); // "B" printf
I have a shocker for you: it’s actually an integer.
char c = 'B';
// Change this from %c to %d:
("%d\n", c); // 66 (!!) printf
Deep down, char
is just a small int
, namely an integer that uses just a single byte of space, limiting its range to…
Here the C spec gets just a little funky. It assures us that a char
is a single byte, i.e. sizeof(char) == 1
. But then in C11 §3.6¶3 it goes out of its way to say:
A byte is composed of a contiguous sequence of bits, the number of which is implementation-defined.
Wait—what? Some of you might be used to the notion that a byte is 8 bits, right? I mean, that’s what it is, right? And the answer is, “Almost certainly.”94 But C is an old language, and machines back in the day had, shall we say, a more relaxed opinion over how many bits were in a byte. And through the years, C has retained this flexibility.
But assuming your bytes in C are 8 bits, like they are for virtually all machines in the world that you’ll ever see, the range of a char
is…
—So before I can tell you, it turns out that char
s might be signed or unsigned depending on your compiler. Unless you explicitly specify.
In many cases, just having char
is fine because you don’t care about the sign of the data. But if you need signed or unsigned char
s, you must be specific:
char a; // Could be signed or unsigned
signed char b; // Definitely signed
unsigned char c; // Definitely unsigned
OK, now, finally, we can figure out the range of numbers if we assume that a char
is 8 bits and your system uses the virtually universal two’s complement representation for signed and unsigned95.
So, assuming those constraints, we can finally figure our ranges:
char type |
Minimum | Maximum |
---|---|---|
signed char |
-128 |
127 |
unsigned char |
0 |
255 |
And the ranges for char
are implementation-defined.
Let me get this straight. char
is actually a number, so can we do math on it?
Yup! Just remember to keep things in the range of a char
!
What about those constant characters in single quotes, like 'B'
? How does that have a numeric value?
The spec is also hand-wavey here, since C isn’t designed to run on a single type of underlying system.
But let’s just assume for the moment that your character set is based on ASCII96 for at least the first 128 characters. In that case, the character constant will be converted to a char
whose value is the same as the ASCII value of the character.
That was a mouthful. Let’s just have an example:
#include <stdio.h>
int main(void)
{
char a = 10;
char b = 'B'; // ASCII value 66
printf("%d\n", a + b); // 76!
}
This depends on your execution environment and the character set used97. One of the most popular character sets today is Unicode98 (which is a superset of ASCII), so for your basic 0-9, A-Z, a-z and punctuation, you’ll almost certainly get the ASCII values out of them.
short
, long
, long long
So far we’ve just generally been using two integer types:
char
int
and we recently learned about the unsigned variants of the integer types. And we learned that char
was secretly a small int
in disguise. So we know the int
s can come in multiple bit sizes.
But there are a couple more integer types we should look at, and the minimum minimum and maximum values they can hold.
Yes, I said “minimum” twice. The spec says that these types will hold numbers of at least these sizes, so your implementation might be different. The header file <limits.h>
defines macros that hold the minimum and maximum integer values; rely on that to be sure, and never hardcode or assume these values.
These additional types are short int
, long int
, and long long int
. Commonly, when using these types, C developers leave the int
part off (e.g. long long
), and the compiler is perfectly happy.
// These two lines are equivalent:
long long int x;
long long x;
// And so are these:
short int x;
short x;
Let’s take a look at the integer data types and sizes in ascending order, grouped by signedness.
Type | Minimum Bytes | Minimum Value | Maximum Value |
---|---|---|---|
char |
1 | -127 or 0 | 127 or 25599 |
signed char |
1 | -127 | 127 |
short |
2 | -32767 | 32767 |
int |
2 | -32767 | 32767 |
long |
4 | -2147483647 | 2147483647 |
long long |
8 | -9223372036854775807 | 9223372036854775807 |
unsigned char |
1 | 0 | 255 |
unsigned short |
2 | 0 | 65535 |
unsigned int |
2 | 0 | 65535 |
unsigned long |
4 | 0 | 4294967295 |
unsigned long long |
8 | 0 | 18446744073709551615 |
There is no long long long
type. You can’t just keep adding long
s like that. Don’t be silly.
Two’s complement fans might have noticed something funny about those numbers. Why does, for example, the
signed char
stop at -127 instead of -128? Remember: these are only the minimums required by the spec. Some number representations (like sign and magnitude100) top off at ±127.
Let’s run the same table on my 64-bit, two’s complement system and see what comes out:
Type | My Bytes | Minimum Value | Maximum Value |
---|---|---|---|
char |
1 | -128 | 127101 |
signed char |
1 | -128 | 127 |
short |
2 | -32768 | 32767 |
int |
4 | -2147483648 | 2147483647 |
long |
8 | -9223372036854775808 | 9223372036854775807 |
long long |
8 | -9223372036854775808 | 9223372036854775807 |
unsigned char |
1 | 0 | 255 |
unsigned short |
2 | 0 | 65535 |
unsigned int |
4 | 0 | 4294967295 |
unsigned long |
8 | 0 | 18446744073709551615 |
unsigned long long |
8 | 0 | 18446744073709551615 |
That’s a little more sensible, but we can see how my system has larger limits than the minimums in the specification.
So what are the macros in <limits.h>
?
Type | Min Macro | Max Macro |
---|---|---|
char |
CHAR_MIN |
CHAR_MAX |
signed char |
SCHAR_MIN |
SCHAR_MAX |
short |
SHRT_MIN |
SHRT_MAX |
int |
INT_MIN |
INT_MAX |
long |
LONG_MIN |
LONG_MAX |
long long |
LLONG_MIN |
LLONG_MAX |
unsigned char |
0 |
UCHAR_MAX |
unsigned short |
0 |
USHRT_MAX |
unsigned int |
0 |
UINT_MAX |
unsigned long |
0 |
ULONG_MAX |
unsigned long long |
0 |
ULLONG_MAX |
Notice there’s a way hidden in there to determine if a system uses signed or unsigned char
s. If CHAR_MAX == UCHAR_MAX
, it must be unsigned.
Also notice there’s no minimum macro for the unsigned
variants—they’re just 0
.
double
and long double
Let’s see what the spec has to say about floating point numbers in §5.2.4.2.2¶1-2:
The following parameters are used to define the model for each floating-point type:
Parameter Definition \(s\) sign (\(\pm1\)) \(b\) base or radix of exponent representation (an integer \(> 1\)) \(e\) exponent (an integer between a minimum \(e_{min}\) and a maximum \(e_{max}\)) \(p\) precision (the number of base-\(b\) digits in the significand) \(f_k\) nonnegative integers less than \(b\) (the significand digits) A floating-point number (\(x\)) is defined by the following model:
\(x=sb^e\sum\limits_{k=1}^p f_kb^{-k},\) \(e_{min}\le e\le e_{max}\)
I hope that cleared it right up for you.
Okay, fine. Let’s step back a bit and see what’s practical.
Note: we refer to a bunch of macros in this section. They can be found in the header <float.h>
.
Floating point number are encoded in a specific sequence of bits (IEEE-754 format102 is tremendously popular) in bytes.
Diving in a bit more, the number is basically represented as the significand (which is the number part—the significant digits themselves, also sometimes referred to as the mantissa) and the exponent, which is what power to raise the digits to. Recall that a negative exponent can make a number smaller.
Imagine we’re using \(10\) as a number to raise by an exponent. We could represent the following numbers by using a significand of \(12345\), and exponents of \(-3\), \(4\), and \(0\) to encode the following floating point values:
\(12345\times10^{-3}=12.345\)
\(12345\times10^4=123450000\)
\(12345\times10^0=12345\)
For all those numbers, the significand stays the same. The only difference is the exponent.
On your machine, the base for the exponent is probably \(2\), not \(10\), since computers like binary. You can check it by printing the FLT_RADIX
macro.
So we have a number that’s represented by a number of bytes, encoded in some way. Because there are a limited number of bit patterns, a limited number of floating point numbers can be represented.
But more particularly, only a certain number of significant decimal digits can be represented accurately.
How can you get more? You can use larger data types!
And we have a couple of them. We know about float
already, but for more precision we have double
. And for even more precision, we have long double
(unrelated to long int
except by name).
The spec doesn’t go into how many bytes of storage each type should take, but on my system, we can see the relative size increases:
Type | sizeof |
---|---|
float |
4 |
double |
8 |
long double |
16 |
So each of the types (on my system) uses those additional bits for more precision.
But how much precision are we talking, here? How many decimal numbers can be represented by these values?
Well, C provides us with a bunch of macros in <float.h>
to help us figure that out.
It gets a little wonky if you are using a base-2 (binary) system for storing the numbers (which is virtually everyone on the planet, probably including you), but bear with me while we figure it out.
The million dollar question is, “How many significant decimal digits can I store in a given floating point type so that I get out the same decimal number when I print it?”
The number of decimal digits you can store in a floating point type and surely get the same number back out when you print it is given by these macros:
Type | Decimal Digits You Can Store | Minimum |
---|---|---|
float |
FLT_DIG |
6 |
double |
DBL_DIG |
10 |
long double |
LDBL_DIG |
10 |
On my system, FLT_DIG
is 6, so I can be sure that if I print out a 6 digit float
, I’ll get the same thing back. (It could be more digits—some numbers will come back correctly with more digits. But 6 is definitely coming back.)
For example, printing out float
s following this pattern of increasing digits, we apparently make it to 8 digits before something goes wrong, but after that we’re back to 7 correct digits.
0.12345
0.123456
0.1234567
0.12345678
0.123456791 <-- Things start going wrong 0.1234567910
Let’s do another demo. In this code we’ll have two float
s that both hold numbers that have FLT_DIG
significant decimal digits103. Then we add those together, for what should be 12 significant decimal digits. But that’s more than we can store in a float
and correctly recover as a string—so we see when we print it out, things start going wrong after the 7th significant digit.
#include <stdio.h>
#include <float.h>
int main(void)
{
// Both these numbers have 6 significant digits, so they can be
// stored accurately in a float:
float f = 3.14159f;
float g = 0.00000265358f;
printf("%.5f\n", f); // 3.14159 -- correct!
printf("%.11f\n", g); // 0.00000265358 -- correct!
// Now add them up
f += g; // 3.14159265358 is what f _should_ be
printf("%.11f\n", f); // 3.14159274101 -- wrong!
}
(The above code has an f
after the numeric constants—this indicates that the constant is type float
, as opposed to the default of double
. More on this later.)
Remember that FLT_DIG
is the safe number of digits you can store in a float
and retrieve correctly.
Sometimes you might get one or two more out of it. But sometimes you’ll only get FLT_DIG
digits back. The sure thing: if you store any number of digits up to and including FLT_DIG
in a float
, you’re sure to get them back correctly.
So that’s the story. FLT_DIG
. The End.
…Or is it?
But storing a base 10 number in a floating point number and getting it back out is only half the story.
Turns out floating point numbers can encode numbers that require more decimal places to print out completely. It’s just that your big decimal number might not map to one of those numbers.
That is, when you look at floating point numbers from one to the next, there’s a gap. If you try to encode a decimal number in that gap, it’ll use the closest floating point number. That’s why you can only encode FLT_DIG
for a float
.
But what about those floating point numbers that aren’t in the gap? How many places do you need to print those out accurately?
Another way to phrase this question is for any given floating point number, how many decimal digits do I have to preserve if I want to convert the decimal number back into an identical floating point number? That is, how many digits do I have to print in base 10 to recover all the digits in base 2 in the original number?
Sometimes it might only be a few. But to be sure, you’ll want to convert to decimal with a certain safe number of decimal places. That number is encoded in the following macros:
Macro | Description |
---|---|
FLT_DECIMAL_DIG |
Number of decimal digits encoded in a float . |
DBL_DECIMAL_DIG |
Number of decimal digits encoded in a double . |
LDBL_DECIMAL_DIG |
Number of decimal digits encoded in a long double . |
DECIMAL_DIG |
Same as the widest encoding, LDBL_DECIMAL_DIG . |
Let’s see an example where DBL_DIG
is 15 (so that’s all we can have in a constant), but DBL_DECIMAL_DIG
is 17 (so we have to convert to 17 decimal numbers to preserve all the bits of the original double
).
Let’s assign the 15 significant digit number 0.123456789012345
to x
, and let’s assign the 1 significant digit number 0.0000000000000006
to y
.
x is exact: 0.12345678901234500 Printed to 17 decimal places y is exact: 0.00000000000000060
But let’s add them together. This should give 0.1234567890123456
, but that’s more than DBL_DIG
, so strange things might happen… let’s look:
x + y not quite right: 0.12345678901234559 Should end in 4560!
That’s what we get for printing more than DBL_DIG
, right? But check this out… that number, above, is exactly representable as it is!
If we assign 0.12345678901234559
(17 digits) to z
and print it, we get:
z is exact: 0.12345678901234559 17 digits correct! More than DBL_DIG!
If we’d truncated z
down to 15 digits, it wouldn’t have been the same number. That’s why to preserve all the bits of a double
, we need DBL_DECIMAL_DIG
and not just the lesser DBL_DIG
.
All that being said, it’s clear that when we’re messing with decimal numbers in general, it’s not safe to print more than FLT_DIG
, DBL_DIG
, or LDBL_DIG
digits to be sensible in relation to the original base 10 numbers and any subsequent math.
But when converting from float
to a decimal representation and back to float
, definitely use FLT_DECIMAL_DIG
to do that so that all the bits are preserved exactly.
When you write down a constant number, like 1234
, it has a type. But what type is it? Let’s look at how C decides what type the constant is, and how to force it to choose a specific type.
In addition to good ol’ decimal like Grandma used to bake, C also supports constants of different bases.
If you lead a number with 0x
, it is read as a hex number:
int a = 0x1A2B; // Hexadecimal
int b = 0x1a2b; // Case doesn't matter for hex digits
("%x", a); // Print a hex number, "1a2b" printf
If you lead a number with a 0
, it is read as an octal number:
int a = 012;
("%o\n", a); // Print an octal number, "12" printf
This is particularly problematic for beginner programmers who try to pad decimal numbers on the left with 0
to line things up nice and pretty, inadvertently changing the base of the number:
int x = 11111; // Decimal 11111
int y = 00111; // Decimal 73 (Octal 111)
int z = 01111; // Decimal 585 (Octal 1111)
An unofficial extension104 in many C compilers allows you to represent a binary number with a 0b
prefix:
int x = 0b101010; // Binary 101010
("%d\n", x); // Prints 42 decimal printf
There’s no printf()
format specifier for printing a binary number. You have to do it a character at a time with bitwise operators.
You can force a constant integer to be a certain type by appending a suffix to it that indicates the type.
We’ll do some assignments to demo, but most often devs leave off the suffixes unless needed to be precise. The compiler is pretty good at making sure the types are compatible.
int x = 1234;
long int x = 1234L;
long long int x = 1234LL
unsigned int x = 1234U;
unsigned long int x = 1234UL;
unsigned long long int x = 1234ULL;
The suffix can be uppercase or lowercase. And the U
and L
or LL
can appear either one first.
Type | Suffix |
---|---|
int |
None |
long int |
L |
long long int |
LL |
unsigned int |
U |
unsigned long int |
UL |
unsigned long long int |
ULL |
I mentioned in the table that “no suffix” means int
… but it’s actually more complex than that.
So what happens when you have an unsuffixed number like:
int x = 1234;
What type is it?
What C will generally do is choose the smallest type from int
up that can hold the value.
But specifically, that depends on the number’s base (decimal, hex, or octal), as well.
The spec has a great table indicating which type gets used for what unsuffixed value. In fact, I’m just going to copy it wholesale right here.
C11 §6.4.4.1¶5 reads, “The type of an integer constant is the first of the first of the corresponding list in which its value can be represented.”
And then goes on to show this table:
Suffix | Decimal Constant | Octal or Hexadecimal Constant |
---|---|---|
none | int long int |
int unsigned int long int unsigned long int long long int unsigned long long int |
u or U |
unsigned int unsigned long int unsigned long long int |
unsigned int unsigned long int unsigned long long int |
l or L |
long int long long int |
long int unsigned long int long long int unsigned long long int |
Both u or U and l or L |
unsigned long int unsigned long long int |
unsigned long int unsigned long long int |
ll or LL |
long long int |
long long int unsigned long long int |
Both u or U and ll or LL |
unsigned long long int |
unsigned long long int |
What that’s saying is that, for example, if you specify a number like 123456789U
, first C will see if it can be unsigned int
. If it doesn’t fit there, it’ll try unsigned long int
. And then unsigned long long int
. It’ll use the smallest type that can hold the number.
You’d think that a floating point constant like 1.23
would have a default type of float
, right?
Surprise! Turns out unsuffiexed floating point numbers are type double
! Happy belated birthday!
You can force it to be of type float
by appending an f
(or F
—it’s case-insensitive). You can force it to be of type long double
by appending l
(or L
).
Type | Suffix |
---|---|
float |
F |
double |
None |
long double |
L |
For example:
float x = 3.14f;
double x = 3.14;
long double x = 3.14L;
This whole time, though, we’ve just been doing this, right?
float x = 3.14;
Isn’t the left a float
and the right a double
? Yes! But C’s pretty good with automatic numeric conversions, so it’s more common to have an unsuffixed floating point constant than not. More on that later.
