to const or not to const

[Laurijssen]

What are the advantages of using const as often as possible in C?
Does it help to declare integer function arguments as const? How about
pointers and automatic const integers?

const int func(const int x, const float *f)
{
const int retval = x;

return retval;
}

has it any use to declare these as const?

 

[Mike Wahler]

What are the advantages of using const as often as possible in C?
Does it help to declare integer function arguments as const? How about
pointers and automatic const integers?

const int func(const int x, const float *f)
{
const int retval = x;

return retval;
}

has it any use to declare these as const?

Declaring the return value as 'const' won't buy you
anything, since what gets returned is a copy of it,
i.e. the caller can still change it.

const int f()
{
return 42;
}

void g()
{
int i = f();
i = 99; /* changes 'i' (the returned object with
value 42 gets destroyed before 'f()'
returns) */
}


The declaration of a 'const int' parameter might be
useful, might not. It will disallow changing the
parameter inside the function, but does not affect
the caller, since the argument is a copy of the caller's
argument.

int f(const int x)
{
x = 42; /* error: compiler must issue diagnostic */
return 0;
}

void g()
{
int i = 42;
f(i); /* 'i' is not const, but the copy
of it passed to 'f()' may not
be modified inside scope of 'f()'. */
}

=====================

int f(int x)
{
x = 42; /* ok, but has no effect on caller's argument */
}

void g()
{
int i = 0;
f(i);
/* here, 'i' still has value 0 */
}

==========================

The parameter 'const float *f' means that what the
pointer 'f' points to may not be modified. Since in
this case 'f' will point to a caller's argument, this
protects the caller's argument from changes.

int f(const float *f)
{
*f = 0; /* error: compiler must issue diagnostic */
return 0;
}

void g()
{
float n = 42;
f(100); /* if parameter 'f' of function 'f()' were
not declared 'const', there would be no
compiler error, but the run-time behavior
would be undefined (if you're lucky, some
visible problem e.g. 'seg fault'), since
'100' is a constant which must not be modified. */

f(n); /* Suppose your code required that 'n' should be
able to be modified in this scope, but not others.
If function 'f()'s parameter 'f' were not 'const'
it could change 'n'. With 'const', you'd get
a complaint from the compiler. */

}

So, if and when to use 'const' depends upon your needs.

-Mike

 

[Malcolm]

What are the advantages of using const as often as possible in C?
Does it help to declare integer function arguments as const? How about
pointers and automatic const integers?

const int func(const int x, const float *f)
{
const int retval = x;

return retval;
}

has it any use to declare these as const?

Not really.
If a pointer is const qualified, then you cannot mofdify what it points to.
This has a marginal use in tagging parameters as input rather than output.
However there are various weaknesses in C's implementation of const which
make in not especially useful. For instance members of a const-qulaified
structure can point to writeable memory, and const qualified parameters can
be aliased by writable pointers.

My own opinion is that const hasn't really improved the language, and is
best minimised.

 

[Chad]

Declaring the return value as 'const' won't buy you
anything, since what gets returned is a copy of it,
i.e. the caller can still change it.

const int f()
{
return 42;
}

void g()
{
int i = f();
i = 99; /* changes 'i' (the returned object with
value 42 gets destroyed before 'f()'
returns) */
}


The declaration of a 'const int' parameter might be
useful, might not. It will disallow changing the
parameter inside the function, but does not affect
the caller, since the argument is a copy of the caller's
argument.

int f(const int x)
{
x = 42; /* error: compiler must issue diagnostic */
return 0;
}

void g()
{
int i = 42;
f(i); /* 'i' is not const, but the copy
of it passed to 'f()' may not
be modified inside scope of 'f()'. */
}

=====================

int f(int x)
{
x = 42; /* ok, but has no effect on caller's argument */
}

void g()
{
int i = 0;
f(i);
/* here, 'i' still has value 0 */
}

==========================

The parameter 'const float *f' means that what the
pointer 'f' points to may not be modified. Since in
this case 'f' will point to a caller's argument, this
protects the caller's argument from changes.

int f(const float *f)
{
*f = 0; /* error: compiler must issue diagnostic */
return 0;
}

void g()
{
float n = 42;
f(100); /* if parameter 'f' of function 'f()' were
not declared 'const', there would be no
compiler error, but the run-time behavior
would be undefined (if you're lucky, some
visible problem e.g. 'seg fault'), since
'100' is a constant which must not be modified. */

f(n); /* Suppose your code required that 'n' should be
able to be modified in this scope, but not others.
If function 'f()'s parameter 'f' were not 'const'
it could change 'n'. With 'const', you'd get
a complaint from the compiler. */

}

So, if and when to use 'const' depends upon your needs.

-Mike

Hmm.... maybe my compiler is retarded, but the only way I can duplicate
what you say is when I go like:

#include <stdio.h>

int f(const int *f) {
*f = 2;
return 0;
}

int main(void) {
int n = 100;

/* Using (int*) makes the warning message "warning: passing arg 1 of
'f' makes pointer from integer without a cast." disappear */

f((int*)100);

return 0;
}

Then I compile this under the gnu compiler using the -Werror option (or
flag?).

