On 18 Feb 2011, at 14:25, Jean-Denis Muys wrote: > On 18 févr. 2011, at 15:12, Philip Graham Willoughby wrote: > >> Adding casts to get rid of warnings is usually the wrong answer in my >> experience. Certainly you should never cast the return value of a function >> call because that hides the problems you get when it's implicitly returning >> int because a required header is missing. I used to see a lot of C code >> (usually from Windows programmers - does MSVC encourage this?) which has >> stuff like this all over the place: >> >> struct something *fred = (struct something *)malloc(sizeof(struct >> something)); >> >> Casting the return from malloc is never necessary - void * is assignable to >> any non-function pointer type by definition. >> >> It becomes an extremely bad idea when you're building on a platform with >> 64-bit pointers and a 32-bit int (such as everything I use) and you have the >> optimiser turned on – in this case if <stdlib.h> isn't included none of your >> allocations will work properly and your program will crash. >> >> Best Regards, >> >> Phil Willoughby >> -- > > My pure C must be rusted. Could you please elaborate why this line breaks > with 64-bit pointers and 32-bit ints?
Sure. > fred is a 64 bit pointer of type struct something * Yes. > malloc returns a 64 bit pointer of type void * No, from the caller's point of view it returns an int if you haven't included <stdlib.h>. When this 32-bit signed integer is cast to a 64-bit struct something * sometimes with some compilers/options you get away with it but more often you get a pointer with the high 32-bits zeroed and the low 32-bits whatever malloc allocated for you. Worst case for this is a platform with 64-bit pointers where malloc preferentially gives you storage addresses below 2^32 because fewer translation tables are required (IIRC z/OS Unix is often set up to do this, but it might be another platform). This is worst because it works whenever you look at a simple test and falls over when you run it as part of a complex memory-hungry system. To pre-empt the obvious objection that the compiler will warn you if you haven't pre-declared malloc: not all compilers will. The problem occurs when you do not include <stdlib.h> explicitly but you include <someother.h> which on the platforms which do whinge about such things (gcc for instance) pulls in <stdlib.h> for you and on a less-well-equipped platform it isn't implicitly included. Practically all compilers will moan if you assign an int to a struct something *, certainly more than will whine about a missing prototype by default. Best Regards, Phil Willoughby -- Managing Director, StrawberryCat Limited StrawberryCat Limited is registered in England and Wales with Company No. 7234809. The registered office address of StrawberryCat Limited is: 107 Morgan Le Fay Drive Eastleigh SO53 4JH _______________________________________________ sqlite-users mailing list sqlite-users@sqlite.org http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users