Remember earlier when we talked about how a floating point number can be represented by a significand, base, and exponent?
Well, there’s a common way of writing such a number, shown here followed by it’s more recognizable equivalent which is what you get when you actually run the math:
\(1.2345\times10^3 = 1234.5\)
Writing numbers in the form \(s\times b^e\) is called scientific notation105. In C, these are written using “E notation”, so these are equivalent:
Scientific Notation | E notation |
---|---|
\(1.2345\times10^{-3}=0.0012345\) | 1.2345e-3 |
\(1.2345\times10^8=123450000\) | 1.2345e+8 |
You can print a number in this notation with %e
:
("%e\n", 123456.0); // Prints 1.234560e+05 printf
A couple little fun facts about scientific notation:
You don’t have to write them with a single leading digit before the decimal point. Any number of numbers can go in front.
double x = 123.456e+3; // 123456
However, when you print it, it will change the exponent so there is only one digit in front of the decimal point.
The plus can be left off the exponent, as it’s default, but this is uncommon in practice from what I’ve seen.
1.2345e10 == 1.2345e+10
You can apply the F
or L
suffixes to E-notation constants:
1.2345e10F
1.2345e10L
But wait, there’s more floating to be done!
Turns out there are hexadecimal floating point constants, as well!
These work similar to decimal floating point numbers, but they begin with a 0x
just like integer numbers.
The catch is that you must specify an exponent, and this exponent produces a power of 2. That is: \(2^x\).
And then you use a p
instead of an e
when writing the number:
So 0xa.1p3
is \(10.0625\times2^3 == 80.5\).
When using floating point hex constants, We can print hex scientific notation with %a
:
double x = 0xa.1p3;
("%a\n", x); // 0x1.42p+6
printf("%f\n", x); // 80.500000 printf
In this chapter, we want to talk all about converting from one type to another. C has a variety of ways of doing this, and some might be a little different that you’re used to in other languages.
Before we talk about how to make conversions happen, let’s talk about how they work when they do happen.
Unlike many languages, C doesn’t do string-to-number (and vice-versa) conversions in quite as streamlined a manner as it does numeric conversions.
For these, we’ll have to call functions to do the dirty work.
When we want to convert a number to a string, we can use either sprintf()
(pronounced SPRINT-f) or snprintf()
(s-n-print-f)106
These basically work like printf()
, except they output to a string instead, and you can print that string later, or whatever.
For example, turning part of the value π into a string:
#include <stdio.h>
int main(void)
{
char s[10];
float f = 3.14159;
// Convert "f" to string, storing in "s", writing at most 10 characters
// including the NUL terminator
snprintf(s, 10, "%f", f);
printf("String value: %s\n", s); // String value: 3.141590
}
So you can use %d
or %u
like you’re used to for integers.
There are a couple families of functions to do this in C. We’ll call these the atoi
(pronounced a-to-i) family and the strtol
(stir-to-long) family.
For basic conversion from a string to a number, try the atoi
functions from <stdlib.h>
. These have bad error-handling characteristics (including undefined behavior if you pass in a bad string), so use them carefully.
Function | Description |
---|---|
atoi |
String to int |
atof |
String to float |
atol |
String to long int |
atoll |
String to long long int |
Though the spec doesn’t cop to it, the a
at the beginning of the function stands for ASCII107, so really atoi()
is “ASCII-to-integer”, but saying so today is a bit ASCII-centric.
Here’s an example converting a string to a float
:
#include <stdio.h>
#include <stdlib.h>
int main(void)
{
char *pi = "3.14159";
float f;
f = atof(pi);
printf("%f\n", f);
}
But, like I said, we get undefined behavior from weird things like this:
int x = atoi("what"); // "What" ain't no number I ever heard of
(When I run that, I get 0
back, but you really shouldn’t count on that in any way. You could get something completely different.)
For better error handling characteristics, let’s check out all those strtol
functions, also in <stdlib.h>
. Not only that, but they convert to more types and more bases, too!
Function | Description |
---|---|
strtol |
String to long int |
strtoll |
String to long long int |
strtoul |
String to unsigned long int |
strtoull |
String to unsigned long long int |
strtof |
String to float |
strtod |
String to double |
strtold |
String to long double |
These functions all follow a similar pattern of use, and are a lot of people’s first experience with pointers to pointers! But never fret—it’s easier than it looks.
Let’s do an example where we convert a string to an unsigned long
, discarding error information (i.e. information about bad characters in the input string):
#include <stdio.h>
#include <stdlib.h>
int main(void)
{
char *s = "3490";
// Convert string s, a number in base 10, to an unsigned long int.
// NULL means we don't care to learn about any error information.
unsigned long int x = strtoul(s, NULL, 10);
printf("%lu\n", x); // 3490
}
Notice a couple things there. Even though we didn’t deign to capture any information about error characters in the string, strtoul()
won’t give us undefined behavior; it will just return 0
.
Also, we specified that this was a decimal (base 10) number.
Does this mean we can convert numbers of different bases? Sure! Let’s do binary!
#include <stdio.h>
#include <stdlib.h>
int main(void)
{
char *s = "101010"; // What's the meaning of this number?
// Convert string s, a number in base 2, to an unsigned long int.
unsigned long int x = strtoul(s, NULL, 2);
printf("%lu\n", x); // 42
}
OK, that’s all fun and games, but what’s with that NULL
in there? What’s that for?
That helps us figure out if an error occurred in the processing of the string. It’s a pointer to a pointer to a char
, which sounds scary, but isn’t once you wrap your head around it.
Let’s do an example where we feed in a deliberately bad number, and we’ll see how strtol()
lets us know where the first invalid digit is.
#include <stdio.h>
#include <stdlib.h>
int main(void)
{
char *s = "34x90"; // "x" is not a valid digit in base 10!
char *badchar;
// Convert string s, a number in base 10, to an unsigned long int.
unsigned long int x = strtoul(s, &badchar, 10);
// It tries to convert as much as possible, so gets this far:
printf("%lu\n", x); // 34
// But we can see the offending bad character because badchar
// points to it!
printf("Invalid character: %c\n", *badchar); // "x"
}
So there we have strtoul()
modifying what badchar
points to in order to show us where things went wrong108.
But what if nothing goes wrong? In that case, badchar
will point to the NUL
terminator at the end of the string. So we can test for it:
#include <stdio.h>
#include <stdlib.h>
int main(void)
{
char *s = "3490"; // "x" is not a valid digit in base 10!
char *badchar;
// Convert string s, a number in base 10, to an unsigned long int.
unsigned long int x = strtoul(s, &badchar, 10);
// Check if things went well
if (*badchar == '\0') {
printf("Success! %lu\n", x);
} else {
printf("Partial conversion: %lu\n", x);
printf("Invalid character: %c\n", *badchar);
}
}
So there you have it. The atoi()
-style functions are good in a controlled pinch, but the strtol()
-style functions give you far more control over error handling and the base of the input.
char
ConversionsWhat if you have a single character with a digit in it, like '5'
… Is that the same as the value 5
?
Let’s try it and see.
("%d %d\n", 5, '5'); printf
On my UTF-8 system, this prints:
5 53
So… no. And 53? What is that? That’s the UTF-8 (and ASCII) code point for the character symbol '5'
109
So how do we convert the character '5'
(which apparently has value 53) into the value 5
?
With one clever trick, that’s how!
The C Standard guarantees that these character will have code points that are in sequence and in this order:
0 1 2 3 4 5 6 7 8 9
Ponder for a second–how can we use that? Spoilers ahead…
Let’s take a look at the characters and their code points in UTF-8:
0 1 2 3 4 5 6 7 8 9 48 49 50 51 52 53 54 55 56 57
You see there that '5'
is 53
, just like we were getting. And '0'
is 48
.
So we can subtract '0'
from any digit character to get its numeric value:
char c = '6';
int x = c; // x has value 54, the code point for '6'
int y = c - '0'; // y has value 6, just like we want
And we can convert the other way, too, just by adding the value on.
int x = 6;
char c = x + '0'; // c has value 54
("%d\n", c); // prints 54
printf("%c\n", c); // prints 6 with %c printf
You might think this is a weird way to do this conversion, and by today’s standards, it certainly is. But back in the olden days when computers were made literally out of wood, this was the method for doing this conversion. And it wasn’t broke, so C never fixed it.
If you convert a zero to bool
, the result is 0
. Otherwise it’s 1
.
If an integer type is converted to unsigned and doesn’t fit in it, the unsigned result wraps around odometer-style until it fits in the unsigned110.
If an integer type is converted to a signed number and doesn’t fit, the result is implementation-defined! Something documented will happen, but you’ll have to look it up111
If a floating point type is converted to an integer type, the fractional part is discarded with prejudice112.
But—and here’s the catch—if the number is too large to fit in the integer, you get undefined behavior. So don’t do that.
Going From integer or floating point to floating point, C makes a best effort to find the closest floating point number to the integer that it can.
Again, though, if the original value can’t be represented, it’s undefined behavior.
These are conversions the compiler does automatically for you when you mix and match types.
In a number of places, if an int
can be used to represent a value from char
or short
(signed or unsigned), that value is promoted up to int
. If it doesn’t fit in an int
, it’s promoted to unsigned int
.
This is how we can do something like this:
char x = 10, y = 20;
int i = x + y;
In that case, x
and y
get promoted to int
by C before the math takes place.
The integer promotions take place during The Usual Arithmetic Conversions, with variadic functions113, unary +
and -
operators, or when passing values to functions without prototypes114.
These are automatic conversions that C does around numeric operations that you ask for. (That’s actually what they’re called, by the way, by C11 §6.3.1.8.) Note that for this section, we’re just talking about numeric types—strings will come later.
These conversions answer questions about what happens when you mix types, like this:
int x = 3 + 1.2; // Mixing int and double
// 4.2 is converted to int
// 4 is stored in x
float y = 12 * 2; // Mixing float and int
// 24 is converted to float
// 24.0 is stored in y
Do they become int
s? Do they become float
s? How does it work?
Here are the steps, paraphrased for easy consumption.
If one thing in the expression is a floating type, convert the other things to that floating type.
Otherwise, if both types are integer types, perform the integer promotions on each, then make the operand types as big as they need to be hold the common largest value. Sometimes this involves changing signed to unsigned.
If you want to know the gritty details, check out C11 §6.3.1.8. But you probably don’t.
Just generally remember that int types become float types if there’s a floating point type anywhere in there, and the compiler makes an effort to make sure mixed integer types don’t overflow.
Finally, if you convert from one floating point type to another, the compiler will try to make an exact conversion. If it can’t, it’ll do the best approximation it can. If the number is too large to fit in the type you’re converting into, boom: undefined behavior!
void*
The void*
type is interesting because it can be converted from or to any pointer type.
int x = 10;
void *p = &x; // &x is type int*, but we store it in a void*
int *q = p; // p is void*, but we store it in an int*
These are conversions from type to type that you have to ask for; the compiler won’t do it for you.
You can convert from one type to another by assigning one type to another with an =
.
You can also convert explicitly with a cast.
You can explicitly change the type of an expression by putting a new type in parentheses in front of it. Some C devs frown on the practice unless absolutely necessary, but it’s likely you’ll come across some C code with these in it.
Let’s do an example where we want to convert an int
into a long
so that we can store it in a long
.
Note: this example is contrived and the cast in this case is completely unnecessary because the x + 12
expression would automatically be changed to long int
to match the wider type of y
.
int x = 10;
long int y = (long int)x + 12;
In that example, even those x
was type int
before, the expression (long int)x
has type long int
. We say, “We cast x
to long int
.”
More commonly, you might see a cast being used to convert a void*
into a specific pointer type so it can be dereferenced.
A callback from the built-in qsort()
function might display this behavior since it has void*
s passed into it:
int compar(const void *elem1, const void *elem2)
{
if (*((const int*)elem2) > *((const int*)elem1)) return 1;
if (*((const int*)elem2) < *((const int*)elem1)) return -1;
return 0;
}
But you could also clearly write it with an assignment:
int compar(const void *elem1, const void *elem2)
{
const int *e1 = elem1;
const int *e2 = elem2;
return *e2 - *e1;
}
One place you’ll see casts more commonly is to avoid a warning when printing pointer values with the rarely-used %p
which gets picky with anything other than a void*
:
int x = 3490;
int *p = &x;
("%p\n", p); printf
generates this warning:
warning: format ‘%p’ expects argument of type ‘void *’, but argument 2 has type ‘int *’
You can fix it with a cast:
("%p\n", (void *)p); printf
Another place is with explicit pointer changes, if you don’t want to use an intervening void*
, but these are also pretty uncommon:
long x = 3490;
long *p = &x;
unsigned char *c = (unsigned char *)p;
A third place it’s often required is with the character conversion functions in <ctype.h>
115 where you should cast questionably-signed values to unsigned char
to avoid undefined behavior.
Again, casting is rarely needed in practice. If you find yourself casting, there might be another way to do the same thing, or maybe you’re casting unnecessarily.
Or maybe it is necessary. Personally, I try to avoid it, but am not afraid to use it if I have to.
Now that we have some more types under our belts, turns out we can give these types some additional attributes that control their behavior. These are the type qualifiers and storage-class specifiers.
These are going to allow you to declare constant values, and also to give the compiler optimization hints that it can use.
const
This is the most common type qualifier you’ll see. It means the variable is constant, and any attempt to modify it will result in a very angry compiler.
const int x = 2;
= 4; // COMPILER PUKING SOUNDS, can't assign to a constant x
You can’t change a const
value.
Often you see const
in parameter lists for functions:
void foo(const int x)
{
("%d\n", x + 30); // OK, doesn't modify "x"
printf}
const
and PointersThis one gets a little funky, because there are two usages that have two meanings when it comes to pointers.
For one thing, we can make it so you can’t change the thing the pointer points to. You do this by putting the const
up front with the type name (before the asterisk) in the type declaration.
int x[] = {10, 20};
const int *p = x;
++; // We can modify p, no problem
p
*p = 30; // Compiler error! Can't change what it points to
Somewhat confusingly, these two things are equivalent:
const int *p; // Can't modify what p points to
int const *p; // Can't modify what p points to, just like the previous line
Great, so we can’t change the thing the pointer points to, but we can change the pointer itself. What if we want the other way around? We want to be able to change what the pointer points to, but not the pointer itself?
Just move the const
after the asterisk in the declaration:
int *const p; // We can't modify "p" with pointer arithmetic
++; // Compiler error! p
But we can modify what they point to:
int x = 10;
int *const p = &x;
*p = 20; // Set "x" to 20, no problem
You can also do make both things const
:
const int *const p; // Can't modify p or *p!
Finally, if you have multiple levels of indirection, you should const
the appropriate levels. Just because a pointer is const
, doesn’t mean the pointer it points to must also be. You can explicitly set them like in the following examples:
char **p;
++; // OK!
p(*p)++; // OK!
char **const p;
++; // Error!
p(*p)++; // OK!
char *const *p;
++; // OK!
p(*p)++; // Error!
char *const *const p;
++; // Error!
p(*p)++; // Error!
const
CorrectnessOne more thing I have to mention is that the compiler will warn on something like this:
const int x = 20;
int *p = &x;
saying something to the effect of:
initialization discards 'const' qualifier from pointer type target
What’s happening there?
Well, we need to look at the types on either side of the assignment:
const int x = 20;
int *p = &x;
// ^ ^
// | |
// int* const int*
The compiler is warning us that the value on the right side of the assignment is const
, but the one of the left is not. And the compiler is letting us know that it is discarding the “const-ness” of the expression on the right.
That is, we can still try to do the following, but it’s just wrong. The compiler will warn, and it’s undefined behavior:
const int x = 20;
int *p = &x;
*p = 40; // Undefined behavior--maybe it modifies "x", maybe not!
("%d\n", x); // 40, if you're lucky printf
restrict
TLDR: you never have to use this and you can ignore it every time you see it. If you use it correctly, you will likely realize some performance gain. If you use it incorrectly, you will realize undefined behavior.
restrict
is a hint to the compiler that a particular piece of memory will only be accessed by one pointer and never another. (That is, there will be no aliasing of the particular object the restrict
pointer points to.) If a developer declares a pointer to be restrict
and then accesses the object it points to in another way (e.g. via another pointer), the behavior is undefined.
Basically you’re telling C, “Hey—I guarantee that this one single pointer is the only way I access this memory, and if I’m lying, you can pull undefined behavior on me.”
And C uses that information to perform certain optimizations. For instance, if you’re dereferencing the restrict
pointer repeatedly in a loop, C might decide to cache the result in a register and only store the final result once the loop completes. If any other pointer referred to that same memory and accessed it in the loop, the results would not be accurate.
(Note that restrict
has no effect if the object pointed to is never written to. It’s all about optimizations surrounding writes to memory.)
Let’s write a function to swap two variables, and we’ll use the restrict
keyword to assure C that we’ll never pass in pointers to the same thing. And then let’s blow it and try passing in pointers to the same thing.
void swap(int *restrict a, int *restrict b)
{
int t;
t = *a;
*a = *b;
*b = t;
}
int main(void)
{
int x = 10, y = 20;
swap(&x, &y); // OK! "a" and "b", above, point to different things
swap(&x, &x); // Undefined behavior! "a" and "b" point to the same thing
}
If we were to take out the restrict
keywords, above, that would allow both calls to work safely. But then the compiler might not be able to optimize.
restrict
has block scope, that is, the restriction only lasts for the scope it’s used. If it’s in a parameter list for a function, it’s in the block scope of that function.
