Reserved Fields

A field should never be marked as reserved for future use unless the interface throws a hard error if it has a non-zero value.

typedef struct _thing {
    int value;
    void* reserved; /* probably a bad idea */
} thing_t;

void correct(Thing* self) {
    /* ensure unused values are unused somehow */
    if (self->reserved != NULL) abort();

    switch (value) {
        /* goes on about normal business */
    }
}

void incorrect(Thing* self) {
    switch (value) {
        /* goes on about normal business */
    }
}

Rationale

Some languages initialize all memory to zero. Others (C/C++) notoriously do not. Meaning any field not of interest to the developer making the call is likely to be filled with garbage. Therefore the program must force the developer to either clear them or use a practice of blanket clearing objects with something like bzero or memset.

If memory is reserved for internal use there is no problem. Just overwrite it--they were warned.

Note that a client can only clear bytes it knows about. If a struct has two lights and a new update brings it to four lights then it will only properly initialize two of those to zero. So new reserved fields can never be added that also enforce the fields do not contain junk memory. An exception to this is if the record is versioned so we can tell if there is a way the client could have behaved correctly.