Development Team/Coding Standards
(→Functions) |
|||
(4 intermediate revisions not shown) | |||
Line 1: | Line 1: | ||
- | + | This document gives coding conventions we use for the C code comprising many of DareNET's development projects. | |
- | + | ||
- | + | Rules are made to be broken. Two good reasons to break a particular rule: | |
- | + | ||
- | + | ||
- | + | # When applying the rule would make the code less readable, even for someone who is used to reading the code that follows the rules. | |
+ | # To be consistent with surrounding code that also breaks it (maybe for historic reasons); although, this is also a good opportunity to clean up someone else's mess. | ||
- | + | == C dialect == | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | * While you may use C99, keep in mind that variable length arrays and macros with variable number of parameters are not well supported among most compilers. If you use these features, ensure you account for this. | |
- | + | * GCC is the compiler we use for most, if not all, of our testing. And while use of GCC extensions is not prohibited, we don't necessarily encourage their use either. | |
- | + | * Never use C++ style (//) single line comments. | |
- | + | ||
- | / | + | |
- | + | ||
- | + | ||
- | + | ||
- | == | + | == Indentation == |
- | + | Tabs, tabs, ONLY tabs. | |
- | + | ||
- | + | ||
- | + | Use one tab for each level of indentation. Spaces should ONLY be used for alignment, not indentation. | |
- | + | Preference: Tabs are 8 characters, and thus indentations are also 8 characters. There are heretic movements that try to make indentations 4 (or even 2) characters deep, and that is akin to trying to define the value of PI to be 3. | |
- | + | Rationale: The whole idea behind indentation is to clearly define where a block of control starts and ends. Especially when you've been looking at your screen for 20 straight hours, you'll find it a lot easier to see how the indentation works if you have large indentations. | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | Now, some people will claim that having 8-character indentations makes the code move too far to the right, and makes it hard to read on a 80-character terminal screen. The answer to that is that if you need more than 3 levels of indentation, you're screwed anyway, and should fix your program. Also, the entire point of the hard tab character \t is that the actual horizontal space visible from printing it is not set in stone. You can set it to whatever you like. | |
- | + | In short, 8-char indents make things easier to read, and have the added benefit of warning you when you're nesting your functions too deep. Heed that warning. | |
- | == | + | == Braces == |
- | + | ||
- | + | ||
- | + | Another issue that always arises with C styling is the placement of braces. Unlike the indent size, there are few technical reasons to choose one placement strategy over the other, but the preferred way, as shown to us by the prophets Kernighan and Ritchie, is to put the opening brace last on the line, and put the closing brace first, so: | |
- | + | ||
- | + | ||
- | + | ||
- | + | <c>if (x is true) { | |
+ | we do y | ||
+ | }</c> | ||
- | + | However, there is one special case, namely functions: they have the opening brace at the beginning of the next line, thus: | |
- | + | <c>int function(int x) | |
- | + | { | |
- | + | body of function | |
+ | }</c> | ||
- | + | Heretic people all over the world have claimed that this inconsistency is ... well ... inconsistent, but all right-thinking people know that (a) K&R are right and (b) K&R are right. Besides, functions are special anyway (you can't nest them in C). | |
- | + | Note that the closing brace is empty on a line of its own, except in the cases where it is followed by a continuation of the same statement, i.e. a "while" in a do-statement or an "else" in an if-statement, like this: | |
- | + | ||
- | + | ||
- | + | <c>do { | |
+ | body of do-loop | ||
+ | } while (condition);</c> | ||
- | + | and | |
- | + | ||
- | + | <c>if (x == y) { | |
- | + | .. | |
- | + | } else if (x > y) { | |
- | + | ... | |
- | + | } else { | |
- | + | .... | |
- | + | ||
- | + | ||
- | + | ||
- | == | + | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
}</c> | }</c> | ||
- | + | Rationale: K&R. | |
- | + | ||
- | + | ||
- | + | Also, note that this brace-placement also minimizes the number of empty (or almost empty) lines, without any loss of readability. Thus, as the supply of new-lines on your screen is not a renewable resource (think 25-line terminal screens here), you have more empty lines to put comments on. | |
- | + | == Naming == | |
