Re: Sparse warning: bitmap.h: bad constant expression

[Jörn Engel]

On Tue, 2 September 2003 12:23:44 +0200, Mikael Pettersson wrote:
> 
> If data is a local variable then this is perfectly valid example of a
> C99 variable-length array (VLA). This works at least with gcc-2.95.3
> and newer, and gcc handles it by itself w/o calling alloca().

A lot of buggy code consists of perfectly valid C99. :)

> Of course, VLAs should be bounded in size to avoid overflowing the
> kernel stack, but that doesn't make them illegal per se.

There is a deeper problem to this.  At the moment, there is no way to
prove that the kernel doesn't contain a stack overflow somewhere.  In
order to do this, we can make some assumptions and do a formal proof
*as long as the assumptions are valid*.

This perfectly valid C99 code means either that we need very
complicated checker software - a problem in itself - or that the
assumptions are wrong and we are none the wiser.

And even if you ignore this pet project of mine, do you know of a sane
way to have an upper bound for a VLA?  And if there is, why not use a
static array with the upper bound as size in the first place?
Explicit is always simpler than implicit and simpler code has less
bugs. :)

Jörn

-- 
To recognize individual spam features you have to try to get into the
mind of the spammer, and frankly I want to spend as little time inside
the minds of spammers as possible.
-- Paul Graham
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/