ansaurus

Question

Why can't I convert 'char**' to a 'const char* const*' in C?

Answer 1

+18 A:

I had this same problem a few years ago and it irked me to no end.

The rules in C are more simply stated (i.e. they don't list exceptions like converting char** to const char*const*). Consequenlty, it's just not allowed. With the C++ standard, they included more rules to allow cases like this.

In the end, it's just a problem in the C standard. I hope the next standard (or technical report) will address this.

Kevin 2008-09-16 23:04:21

Why down-voted? Please explain!

Kevin 2008-09-16 23:31:04

I certainly didn't vote it down; it's the most relevant answer I've gotten so far. If I had 100 reputation points I would vote this up.

HappyDude 2008-09-16 23:48:07

@Kevin: If you're still around, I'm wondering how certain you are about your answer that it's just a problem in the standard - at the time did you actually go through the standard to check for it?If so, I can pretty much just close this question, as this is as much an answer as I'm going to get.

HappyDude 2008-09-17 00:27:49

@HappyDude: after reading the C standard, after the first 'const' all bets appear to be off, causing the compiler to believe there are const correctness issues. Kevin has the most correct reading.

sixlettervariables 2008-09-17 02:23:49

@sixlettervariables: Thank you for looking into this.

HappyDude 2008-09-17 02:55:07

@HappyDude: I had someone else explain this to me first. Then I looked it up in the C draft standard (I'm too cheap to purchase a copy of the official standard).

Kevin 2008-09-17 04:48:44

@Kevin: [It's](http://www.open-std.org/jtc1/sc22/wg14/www/standards) [free.](http://stackoverflow.com/questions/81656/where-do-i-find-the-current-c-or-c-standard-documents/83763#83763)

Roger Pate 2010-08-17 06:40:40

Answer 2

+11 A:

> However, in pure C, this still gives a warning, and I don't understand why

You've already identified the problem -- this code is not const-correct. "Const correct" means that, except for const_cast and C-style casts removing const, you can never modify a const object through those const pointers or references.

The value of const-correctness -- const is there, in large part, to detect programmer errors. If you declare something as const, you're stating that you don't think it should be modified -- or at least, those with access to the const version only should not be able to modifying it. Consider:

void foo(const int*);

As declared, foo doesn't have permission to modify the integer pointed to by its argument.

If you're not sure why the code you posted isn't const-correct, consider the following code, only slightly different from HappyDude's code:

char *y;

char **a = &y; // a points to y
const char **b = a; // now b also points to y

// const protection has been violated, because:

const char x = 42; // x must never be modified
*b = &x; // the type of *b is const char *, so set it 
         //     with &x which is const char* ..
         //     ..  so y is set to &x... oops;
*y = 43; // y == &x... so attempting to modify const 
         //     variable.  oops!  undefined behavior!
cout << x << endl;

Non-const types can only convert to const types in particular ways to prevent any circumvention of 'const' on a data-type without an explicit cast.

Objects initially declared const are particularly special -- the compiler can assume they never change. However, if 'b' can be assigned the value of 'a' without a cast, then you could inadvertantly attempt to modify a const variable. This would not only break the check you asked the compiler to make, to disallow you from changing that variables value -- it would also allow you break the compiler optimizations!

On some compilers, this will print '42', on some '43', and others, the program will crash.

Edit-add:

HappyDude: Your comment is spot on. Either the C langauge, or the C compiler you're using, treats const char * const * fundamentally differently than the C++ language treats it. Perhaps consider silencing the compiler warning for this source line only.

Edit-delete: removed typo

Aaron 2008-09-16 23:08:36

What you have said is correct, but it does not address the question.As I said, I understand why converting from a char** to a const char** is incorrect.What I don't understand is why converting from a char** to a const char* const * is incorrect.I have updated my question to elucidate.

HappyDude 2008-09-16 23:15:35

It's interesting that this response keeps getting voted up. I guess a lot of people don't read past the first couple lines of the question, something I'll keep in mind for the future.Though this is quite a well written post on a relatively obscure point, I just wish it was relevant :P.