- | < | + | C is a Spartan language, and so should your naming be. Unlike Modula-2 and Pascal programmers, C programmers do not use cute names like ThisVariableIsATemporaryCounter. A C programmer would call that variable <code>tmp</code>, which is much easier to write, and not the least more difficult to understand. |
- | + | However, while mixed-case names are frowned upon, descriptive names for global variables are a must. To call a global function <code>foo</code> is a shooting offense. | |
- | - | + | |
- | + | ||
- | + | Global variables (to be used only if you really need them) need to have descriptive names, as do global functions. If you have a function that counts the number of active users, you should call that <code>count_active_users()</code> or similar, you should not call it <code>cntusr()</code>. | |
- | < | + | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | </ | + | |
- | + | Encoding the type of a function into the name (so-called Hungarian notation) is brain damaged - the compiler knows the types anyway and can check those, and it only confuses the programmer. | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | Local variable names should be short, and to the point. If you have some random integer loop counter, it should probably be called <code>i</code> or <code>ii</code> ''(easier to search for)''. Calling it <code>loop_counter</code> is counter-productive, if there is no chance of it being mis-understood. Similarly, <code>tmp</code> can be just about any type of variable that is used to hold a temporary value. | |
- | + | ||
- | + | ||
- | + | If you are afraid to mix up your local variable names, you have another problem, which is called the function-growth-hormone-imbalance syndrome. | |
- | == | + | == Functions == |
- | + | ||
- | + | ||
- | + | Functions should be short and sweet, and do just one thing. They should fit on one or two screenfuls of text (the ISO/ANSI screen size is 80×24, as we all know), and do one thing and do that well. | |
- | + | ||
- | + | ||
- | + | The maximum length of a function is inversely proportional to the complexity and indentation level of that function. So, if you have a conceptually simple function that is just one long (but simple) case-statement, where you have to do lots of small things for a lot of different cases, it's ok to have a longer function. | |
- | - | + | |
- | + | ||
- | + | However, if you have a complex function, and you suspect that a less-than-gifted first year high-school student might not even understand what the function is all about, you should adhere to the maximum limits all the more closely. Use helper functions with descriptive names (you can ask the compiler to in-line them if you think it's performance critical, and it will probably do a better job of it that you would have done). | |
- | + | Another measure of the function is the number of local variables. They shouldn't exceed 5-10, or you're doing something wrong. Re-think the function, and split it into smaller pieces. A human brain can generally easily keep track of about 7 different things, anything more and it gets confused. You know you're brilliant, but maybe you'd like to understand what you did 2 weeks from now. | |
- | + | == Comments == | |
- | + | C-style comments only. | |
- | - | + | |
- | + | ||
- | + | Comments are good, but there is also a danger of over-commenting. NEVER try to explain HOW your code works in a comment: it's much better to write the code so that the working is obvious, and it's a waste of time to explain badly written code. | |
- | + | Generally, you want your comments to tell WHAT your code does, not HOW. Also, try to avoid putting comments inside a function body: if the function is so complex that you need to separately comment parts of it, you should probably go back to section 4 for a while. You can make small comments to note or warn about something particularly clever (or ugly), but try to avoid excess. Instead, put the comments at the head of the function, telling people what it does, and possibly WHY it does it. | |
- | + | ||
- | + | ||
- | + | == Character Sets == | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | In general, encodings cannot be mixed reliably; therefore, the ASCII character set (plain text, 7-bit) should be used in all source code comments and text documents. It is okay to use non-ASCII characters in help files, and to represent proper names of contributors in change log entries. | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | == Integers == | |
- | + | Use unsigned ints instead of ints if you know the value will never be negative. Some processors can handle unsigned integer arithmetic considerably faster than signed. This is also good practice, and helps make for self-documenting code. | |
- | + | ||
- | + | == Macros == | |
