Double pointer const-correctness warnings in C

CConstantsImplicit ConversionQualifiersMultiple Indirection

C Problem Overview

A pointer to non-const data can be implicitly converted to a pointer to const data of the same type:

int       *x = NULL;
int const *y = x;

Adding additional const qualifiers to match the additional indirection should logically work the same way:

int       *      *x = NULL;
int       *const *y = x; /* okay */
int const *const *z = y; /* warning */

Compiling this with GCC or Clang with the -Wall flag, however, results in the following warning:

test.c:4:23: warning: initializing 'int const *const *' with an expression of type
      'int *const *' discards qualifiers in nested pointer types
    int const *const *z = y; /* warning */
                      ^   ~

Why does adding an additional const qualifier "discard qualifiers in nested pointer types"?

C Solutions

Solution 1 - C

The reason why const can only be added one level deep is subtle, and is explained by Question 11.10 in the comp.lang.c FAQ.

Briefly, consider this example closely related to yours:

const int i;
int *p;
int const **z = &p;
*z = &i;
/* Now p points to i */

C avoids this problem by only allowing assignment to discard qualifiers at the first pointed-to level (so the assignment to z here is not allowed).

Your exact example does not suffer from this problem, because the const the second level means that the assignment to *z would not be allowed anyway. C++ would allow it in this exact case, but C's simpler rules do not distinguish between your case and the example above.

Solution 2 - C

The FAQ entry linked by the other answer explains why the following code is not permitted:

int **x = whatever;
const int **z = x;

However, your code const int *const *z = x; is quite different, and it does not suffer from the same flaw raised by the FAQ.

In fact, there is conceptually nothing wrong with the latter code. It is just a flaw in the C specification that it is not permitted, and it forces C programmers to include ugly casts in their code.

It would have been possible for C to use the same rules that C++ did; however the C standard committee didn't decide to do that.

Solution 3 - C

The reason, why the automatism of adding qualifiers does only work for the 1st indirection level, can be read from the standard:

The Standard claims in 6.5.16.1 for an assignment, that "both operands are pointers to qualified or unqualified versions of compatible types, and the type pointed to by the left has all the qualifiers of the type pointed to by the right"
The last part of the sentence means that adding a qualifier to the pointed-to type is no problem.
And the first part claims "compatible" types. And (I think,) 6.7.3 (11) does describe this for qualified types: "For two qualified types to be compatible, both shall have the identically qualified version of a compatible type."

Reading this, your pointed-to types are not considered as compatible (even if it would be possible to assign one to the other).

Hence I would say that the clang warning about discarding qualifiers is a bit misleading, but it refers to the non-identically qualified pointed-to types.

Categories
Recommended C Solutions
Recommended Constants Solutions
Recommended Implicit Conversion Solutions
Recommended Qualifiers Solutions

Previous Solution:

TortoiseSVN not saving authentication details

SvnTortoisesvn

Next Solution:

Where is the correct location to put Log4j.properties in an Eclipse project?

JavaEclipseLog4jClasspath

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionMichael KovalView Question on Stackoverflow
Solution 1 - CcafView Answer on Stackoverflow
Solution 2 - CM.MView Answer on Stackoverflow
Solution 3 - CMattTTView Answer on Stackoverflow