If the restricted pointer points to an array, it only applies to the individual objects in the array. Other pointers could read and write from the array as long as they didn’t read or write any of the same elements as the restricted one.
If it’s outside any function in file scope, the restriction covers the entire program.
You’re likely to see this in library functions like printf()
:
int printf(const char * restrict format, ...);
Again, that’s just telling the compiler that inside the printf()
function, there will be only one pointer that refers to any part of that format
string.
One last note: if you’re using array notation in your function parameter for some reason instead of pointer notation, you can use restrict
like so:
void foo(int p[restrict]) // With no size
void foo(int p[restrict 10]) // Or with a size
But pointer notation would be more common.
volatile
You’re unlikely to see or need this unless you’re dealing with hardware directly.
volatile
tells the compiler that a value might change behind its back and should be looked up every time.
An example might be where the compiler is looking in memory at an address that continuously updates behind the scenes, e.g. some kind of hardware timer.
If the compiler decides to optimize that and store the value in a register for a protracted time, the value in memory will update and won’t be reflected in the register.
By declaring something volatile
, you’re telling the compiler, “Hey, the thing this points at might change at any time for reasons outside this program code.”
volatile int *p;
_Atomic
This is an optional C feature that we’ll talk about in the Atomics chapter.
Storage-class specifiers are similar to type quantifiers. They give the compiler more information about the type of a variable.
auto
You barely ever see this keyword, since auto
is the default for block scope variables. It’s implied.
These are the same:
{
int a; // auto is the default...
auto int a; // So this is redundant
}
The auto
keyword indicates that this object has automatic storage duration. That is, it exists in the scope in which it is defined, and is automatically deallocated when the scope is exited.
One gotcha about automatic variables is that their value is indeterminate until you explicitly initialize them. We say they’re full of “random” or “garbage” data, though neither of those really makes me happy. In any case, you won’t know what’s in it unless you initialize it.
Always initialize all automatic variables before use!
static
This keyword has two meanings, depending on if the variable is file scope or block scope.
Let’s start with block scope.
static
in Block ScopeIn this case, we’re basically saying, “I just want a single instance of this variable to exist, shared between calls.”
That is, its value will persist between calls.
static
in block scope with an initializer will only be initialized one time on program startup, not each time the function is called.
Let’s do an example:
#include <stdio.h>
void counter(void)
{
static int count = 1; // This is initialized one time
printf("This has been called %d time(s)\n", count);
count++;
}
int main(void)
{
counter(); // "This has been called 1 time(s)"
counter(); // "This has been called 2 time(s)"
counter(); // "This has been called 3 time(s)"
counter(); // "This has been called 4 time(s)"
}
See how the value of count
persists between calls?
One thing of note is that static
block scope variables are initialized to 0
by default.
static int foo; // Default starting value is `0`...
static int foo = 0; // So the `0` assignment is redundant
Finally, be advised that if you’re writing multithreaded programs, you have to be sure you don’t let multiple threads trample the same variable.
static
in File ScopeWhen you get out to file scope, outside any blocks, the meaning rather changes.
Variables at file scope already persist between function calls, so that behavior is already there.
Instead what static
means in this context is that this variable isn’t visible outside of this particular source file. Kinda like “global”, but only in this file.
More on that in the section about building with multiple source files.
extern
The extern
storage-class specifier gives us a way to refer to objects in other source files.
Let’s say, for example, the file bar.c
had the following as its entirety:
Just that. Declaring a new int a
in file scope.
But what if we had another source file, foo.c
, and we wanted to refer to the a
that’s in bar.c
?
It’s easy with the extern
keyword:
// foo.c
extern int a;
int main(void)
{
printf("%d\n", a); // 37, from bar.c!
a = 99;
printf("%d\n", a); // Same "a" from bar.c, but it's now 99
}
We could have also made the extern int a
in block scope, and it still would have referred to the a
in bar.c
:
// foo.c
int main(void)
{
extern int a;
printf("%d\n", a); // 37, from bar.c!
a = 99;
printf("%d\n", a); // Same "a" from bar.c, but it's now 99
}
Now, if a
in bar.c
had been marked static
. this wouldn’t have worked. static
variables at file scope are not visible outside that file.
A final note about extern
on functions. For functions, extern
is the default, so it’s redundant. You can declare a function static
if you only want it visible in a single source file.
register
This is a keyword to hint to the compiler that this variable is frequently-used, and should be made as fast as possible to access. The compiler is under no obligation to agree to it.
Now, modern C compiler optimizers are pretty effective at figuring this out themselves, so it’s rare to see these days.
But if you must:
#include <stdio.h>
int main(void)
{
register int a; // Make "a" as fast to use as possible.
for (a = 0; a < 10; a++)
printf("%d\n", a);
}
It does come at a price, however. You can’t take the address of a register:
register int a;
int *p = &a; // COMPILER ERROR! Can't take address of a register
The same applies to any part of an array:
register int a[] = {11, 22, 33, 44, 55};
int *p = a; // COMPILER ERROR! Can't take address of a[0]
Or dereferencing part of an array:
register int a[] = {11, 22, 33, 44, 55};
int a = *(a + 2); // COMPILER ERROR! Address of a[0] taken
Interestingly, for the equivalent with array notation, gcc only warns:
register int a[] = {11, 22, 33, 44, 55};
int a = a[2]; // COMPILER WARNING!
with:
warning: ISO C forbids subscripting ‘register’ array
The fact that you can’t take the address of a register variable frees the compiler up to make optimizations around that assumption if it hasn’t figured them out already. Also adding register
to a const
variable prevents one from accidentally passing its pointer to another function that willfully ignore its constness116.
A bit of historic backstory, here: deep inside the CPU are little dedicated “variables” called registers117. They are super fast to access compared to RAM, so using them gets you a speed boost. But they’re not in RAM, so they don’t have an associated memory address (which is why you can’t take the address-of or get a pointer to them).
But, like I said, modern compilers are really good at producing optimal code, using registers whenever possible regardless of whether or not you specified the register
keyword. Not only that, but the spec allows them to just treat it as if you’d typed auto
, if they want. So no guarantees.
_Thread_local
When you’re using multiple threads and you have some variables in either global or static
block scope, this is a way to make sure that each thread gets its own copy of the variable. This’ll help you avoid race conditions and threads stepping on each other’s toes.
If you’re in block scope, you have to use this along with either extern
or static
.
Also, if you include <threads.h>
, you can use the rather more palatable thread_local
as an alias for the uglier _Thread_local
.
More information can be found in the Threads section.
So far we’ve been looking at toy programs that for the most part fit in a single file. But complex C programs are made up of many files that are all compiled and linked together into a single executable.
In this chapter we’ll check out some of the common patterns and practices for putting together larger projects.
A really common situation is that some of your functions are defined in one file, and you want to call them from another.
This actually works out of the box with a warning… let’s first try it and then look at the right way to fix the warning.
For these examples, we’ll put the filename as the first comment in the source.
To compile them, you’ll need to specify all the sources on the command line:
# output file source files
# v v
# |----| |---------|
gcc -o foo foo.c bar.c
In that examples, foo.c
and bar.c
get built into the executable named foo
.
So let’s take a look at the source file bar.c
:
And the file foo.c
with main in it:
See how from main()
we call add()
—but add()
is in a completely different source file! It’s in bar.c
, while the call to it is in foo.c
!
If we build this with:
gcc -o foo foo.c bar.c
we get this error:
error: implicit declaration of function 'add' is invalid in C99
(Or you might get a warning. Which you should not ignore. Never ignore warnings in C; address them all.)
If you recall from the section on prototypes, implicit declarations are banned in modern C and there’s no legitimate reason to introduce them into new code. We should fix it.
What implicit declaration
means is that we’re using a function, namely add()
in this case, without letting C know anything about it ahead of time. C wants to know what it returns, what types it takes as arguments, and things such as that.
We saw how to fix that earlier with a function prototype. Indeed, if we add one of those to foo.c
before we make the call, everything works well:
// File foo.c
#include <stdio.h>
int add(int, int); // Add the prototype
int main(void)
{
printf("%d\n", add(2, 3)); // 5!
}
No more error!
But that’s a pain—needing to type in the prototype every time you want to use a function. I mean, we used printf()
right there and didn’t need to type in a prototype; what gives?
If you remember from what back with hello.c
at the beginning of the book, we actually did include the prototype for printf()
! It’s in the file stdio.h
! And we included that with #include
!
Can we do the same with our add()
function? Make a prototype for it and put it in a header file?
Sure!
Header files in C have a .h
extension by default. And they often, but not always, have the same name as their corresponding .c
file. So let’s make a bar.h
file for our bar.c
file, and we’ll stick the prototype in it:
And now let’s modify foo.c
to include that file. Assuming it’s in the same directory, we include it inside double quotes (as opposed to angle brackets):
// File foo.c
#include <stdio.h>
#include "bar.h" // Include from current directory
int main(void)
{
printf("%d\n", add(2, 3)); // 5!
}
Notice how we don’t have the prototype in foo.c
anymore—we included it from bar.h
. Now any file that wants that add()
functionality can just #include "bar.h"
to get it, and you don’t need to worry about typing in the function prototype.
As you might have guessed, #include
literally includes the named file right there in your source code, just as if you’d typed it in.
And building and running:
./foo
5
Indeed, we get the result of \(2+3\)! Yay!
But don’t crack open your drink of choice quite yet. We’re almost there! There’s just one more piece of boilerplate we have to add.
It’s not uncommon that a header file will itself #include
other headers needed for the functionality of its corresponding C files. I mean, why not?
And it could be that you have a header #include
d multiple times from different places. Maybe that’s no problem, but maybe it would cause compiler errors. And we can’t control how many places #include
it!
Even, worse we might get into a crazy situation where header a.h
includes header b.h
, and b.h
includes a.h
! It’s an #include
infinite cycle!
Trying to build such a thing gives an error:
error: #include nested depth 200 exceeds maximum of 200
What we need to do is make it so that if a file gets included once, subsequent #include
s for that file are ignored.
The stuff that we’re about to do is so common that you should just automatically do it every time you make a header file!
And the common way to do this is with a preprocessor variable that we set the first time we #include
the file. And then for subsequent #include
s, we first check to make sure that the variable isn’t defined.
For that variable name, it’s super common to take the name of the header file, like bar.h
, make it uppercase, and replace the period with an underscore: BAR_H
.
So put a check at the very, very top of the file where you see if it’s already been included, and effectively comment the whole thing out if it has.
(Don’t put a leading underscore (because a leading underscore followed by a capital letter is reserved) or a double leading underscore (because that’s also reserved.))
#ifndef BAR_H // If BAR_H isn't defined...
#define BAR_H // Define it (with no particular value)
// File bar.h
int add(int, int);
#endif // End of the #ifndef BAR_H
This will effectively cause the header file to be included only a single time, no matter how many places try to #include
it.
static
and extern
When it comes to multifile projects, you can make sure file-scope variables and functions are not visible from other source files with the static
keyword.
And you can refer to objects in other files with extern
.
For more info, check out the sections in the book on the static
and extern
storage-class specifiers.
This isn’t part of the spec, but it’s 99.999% common in the C world.
You can compile C files into an intermediate representation called object files. These are compiled machine code that hasn’t been put into an executable yet.
Object files in Windows have a .OBJ
extension; in Unix-likes, they’re .o
.
In gcc, we can build some like this, with the -c
(compile only!) flag:
gcc -c foo.c # produces foo.o
gcc -c bar.c # produces bar.o
And then we can link those together into a single executable:
gcc -o foo foo.o bar.o
Voila, we’ve produced an executable foo
from the two object files.
But you’re thinking, why bother? Can’t we just:
gcc -o foo foo.c bar.c
and kill two boids118 with one stone?
For little programs, that’s fine. I do it all the time.
But for larger programs, we can take advantage of the fact that compiling from source to object files is relatively slow, and linking together a bunch of object files is relatively fast.
This really shows with the make
utility that only rebuilds sources that are newer than their outputs.
Let’s say you had a thousand C files. You could compile them all to object files to start (slowly) and then combine all those object files into an executable (fast).
Now say you modified just one of those C source files—here’s the magic: you only have to rebuild that one object file for that source file! And then you rebuild the executable (fast). All the other C files don’t have to be touched.
In other words, by only rebuilding the object files we need to, we cut down on compilation times radically. (Unless of course you’re doing a “clean” build, in which case all the object files have to be created.)
When you run a program, it’s actually you talking to the shell, saying, “Hey, please run this thing.” And the shell says, “Sure,” and then tells the operating system, “Hey, could you please make a new process and run this thing?” And if all goes well, the OS complies and your program runs.
But there’s a whole world outside your program in the shell that can be interacted with from within C. We’ll look at a few of those in this chapter.
Many command line utilities accept command line arguments. For example, if we want to see all files that end in .txt
, we can type something like this on a Unix-like system:
ls *.txt
(or dir
instead of ls
on a Windows system).
In this case, the command is ls
, but it arguments are all all files that end with .txt
119.
So how can we see what is passed into program from the command line?
Say we have a program called add
that adds all numbers passed on the command line and prints the result:
./add 10 30 5
45
That’s gonna pay the bills for sure!
But seriously, this is a great tool for seeing how to get those arguments from the command line and break them down.
First, let’s see how to get them at all. For this, we’re going to need a new main()
!
Here’s a program that prints out all the command line arguments. For example, if we name the executable foo
, we can run it like this:
./foo i like turtles
and we’ll see this output:
arg 0: ./foo
arg 1: i
arg 2: like arg 3: turtles
It’s a little weird, because the zeroth argument is the name of the executable, itself. But that’s just something to get used to. The arguments themselves follow directly.
Source:
#include <stdio.h>
int main(int argc, char *argv[])
{
for (int i = 0; i < argc; i++) {
printf("arg %d: %s\n", i, argv[i]);
}
}
Whoa! What’s going on with the main()
function signature? What’s argc
and argv
120 (pronounced arg-cee and arg-vee)?
Let’s start with the easy one first: argc
. This is the argument count, including the program name, itself. If you think of all the arguments as an array of strings, which is exactly what they are, then you can think of argc
as the length of that array, which is exactly what it is.
And so what we’re doing in that loop is going through all the argv
s and printing them out one at a time, so for a given input:
./foo i like turtles
we get a corresponding output:
arg 0: ./foo
arg 1: i
arg 2: like arg 3: turtles
With that in mind, we should be good to go with our adder program.
Our plan:
argv[0]
, the program name)Let’s get to it!
#include <stdio.h>
#include <stdlib.h>
int main(int argc, char **argv)
{
int total = 0;
for (int i = 1; i < argc; i++) { // Start at 1, the first argument
int value = atoi(argv[i]); // Use strtol() for better error handling
total += value;
}
printf("%d\n", total);
}
Sample runs:
$ ./add
0
$ ./add 1
1
$ ./add 1 2
3
$ ./add 1 2 3
6
$ ./add 1 2 3 4
10
Of course, it might puke if you pass in a non-integer, but hardening against that is left as an exercise to the reader.
argv
is NULL
One bit of fun trivia about argv
is that after the last string is a pointer to NULL
.
That is:
[argc] == NULL argv
is always true!
This might seem pointless, but it turns out to be useful in a couple places; we’ll take a look at one of those right now.
char **argv
Remember that when you call a function, C doesn’t differentiate between array notation and pointer notation in the function signature.
That is, these are the same:
void foo(char a[])
void foo(char *a)
Now, it’s been convenient to think of argv
as an array of strings, i.e. an array of char*
s, so this made sense:
int main(int argc, char *argv[])
but because of the equivalence, you could also write:
int main(int argc, char **argv)
Yeah, that’s a pointer to a pointer, all right! If it makes it easier, think of it as a pointer to a string. But really, it’s a pointer to a value that points to a char
.
Also recall that these are equivalent:
[i]
argv*(argv + i)
which means you can do pointer arithmetic on argv
.
So an alternate way to consume the command line arguments might be to just walk along the argv
array by bumping up a pointer until we hit that NULL
at the end.
Let’s modify our adder to do that:
#include <stdio.h>
#include <stdlib.h>
int main(int argc, char **argv)
{
int total = 0;
// Cute trick to get the compiler to stop warning about the
// unused variable argc:
(void)argc;
for (char **p = argv + 1; *p != NULL; p++) {
int value = atoi(*p); // Use strtol() for better error handling
total += value;
}
printf("%d\n", total);
}
Personally, I use array notation to access argv
, but have seen this style floating around, as well.
Just a few more things about argc
and argv
.
Some environments might not set argv[0]
to the program name. If it’s not available, argv[0]
will be an empty string. I’ve never seen this happen.
The spec is actually pretty liberal with what an implementation can do with argv
and where those values come from. But every system I’ve been on works the same way, as we’ve discussed in this section.
You can modify argc
, argv
, or any of the strings that argv
points to. (Just don’t make those strings longer than they already are!)
