Hi Mans, On Wed, Mar 13, 2013 at 3:29 AM, Måns Rullgård <m...@mansr.com> wrote: > Tom Rini <tom.r...@gmail.com> writes: > >> On Tue, Mar 12, 2013 at 7:22 PM, Simon Glass <s...@google.com> wrote: >>> Hi, >>> >>> Given that we seem to allow C99 features in U-Boot I wonder if it >>> would be OK to use dynamic arrays in SPL? >>> >>> I am trying to replace: >>> >>> ptr = malloc(size); >>> >>> with: >>> >>> char ptr[size]; >>> >>> to avoid use of malloc in SPL. Can I assume that is permitted? >> >> Without knowing the underlying mechanics of how that works, "maybe". > > How it works depends on the compiler. Some compilers implement it by > calling malloc(). GCC uses the stack. > > Regardless of how they are implemented, variable-length arrays should, > in my opinion, never be used. There is simply no way they can be used > safely since no mechanism for detecting failure is provided. If the > requested size is too large, you will silently overflow the stack or end > up with an invalid/null pointer. In an environment without full memory > protection, errors resulting from this are very hard to track down.
I suppose we could check the available stack space. However I don't really see a clear stack bottom in U-Boot - I think it is set up to grow downwards as much as needed. I can certainly add sanity checks on the input values. > > If the size is somehow limited to a safe value, it is more efficient to > simply allocate this maximum size statically. Yes although this does waste BSS. Regards, Simon > > -- > Måns Rullgård > m...@mansr.com _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
