FAQ - malloc array - clarify

Peter Holzer hp at vmars.tuwien.ac.at
Wed Sep 12 01:16:56 AEST 1990 

cpcahil at virtech.uucp (Conor P. Cahill) writes:

>In article <1803 at tuvie> hp at vmars.tuwien.ac.at (Peter Holzer) writes:
>>cpcahil at virtech.uucp (Conor P. Cahill) writes:
>>
>>>This is caused by the argument to malloc being unsigned, not signed.  A
>>>cast in your code will fix this.
>>
>>No! Don't fix your code, which is correct. Fix the lint library.
>>The argument to malloc should be the type returned by sizeof (): size_t
>>(an unsigned integral type).

>The argument to malloc is defined in the library (i.e. where malloc()
>is encoded).  running lint against the source builds the lint library and
>therefore the lint library will correctly reflect what the code has (besides,
>without code, you can rebuild a lint library).

The lint libraries are ASCII files on our system. Are they in a compiled 
form on yours ?

>The problem that the original poster ran into is that on his system
>the type of sizeof() is an integer.  However, the type of malloc's 
>argument is an unsigned integer.

We have the same problem on our machines (DECstations, Ultrix 2.1, cc 1.31),
but I use gcc, so I didn't run across it before:

In <sys/types.h>:
	typedef int size_t;	/* returned by sizeof */
				/* this is a compiler bug.
				   should be unsigned	*/
In /usr/lib/lint/llib-lc:
	char *    malloc(n) unsigned n; {static char c; return(&c);}

Exactly the situation described. Now if I want to shut up lint about
foop = malloc (sizeof (struct foo));
what should I cast the argument to malloc to?
*   Unsigned is not a good choice. On the next system I want to port my program
    to, malloc might be declared char * malloc (unsigned long n); and if int
    and long are different sizes I might not get what I want. 
*   Unsigned long is even worse. It might not even work on the machine I use
    now.
*   Size_t is the type I have already.
*   Any other ideas ?

So what I propose is the following:
Check if the non-negative values of int have the same representation as the 
corresponding values of unsigned ints (This is true for all machines I know,
and is guarantueed for ANSI C). If this holds, it does not matter if you are
passing a non-negative int or an unsigned to a function expecting unsigned.

Because of this you can change the above line in llib-lc to:
char *    malloc(n) int n; {static char c; return(&c);}

I know this is a hack, but it is a hack that does not force you to write
non-portable programs, as the cast-workaround does.

(The other possibility is not to use lint, which I am forced to do, because
lint gags on my prototypes, but in general, I would not recommend that).
--
|    _	| Peter J. Holzer			| Think of it	|
| |_|_)	| Technische Universitaet Wien		| as evolution	|
| | |	| hp at vmars.tuwien.ac.at			| in action!	|
| __/  	| ...!uunet!mcsun!tuvie!vmars!hp	|     Tony Rand	|

More information about the Comp.lang.c mailing list