The people who created C sure loved keeping the number of keywords low, and today I’m going to show you yet another place you can use the static keyword in C99.

You might have seen function parameter declaration for array parameters that include the size:

void foo(int myArray[10]);

The function will still receive a naked int *, but the [10] part can serve as documentation for the people reading the code, saying that the function expects an array of 10 ints.

But, you can actually also use the keyword static between the brackets:

void bar(int myArray[static 10]);

This tells the compiler that it should assume that the array passed to bar has at least 10 elements. (Note that this rules out a NULL pointer!)

Steven Rostedt wanted to do a little housekeeping, specifically with the function tracing code used in debugging the kernel. Up until then, the kernel could enable function tracing using either GCC's -pg flag or a combination of -pg and -mfentry. In each case, GCC would create a special routine that would execute at the start of each function, so the kernel could track calls to all functions. With just -pg, GCC would create a call to mcount() in all C functions, although with -pg coupled with -mfentry, it would create a call to fentry().

Blog of Raph Levien.

I have a saying that summarizes my opinion of Rust compared to Go: “Go is the result of C programmers designing a new programming language, and Rust is the result of C++ programmers designing a new programming language”. This isn’t just a metaphor - Go was designed by plan9 alumni, an operating system written in C and the source of inspiration for many of Go’s features, and Rust was designed by the folks at Mozilla - whose flagship product is one of the largest C++ codebases in the world.

StackOverflow is the de facto standard place to go when you need to figure out how to do something as a programmer. A web search for information about how to check the number of lines in a file using the C programming language will probably give you StackOverflow questions as the most relevant search results. Unfortunately, while writing good, clean, reliable C does not need to be difficult, it is certainly difficult to find information about how to do it well, and the people answering these questions on StackOverflow are not filtered by their skills or knowledge of good practices. From time to time, the top-rated answer or the accepted answer is even the worst answer that addresses the question.

The best example I have seen of a straightforward line count algorithm is in a place that might seem obvious after the fact: the source code of the wc command line utility. Figure out how the -l option is handled in a good implementation of wc, and all that's left is to adapt it to your needs. Ideally, the solution you find should be short, simple, careful (e.g. checking for error conditions), robust, well-worn, and well-formatted.

The C coding standards of the OpenBSD community are among the highest and most pragmatic you'll ever find, and when someone makes a decision about implementation whose reasoning is not pretty obvious in the code itself you're almost certain to see that reasoning clearly documented in code comments, which can also teach you something about being a good programmer in general.

We often have to write code using  permissive programming languages like C and C++. They tend to generate hard-to-debug problems that can crash your applications. Thankfully, many compilers offer “sanitizers”. I discussed them in my post No more leaks with sanitize flags in gcc and clang. I strongly encourage the use of sanitizers as I think it is the modern way to write C and C++. When many people describe how impossibly difficult it is to build good software in C and C++, they often think about old-school bare metal C and C++ where the code do all sorts of mysterious things without any protection. Then they feel compelled to run their code in a debugger and to manually run through it. You should not write code this way! Get some tools! Sanitizers can catch undefined behaviour, memory leaks, buffer overflows, data races, and so forth.

Interesting consideration on the usage of setvbuf in a C program.

A library of common data structures and algorithms written in C.

Most widely-used programming languages have at least one regular conference dedicated to discussing it. Heck, even Lisp has one. It’s a place to talk about the latest developments of the language, recent and upcoming standards, and so on.

However, C is a notable exception. Despite its role as the foundation of the entire software ecosystem, there aren’t any regular conferences about C. I have a couple of theories about why.

Adapted from http://www.possibility.com/Cpp/CppCodingStandard.html and NetBSD's style guidelines.

At the North America edition of the 2018
Linux Security Summit (LSS NA), which was held in late August in Vancouver,
Canada, Kees Cook gave a presentation on some of the dangers that come with
programs written in C. In particular, of course, the Linux kernel is
mostly written in C, which means that the security of our systems rests on
a somewhat dangerous foundation. But there are things that can be done to
help firm things up by "Making C Less Dangerous" as the title
of his talk suggested.

At the North America edition of the 2018
Linux Security Summit (LSS NA), which was held in late August in Vancouver,
Canada, Kees Cook gave a presentation on some of the dangers that come with
programs written in C. In particular, of course, the Linux kernel is
mostly written in C, which means that the security of our systems rests on
a somewhat dangerous foundation. But there are things that can be done to
help firm things up by "Making C Less Dangerous" as the title
of his talk suggested.

Mathomatic™ is a portable, command-line, educational CAS and calculator software, written entirely in the C programming language. It is Free and Open Source Software (FOSS), published under the GNU Lesser General Public License (LGPL version 2.1), and has been under continual development since 1986. The software can symbolically solve, simplify, combine, and compare algebraic equations, simultaneously performing generalized standard, complex number, modular, and polynomial arithmetic, as needed. It does some calculus and is very easy to compile/install, learn, and use.

Ken Thompson's "cc hack"

Presented in the journal, Communication of the ACM, Vol. 27, No. 8, August 1984, in a paper entitled "Reflections on Trusting Trust".

Ken Thompson, co-author of UNIX, recounted a story of how he created a version of the C compiler that, when presented with the source code for the "login" program, would automatically compile in a backdoor to allow him entry to the system. This is only half the story, though. In order to hide this trojan horse, Ken also added to this version of "cc" the ability to recognize if it was recompiling itself to make sure that the newly compiled C compiler contained both the "login" backdoor, and the code to insert both trojans into a newly compiled C compiler. In this way, the source code for the C compiler would never show that these trojans existed.

pycparser is a parser for the C language, written in pure Python. It is a module designed to be easily integrated into applications that need to parse C source code.