Chad

 

[Skarmander]

Declaring the return value as 'const' won't buy you
anything, since what gets returned is a copy of it,
i.e. the caller can still change it.

const int f()
{
return 42;
}

void g()
{
int i = f();
i = 99; /* changes 'i' (the returned object with
value 42 gets destroyed before 'f()'
returns) */

That would be impossible, since then 'i' would not be properly initialized.
What happens here is that the value of the expression 'f()' is computed as
42. This value is then assigned to 'i', and then the subsequent assignment
assigns 99 to 'i'.

In fact, execution of f() does not involve any objects.

The parameter 'const float *f' means that what the
pointer 'f' points to may not be modified. Since in
this case 'f' will point to a caller's argument, this
protects the caller's argument from changes.

int f(const float *f)

It doesn't really matter here, but in general you should of course never
give an argument the same name as the function it belongs to. It's legal,
however.

{
*f = 0; /* error: compiler must issue diagnostic */
return 0;
}

void g()
{
float n = 42;
f(100); /* if parameter 'f' of function 'f()' were
not declared 'const', there would be no
compiler error, but the run-time behavior
would be undefined (if you're lucky, some
visible problem e.g. 'seg fault'), since
'100' is a constant which must not be modified. */

f(n); /* Suppose your code required that 'n' should be
able to be modified in this scope, but not others.
If function 'f()'s parameter 'f' were not 'const'
it could change 'n'. With 'const', you'd get
a complaint from the compiler. */

}

You seem to be confusing pointers with references here (which C of course
lacks). This code will not compile regardless of 'const', since you're
trying to pass floats as pointers. You mean something like this instead:

void f(float* n) {
*n = 0; /* OK: can modify what 'n' points to */
n = 0; /* OK: can modify 'n' as well, but this has no effect on the
caller */
}

void fc(const float* n) {
*n = 0; /* error: 'n' points to const object, cannot modify */
n = 0; /* OK: can still modify 'n' */
}

void fcc(const float* const n) {
*n = 0; /* error: 'n' points to const object, cannot modify */
n = 0; /* error: 'n' is a const object, cannot modify */
}

void g() {
float n = 42;
f(&n); /* OK: 'n' becomes 0 */
fc(&n); /* OK: convert float* to const float*, 'n' will not be modified */
f(&100); /* error: cannot take the address of a constant */
fc(&100); /* ditto */
}

In C++, one has references which do work in much the way you described, but
of course that's a horse of a different color.

S.

 

[Skarmander]

Mike Wahler wrote:

It doesn't really matter here, but in general you should of course never
give an argument the same name as the function it belongs to.

That should be 'parameter', not 'argument'.

You seem to be confusing pointers with references here (which C of
course lacks). This code will not compile regardless of 'const', since
you're trying to pass floats as pointers.

<snip>

The first call is trying to pass an int as a pointer, of course.

S.

 

[Peter Nilsson]

In the case of f, yes; in the case of x, not a great one.

Not really.
If a pointer is const qualified, then you cannot mofdify what it points to.

True, but the OP has not given an example of a const qualified pointer.
Consider...

void foo(double * const dcp, const double *cdp)

....where dcp is a const qualified pointer, and cdp is the more usual
pointer to a const qualified object (double).

This has a marginal use in tagging parameters as input rather than output.

I can only recall one perenial clc poster actually recommending that.
It's a style
issue and quite debatable. Those who use it are in a minority (but not
necessarily
wrong to do so.)

However there are various weaknesses in C's implementation of const which
make in not especially useful. For instance members of a const-qulaified
structure can point to writeable memory,

Why should the const-ness of the pointer affect the const-ness of the
memory being pointed to? That is the question the C committee faced,
and their decision that const should be indepentantly applicable to
both the pointer and the contents being pointed to is a natural one.

Note, you can have const pointers to const qualified objects. The
problem is
one of const poisoning, and C's lack of implicit conversion to const
beyond
the first pointer reference.

and const qualified parameters can be aliased by writable pointers.

My own opinion is that const hasn't really improved the language, and is
best minimised.

Like register and volatile, the const keywork is entirely optional to
strictly
conforming programs, assuming you leave the declarations of standard
library functions to the include headers.

So, it hasn't _harmed_ the language. But const can, and quite often is,
used to prevent accidental modification of an object that shouldn't be
modified (at least within a local space like a given function block.)

Const poisoning is difficult to remove from any language, but the fact
that
so many languages do have the notion of const is indicative that it is
a useful construct, even if no one has necessarily found the most
perfect
implementation of it.

 

[Ian Collins]

Not really.
If a pointer is const qualified, then you cannot mofdify what it points to.
This has a marginal use in tagging parameters as input rather than output.
However there are various weaknesses in C's implementation of const which
make in not especially useful. For instance members of a const-qulaified
structure can point to writeable memory, and const qualified parameters can
be aliased by writable pointers.

My own opinion is that const hasn't really improved the language, and is
best minimised.

Use of const char* over char* is to be promoted in my opinion, just to
prevent accidental attempts to modify string literals.

 

[Mike Wahler]

Hmm.... maybe my compiler is retarded,

No, my example was.

I meant to write

f(&n);

-Mike