So it's hard to say that I'm the best person to write a modern C book. A slightly lower bar might be, am I the best person who has actually written a modern C Book?
Resume-wise, I've been writing C code since 1985, and I've been an expert on the C Standards Committee (WG14) since 2004. I've written two prior books on C Programming including "Secure Coding in C and C++" and "The CERT C Coding Standard". I also teach Secure Coding in C for NCC Group https://www.nccgroup.trust/us/our-services/cyber-security/se... and I also taught these topics to Computer Science undergraduates and graduate students at CMU for over a decade. So I think I have a good balance of technical skills and communications skills, but you know, pick up a copy and judge for yourself.
This is an interesting coincidence, because I just started drafting a 'defer' paper. In general, this is not an abuse of my position. I would be happy to collaborate with you (or anyone else in the community) to develop papers and champion them to the committee. They would have to be sensible ideas, which both of yours are too.
That's awesome!!! I'm actually really interested in the semantics of how a defer{} statement might work in C. If you have any kind of a draft or anything, I'd get a kick out of reading over it.
Re: developing a paper for constexpr, that's an interesting idea. I hadn't really thought about writing one up myself but it'd be an interesting thing to try out. Can you recommend a good example proposal that I could read? Shoot me an email at nicholas dot clark on the gmail if you ever see this.
I get your point. C is not C++, and it shouldn't get every feature under the sun.
But it's also not exactly -complete-. The standards committee makes changes every few years, including language additions.
I'm a fulltime C programmer, and I would _love_ to have both of the features I suggested - for the following reasons.
- defer: I could defer a free() statement after every malloc, guaranteeing that I won't miss one or forget about it. Lots of memory leaks and file-descriptor leaks could be easily avoided if C provided 'defer' as a language feature. GCC already offers something kind of similar with its __cleanup__ attribute, and a lot of programs rely on it. How much better would it be for the language to support it natively?
- constexpr: I am _so tired_ of writing really complex macros. Like say I want to populate a lookup table for a sine-wave (for fast use in a realtime system). Wouldn't it be nice if I could just populate my lookup table with a constexpr function? Then I wouldn't need really nasty macros, and I'd also be able to ensure that the calculations all happen at compile-time.
I probably could have chose a different wording, but everything you've just said is exactly why I suggested it; C isn't a language just anyone should be writing about, especially when it comes to security
Oh, a standards committee member! We have requests...
Now that C allows mixing variable declarations in with statements, it becomes annoying that variable declarations can not have labels. This hits particularly hard with the switch/case, but can also apply with ordinary named labels. The syntax to work around this defect is ugly.
The gcc extension for case ranges is really valuable.
Setting the sign bit via a cast should not cause undefined behavior. (for example, going from uint32_t to int32_t) It should just work in the obvious way. Avoiding the problem requires extremely strange code.
I'd like a way to prevent arrays from being replaced by pointers. Assignment could work. Sometimes I really want to pass an array to a function, and I don't mind if that means a megabyte is copied into the function args on the stack. Sometimes I really want to force the huge copy, and other times I'd rather have the compiler keep it in the caller's frame (but callee can mangle it unless it is const) and just pretend that the callee got more than a pointer. Array dimensions need to survive. The callee's prototype should be able to demand specific dimensions or receive them as variables, and the caller should be able to pass a portion of a larger array
The default function parameters of C++ would be useful. The UNIX API for open() would be best done this way, allowing a prototype without the need for stdarg. There doesn't seem to be any reason why default parameters would have to be at the end; a pair of adjacent commas in the middle is a fine way to indicate that the default is to be used for that missing parameter.
It's time to standardize bitfield layout so that bitfields can be used in portable code for purposes like assemblers and disassemblers. (in other words, not for purposes like access to MMIO registers) Microsoft and GNU compilers are already quite compatible on x86_64, so that would be the basis of standardization.
When a bitfield happens to have the size and alignment of a normal integer type, it should be possible to take the address. The resulting type would be a pointer to the integer type of lowest rank having the correct size.
Anonymous unions and structs would be valuable in all scopes, including at file level. This would allow careful data organization to save space, improve cache locality, prevent undesired cache line aliasing, or allow the intentional aliasing of types. Current technology typically involves abuse of the linker, which is well outside the C language.
Being able to do something like an #include, but with a blob of binary data, would be helpful for initializing big arrays. Current practice is to have build scripts convert binary files to C, to have the linker do it, and to rely on assemblers with the capability. None of that is nice to use.
So that we don't have to invoke m4 or do nasty things with recursive macros, the preprocessor could support loops.
There are a few gcc extensions that make macros far more reasonable, including statement expressions and typeof. Add those.
So there are many ideas here. I commented separately that I would be happy to help members of the community develop quality proposals and champion these to the committee. You can look here http://www.open-std.org/jtc1/sc22/wg14/www/wg14_document_log... to see what proposals normally look like. You would have to develop your suggestions further before they would have a reasonable chance of being adopted.
So it's hard to say that Ford is the best company to make trucks. A slightly lower bar might be, is Ford the best company that has actually made a truck?