On some Unix-like systems, modifying the string argv[0]
results in the output of ps
changing121.
Normally, if you have a program called foo
that you’ve run with ./foo
, you might see this in the output of ps
:
4078 tty1 S 0:00 ./foo
But if you modify argv[0]
like so, being careful that the new string "Hi! "
is the same length as the old one "./foo"
:
(argv[0], "Hi! "); strcpy
and then run ps
while the program ./foo
is still executing, we’ll see this instead:
4079 tty1 S 0:00 Hi!
This behavior is not in the spec and is highly system-dependent.
Did you notice that the function signatures for main()
have it returning type int
? What’s that all about? It has to do with a thing called the exit status, which is an integer that can be returned to the program that launched yours to let it know how things went.
Now, there are a number of ways a program can exit in C, including return
ing from main()
, or calling one of the exit()
variants.
All of these methods accept an int
as an argument.
Side note: did you see that in basically all my examples, even though main()
is supposed to return an int
, I don’t actually return
anything? In any other function, this would be illegal, but there’s a special case in C: if execution reaches the end of main()
without finding a return
, it automatically does a return 0
.
But what does the 0
mean? What other numbers can we put there? And how are they used?
The spec is both clear and vague on the matter, as is common. Clear because it spells out what you can do, but vague in that it doesn’t particularly limit it, either.
Nothing for it but to forge ahead and figure it out!
Let’s get Inception122 for a second: turns out that when you run your program, you’re running it from another program.
Usually this other program is some kind of shell123 that doesn’t do much on its own except launch other programs.
But this is a multi-phase process, especially visible in command-line shells:
Now, there’s a little piece of communication that takes place between steps 4 and 5: the program can return a status value that the shell can interrogate. Typically, this value is used to indicate the success or failure of your program, and, if a failure, what type of failure.
This value is what we’ve been return
ing from main()
. That’s the status.
Now, the C spec allows for two different status values, which have macro names defined in <stdlib.h>
:
Status | Description |
---|---|
EXIT_SUCCESS or 0 |
Program terminated successfully. |
EXIT_FAILURE |
Program terminated with an error. |
Let’s write a short program that multiplies two numbers from the command line. We’ll require that you specify exactly two values. If you don’t, we’ll print an error message, and exit with an error status.
#include <stdio.h>
#include <stdlib.h>
int main(int argc, char **argv)
{
if (argc != 3) {
printf("usage: mult x y\n");
return EXIT_FAILURE; // Indicate to shell that it didn't work
}
printf("%d\n", atoi(argv[1]) * atoi(argv[2]));
return 0; // same as EXIT_SUCCESS, everything was good.
}
Now if we try to run this, we get the expected effect until we specify exactly the right number of command-line arguments:
$ ./mult
usage: mult x y
$ ./mult 3 4 5
usage: mult x y
$ ./mult 3 4
12
But that doesn’t really show the exit status that we returned, does it? We can get the shell to print it out, though. Assuming you’re running Bash or another POSIX shell, you can use echo $?
to see it124.
Let’s try:
$ ./mult
usage: mult x y
$ echo $?
1
$ ./mult 3 4 5
usage: mult x y
$ echo $?
1
$ ./mult 3 4
12
$ echo $?
0
Interesting! We see that on my system, EXIT_FAILURE
is 1
. The spec doesn’t spell this out, so it could be any number. But try it; it’s probably 1
on your system, too.
The status 0
most definitely means success, but what about all the other integers, even negative ones?
Here we’re going off the C spec and into Unix land. In general, while 0
means success, a positive non-zero number means failure. So you can only have one type of success, and multiple types of failure. Bash says the exit code should be between 0 and 255, though a number of codes are reserved.
In short, if you want to indicate different error exit statuses in a Unix environment, you can start with 1
and work your way up.
On Linux, if you try any code outside the range 0-255, it will bitwise AND the code with 0xff
, effectively clamping it to that range.
You can script the shell to later use these status codes to make decisions about what to do next.
Before I get into this, I need to warn you that C doesn’t specify what an environment variable is. So I’m going to describe the environment variable system that works on every major platform I’m aware of.
Basically, the environment is the program that’s going to run your program, e.g. the bash shell. And it might have some bash variables defined. In case you didn’t know, the shell can make its own variables. Each shell is different, but in bash you can just type set
and it’ll show you all of them.
Here’s an excerpt from the 61 variables that are defined in my bash shell:
HISTFILE=/home/beej/.bash_history
HISTFILESIZE=500
HISTSIZE=500
HOME=/home/beej
HOSTNAME=FBILAPTOP
HOSTTYPE=x86_64 IFS=$' \t\n'
Notice they are in the form of key/value pairs. For example, one key is HOSTTYPE
and its value is x86_64
. From a C perspective, all values are strings, even if they’re numbers125.
So, anyway! Long story short, it’s possible to get these values from inside your C program.
Let’s write a program that uses the standard getenv()
function to look up a value that you set in the shell.
getenv()
will return a pointer to the value string, or else NULL
if the environment variable doesn’t exist.
#include <stdio.h>
#include <stdlib.h>
int main(void)
{
char *val = getenv("FROTZ"); // Try to get the value
// Check to make sure it exists
if (val == NULL) {
printf("Cannot find the FROTZ environment variable\n");
return EXIT_FAILURE;
}
printf("Value: %s\n", val);
}
If I run this directly, I get this:
$ ./foo
Cannot find the FROTZ environment variable
which makes sense, since I haven’t set it yet.
In bash, I can set it to something with126:
$ export FROTZ="C is awesome!"
Then if I run it, I get:
$ ./foo
Value: C is awesome!
In this way, you can set up data in environment variables, and you can get it in your C code and modify your behavior accordingly.
This isn’t standard, but a lot of systems provide ways to set environment variables.
If on a Unix-like, look up the documentation for putenv()
, setenv()
, and unsetenv()
. On Windows, see _putenv()
.
If you’re on a Unix-like system, odds are you have another couple ways of getting access to environment variables. Note that although the spec points this out as a common extension, it’s not truly part of the C standard. It is, however, part of the POSIX standard.
One of these is a variable called environ
that must be declared like so:
extern char **environ;
It’s an array of strings terminated with a NULL
pointer.
You should declare it yourself before you use it, or you might find it in the non-standard <unistd.h>
header file.
Each string is in the form "key=value"
so you’ll have to split it and parse it yourself if you want to get the keys and values out.
Here’s an example of looping through and printing out the environment variables a couple different ways:
#include <stdio.h>
extern char **environ; // MUST be extern AND named "environ"
int main(void)
{
for (char **p = environ; *p != NULL; p++) {
printf("%s\n", *p);
}
// Or you could do this:
for (int i = 0; environ[i] != NULL; i++) {
printf("%s\n", environ[i]);
}
}
For a bunch of output that looks like this:
SHELL=/bin/bash
COLORTERM=truecolor
TERM_PROGRAM_VERSION=1.53.2
LOGNAME=beej
HOME=/home/beej ... etc ...
Use getenv()
if at all possible because it’s more portable. But if you have to iterate over environment variables, using environ
might be the way to go.
Another non-standard way to get the environment variables is as a parameter to main()
. It works much the same way, but you avoid needing to add your extern
environ
variable. Not even the POSIX spec supports this127 as far as I can tell, but it’s common in Unix land.
#include <stdio.h>
int main(int argc, char **argv, char **env) // <-- env!
{
(void)argc; (void)argv; // Suppress unused warnings
for (char **p = env; *p != NULL; p++) {
printf("%s\n", *p);
}
// Or you could do this:
for (int i = 0; env[i] != NULL; i++) {
printf("%s\n", env[i]);
}
}
Just like using environ
but even less portable. It’s good to have goals.
Before your program gets compiled, it actually runs through a phase called preprocessing. It’s almost like there’s a language on top of the C language that runs first. And it outputs the C code, which then gets compiled.
We’ve already seen this to an extent with #include
! That’s the C Preprocessor! Where it sees that directive, it includes the named file right there, just as if you’d typed it in there. And then the compiler builds the whole thing.
But it turns out it’s a lot more powerful than just being able to include things. You can define macros that are substituted… and even macros that take arguments!
#include
Let’s start with the one we’ve already seen a bunch. This is, of course, a way to include other sources in your source. Very commonly used with header files.
While the spec allows for all kinds of behavior with #include
, we’re going to take a more pragmatic approach and talk about the way it works on every system I’ve ever seen.
We can split header files into two categories: system and local. Things that are built-in, like stdio.h
, stdlib.h
, math.h
, and so on, you can include with angle brackets:
#include <stdio.h>
#include <stdlib.h>
The angle brackets tell C, “Hey, don’t look in the current directory for this header file—look in the system-wide include directory instead.”
Which, of course, implies that there must be a way to include local files from the current directory. And there is: with double quotes:
#include "myheader.h"
Or you can very probably look in relative directories using forward slashes and dots, like this:
#include "mydir/myheader.h"
#include "../someheader.py"
Don’t use a backslash (\
) for your path separators in your #include
! It’s undefined behavior! Use forward slash (/
) only, even on Windows.
In summary, used angle brackets (<
and >
) for the system includes, and use double quotes ("
) for your personal includes.
A macro is an identifier that gets expanded to another piece of code before the compiler even sees it. Think of it like a placeholder—when the preprocessor sees one of those identifiers, it replaces it with another value that you’ve defined.
We do this with #define
(often read “pound define”). Here’s an example:
#include <stdio.h>
#define HELLO "Hello, world"
#define PI 3.14159
int main(void)
{
printf("%s, %f\n", HELLO, PI);
}
On lines 3 and 4 we defined a couple macros. Wherever these appear elsewhere in the code (line 8), they’ll be substituted with the defined values.
From the C compiler’s perspective, it’s exactly as if we’d written this, instead:
See how HELLO
was replaced with "Hello, world"
and PI
was replaced with 3.14159
? From the compiler’s perspective, it’s just like those values had appeared right there in the code.
Note that the macros don’t have a specific type, per se. Really all that happens is they get replaced wholesale with whatever they’re #define
d as. If the resulting C code is invalid, the compiler will puke.
You can also define a macro with no value:
#define EXTRA_HAPPY
in that case, the macro exists and is defined, but is defined to be nothing. So anyplace it occurs in the text will just be replaced with nothing. We’ll see a use for this later.
It’s conventional to write macro names in ALL_CAPS
even though that’s not technically required.
Overall, this gives you a way to define constant values that are effectively global and can be used any place. Even in those places where a const
variable won’t work, e.g. in switch
case
s and fixed array lengths.
That said, the debate rages online whether a typed const
variable is better than #define
macro in the general case.
It can also be used to replace or modify keywords, a concept completely foreign to const
, though this practice should be used sparingly.
It’s possible to get the preprocessor to decide whether or not to present certain blocks of code to the compiler, or just remove them entirely before compilation.
We do that by basically wrapping up the code in conditional blocks, similar to if
-else
statements.
#ifdef
and #endif
First of all, let’s try to compile specific code depending on whether or not a macro is even defined.
#include <stdio.h>
#define EXTRA_HAPPY
int main(void)
{
#ifdef EXTRA_HAPPY
printf("I'm extra happy!\n");
#endif
printf("OK!\n");
}
In that example, we define EXTRA_HAPPY
(to be nothing, but it is defined), then on line 8 we check to see if it is defined with an #ifdef
directive. If it is defined, the subsequent code will be included up until the #endif
.
So because it is defined, the code will be included for compilation and the output will be:
I'm extra happy! OK!
If we were to comment out the #define
, like so:
//#define EXTRA_HAPPY
then it wouldn’t be defined, and the code wouldn’t be included in compilation. And the output would just be:
OK!
It’s important to remember that these decisions happen at compile time! The code actually gets compiled or removed depending on the condition. This is in contrast to a standard if
statement that gets evaluated while the program is running.
#ifndef
There’s also the negative sense of “if defined”: “if not defined”, or #ifndef
. We could change the previous example to output different things based on whether or not something was defined:
#ifdef EXTRA_HAPPY
printf("I'm extra happy!\n");
#endif
#ifndef EXTRA_HAPPY
printf("I'm just regular\n");
#endif
We’ll see a cleaner way to do that in the next section.
Tying it all back in to header files, we’ve seen how we can cause header files to only be included one time by wrapping them in preprocessor directives like this:
#ifndef MYHEADER_H // First line of myheader.h
#define MYHEADER_H
int x = 12;
#endif // Last line of myheader.h
This demonstrates how a macro persists across files and multiple #include
s. If it’s not yet defined, let’s define it and compile the whole header file.
But the next time it’s included, we see that MYHEADER_H
is defined, so we don’t send the header file to the compiler—it gets effectively removed.
#else
But that’s not all we can do! There’s also an #else
that we can throw in the mix.
Let’s mod the previous example:
Now if EXTRA_HAPPY
is not defined, it’ll hit the #else
clause and print:
I'm just regular
#elifdef
, #elifndef
This feature is new in C23!
What if you want something more complex, though? Perhaps you need an if-else cascade structure to get your code built right?
Luckily we have these directives at our disposal. We can use #elifdef
for “else if defined”:
#ifdef MODE_1
("This is mode 1\n");
printf#elifdef MODE_2
("This is mode 2\n");
printf#elifdef MODE_3
("This is mode 3\n");
printf#else
("This is some other mode\n");
printf#endif
On the flipside, you can use #elifndef
for “else if not defined”.
#if
, #elif
This works very much like the #ifdef
and #ifndef
directives in that you can also have an #else
and the whole thing wraps up with #endif
.
The only difference is that the constant expression after the #if
must evaluate to true (non-zero) for the code in the #if
to be compiled. So instead of whether or not something is defined, we want an expression that evaluates to true.
#include <stdio.h>
#define HAPPY_FACTOR 1
int main(void)
{
#if HAPPY_FACTOR == 0
printf("I'm not happy!\n");
#elif HAPPY_FACTOR == 1
printf("I'm just regular\n");
#else
printf("I'm extra happy!\n");
#endif
printf("OK!\n");
}
Again, for the unmatched #if
clauses, the compiler won’t even see those lines. For the above code, after the preprocessor gets finished with it, all the compiler sees is:
One hackish thing this is used for is to comment out large numbers of lines quickly128.
If you put an #if 0
(“if false”) at the front of the block to be commented out and an #endif
at the end, you can get this effect:
#if 0
printf("All this code"); /* is effectively */
printf("commented out"); // by the #if 0
#endif
What if you’re on a pre-C23 compiler and you don’t have #elifdef
or #elifndef
directive support? How can we get the same effect with #if
? That is, what if I wanted this:
#ifdef FOO
= 2;
x #elifdef BAR // POTENTIAL ERROR: Not supported before C23
= 3;
x #endif
How could I do it?
Turns out there’s a preprocessor operator called defined
that we can use with an #if
statement.
These are equivalent:
#ifdef FOO
#if defined FOO
#if defined(FOO) // Parentheses optional
As are these:
#ifndef FOO
#if !defined FOO
#if !defined(FOO) // Parentheses optional
Notice how we can use the standard logical NOT operator (!
) for “not defined”.
So now we’re back in #if
land and we can use #elif
with impunity!
This broken code:
#ifdef FOO
= 2;
x #elifdef BAR // POTENTIAL ERROR: Not supported before C23
= 3;
x #endif
can be replaced with:
#if defined FOO
= 2;
x #elif defined BAR
= 3;
x #endif
#undef
If you’ve defined something but you don’t need it any longer, you can undefine it with #undef
.
#include <stdio.h>
int main(void)
{
#define GOATS
#ifdef GOATS
printf("Goats detected!\n"); // prints
#endif
#undef GOATS // Make GOATS no longer defined
#ifdef GOATS
printf("Goats detected, again!\n"); // doesn't print
#endif
}
The standard defines a lot of built-in macros that you can test and use for conditional compilation. Let’s look at those here.
These are all defined:
Macro | Description |
---|---|
__DATE__ |
The date of compilation—like when you’re compiling this file—in Mmm dd yyyy format |
__TIME__ |
The time of compilation in hh:mm:ss format |
__FILE__ |
A string containing this file’s name |
__LINE__ |
The line number of the file this macro appears on |
__func__ |
The name of the function this appears in, as a string129 |
__STDC__ |
Defined with 1 if this is a standard C compiler |
__STDC_HOSTED__ |
This will be 1 if the compiler is a hosted implementation130, otherwise 0 |
__STDC_VERSION__ |
This version of C, a constant long int in the form yyyymmL , e.g. 201710L |
Let’s put these together.
#include <stdio.h>
int main(void)
{
printf("This function: %s\n", __func__);
printf("This file: %s\n", __FILE__);
printf("This line: %d\n", __LINE__);
printf("Compiled on: %s %s\n", __DATE__, __TIME__);
printf("C Version: %ld\n", __STDC_VERSION__);
}
The output on my system is:
This function: main
This file: foo.c
This line: 7
Compiled on: Nov 23 2020 17:16:27 C Version: 201710
__FILE__
, __func__
and __LINE__
are particularly useful to report error conditions in messages to developers. The assert()
macro in <assert.h>
uses these to call out where in the code the assertion failed.