HappyDude 2008-09-17 00:35:37

@Aaron: your post isn't particularly relevant to the topic, but well written nonetheless.

sixlettervariables 2008-09-17 00:49:29

Answer 3

+1 A:

I'm not able to get an error when implicitly casting char** to const char * const *, at least on MSVC 14 (VS2k5) and g++ 3.3.3. GCC 3.3.3 issues a warning, which I'm not exactly sure if it is correct in doing.

test.c:

#include <stdlib.h> 
#include <stdio.h>
void foo(const char * const * bar)
{
    printf("bar %s null\n", bar ? "is not" : "is");
}

int main(int argc, char **argv) 
{
    char **x = NULL; 
    const char* const*y = x;
    foo(x);
    foo(y);
    return 0; 
}

Output with compile as C code: cl /TC /W4 /Wp64 test.c

test.c(8) : warning C4100: 'argv' : unreferenced formal parameter
test.c(8) : warning C4100: 'argc' : unreferenced formal parameter

Output with compile as C++ code: cl /TP /W4 /Wp64 test.c

test.c(8) : warning C4100: 'argv' : unreferenced formal parameter
test.c(8) : warning C4100: 'argc' : unreferenced formal parameter

Output with gcc: gcc -Wall test.c

test2.c: In function `main':
test2.c:11: warning: initialization from incompatible pointer type
test2.c:12: warning: passing arg 1 of `foo' from incompatible pointer type

Output with g++: g++ -Wall test.C

no output

sixlettervariables 2008-09-16 23:42:06

Sorry, I should have clarified that I'm compiling with gcc.I have updated my question to clarify this.Fortunately (or perhaps not?) I rarely run into many difficult-to-handle warnings in msvc.

HappyDude 2008-09-16 23:46:52

@HappyDude: I've updated with my findings from GCC. And now I see what you're saying, but I don't agree with the compiler warning just yet. I'm going to break out my C specification and see what I find.

sixlettervariables 2008-09-16 23:48:21

@sixlettervariables: Thanks for the response! Let me know if you do find something, but I suspect that what Kevin said was correct and it just isn't covered by the standard.

HappyDude 2008-09-17 00:17:28

Answer 4

A:

I'm pretty sure that the const keyword does not imply the data can't be changed/is constant, only that the data will be treated as read-only. Consider this:

const volatile int *const serial_port = SERIAL_PORT;

which is valid code. How can volatile and const co-exist? Simple. volatile tells the compiler to always read the memory when using the data and const tells the compiler to create an error when an attempt is made to write to the memory using the serial_port pointer.

Does const help the compiler's optimiser? No. Not at all. Because constness can be added to and removed from data through casting, the compiler cannot figure out if const data really is constant (since the cast could be done in a different translation unit). In C++ you also have the mutable keyword to complicate matters further.

char *const p = (char *) 0xb000;
//error: p = (char *) 0xc000;
char **q = (char **)&p;
*q = (char *)0xc000; // p is now 0xc000

What happens when an attempt is made to write to memory that really is read only (ROM, for example) probably isn't defined in the standard at all.

Skizz

Skizz 2008-09-16 23:46:37

This doesn't really address the question.As I understand it, removing const via casting is technically an undefined operation according to the C standard, even though most compilers will allow it and 'do the right thing'.But it isn't what I'm asking about at all.

HappyDude 2008-09-16 23:53:19

Answer 5

+5 A:

To be considered compatible, the source pointer should be const in the immediately anterior indirection level. So, this will give you the warning in GCC:

char **a;
const char* const* b = a;

But this won't:

const char **a;
const char* const* b = a;

Alternatively, you can cast it:

char **a;
const char* const* b = (const char **)a;

You would need the same cast to invoke the function f() as you mentioned. As far as I know, there's no way to make an implicit conversion in this case (except in C++).

Fabio Ceconello 2008-09-17 00:06:21

Please read the question more carefully.I am aware that the first code snippet is incorrect, as I say on the line immediately following it.The second one, however, should be fine (as far as I can tell). As I have mentioned, MSVC does not give a warning, but gcc does.

HappyDude 2008-09-17 00:13:38

Sorry, I didn't explained well what I wanted, and also didn't test the result in GCC to make sure the code samples were accurate. Correcting.

Fabio Ceconello 2008-09-17 01:24:09

Thanks Fabio, your edited response is much clearer.I think I'm just going to have to accept that I need to cast it.

HappyDude 2008-09-17 01:48:23

Answer 6

+1 A:

This is annoying, but if you're willing to add another level of redirection, you can often do the following to push down into the pointer-to-pointer:

char c = 'c';
char *p = &c;
char **a = &p;

const char *bi = *a;
const char * const * b = &bi;

It has a slightly different meaning, but it's usually workable, and it doesn't use a cast.

wnoise 2008-09-19 00:41:00

Answer 7

A:

I'm thinking this would be solved by

void foo (const char* const& x);

That is, a const reference to a pointer. Then, you cannot modify the (original) pointer, nor the value, and you don't have a conversion problem.

This won't work in the case that you're really trying to pass an array of const char*s.

MaHuJa 2009-08-27 19:20:10

ansaurus

tags:

views:

answers:

Why can't I convert 'char**' to a 'const char* const*' in C?

related questions