- | + | Avoid them, if possible. | |
- | + | ||
- | + | ||
- | + | We prefer that (inline) functions be used instead, as they provide better type checking and generally make code easier to read and debug. | |
- | + | However, macros are fine for small, simple, often-repeated, run-to-completion code segments. For example, if there is a small external function being called thousands of times in a tight loop, replacing it with a macro to perform the same job will remove the overhead of all those function calls. That said, they shouldn't be longer than six or so lines and they should never contain a return statement, or otherwise directly affect control flow of the calling function. | |
- | --- | + | |
- | + | ||
- | + | Also, remember that the text of a macro argument is "pasted in"; therefore, you should surround its arguments in parentheses to ensure they're evaluated before the rest of the macro body. This should also be done for the body itself to prevent the surrounding context from affecting the macro body. | |
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + | ||
- | + |
Current revision as of 22:37, 11 September 2011
This document gives coding conventions we use for the C code comprising many of DareNET's development projects.
Rules are made to be broken. Two good reasons to break a particular rule:
- When applying the rule would make the code less readable, even for someone who is used to reading the code that follows the rules.
- To be consistent with surrounding code that also breaks it (maybe for historic reasons); although, this is also a good opportunity to clean up someone else's mess.
In This Guide: |
C dialect
- While you may use C99, keep in mind that variable length arrays and macros with variable number of parameters are not well supported among most compilers. If you use these features, ensure you account for this.
- GCC is the compiler we use for most, if not all, of our testing. And while use of GCC extensions is not prohibited, we don't necessarily encourage their use either.
- Never use C++ style (//) single line comments.
Indentation
Tabs, tabs, ONLY tabs.
Use one tab for each level of indentation. Spaces should ONLY be used for alignment, not indentation.
Preference: Tabs are 8 characters, and thus indentations are also 8 characters. There are heretic movements that try to make indentations 4 (or even 2) characters deep, and that is akin to trying to define the value of PI to be 3.
Rationale: The whole idea behind indentation is to clearly define where a block of control starts and ends. Especially when you've been looking at your screen for 20 straight hours, you'll find it a lot easier to see how the indentation works if you have large indentations.
Now, some people will claim that having 8-character indentations makes the code move too far to the right, and makes it hard to read on a 80-character terminal screen. The answer to that is that if you need more than 3 levels of indentation, you're screwed anyway, and should fix your program. Also, the entire point of the hard tab character \t is that the actual horizontal space visible from printing it is not set in stone. You can set it to whatever you like.
In short, 8-char indents make things easier to read, and have the added benefit of warning you when you're nesting your functions too deep. Heed that warning.
Braces
Another issue that always arises with C styling is the placement of braces. Unlike the indent size, there are few technical reasons to choose one placement strategy over the other, but the preferred way, as shown to us by the prophets Kernighan and Ritchie, is to put the opening brace last on the line, and put the closing brace first, so:
if (x is true) { we do y }
However, there is one special case, namely functions: they have the opening brace at the beginning of the next line, thus:
int function(int x) { body of function }
Heretic people all over the world have claimed that this inconsistency is ... well ... inconsistent, but all right-thinking people know that (a) K&R are right and (b) K&R are right. Besides, functions are special anyway (you can't nest them in C).
Note that the closing brace is empty on a line of its own, except in the cases where it is followed by a continuation of the same statement, i.e. a "while" in a do-statement or an "else" in an if-statement, like this:
do { body of do-loop } while (condition);
and
if (x == y) { .. } else if (x > y) { ... } else { .... }
Rationale: K&R.
Also, note that this brace-placement also minimizes the number of empty (or almost empty) lines, without any loss of readability. Thus, as the supply of new-lines on your screen is not a renewable resource (think 25-line terminal screens here), you have more empty lines to put comments on.