__STDC_VERSION__
sIn case you’re wondering, here are the version numbers for different major releases of the C Language Spec:
Release | ISO/IEC version | __STDC_VERSION__ |
---|---|---|
C89 | ISO/IEC 9899:1990 | undefined |
C89 | ISO/IEC 9899:1990/Amd.1:1995 | 199409L |
C99 | ISO/IEC 9899:1999 | 199901L |
C11 | ISO/IEC 9899:2011/Amd.1:2012 | 201112L |
Note the macro did not exist originally in C89.
Also note that the plan is that the version numbers will strictly increase, so you could always check for, say, “at least C99” with:
#if __STDC_VERSION__ >= 1999901L
Your implementation might define these, as well. Or it might not.
Macro | Description |
---|---|
__STDC_ISO_10646__ |
If defined, wchar_t holds Unicode values, otherwise something else |
__STDC_MB_MIGHT_NEQ_WC__ |
A 1 indicates that the values in multibyte characters might not map equally to values in wide characters |
__STDC_UTF_16__ |
A 1 indicates that the system uses UTF-16 encoding in type char16_t |
__STDC_UTF_32__ |
A 1 indicates that the system uses UTF-32 encoding in type char32_t |
__STDC_ANALYZABLE__ |
A 1 indicates the code is analyzable131 |
__STDC_IEC_559__ |
1 if IEEE-754 (aka IEC 60559) floating point is supported |
__STDC_IEC_559_COMPLEX__ |
1 if IEC 60559 complex floating point is supported |
__STDC_LIB_EXT1__ |
1 if this implementation supports a variety of “safe” alternate standard library functions (they have _s suffixes on the name) |
__STDC_NO_ATOMICS__ |
1 if this implementation does not support _Atomic or <stdatomic.h> |
__STDC_NO_COMPLEX__ |
1 if this implementation does not support complex types or <complex.h> |
__STDC_NO_THREADS__ |
1 if this implementation does not support <threads.h> |
__STDC_NO_VLA__ |
1 if this implementation does not support variable-length arrays |
Macros are more powerful than simple substitution, though. You can set them up to take arguments that are substituted in, as well.
A question often arises for when to use parameterized macros versus functions. Short answer: use functions. But you’ll see lots of macros in the wild and in the standard library. People tend to use them for short, mathy things, and also for features that might change from platform to platform. You can define different keywords for one platform or another.
Let’s start with a simple one that squares a number:
#include <stdio.h>
#define SQR(x) x * x // Not quite right, but bear with me
int main(void)
{
printf("%d\n", SQR(12)); // 144
}
What that’s saying is “everywhere you see SQR
with some value, replace it with that value times itself”.
So line 7 will be changed to:
which C comfortably converts to 144.
But we’ve made an elementary error in that macro, one that we need to avoid.
Let’s check it out. What if we wanted to compute SQR(3 + 4)
? Well, \(3+4=7\), so we must want to compute \(7^2=49\). That’s it; 49
—final answer.
Let’s drop it in our code and see that we get… 19?
What happened?
If we follow the macro expansion, we get
Oops! Since multiplication takes precedence, we do the \(4\times3=12\) first, and get \(3+12+4=19\). Not what we were after.
So we have to fix this to make it right.
This is so common that you should automatically do it every time you make a parameterized math macro!
The fix is easy: just add some parentheses!
And now our macro expands to:
But we actually still have the same problem which might manifest if we have a higher-precedence operator than multiply (*
) nearby.
So the safe, proper way to put the macro together is to wrap the whole thing in additional parentheses, like so:
Just make it a habit to do that when you make a math macro and you can’t go wrong.
You can stack these things up as much as you want:
#define TRIANGLE_AREA(w, h) (0.5 * (w) * (h))
Let’s do some macros that solve for \(x\) using the quadratic formula. Just in case you don’t have it on the top of your head, it says for equations of the form:
\(ax^2+bx+c=0\)
you can solve for \(x\) with the quadratic formula:
\(x=\displaystyle\frac{-b\pm\sqrt{b^2-4ac}}{2a}\)
Which is crazy. Also notice the plus-or-minus (\(\pm\)) in there, indicating that there are actually two solutions.
So let’s make macros for both:
#define QUADP(a, b, c) ((-(b) + sqrt((b) * (b) - 4 * (a) * (c))) / (2 * (a)))
#define QUADM(a, b, c) ((-(b) - sqrt((b) * (b) - 4 * (a) * (c))) / (2 * (a)))
So that gets us some math. But let’s define one more that we can use as arguments to printf()
to print both answers.
// macro replacement
// |-----------| |----------------------------|
#define QUAD(a, b, c) QUADP(a, b, c), QUADM(a, b, c)
That’s just a couple values separated by a comma—and we can use that as a “combined” argument of sorts to printf()
like this:
("x = %f or x = %f\n", QUAD(2, 10, 5)); printf
Let’s put it together into some code:
#include <stdio.h>
#include <math.h> // For sqrt()
#define QUADP(a, b, c) ((-(b) + sqrt((b) * (b) - 4 * (a) * (c))) / (2 * (a)))
#define QUADM(a, b, c) ((-(b) - sqrt((b) * (b) - 4 * (a) * (c))) / (2 * (a)))
#define QUAD(a, b, c) QUADP(a, b, c), QUADM(a, b, c)
int main(void)
{
printf("2*x^2 + 10*x + 5 = 0\n");
printf("x = %f or x = %f\n", QUAD(2, 10, 5));
}
And this gives us the output:
2*x^2 + 10*x + 5 = 0 x = -0.563508 or x = -4.436492
Plugging in either of those values gives us roughly zero (a bit off because the numbers aren’t exact):
\(2\times-0.563508^2+10\times-0.563508+5\approx0.000003\)
There’s also a way to have a variable number of arguments passed to a macro, using ellipses (...
) after the known, named arguments. When the macro is expanded, all of the extra arguments will be in a comma-separated list in the __VA_ARGS__
macro, and can be replaced from there:
#include <stdio.h>
// Combine the first two arguments to a single number,
// then have a commalist of the rest of them:
#define X(a, b, ...) (10*(a) + 20*(b)), __VA_ARGS__
int main(void)
{
printf("%d %f %s %d\n", X(5, 4, 3.14, "Hi!", 12));
}
The substitution that takes place on line 10 would be:
for output:
130 3.140000 Hi! 12
You can also “stringify” __VA_ARGS__
by putting a #
in front of it:
#define X(...) #__VA_ARGS__
("%s\n", X(1,2,3)); // Prints "1, 2, 3" printf
Already mentioned, just above, you can turn any argument into a string by preceding it with a #
in the replacement text.
For example, we could print anything as a string with this macro and printf()
:
#define STR(x) #x
("%s\n", STR(3.14159)); printf
In that case, the substitution leads to:
("%s\n", "3.14159"); printf
Let’s see if we can use this to greater effect so that we can pass any int
variable name into a macro, and have it print out it’s name and value.
#include <stdio.h>
#define PRINT_INT_VAL(x) printf("%s = %d\n", #x, x)
int main(void)
{
int a = 5;
PRINT_INT_VAL(a); // prints "a = 5"
}
On line 9, we get the following macro replacement:
We can concatenate two arguments together with ##
, as well. Fun times!
#define CAT(a, b) a ## b
("%f\n", CAT(3.14, 1592)); // 3.141592 printf
It’s possible to continue a macro to multiple lines if you escape the newline with a backslash (\
).
Let’s write a multiline macro that prints numbers from 0
to the product of the two arguments passed in.
#include <stdio.h>
#define PRINT_NUMS_TO_PRODUCT(a, b) do { \
int product = (a) * (b); \
for (int i = 0; i < product; i++) { \
printf("%d\n", i); \
} \
} while(0)
int main(void)
{
PRINT_NUMS_TO_PRODUCT(2, 4); // Outputs numbers from 0 to 7
}
A couple things to note there:
do
-while(0)
loop with squirrley braces.The latter point might be a little weird, but it’s all about absorbing the trailing ;
the coder drops after the macro.
At first I thought that just using squirrely braces would be enough, but there’s a case where it fails if the coder puts a semicolon after the macro. Here’s that case:
#include <stdio.h>
#define FOO(x) { (x)++; }
int main(void)
{
int i = 0;
if (i == 0)
FOO(i);
else
printf(":-(\n");
printf("%d\n", i);
}
Looks simple enough, but it won’t build without a syntax error:
foo.c:11:5: error: ‘else’ without a previous ‘if’
Do you see it?
Let’s look at the expansion:
if (i == 0) {
(i)++;
}; // <-- Trouble with a capital-T!
else
(":-(\n"); printf
The ;
puts an end to the if
statement, so the else
is just floating out there illegally132.
So wrap that multiline macro with a do
-while(0)
.
Adding asserts to your code is a good way to catch conditions that you think shouldn’t happen. C provides assert()
functionality. It checks a condition, and if it’s false, the program bombs out telling you the file and line number on which the assertion failed.
But this is wanting.
We can address the first with macros.
Basically, when I have this code:
(x < 20, "x must be under 20"); ASSERT
I want something like this to happen (assuming the ASSERT()
is on line 220 of foo.c
):
if (!(x < 20)) {
(stderr, "foo.c:220: assertion x < 20 failed: ");
fprintf(stderr, "x must be under 20\n");
fprintf(1);
exit}
We can get the filename out of the __FILE__
macro, and the line number from __LINE__
. The message is already a string, but x < 20
is not, so we’ll have to stringify it with #
. We can make a multiline macro by using backslash escapes at the end of the line.
#define ASSERT(c, m) \
do { \
if (!(c)) { \
fprintf(stderr, __FILE__ ":%d: assertion %s failed: %s\n", \
__LINE__, #c, m); \
exit(1); \
} \
} while(0)
(It looks a little weird with __FILE__
out front like that, but remember it is a string literal, and string literals next to each other are automagically concatenated. __LINE__
on the other hand, it’s just an int
.)
And that works! If I run this:
int x = 30;
(x < 20, "x must be under 20"); ASSERT
I get this output:
foo.c:23: assertion x < 20 failed: x must be under 20
Very nice!
The only thing left is a way to turn it on and off, and we could do that with conditional compilation.
Here’s the complete example:
#include <stdio.h>
#include <stdlib.h>
#define ASSERT_ENABLED 1
#if ASSERT_ENABLED
#define ASSERT(c, m) \
do { \
if (!(c)) { \
fprintf(stderr, __FILE__ ":%d: assertion %s failed: %s\n", \
__LINE__, #c, m); \
exit(1); \
} \
} while(0)
#else
#define ASSERT(c, m) // Empty macro if not enabled
#endif
int main(void)
{
int x = 30;
ASSERT(x < 20, "x must be under 20");
}
This has the output:
foo.c:23: assertion x < 20 failed: x must be under 20
#error
DirectiveThis directive causes the compiler to error out as soon as it sees it.
Commonly, this is used inside a conditional to prevent compilation unless some prerequisites are met:
#ifndef __STDC_IEC_559__
#error I really need IEEE-754 floating point to compile. Sorry!
#endif
Some compilers have a non-standard complementary #warning
directive that will output a warning but not stop compilation, but this is not in the C11 spec.
#embed
DirectiveNew in C23!
And currently not yet working with any of my compilers, so take this section with a grain of salt!
The gist of this is that you can include bytes of a file as integer constants as if you’d typed them in.
For example, if you have a binary file named foo.bin
that contains four bytes with decimal values 11, 22, 33, and 44, and you do this:
int a[] = {
#embed "foo.bin"
};
It’ll be just as if you’d typed this:
int a[] = {11,22,33,44};
This is a really powerful way to initialize an array with binary data without needing to convert it all to code first—the preprocessor does it for you!
A more typical use case might be a file containing a small image to be displayed that you don’t want to load at runtime.
Here’s another example:
int a[] = {
#embed <foo.bin>
};
If you use angle brackets, the preprocessor looks in a series of implementation-defined places to locate the file, just like #include
would do. If you use double quotes and the resource is not found, the compiler will try it as if you’d used angle brackets in a last desperate attempt to find the file.
#embed
works like #include
in that it effectively pastes values in before the compiler sees them. This means you can use it in all kinds of places:
return
#embed "somevalue.dat"
;
or
int x =
#embed "xvalue.dat"
;
Now—are these always bytes? Meaning they’ll have values from 0 to 255, inclusive? The answer is definitely by default “yes”, except when it is “no”.
Technically, the elements will be CHAR_BIT
bits wide. And this is very likely 8 on your system, so you’d get that 0-255 range in your values. (They’ll always be non-negative.)
Also, it’s possible that an implementation might allow this to be overridden in some way, e.g. on the command line or with parameters.
The size of the file in bits must be a multiple of the element size. That is, if each element is 8 bits, the file size (in bits) must be a multiple of 8. In regular everyday usage, this is a confusing way of saying that each file needs to be an integer number of bytes… which of course it is. Honestly, I’m not even sure why I bothered with this paragraph. Read the spec if you’re really that curious.
#embed
ParametersThere are all kinds of parameters you can specify to the #embed
directive. Here’s an example with the yet-unintroduced limit()
parameter:
int a[] = {
#embed "/dev/random" limit(5)
};
But what if you already have limit
defined somewhere else? Luckily you can put __
around the keyword and it will work the same way:
int a[] = {
#embed "/dev/random" __limit__(5)
};
Now… what’s this limit
thing?
limit()
ParameterYou can specify a limit on the number of elements to embed with this parameter.
This is a maximum value, not an absolute value. If the file that’s embedded is shorter than the specified limit, only that many bytes will be imported.
The /dev/random
example above is an example of the motivation for this—in Unix, that’s a character device file that will return an infinite stream of pretty-random numbers.
Embedding an infinite number of bytes is hard on your RAM, so the limit
parameter gives you a way to stop after a certain number.
Finally, you are allowed to use #define
macros in your limit
, in case you were curious.
if_empty
ParameterThis parameter defines what the embed result should be if the file exists but contains no data. Let’s say that the file foo.dat
contains a single byte with the value 123. If we do this:
int x =
#embed "foo.dat" if_empty(999)
;
we’ll get:
int x = 123; // When foo.dat contains a 123 byte
But what if the file foo.dat
is zero bytes long (i.e. contains no data and is empty)? If that’s the case, it would expand to:
int x = 999; // When foo.dat is empty
Notably if the limit
is set to 0
, then the if_empty
will always be substituted. That is, a zero limit effectively means the file is empty.
This will always emit x = 999
no matter what’s in foo.dat
:
int x =
#embed "foo.dat" limit(0) if_empty(999)
;
prefix()
and suffix()
Parameters
This is a way to prepend some data on the embed.
Note that these only affect non-empty data! If the file is empty, neither prefix
nor suffix
has any effect.
Here’s an example where we embed three random numbers, but prefix the numbers with 11,
and suffix them with ,99
:
int x[] = {
#embed "/dev/urandom" limit(3) prefix(11,) suffix(,99)
};
Example result:
int x[] = {11,135,116,220,99};
There’s no requirement that you use both prefix
and suffix
. You can use both, one, the other, or neither.
We can make use of the characteristic that these are only applied to non-empty files to neat effect, as shown in the following example shamelessly stolen from the spec.
Let’s say we have a file foo.dat
that has some data it in. And we want to use this to initialize an array, and then we want a suffix on the array that is a zero element.
No problem, right?
int x[] = {
#embed "foo.dat" suffix(,0)
};
If foo.dat
has 11, 22, and 33 in it, we’d get:
int x[] = {11,22,33,0};
But wait! What if foo.dat
is empty? Then we get:
int x[] = {};
and that’s not good.
But we can fix it like this:
int x[] = {
#embed "foo.dat" suffix(,)
0
};
Since the suffix
parameter is omitted if the file is empty, this would just turn into:
int x[] = {0};
which is fine.
__has_embed()
IdentifierThis is a great way to test to see if a particular file is available to be embedded, and also whether or not it’s empty.
You use it with the #if
directive.
Here’s a chunk of code that will get 5 random numbers from the random number generator character device. If that doesn’t exist, it tries to get them from a file myrandoms.dat
. If that doesn’t exist, it uses some hard-coded values:
int random_nums[] = {
#if __has_embed("/dev/urandom")
#embed "/dev/urandom" limit(5)
#elif __has_embed("myrandoms.dat")
#embed "myrandoms.dat" limit(5)
#else
140,178,92,167,120
#endif
};
Technically, the __has_embed()
identifier resolves to one of three values:
__has_embed() Result |
Description |
---|---|
__STDC_EMBED_NOT_FOUND__ |
If the file isn’t found. |
__STDC_EMBED_FOUND__ |
If the file is found and is not empty. |
__STDC_EMBED_EMPTY |
If the file is found and is empty. |
I have good reason to believe that __STDC_EMBED_NOT_FOUND__
is 0
and the others aren’t zero (because it’s implied in the proposal and it makes logical sense), but I’m having trouble finding that in this version of the draft spec.
TODO
A compiler implementation can define other embed parameters all it wants—look for these non-standard parameters in your compiler’s documentation.
For instance:
#embed "foo.bin" limit(12) frotz(lamp)
These might commonly have a prefix on them to help with namespacing:
#embed "foo.bin" limit(12) fmc::frotz(lamp)
It might be sensible to try to detect if these are available before you use them, and luckily we can use __has_embed
to help us here.
Normally, __has_embed()
will just tell us if the file is there or not. But—and here’s the fun bit—it will also return false if any additional parameters are also not supported!
