Dead functions and /*NOTREACHED*/

karl at haddock karl at haddock
Tue Sep 9 05:47:00 AEST 1986 

sun!guy (Guy Harris) writes:
>complaints about "possible pointer alignment problems" when "malloc" is used
>are pure noise.

Certainly.  I guess the addition of a lint comment (on the *declaration* of
malloc, not its use, of course) is a pretty clean way to handle it.  A
pointer type that (unlike "void *") is guaranteed to be fully aligned would
solve it too (and be more efficient on word-addressible machines), but since
only malloc et al would use it, it's not worth a language change.

>Nothing prevents a compiler or "lint" from treating *all* "void *" pointers
>as always being properly aligned;

If you mean a compiler can generate code assuming "void *" is always aligned,
you're wrong -- the user can legally stuff a "char *" value into a "void *"
object.  I assume you mean the compiler/lint can be silent about uncasted
assignments like "intp = voidp".

>the most common uses of "void *" are [malloc and] when a data structure is
>used [as a pseudo-union of pointers] - in this case, the compiler can't do
>the checking properly anyway, so warnings are largely useless.

The former is actually a special case of the latter, the only difference
being that the result is known to be maximally aligned.  I think the only
other functions that return "void *" (in X3J11 01-May-1986) are those like
bsearch() and memcpy(), which expect arguments of arbitrary pointer type
cast into "void *", and return the same.  The problem is that the compiler
isn't smart enough to know that "(int *)memcpy((void *)intp, (void *)intp);"
is correct whereas "voidp = (void *)charp; intp = (int *)voidp;" is likely
to cause trouble.  In my opinion, the best solution is to assume that the
user knows what he's doing if an explicit cast is present, and otherwise
give a warning message.  (Likewise for using an int in a float context.)

Btw, I sometimes handle the malloc problem with the (ANSIfied) code below,
which can easily be modified for other functions like memcpy().

#ifdef lint
extern int    *imalloc(unsigned int);
extern double *dmalloc(unsigned int);
#else
extern void   *malloc(unsigned int);
#define imalloc(n) ((int    *)malloc((n)*sizeof(int)))
#define dmalloc(n) ((double *)malloc((n)*sizeof(double)))
#endif

Karl W. Z. Heuer (ima!haddock!karl; karl at haddock.isc.com), The Walking Lint

More information about the Comp.lang.c mailing list