Naming
C is a Spartan language, and so should your naming be. Unlike Modula-2 and Pascal programmers, C programmers do not use cute names like ThisVariableIsATemporaryCounter. A C programmer would call that variable tmp
, which is much easier to write, and not the least more difficult to understand.
However, while mixed-case names are frowned upon, descriptive names for global variables are a must. To call a global function foo
is a shooting offense.
Global variables (to be used only if you really need them) need to have descriptive names, as do global functions. If you have a function that counts the number of active users, you should call that count_active_users()
or similar, you should not call it cntusr()
.
Encoding the type of a function into the name (so-called Hungarian notation) is brain damaged - the compiler knows the types anyway and can check those, and it only confuses the programmer.
Local variable names should be short, and to the point. If you have some random integer loop counter, it should probably be called i
or ii
(easier to search for). Calling it loop_counter
is counter-productive, if there is no chance of it being mis-understood. Similarly, tmp
can be just about any type of variable that is used to hold a temporary value.
If you are afraid to mix up your local variable names, you have another problem, which is called the function-growth-hormone-imbalance syndrome.
Functions
Functions should be short and sweet, and do just one thing. They should fit on one or two screenfuls of text (the ISO/ANSI screen size is 80×24, as we all know), and do one thing and do that well.
The maximum length of a function is inversely proportional to the complexity and indentation level of that function. So, if you have a conceptually simple function that is just one long (but simple) case-statement, where you have to do lots of small things for a lot of different cases, it's ok to have a longer function.
However, if you have a complex function, and you suspect that a less-than-gifted first year high-school student might not even understand what the function is all about, you should adhere to the maximum limits all the more closely. Use helper functions with descriptive names (you can ask the compiler to in-line them if you think it's performance critical, and it will probably do a better job of it that you would have done).
Another measure of the function is the number of local variables. They shouldn't exceed 5-10, or you're doing something wrong. Re-think the function, and split it into smaller pieces. A human brain can generally easily keep track of about 7 different things, anything more and it gets confused. You know you're brilliant, but maybe you'd like to understand what you did 2 weeks from now.
Comments
C-style comments only.
Comments are good, but there is also a danger of over-commenting. NEVER try to explain HOW your code works in a comment: it's much better to write the code so that the working is obvious, and it's a waste of time to explain badly written code.
Generally, you want your comments to tell WHAT your code does, not HOW. Also, try to avoid putting comments inside a function body: if the function is so complex that you need to separately comment parts of it, you should probably go back to section 4 for a while. You can make small comments to note or warn about something particularly clever (or ugly), but try to avoid excess. Instead, put the comments at the head of the function, telling people what it does, and possibly WHY it does it.
Character Sets
In general, encodings cannot be mixed reliably; therefore, the ASCII character set (plain text, 7-bit) should be used in all source code comments and text documents. It is okay to use non-ASCII characters in help files, and to represent proper names of contributors in change log entries.
Integers
Use unsigned ints instead of ints if you know the value will never be negative. Some processors can handle unsigned integer arithmetic considerably faster than signed. This is also good practice, and helps make for self-documenting code.
Macros
Avoid them, if possible.
We prefer that (inline) functions be used instead, as they provide better type checking and generally make code easier to read and debug.
However, macros are fine for small, simple, often-repeated, run-to-completion code segments. For example, if there is a small external function being called thousands of times in a tight loop, replacing it with a macro to perform the same job will remove the overhead of all those function calls. That said, they shouldn't be longer than six or so lines and they should never contain a return statement, or otherwise directly affect control flow of the calling function.
Also, remember that the text of a macro argument is "pasted in"; therefore, you should surround its arguments in parentheses to ensure they're evaluated before the rest of the macro body. This should also be done for the body itself to prevent the surrounding context from affecting the macro body.