So if we give it a file that we know exists as well as a parameter that we want to test for the existence of, it will effectively tell us if that parameter is supported.
What file always exists, though? Turns out we can use the __FILE__
macro, which expands to the name of the source file that references it! That file must exist, or something is seriously wrong in the chicken-and-egg department.
Let’s test that frotz
parameter to see if we can use it:
#if __has_embed(__FILE__ fmc::frotz(lamp))
("fmc::frotz(lamp) is supported!");
puts#else
("fmc::frotz(lamp) is NOT supported!");
puts#endif
What about getting some int
s in there instead of individual bytes? What about multi-byte values in the embedded file?
This is not something supported by the C23 standard, but there could be implementation extensions defined for it in the future.
#pragma
DirectiveThis is one funky directive, short for “pragmatic”. You can use it to do… well, anything your compiler supports you doing with it.
Basically the only time you’re going to add this to your code is if some documentation tells you to do so.
Here’s one non-standard example of using #pragma
to cause the compiler to execute a for
loop in parallel with multiple threads (if the compiler supports the OpenMP133 extension):
#pragma omp parallel for
for (int i = 0; i < 10; i++) { ... }
There are all kinds of #pragma
directives documented across all four corners of the globe.
All unrecognized #pragma
s are ignored by the compiler.
There are also a few standard ones, and these start with STDC
, and follow the same form:
#pragma STDC pragma_name on-off
The on-off
portion can be either ON
, OFF
, or DEFAULT
.
And the pragma_name
can be one of these:
Pragma Name | Description |
---|---|
FP_CONTRACT |
Allow floating point expressions to be contracted into a single operation to avoid rounding errors that might occur from multiple operations. |
FENV_ACCESS |
Set to ON if you plan to access the floating point status flags. If OFF , the compiler might perform optimizations that cause the values in the flags to be inconsistent or invalid. |
CX_LIMITED_RANGE |
Set to ON to allow the compiler to skip overflow checks when performing complex arithmetic. Defaults to OFF . |
For example:
#pragma STDC FP_CONTRACT OFF
#pragma STDC CX_LIMITED_RANGE ON
As for CX_LIMITED_RANGE
, the spec points out:
The purpose of the pragma is to allow the implementation to use the formulas:
\((x+iy)\times(u+iv) = (xu-yv)+i(yu+xv)\)
\((x+iy)/(u+iv) = [(xu+yv)+i(yu-xv)]/(u^2+v^2)\)
\(|x+iy|=\sqrt{x^2+y^2}\)
where the programmer can determine they are safe.
_Pragma
OperatorThis is another way to declare a pragma that you could use in a macro.
These are equivalent:
#pragma "Unnecessary" quotes
("\"Unnecessary\" quotes") _Pragma
This can be used in a macro, if need be:
#define PRAGMA(x) _Pragma(#x)
#line
Directive
This allows you to override the values for __LINE__
and __FILE__
. If you want.
I’ve never wanted to do this, but in K&R2, they write:
For the benefit of other preprocessors that generate C programs […]
So maybe there’s that.
To override the line number to, say 300:
#line 300
and __LINE__
will keep counting up from there.
To override the line number and the filename:
#line 300 "newfilename"
A #
on a line by itself is ignored by the preprocessor. Now, to be entirely honest, I don’t know what the use case is for this.
I’ve seen examples like this:
#ifdef FOO
#
#else
("Something");
printf#endif
which is just cosmetic; the line with the solitary #
can be deleted with no ill effect.
Or maybe for cosmetic consistency, like this:
#
#ifdef FOO
= 2;
x #endif
#
#if BAR == 17
= 12;
x #endif
#
But, with respect to cosmetics, that’s just ugly.
Another post mentions elimination of comments—that in GCC, a comment after a #
will not be seen by the compiler. Which I don’t doubt, but the specification doesn’t seem to say this is standard behavior.
My searches for rationale aren’t bearing much fruit. So I’m going to just say this is some good ol’ fashioned C esoterica.
struct
s II: More Fun with struct
sTurns out there’s a lot more you can do with struct
s than we’ve talked about, but it’s just a big pile of miscellaneous things. So we’ll throw them in this chapter.
If you’re good with struct
basics, you can round out your knowledge here.
struct
s and ArraysRemember how you could initialize structure members along these lines?
struct foo x = {.a=12, .b=3.14};
Turns out we have more power in these initializers than we’d originally shared. Exciting!
For one thing, if you have a nested substructure like the following, you can initialize members of that substructure by following the variable names down the line:
struct foo x = {.a.b.c=12};
Let’s look at an example:
#include <stdio.h>
struct cabin_information {
int window_count;
int o2level;
};
struct spaceship {
char *manufacturer;
struct cabin_information ci;
};
int main(void)
{
struct spaceship s = {
.manufacturer="General Products",
.ci.window_count = 8, // <-- NESTED INITIALIZER!
.ci.o2level = 21
};
printf("%s: %d seats, %d%% oxygen\n",
s.manufacturer, s.ci.window_count, s.ci.o2level);
}
Check out lines 16-17! That’s where we’re initializing members of the struct cabin_information
in the definition of s
, our struct spaceship
.
And here is another option for that same initializer—this time we’ll do something more standard-looking, but either approach works:
struct spaceship s = {
.manufacturer="General Products",
.ci={
.window_count = 8,
.o2level = 21
}
};
Now, as if the above information isn’t spectacular enough, we can also mix in array initializers in there, too.
Let’s change this up to get an array of passenger information in there, and we can check out how the initializers work in there, too.
#include <stdio.h>
struct passenger {
char *name;
int covid_vaccinated; // Boolean
};
#define MAX_PASSENGERS 8
struct spaceship {
char *manufacturer;
struct passenger passenger[MAX_PASSENGERS];
};
int main(void)
{
struct spaceship s = {
.manufacturer="General Products",
.passenger = {
// Initialize a field at a time
[0].name = "Gridley, Lewis",
[0].covid_vaccinated = 0,
// Or all at once
[7] = {.name="Brown, Teela", .covid_vaccinated=1},
}
};
printf("Passengers for %s ship:\n", s.manufacturer);
for (int i = 0; i < MAX_PASSENGERS; i++)
if (s.passenger[i].name != NULL)
printf(" %s (%svaccinated)\n",
s.passenger[i].name,
s.passenger[i].covid_vaccinated? "": "not ");
}
struct
sThese are “the struct
with no name”. We also mention these in the typedef
section, but we’ll refresh here.
Here’s a regular struct
:
struct animal {
char *name;
int leg_count, speed;
};
And here’s the anonymous equivalent:
struct { // <-- No name!
char *name;
int leg_count, speed;
};
Okaaaaay. So we have a struct
, but it has no name, so we have no way of using it later? Seems pretty pointless.
Admittedly, in that example, it is. But we can still make use of it a couple ways.
One is rare, but since the anonymous struct
represents a type, we can just put some variable names after it and use them.
struct { // <-- No name!
char *name;
int leg_count, speed;
} a, b, c; // 3 variables of this struct type
.name = "antelope";
a.leg_count = 4; // for example c
But that’s still not that useful.
Far more common is use of anonymous struct
s with a typedef
so that we can use it later (e.g. to pass variables to functions).
typedef struct { // <-- No name!
char *name;
int leg_count, speed;
} animal; // New type: animal
, b, c;
animal a
.name = "antelope";
a.leg_count = 4; // for example c
Personally, I don’t use many anonymous struct
s. I think it’s more pleasant to see the entire struct animal
before the variable name in a declaration.
But that’s just, like, my opinion, man.
struct
sFor any graph-like data structure, it’s useful to be able to have pointers to the connected nodes/vertices. But this means that in the definition of a node, you need to have a pointer to a node. It’s chicken and eggy!
But it turns out you can do this in C with no problem whatsoever.
For example, here’s a linked list node:
struct node {
int data;
struct node *next;
};
It’s important to note that next
is a pointer. This is what allows the whole thing to even build. Even though the compiler doesn’t know what the entire struct node
looks like yet, all pointers are the same size.
Here’s a cheesy linked list program to test it out:
#include <stdio.h>
#include <stdlib.h>
struct node {
int data;
struct node *next;
};
int main(void)
{
struct node *head;
// Hackishly set up a linked list (11)->(22)->(33)
head = malloc(sizeof(struct node));
head->data = 11;
head->next = malloc(sizeof(struct node));
head->next->data = 22;
head->next->next = malloc(sizeof(struct node));
head->next->next->data = 33;
head->next->next->next = NULL;
// Traverse it
for (struct node *cur = head; cur != NULL; cur = cur->next) {
printf("%d\n", cur->data);
}
}
Running that prints:
11
22 33
Back in the good old days, when people carved C code out of wood, some folks thought would be neat if they could allocate struct
s that had variable length arrays at the end of them.
I want to be clear that the first part of the section is the old way of doing things, and we’re going to do things the new way after that.
For example, maybe you could define a struct
for holding strings and the length of that string. It would have a length and an array to hold the data. Maybe something like this:
struct len_string {
int length;
char data[8];
};
But that has 8
hardcoded as the maximum length of a string, and that’s not much. What if we did something clever and just malloc()
d some extra space at the end after the struct, and then let the data overflow into that space?
Let’s do that, and then allocate another 40 bytes on top of it:
struct len_string *s = malloc(sizeof *s + 40);
Because data
is the last field of the struct
, if we overflow that field, it runs out into space that we already allocated! For this reason, this trick only works if the short array is the last field in the struct
.
// Copy more than 8 bytes!
(s->data, "Hello, world!"); // Won't crash. Probably. strcpy
In fact, there was a common compiler workaround for doing this, where you’d allocate a zero length array at the end:
struct len_string {
int length;
char data[0];
};
And then every extra byte you allocated was ready for use in that string.
Because data
is the last field of the struct
, if we overflow that field, it runs out into space that we already allocated!
// Copy more than 8 bytes!
(s->data, "Hello, world!"); // Won't crash. Probably. strcpy
But, of course, actually accessing the data beyond the end of that array is undefined behavior! In these modern times, we no longer deign to resort to such savagery.
Luckily for us, we can still get the same effect with C99 and later, but now it’s legal.
Let’s just change our above definition to have no size for the array134:
struct len_string {
int length;
char data[];
};
Again, this only works if the flexible array member is the last field in the struct
.
And then we can allocate all the space we want for those strings by malloc()
ing larger than the struct len_string
, as we do in this example that makes a new struct len_string
from a C string:
struct len_string *len_string_from_c_string(char *s)
{
int len = strlen(s);
// Allocate "len" more bytes than we'd normally need
struct len_string *ls = malloc(sizeof *ls + len);
->length = len;
ls
// Copy the string into those extra bytes
(ls->data, s, len);
memcpy
return ls;
}
Beware that C is allowed to add padding bytes within or after a struct
as it sees fit. You can’t trust that they will be directly adjacent in memory135.
Let’s take a look at this program. We output two numbers. One is the sum of the sizeof
s the individual field types. The other is the sizeof
the entire struct
.
One would expect them to be the same. The size of the total is the size of the sum of its parts, right?
#include <stdio.h>
struct foo {
int a;
char b;
int c;
char d;
};
int main(void)
{
printf("%zu\n", sizeof(int) + sizeof(char) + sizeof(int) + sizeof(char));
printf("%zu\n", sizeof(struct foo));
}
But on my system, this outputs:
10 16
They’re not the same! The compiler has added 6 bytes of padding to help it be more performant. Maybe you got different output with your compiler, but unless you’re forcing it, you can’t be sure there’s no padding.
offsetof
In the previous section, we saw that the compiler could inject padding bytes at will inside a structure.
What if we needed to know where those were? We can measure it with offsetof
, defined in <stddef.h>
.
Let’s modify the code from above to print the offsets of the individual fields in the struct
:
#include <stdio.h>
#include <stddef.h>
struct foo {
int a;
char b;
int c;
char d;
};
int main(void)
{
printf("%zu\n", offsetof(struct foo, a));
printf("%zu\n", offsetof(struct foo, b));
printf("%zu\n", offsetof(struct foo, c));
printf("%zu\n", offsetof(struct foo, d));
}
For me, this outputs:
0
4
8 12
indicating that we’re using 4 bytes for each of the fields. It’s a little weird, because char
is only 1 byte, right? The compiler is putting 3 padding bytes after each char
so that all the fields are 4 bytes long. Presumably this will run faster on my CPU.
There’s a slightly abusive thing that’s sort of OOP-like that you can do with struct
s.
Since the pointer to the struct
is the same as a pointer to the first element of the struct
, you can freely cast a pointer to the struct
to a pointer to the first element.
What this means is that we can set up a situation like this:
struct parent {
int a, b;
};
struct child {
struct parent super; // MUST be first
int c, d;
};
Then we are able to pass a pointer to a struct child
to a function that expects either that or a pointer to a struct parent
!
Because struct parent super
is the first item in the struct child
, a pointer to any struct child
is the same as a pointer to that super
field136.
Let’s set up an example here. We’ll make struct
s as above, but then we’ll pass a pointer to a struct child
to a function that needs a pointer to a struct parent
… and it’ll still work.
#include <stdio.h>
struct parent {
int a, b;
};
struct child {
struct parent super; // MUST be first
int c, d;
};
// Making the argument `void*` so we can pass any type into it
// (namely a struct parent or struct child)
void print_parent(void *p)
{
// Expects a struct parent--but a struct child will also work
// because the pointer points to the struct parent in the first
// field:
struct parent *self = p;
printf("Parent: %d, %d\n", self->a, self->b);
}
void print_child(struct child *self)
{
printf("Child: %d, %d\n", self->c, self->d);
}
int main(void)
{
struct child c = {.super.a=1, .super.b=2, .c=3, .d=4};
print_child(&c);
print_parent(&c); // Also works even though it's a struct child!
}
See what we did on the last line of main()
? We called print_parent()
but passed a struct child*
as the argument! Even though print_parent()
needs the argument to point to a struct parent
, we’re getting away with it because the first field in the struct child
is a struct parent
.
Again, this works because a pointer to a struct
has the same value as a pointer to the first field in that struct
.
This all hinges on this part of the spec:
§6.7.2.1¶15 […] A pointer to a structure object, suitably converted, points to its initial member […], and vice versa.
and
§6.5¶7 An object shall have its stored value accessed only by an lvalue expression that has one of the following types:
- a type compatible with the effective type of the object
- […]
and my assumption that “suitably converted” means “cast to the effective type of the initial member”.
In my experience, these are rarely used, but you might see them out there from time to time, especially in lower-level applications that pack bits together into larger spaces.
Let’s take a look at some code to demonstrate a use case:
#include <stdio.h>
struct foo {
unsigned int a;
unsigned int b;
unsigned int c;
unsigned int d;
};
int main(void)
{
printf("%zu\n", sizeof(struct foo));
}
For me, this prints 16
. Which makes sense, since unsigned
s are 4 bytes on my system.
But what if we knew that all the values that were going to be stored in a
and b
could be stored in 5 bits, and the values in c
, and d
could be stored in 3 bits? That’s only a total 16 bits. Why have 128 bits reserved for them if we’re only going to use 16?
Well, we can tell C to pretty-please try to pack these values in. We can specify the maximum number of bits that values can take (from 1 up the size of the containing type).
We do this by putting a colon after the field name, followed by the field width in bits.
Now when I ask C how big my struct foo
is, it tells me 4! It was 16 bytes, but now it’s only 4. It has “packed” those 4 values down into 4 bytes, which is a four-fold memory savings.
The tradeoff is, of course, that the 5-bit fields can only hold values from 0-31 and the 3-bit fields can only hold values from 0-7. But life’s all about compromise, after all.
A gotcha: C will only combine adjacent bit-fields. If they’re interrupted by non-bit-fields, you get no savings:
struct foo { // sizeof(struct foo) == 16 (for me)
unsigned int a:1; // since a is not adjacent to c.
unsigned int b;
unsigned int c:1;
unsigned int d;
};
In that example, since a
is not adjacent to c
, they are both “packed” in their own int
s.
So we have one int
each for a
, b
, c
, and d
. Since my int
s are 4 bytes, that’s a grand total of 16 bytes.
A quick rearrangement yields some space savings from 16 bytes down to 12 bytes (on my system):
struct foo { // sizeof(struct foo) == 12 (for me)
unsigned int a:1;
unsigned int c:1;
unsigned int b;
unsigned int d;
};
And now, since a
is next to c
, the compiler puts them together into a single int
.
So we have one int
for a combined a
and c
, and one int
each for b
and d
. For a grand total of 3 int
s, or 12 bytes.
Put all your bitfields together to get the compiler to combine them.
int
sIf you just declare a bit-field to be int
, the different compilers will treat it as signed
or unsigned
. Just like the situation with char
.
Be specific about the signedness when using bit-fields.
In some specific circumstances, you might need to reserve some bits for hardware reasons, but not need to use them in code.
For example, let’s say you have a byte where the top 2 bits have a meaning, the bottom 1 bit has a meaning, but the middle 5 bits do not get used by you137.
We could do something like this:
struct foo {
unsigned char a:2;
unsigned char dummy:5;
unsigned char b:1;
};
And that works—in our code we use a
and b
, but never dummy
. It’s just there to eat up 5 bits to make sure a
and b
are in the “required” (by this contrived example) positions within the byte.
C allows us a way to clean this up: unnamed bit-fields. You can just leave the name (dummy
) out in this case, and C is perfectly happy for the same effect:
struct foo {
unsigned char a:2;
unsigned char :5; // <-- unnamed bit-field!
unsigned char b:1;
};
Some more esoterica out here… Let’s say you were packing bits into an unsigned int
, and you needed some adjacent bit-fields to pack into the next unsigned int
.
That is, if you do this:
struct foo {
unsigned int a:1;
unsigned int b:2;
unsigned int c:3;
unsigned int d:4;
};
the compiler packs all those into a single unsigned int
. But what if you needed a
and b
in one int
, and c
and d
in a different one?
There’s a solution for that: put an unnamed bit-field of width 0
where you want the compiler to start anew with packing bits in a different int
:
struct foo {
unsigned int a:1;
unsigned int b:2;
unsigned int :0; // <--Zero-width unnamed bit-field
unsigned int c:3;
unsigned int d:4;
};
It’s analogous to an explicit page break in a word processor. You’re telling the compiler, “Stop packing bits in this unsigned
, and start packing them in the next one.”
By adding the zero-width unnamed bit field in that spot, the compiler puts a
and b
in one unsigned int
, and c
and d
in another unsigned int
. Two total, for a size of 8 bytes on my system (unsigned int
s are 4 bytes each).
These are basically just like struct
s, except the fields overlap in memory. The union
will be only large enough for the largest field, and you can only use one field at a time.
It’s a way to reuse the same memory space for different types of data.
You declare them just like struct
s, except it’s union
. Take a look at this:
union foo {
int a, b, c, d, e, f;
float g, h;
char i, j, k, l;
};
Now, that’s a lot of fields. If this were a struct
, my system would tell me it took 36 bytes to hold it all.
But it’s a union
, so all those fields overlap in the same stretch of memory. The biggest one is int
(or float
), taking up 4 bytes on my system. And, indeed, if I ask for the sizeof
the union foo
, it tells me 4!
The tradeoff is that you can only portably use one of those fields at a time. However…
You can non-portably write to one union
field and read from another!
Doing so is called type punning138, and you’d use it if you really knew what you were doing, typically with some kind of low-level programming.
Since the members of a union share the same memory, writing to one member necessarily affects the others. And if you read from one what was written to another, you get some weird effects.
#include <stdio.h>
union foo {
float b;
short a;
};
int main(void)
{
union foo x;
x.b = 3.14159;
printf("%f\n", x.b); // 3.14159, fair enough
printf("%d\n", x.a); // But what about this?
}
On my system, this prints out:
3.141590
4048
because under the hood, the object representation for the float 3.14159
was the same as the object representation for the short 4048
. On my system. Your results may vary.
union
sIf you have a pointer to a union
, you can cast that pointer to any of the types of the fields in that union
and get the values out that way.
In this example, we see that the union
has int
s and float
s in it. And we get pointers to the union
, but we cast them to int*
and float*
types (the cast silences compiler warnings). And then if we dereference those, we see that they have the values we stored directly in the union
.
#include <stdio.h>
union foo {
int a, b, c, d, e, f;
float g, h;
char i, j, k, l;
};
int main(void)
{
union foo x;
int *foo_int_p = (int *)&x;
float *foo_float_p = (float *)&x;
x.a = 12;
printf("%d\n", x.a); // 12
printf("%d\n", *foo_int_p); // 12, again
x.g = 3.141592;
printf("%f\n", x.g); // 3.141592
printf("%f\n", *foo_float_p); // 3.141592, again
}
The reverse is also true. If we have a pointer to a type inside the union
, we can cast that to a pointer to the union
and access its members.
union foo x;
int *foo_int_p = (int *)&x; // Pointer to int field
union foo *p = (union foo *)foo_int_p; // Back to pointer to union
->a = 12; // This line the same as...
p.a = 12; // this one. x
All this just lets you know that, under the hood, all these values in a union
start at the same place in memory, and that’s the same as where the entire union
is.
If you have a union
of struct
s, and all those struct
s begin with a common initial sequence, it’s valid to access members of that sequence from any of the union
members.
What?
Here are two struct
s with a common initial sequence:
struct a {
int x; //
float y; // Common initial sequence
char *p;
};
struct b {
int x; //
float y; // Common initial sequence
double *p;
short z;
};
Do you see it? It’s that they start with int
followed by float
—that’s the common initial sequence. The members in the sequence of the struct
s have to be compatible types. And we see that with x
and y
, which are int
and float
respectively.
Now let’s build a union of these:
union foo {
struct a sa;
struct b sb;
};
What this rule tells us is that we’re guaranteed that the members of the common initial sequences are interchangeable in code. That is:
f.sa.x
is the same as f.sb.x
.and
f.sa.y
is the same as f.sb.y
.Because fields x
and y
are both in the common initial sequence.
Also, the names of the members in the common initial sequence don’t matter—all that matters is that the types are the same.
All together, this allows us a way to safely add some shared information between struct
s in the union
. The best example of this is probably using a field to determine the type of struct
out of all the struct
s in the union
that is currently “in use”.
That is, if we weren’t allowed this and we passed the union
to some function, how would that function know which member of the union
was the one it should look at?
Take a look at these struct
s. Note the common initial sequence:
#include <stdio.h>
struct common {
int type; // common initial sequence
};
struct antelope {
int type; // common initial sequence
int loudness;
};
struct octopus {
int type; // common initial sequence
int sea_creature;
float intelligence;
};
Now let’s throw them into a union
:
Also, please indulge me these two #define
s for the demo:
So far, nothing special has happened here. It seems like the type
field is completely useless.
But now let’s make a generic function that prints a union animal
. It has to somehow be able to tell if it’s looking at a struct antelope
or a struct octopus
.
Because of the magic of common initial sequences, it can look up the animal type in any of these places for a particular union animal x
:
int type = x.common.type; \\ or...
int type = x.antelope.type; \\ or...
int type = x.octopus.type;
All those refer to the same value in memory.
And, as you might have guessed, the struct common
is there so code can agnostically look at the type without mentioning a particular animal.
Let’s look at the code to print a union animal
:
void print_animal(union animal *x)
{
switch (x->common.type) {
case ANTELOPE:
printf("Antelope: loudness=%d\n", x->antelope.loudness);
break;
case OCTOPUS:
printf("Octopus : sea_creature=%d\n", x->octopus.sea_creature);
printf(" intelligence=%f\n", x->octopus.intelligence);
break;
default:
printf("Unknown animal type\n");
}
}
int main(void)
{
union animal a = {.antelope.type=ANTELOPE, .antelope.loudness=12};
union animal b = {.octopus.type=OCTOPUS, .octopus.sea_creature=1,
.octopus.intelligence=12.8};
print_animal(&a);
print_animal(&b);
}
See how on line 29 we’re just passing in the union
—we have no idea what type of animal struct
is in use within it.
But that’s OK! Because on line 31 we check the type to see if it’s an antelope or an octopus. And then we can look at the proper struct
to get the members.
It’s definitely possible to get this same effect using just struct
s, but you can do it this way if you want the memory-saving effects of a union
.
You know how you can have an unnamed struct
, like this:
struct {
int x, y;
} s;
That defines a variable s
that is of anonymous struct
type (because the struct
has no name tag), with members x
and y
.
So things like this are valid:
.x = 34;
s.y = 90;
s
("%d %d\n", s.x, s.y); printf
Turns out you can drop those unnamed struct
s in union
s just like you might expect:
union foo {
struct { // unnamed!
int x, y;
} a;
struct { // unnamed!
int z, w;
} b;
};
And then access them as per normal:
union foo f;
.a.x = 1;
f.a.y = 2;
f.b.z = 3;
f.b.w = 4; f
No problem!
struct
s and union
s
You can pass a struct
or union
to a function by value (as opposed to a pointer to it)—a copy of that object to the parameter will be made as if by assignment as per usual.
You can also return a struct
or union
from a function and it is also passed by value back.
#include <stdio.h>
struct foo {
int x, y;
};
struct foo f(void)
{
return (struct foo){.x=34, .y=90};
}
int main(void)
{
struct foo a = f(); // Copy is made
printf("%d %d\n", a.x, a.y);
}
Fun fact: if you do this, you can use the .
operator right off the function call:
(Of course that example calls the function twice, inefficiently.)
And the same holds true for returning pointers to struct
s and union
s—just be sure to use the ->
arrow operator in that case.
We’ve talked about how char
types are actually just small integer types… but it’s the same for a character in single quotes.
But a string in double quotes is type const char *
.
Turns out there are few more types of strings and characters, and it leads down one of the most infamous rabbit holes in the language: the whole multibyte/wide/Unicode/localization thingy.
We’re going to peer into that rabbit hole, but not go in. …Yet!
We’re used to strings and characters with regular letters, punctuation, and numbers:
char *s = "Hello!";
char t = 'c';
But what if we want some special characters in there that we can’t type on the keyboard because they don’t exist (e.g. “€”), or even if we want a character that’s a single quote? We clearly can’t do this:
char t = ''';
To do these things, we use something called escape sequences. These are the backslash character (\
) followed by another character. The two (or more) characters together have special meaning.
For our single quote character example, we can put an escape (that is, \
) in front of the central single quote to solve it:
char t = '\'';
Now C knows that \'
means just a regular quote we want to print, not the end of the character sequence.
You can say either “backslash” or “escape” in this context (“escape that quote”) and C devs will know what you’re talking about. Also, “escape” in this context is different than your Esc
key or the ASCII ESC
code.
In my humble opinion, these escape characters make up 99.2%139 of all escapes.
Code | Description |
---|---|
\n |
Newline character—when printing, continue subsequent output on the next line |
\' |
Single quote—used for a single quote character constant |
\" |
Double quote—used for a double quote in a string literal |
\\ |
Backslash—used for a literal \ in a string or character |
Here are some examples of the escapes and what they output when printed.
("Use \\n for newline\n"); // Use \n for newline
printf("Say \"hello\"!\n"); // Say "hello"!
printf("%c\n", '\''); // ' printf
But there are more escapes! You just don’t see these as often.
Code | Description |
---|---|
\a |
Alert. This makes the terminal make a sound or flash, or both! |
\b |
Backspace. Moves the cursor back a character. Doesn’t delete the character. |
\f |
Formfeed. This moves to the next “page”, but that doesn’t have much modern meaning. On my system, this behaves like \v . |
\r |
Return. Move to the beginning of the same line. |
\t |
Horizontal tab. Moves to the next horizontal tab stop. On my machine, this lines up on columns that are multiples of 8, but YMMV. |
\v |
Vertical tab. Moves to the next vertical tab stop. On my machine, this moves to the same column on the next line. |
\? |
Literal question mark. Sometimes you need this to avoid trigraphs, as shown below. |
A use case for \b
or \r
is to show status updates that appear on the same line on the screen and don’t cause the display to scroll. Here’s an example that does a countdown from 10. (If your compiler doesn’t support threading, you can use the non-standard POSIX function sleep()
from <unistd.h>
—if you’re not on a Unix-like, search for your platform and sleep
for the equivalent.)
#include <stdio.h>
#include <threads.h>
int main(void)
{
for (int i = 10; i >= 0; i--) {
printf("\rT minus %d second%s... \b", i, i != 1? "s": "");
fflush(stdout); // Force output to update
// Sleep for 1 second
thrd_sleep(&(struct timespec){.tv_sec=1}, NULL);
}
printf("\rLiftoff! \n");
}
Quite a few things are happening on line 7. First of all, we lead with a \r
to get us to the beginning of the current line, then we overwrite whatever’s there with the current countdown. (There’s ternary operator out there to make sure we print 1 second
instead of 1 seconds
.)
Also, there’s a space after the ...
That’s so that we properly overwrite the last .
when i
drops from 10
to 9
and we get a column narrower. Try it without the space to see what I mean.
And we wrap it up with a \b
to back up over that space so the cursor sits at the exact end of the line in an aesthetically-pleasing way.
Note that line 14 also has a lot of spaces at the end to overwrite the characters that were already there from the countdown.
Finally, we have a weird fflush(stdout)
in there, whatever that means. Short answer is that most terminals are line buffered by default, meaning they don’t actually display anything until a newline character is encountered. Since we don’t have a newline (we just have \r
), without this line, the program would just sit there until Liftoff!
and then print everything all in one instant. fflush()
overrides this behavior and forces output to happen right now.
Why bother with this? After all, this works just fine:
("Doesn't it?\n"); printf
And it works fine with the escape, too:
("Doesn't it\?\n"); // Note \? printf
So what’s the point??!
Let’s get more emphatic with another question mark and an exclamation point:
("Doesn't it??!\n"); printf
When I compile this, I get this warning:
foo.c: In function ‘main’:
foo.c:5:23: warning: trigraph ??! converted to | [-Wtrigraphs]
5 | printf("Doesn't it??!\n");
|
And running it gives this unlikely result:
Doesn't it|
So trigraphs? What the heck is this??!
I’m sure we’ll revisit this dusty corner of the language later, but the short of it is the compiler looks for certain triplets of characters starting with ??
and it substitutes other characters in their place. So if you’re on some ancient terminal without a pipe symbol (|
) on the keyboard, you can type ??!
instead.
You can fix this by escaping the second question mark, like so:
("Doesn't it?\?!\n"); printf
And then it compiles and works as-expected.
These days, of course, no one ever uses trigraphs. But that whole ??!
does sometimes appear if you decide to use it in a string for emphasis.
In addition, there are ways to specify numeric constants or other character values inside strings or character constants.
If you know an octal or hexadecimal representation of a byte, you can include that in a string or character constant.
The following table has example numbers, but any hex or octal numbers may be used. Pad with leading zeros if necessary to read the proper digit count.
Code | Description |
---|---|
\123 |
Embed the byte with octal value 123 , 3 digits exactly. |
\x4D |
Embed the byte with hex value 4D , 2 digits. |
\u2620 |
Embed the Unicode character at code point with hex value 2620 , 4 digits. |
\U0001243F |
Embed the Unicode character at code point with hex value 1243F , 8 digits. |
Here’s an example of the less-commonly used octal notation to represent the letter B
in between A
and C
. Normally this would be used for some kind of special unprintable character, but we have other ways to do that, below, and this is just an octal demo:
("A\102C\n"); // 102 is `B` in ASCII/UTF-8 printf
Note there’s no leading zero on the octal number when you include it this way. But it does need to be three characters, so pad with leading zeros if you need to.
But far more common is to use hex constants these days. Here’s a demo that you shouldn’t use, but it demos embedding the UTF-8 bytes 0xE2, 0x80, and 0xA2 in a string, which corresponds to the Unicode “bullet” character (•).
("\xE2\x80\xA2 Bullet 1\n");
printf("\xE2\x80\xA2 Bullet 2\n");
printf("\xE2\x80\xA2 Bullet 3\n"); printf
Produces the following output if you’re on a UTF-8 console (or probably garbage if you’re not):
• Bullet 1
• Bullet 2 • Bullet 3
But that’s a crummy way to do Unicode. You can use the escapes \u
(16-bit) or \U
(32-bit) to just refer to Unicode by code point number. The bullet is 2022
(hex) in Unicode, so you can do this and get more portable results:
("\u2022 Bullet 1\n");
printf("\u2022 Bullet 2\n");
printf("\u2022 Bullet 3\n"); printf
Be sure to pad \u
with enough leading zeros to get to four characters, and \U
with enough to get to eight.
For example, that bullet could be done with \U
and four leading zeros:
("\U00002022 Bullet 1\n"); printf
But who has time to be that verbose?
enum
C offers us another way to have constant integer values by name: enum
.
For example:
enum {
=1,
ONE=2
TWO};
("%d %d", ONE, TWO); // 1 2 printf
In some ways, it can be better—or different—than using a #define
. Key differences:
enum
s can only be integer types.#define
can define anything at all.enum
s are often shown by their symbolic identifier name in a debugger.#define
d numbers just show as raw numbers which are harder to know the meaning of while debugging.Since they’re integer types, they can be used any place integers can be used, including in array dimensions and case
statements.
Let’s tear into this more.
enum
enum
s are automatically numbered unless you override them.
They start at 0
, and autoincrement up from there, by default:
enum {
, // Value is 0
SHEEP, // Value is 1
WHEAT, // Value is 2
WOOD, // Value is 3
BRICK// Value is 4
ORE };
("%d %d\n", SHEEP, BRICK); // 0 3 printf
You can force particular integer values, as we saw earlier:
enum {
=2,
X=18,
Y=-2
Z};
Duplicates are not a problem:
enum {
=2,
X=2,
Y=2
Z};
if values are omitted, numbering continues counting in the positive direction from whichever value was last specified. For example:
enum {
, // 0, default starting value
A, // 1
B=4, // 4, manually set
C, // 5
D, // 6
E=3 // 3, manually set
F, // 4
G// 5
H }
This is perfectly fine, if that’s your style:
enum {
=2,
X=18,
Y=-2, // <-- Trailing comma
Z};
It’s gotten more popular in languages of the recent decades so you might be pleased to see it.
enum
s scope as you’d expect. If at file scope, the whole file can see it. If in a block, it’s local to that block.
It’s really common for enum
s to be defined in header files so they can be #include
d at file scope.
As you’ve noticed, it’s common to declare the enum
symbols in uppercase (with underscores).
This isn’t a requirement, but is a very, very common idiom.
enum
is a TypeThis is an important thing to know about enum
: they’re a type, analogous to how a struct
is a type.
You can give them a tag name so you can refer to the type later and declare variables of that type.
Now, since enum
s are integer types, why not just use int
?
In C, the best reason for this is code clarity–it’s a nice, typed way to describe your thinking in code. C (unlike C++) doesn’t actually enforce any values being in range for a particular enum
.
Let’s do an example where we declare a variable r
of type enum resource
that can hold those values:
// Named enum, type is "enum resource"
enum resource {
,
SHEEP,
WHEAT,
WOOD,
BRICK
ORE};
// Declare a variable "r" of type "enum resource"
enum resource r = BRICK;
if (r == BRICK) {
("I'll trade you a brick for two sheep.\n");
printf}
You can also typedef
these, of course, though I personally don’t like to.
typedef enum {
,
SHEEP,
WHEAT,
WOOD,
BRICK
ORE} RESOURCE;
= BRICK; RESOURCE r
Another shortcut that’s legal but rare is to declare variables when you declare the enum
:
// Declare an enum and some initialized variables of that type:
enum {
,
SHEEP,
WHEAT,
WOOD,
BRICK
ORE} r = BRICK, s = WOOD;
You can also give the enum
a name so you can use it later, which is probably what you want to do in most cases:
// Declare an enum and some initialized variables of that type:
enum resource { // <-- type is now "enum resource"
,
SHEEP,
WHEAT,
WOOD,
BRICK
ORE} r = BRICK, s = WOOD;
In short, enum
s are a great way to write nice, scoped, typed, clean code.
Here’s where we cover some intermediate and advanced pointer usage. If you don’t have pointers down well, review the previous chapters on pointers and pointer arithmetic before starting on this stuff.
If you can have a pointer to a variable, and a variable can be a pointer, can you have a pointer to a variable that it itself a pointer?
Yes! This is a pointer to a pointer, and it’s held in variable of type pointer-pointer.
Before we tear into that, I want to try for a gut feel for how pointers to pointers work.
Remember that a pointer is just a number. It’s a number that represents an index in computer memory, typically one that holds a value we’re interested in for some reason.
That pointer, which is a number, has to be stored somewhere. And that place is memory, just like everything else140.
But because it’s stored in memory, it must have an index it’s stored at, right? The pointer must have an index in memory where it is stored. And that index is a number. It’s the address of the pointer. It’s a pointer to the pointer.
Let’s start with a regular pointer to an int
, back from the earlier chapters:
#include <stdio.h>
int main(void)
{
int x = 3490; // Type: int
int *p = &x; // Type: pointer to an int
printf("%d\n", *p); // 3490
}
Straightforward enough, right? We have two types represented: int
and int*
, and we set up p
to point to x
. Then we can dereference p
on line 8 and print out the value 3490
.
But, like we said, we can have a pointer to any variable… so does that mean we can have a pointer to p
?
In other words, what type is this expression?
int x = 3490; // Type: int
int *p = &x; // Type: pointer to an int
&p // <-- What type is the address of p? AKA a pointer to p?
If x
is an int
, then &x
is a pointer to an int
that we’ve stored in p
which is type int*
. Follow? (Repeat this paragraph until you do!)
And therefore &p
is a pointer to an int*
, AKA a “pointer to a pointer to an int
”. AKA “int
-pointer-pointer”.
Got it? (Repeat the previous paragraph until you do!)
We write this type with two asterisks: int **
. Let’s see it in action.
#include <stdio.h>
int main(void)
{
int x = 3490; // Type: int
int *p = &x; // Type: pointer to an int
int **q = &p; // Type: pointer to pointer to int
printf("%d %d\n", *p, **q); // 3490 3490
}
Let’s make up some pretend addresses for the above values as examples and see what these three variables might look like in memory. The address values, below are just made up by me for example purposes:
Variable | Stored at Address | Value Stored There |
---|---|---|
x |
28350 |
3490 —the value from the code |
p |
29122 |
28350 —the address of x ! |
q |
30840 |
29122 —the address of p ! |
Indeed, let’s try it for real on my computer141 and print out the pointer values with %p
and I’ll do the same table again with actual references (printed in hex).
Variable | Stored at Address | Value Stored There |
---|---|---|
x |
0x7ffd96a07b94 |
3490 —the value from the code |
p |
0x7ffd96a07b98 |
0x7ffd96a07b94 —the address of x ! |
q |
0x7ffd96a07ba0 |
0x7ffd96a07b98 —the address of p ! |
You can see those addresses are the same except the last byte, so just focus on those.
On my system, int
s are 4 bytes, which is why we’re seeing the address go up by 4 from x
to p
142 and then goes up by 8 from p
to q
. On my system, all pointers are 8 bytes.
Does it matter if it’s an int*
or an int**
? Is one more bytes than the other? Nope! Remember that all pointers are addresses, that is indexes into memory. And on my machine you can represent an index with 8 bytes… doesn’t matter what’s stored at that index.
Now check out what we did there on line 9 of the previous example: we double dereferenced q
to get back to our 3490
.
This is the important bit about pointers and pointers to pointers:
&
(including to a pointer!)*
(including a pointer!)So you can think of &
as being used to make pointers, and *
being the inverse—it goes the opposite direction of &
—to get to the thing pointed to.
In terms of type, each time you &
, that adds another pointer level to the type.
If you have | Then you run | The result type is |
---|---|---|
int x |
&x |
int * |
int *x |
&x |
int ** |
int **x |
&x |
int *** |
int ***x |
&x |
int **** |
And each time you use dereference (*
), it does the opposite:
If you have | Then you run | The result type is |
---|---|---|
int ****x |
*x |
int *** |
int ***x |
*x |
int ** |
int **x |
*x |
int * |
int *x |
*x |
int |
Note that you can use multiple *
s in a row to quickly dereference, just like we saw in the example code with **q
, above. Each one strips away one level of indirection.
If you have | Then you run | The result type is |
---|---|---|
int ****x |
***x |
int * |
int ***x |
**x |
int * |
int **x |
**x |
int |
In general, &*E == E
143. The dereference “undoes” the address-of.
But &
doesn’t work the same way—you can only do those one at a time, and have to store the result in an intermediate variable:
int x = 3490; // Type: int
int *p = &x; // Type: int *, pointer to an int
int **q = &p; // Type: int **, pointer to pointer to int
int ***r = &q; // Type: int ***, pointer to pointer to pointer to int
int ****s = &r; // Type: int ****, you get the idea
int *****t = &s; // Type: int *****
const
If you recall, declaring a pointer like this:
int *const p;
means that you can’t modify p
. Trying to p++
would give you a compile-time error.
But how does that work with int **
or int ***
? Where does the const
go, and what does it mean?
Let’s start with the simple bit. The const
right next to the variable name refers to that variable. So if you want an int***
that you can’t change, you can do this:
int ***const p;
++; // Not allowed p
But here’s where things get a little weird.
What if we had this situation:
When I build that, I get a warning:
warning: initialization discards ‘const’ qualifier from pointer target type
7 | int **q = &p; | ^
What’s going on? The compiler is telling us here that we had a variable that was const
, and we’re assigning its value into another variable that is not const
in the same way. The “const
ness” is discarded, which probably isn’t what we wanted to do.
The type of p
is int *const p
, and so &p
is type int *const *
. And we try to assign that into q
.
But q
is int **
! A type with different const
ness on the first *
! So we get a warning that the const
in p
’s int *const *
is being ignored and thrown away.
We can fix that by making sure q
’s type is at least as const
as p
.
int x = 3490;
int *const p = &x;
int *const *q = &p;
And now we’re happy.
We could make q
even more const
. As it is, above, we’re saying, “q
isn’t itself const
, but the thing it points to is const
.” But we could make them both const
:
int x = 3490;
int *const p = &x;
int *const *const q = &p; // More const!
And that works, too. Now we can’t modify q
, or the pointer q
points to.
We kinda hinted at this in a variety of places earlier, but clearly not every value can be stored in a single byte of memory. Things take up multiple bytes of memory (assuming they’re not char
s). You can tell how many bytes by using sizeof
. And you can tell which address in memory is the first byte of the object by using the standard &
operator, which always returns the address of the first byte.
And here’s another fun fact! If you iterate over the bytes of any object, you get its object representation. Two things with the same object representation in memory are equal.
If you want to iterate over the object representation, you should do it with pointers to unsigned char
.
Let’s make our own version of memcpy()
144 that does exactly this:
void *my_memcpy(void *dest, const void *src, size_t n)
{
// Make local variables for src and dest, but of type unsigned char
const unsigned char *s = src;
unsigned char *d = dest;
while (n-- > 0) // For the given number of bytes
*d++ = *s++; // Copy source byte to dest byte
// Most copy functions return a pointer to the dest as a convenience
// to the caller
return dest;
}
(There are some good examples of post-increment and post-decrement in there for you to study, as well.)
It’s important to note that the version, above, is probably less efficient than the one that comes with your system.
But you can pass pointers to anything into it, and it’ll copy those objects. Could be int*
, struct animal*
, or anything.
Let’s do another example that prints out the object representation bytes of a struct
so we can see if there’s any padding in there and what values it has145.
#include <stdio.h>
struct foo {
char a;
int b;
};
int main(void)
{
struct foo x = {0x12, 0x12345678};
unsigned char *p = (unsigned char *)&x;
for (size_t i = 0; i < sizeof x; i++) {
printf("%02X\n", p[i]);
}
}
What we have there is a struct foo
that’s built in such a way that should encourage a compiler to inject padding bytes (though it doesn’t have to). And then we get an unsigned char *
to the first byte of the struct foo
variable x
.
From there, all we need to know is the sizeof x
and we can loop through that many bytes, printing out the values (in hex for ease).
Running this gives a bunch of numbers as output. I’ve annotated it below to identify where the values were stored:
12 | x.a == 0x12
AB |
BF | padding bytes with "random" value
26 |
78 |
56 | x.b == 0x12345678
34 | 12 |
On all systems, sizeof(char)
is 1, and we see that first byte at the top of the output holding the value 0x12
that we stored there.
Then we have some padding bytes—for me, these varied from run to run.
Finally, on my system, sizeof(int)
is 4, and we can see those 4 bytes at the end. Notice how they’re the same bytes as are in the hex value 0x12345678
, but strangely in reverse order146.
So that’s a little peek under the hood at the bytes of a more complex entity in memory.
NULL
Pointer and ZeroThese things can be used interchangeably:
NULL
0
'\0'
(void *)0
Personally, I always use NULL
when I mean NULL
, but you might see some other variants from time to time. Though '\0'
(a byte with all bits set to zero) will also compare equal, it’s weird to compare it to a pointer; you should compare NULL
against the pointer. (Of course, lots of times in string processing, you’re comparing the thing the pointer points to to '\0'
, and that’s right.)
0
is called the null pointer constant, and, when compared to or assigned into another pointer, it is converted to a null pointer of the same type.
You can cast pointers to integers and vice-versa (since a pointer is just an index into memory), but you probably only ever need to do this if you’re doing some low-level hardware stuff. The results of such machinations are implementation-defined, so they aren’t portable. And weird things could happen.
C does make one guarantee, though: you can convert a pointer to a uintptr_t
type and you’ll be able to convert it back to a pointer without losing any data.
uintptr_t
is defined in <stdint.h>
147.
Additionally, if you feel like being signed, you can use intptr_t
to the same effect.
There’s only one safe pointer conversion:
intptr_t
or uintptr_t
.void*
.TWO! Two safe pointer conversions.
char*
(or signed char*
/unsigned char*
).THREE! Three safe conversions!
struct
and a pointer to its first member, and vice-versa.FOUR! Four safe conversions!
If you cast to a pointer of another type and then access the object it points to, the behavior is undefined due to something called strict aliasing.
Plain old aliasing refers to the ability to have more than one way to access the same object. The access points are aliases for each other.
Strict aliasing says you are only allowed to access an object via pointers to compatible types to that object.
For example, this is definitely allowed:
int a = 1;
int *p = &a;
p
is a pointer to an int
, and it points to a compatible type—namely int
—so we’re golden.
But the following isn’t good because int
and float
are not compatible types:
int a = 1;
float *p = (float *)&a;
Here’s a demo program that does some aliasing. It takes a variable v
of type int32_t
and aliases it to a pointer to a struct words
. That struct
has two int16_t
s in it. These types are incompatible, so we’re in violation of strict aliasing rules. The compiler will assume that these two pointers never point to the same object… but we’re making it so they do. Which is naughty of us.
Let’s see if we can break something.
#include <stdio.h>
#include <stdint.h>
struct words {
int16_t v[2];
};
void fun(int32_t *pv, struct words *pw)
{
for (int i = 0; i < 5; i++) {
(*pv)++;
// Print the 32-bit value and the 16-bit values:
printf("%x, %x-%x\n", *pv, pw->v[1], pw->v[0]);
}
}
int main(void)
{
int32_t v = 0x12345678;
struct words *pw = (struct words *)&v; // Violates strict aliasing
fun(&v, pw);
}
See how I pass in the two incompatible pointers to fun()
? One of the types is int32_t*
and the other is struct words*
.
But they both point to the same object: the 32-bit value initialized to 0x12345678
.
So if we look at the fields in the struct words
, we should see the two 16-bit halves of that number. Right?
And in the fun()
loop, we increment the pointer to the int32_t
. That’s it. But since the struct
points to that same memory, it, too, should be updated to the same value.
So let’s run it and get this, with the 32-bit value on the left and the two 16-bit portions on the right. It should match148:
12345679, 1234-5679
1234567a, 1234-567a
1234567b, 1234-567b
1234567c, 1234-567c 1234567d, 1234-567d
and it does… UNTIL TOMORROW!
Let’s try it compiling GCC with -O3
and -fstrict-aliasing
:
12345679, 1234-5678
1234567a, 1234-5679
1234567b, 1234-567a
1234567c, 1234-567b 1234567d, 1234-567c
They’re off by one! But they point to the same memory! How could this be? Answer: it’s undefined behavior to alias memory like that. Anything is possible, except not in a good way.
If your code violates strict aliasing rules, whether it works or not depends on how someone decides to compile it. And that’s a bummer since that’s beyond your control. Unless you’re some kind of omnipotent deity.
Unlikely, sorry.
GCC can be forced to not use the strict aliasing rules with -fno-strict-aliasing
. Compiling the demo program, above, with -O3
and this flag causes the output to be as expected.
Lastly, type punning is using pointers of different types to look at the same data. Before strict aliasing, this kind of things was fairly common:
int a = 0x12345678;
short b = *((short *)&a); // Violates strict aliasing
If you want to do type punning (relatively) safely, see the section on Unions and Type Punning.
As you know from the section on pointer arithmetic, you can subtract one pointer from another149 to get the difference between them in count of array elements.
Now the type of that difference is something that’s up to the implementation, so it could vary from system to system.
To be more portable, you can store the result in a variable of type ptrdiff_t
defined in <stddef.h>
.
int cats[100];
int *f = cats + 20;
int *g = cats + 60;
ptrdiff_t d = g - f; // difference is 40
And you can print it by prefixing the integer format specifier with t
:
("%td\n", d); // Print decimal: 40
printf("%tX\n", d); // Print hex: 28 printf
Functions are just collections of machine instructions in memory, so there’s no reason we can’t get a pointer to the first instruction of the function.
And then call it.
This can be useful for passing a pointer to a function into another function as an argument. Then the second one could call whatever was passed in.
The tricky part with these, though, is that C needs to know the type of the variable that is the pointer to the function.
And it would really like to know all the details.
Like “this is a pointer to a function that takes two int
arguments and returns void
”.
How do you write all that down so you can declare a variable?
Well, it turns out it looks very much like a function prototype, except with some extra parentheses:
// Declare p to be a pointer to a function.
// This function returns a float, and takes two ints as arguments.
float (*p)(int, int);
Also notice that you don’t have to give the parameters names. But you can if you want; they’re just ignored.
// Declare p to be a pointer to a function.
// This function returns a float, and takes two ints as arguments.
float (*p)(int a, int b);
So now that we know how to declare a variable, how do we know what to assign into it? How do we get the address of a function?
Turns out there’s a shortcut just like with getting a pointer to an array: you can just refer to the bare function name without parens. (You can put an &
in front of this if you like, but it’s unnecessary and not idiomatic.)
Once you have a pointer to a function, you can call it just by adding parens and an argument list.
Let’s do a simple example where I effectively make an alias for a function by setting a pointer to it. Then we’ll call it.
This code prints out 3490
:
#include <stdio.h>
void print_int(int n)
{
printf("%d\n", n);
}
int main(void)
{
// Assign p to point to print_int:
void (*p)(int) = print_int;
p(3490); // Call print_int via the pointer
}
Notice how the type of p
represents the return value and parameter types of print_int
. It has to, or else C will complain about incompatible pointer types.
One more example here shows how we might pass a pointer to a function as an argument to another function.
We’ll write a function that takes a couple integer arguments, plus a pointer to a function that operates on those two arguments. Then it prints the result.