Originally posted by coder
View Post
Announcement
Collapse
No announcement yet.
Linux Kernel Moving Ahead With Going From C89 To C11 Code
Collapse
X
-
Originally posted by sinepgib View Post
I don't know which toolchain you used, but GCC and clang pretty much always have full support on day 1. It's MSVC that didn't even support C99 in 2011 at least (when I learned programming), and if I have to guess doesn't even support it today. But that speaks of MS support for C, rather than the common picture.
Not that this is relevant to the kernel at all, since the kernel does not use any libc functions. But for all of the things I saw that did not work, I have to assume there is a lot more that I didn't find.
Comment
-
Originally posted by betty567 View PostI'm not sure there is any mainstream platform that fully supports it yet. This is about 10 years after the introduction of C11.
If you're curious about the nuances of what GCC offers, there's this:
However, threading is part of the standard library. GNU's libc does claim to offer it:
Comment
-
(C99 differences from C90 - intermingled declarations and code: variable declaration is no longer restricted to file scope or the start of a compound statement (block))
Originally posted by bison View Post
This is the big one. It's hard to go back to ANSI C when you get used to this.
The kernel programming style is an ugly mixture of the two - variables are mostly declared at the top of functions but sometimes at the start of other blocks. They are sometimes initialised, sometimes not. It combines the worst of both styles without any of the benefits. Hopefully allowing C99 and newer style will improve on that.
(Technical nitpick - officially, "ANSI C" tracks the current version of "ISO C", and thus means "C18" at the moment. People typically use the term to mean "C89", but you might find yourself in conversation with a pedant who likes pointless quibbles. "C90" is the same language as "C89", but it is in the ISO format instead of the ANSI format and has different section numbering. C18 is the current standard, as it was finalised in 2018, but it is often called C17 because that's when most of the work was done.)
- Likes 2
Comment
-
Originally posted by coder View PostGood news! However, it's going to make back-porting of patches annoying, but it's a pill that eventually has to be swallowed for the kernel to keep moving forward.
I wish C would adopt templates. Even as I say that, it seems as if C++ is trying to move away from them, as much as possible. I guess C11 tried to split the difference, with the _Generic keyword.
I don't know where you got the impression that C++ is "trying to move away from templates". Generic programming in C++ is getting more and more common, with a move towards template-based header-only libraries. A big new feature in C++ is "concepts", which allow you to write templated code in a simpler and neater fashion that better expresses the requirements for your types and allows tools to give clearer error messages, but it's still all templates.
- Likes 2
Comment
-
(Regarding VLAs)
Originally posted by Steffo View Post
I don't think so. How do you handle the error, when the memory is not sufficient? You can easily get a stack overflow.
Comment
-
Originally posted by DavidBrown View Postyou don't have to do it that way - variables can be declared at the start of blocks within the code, and you can initialise variables with expressions.
Originally posted by DavidBrown View PostC99 gives a lot more flexibility, and it allows a style of declaring variables only when you have something to put in them - something many people find gives clearer code
There are also practical benefits. Having them defined closer to the point of use means less looking or scrolling up and down, to see the variable's type or with what it was initialized. Having variables more narrowly-scoped also means fewer things to keep in your head, as you read the code. Finally, defining them closer to the point of use reduces risk of unintentional shadowing of the same-named variable in a larger scope (i.e. assuming the larger scope is reduced, as well).
Originally posted by DavidBrown View PostSome people prefer to separate variable declaration and use, and think non-trivial initialisations and mixing code and data declarations jumbles code and encourages larger functions.
And sometimes, a shift in one aspect of a coding style should be accompanied by other changes. For example, I find that I have more difficulty reading code that uses C++'s auto keyword, unless the variable names encompass some of the information that was formerly supplied by its type name. So, if you love auto, maybe you should consider following variable naming conventions like those used in dynamically-typed languages (e.g. Python).
Comment
-
Originally posted by DavidBrown View Post(Regarding VLAs)
You can just as easily get a stack overflow with local variables that are arrays of constant size, which are perfectly legal in C89. And "alloca" has a similar purpose to VLAs, and has been standard in POSIX for decades. (I don't know if there are any kernel coding guidelines about these things.) You avoid stack overflow in your VLA's by making sure you don't make them bigger than appropriate - it's no different from what you should be doing before allocating dynamic arrays on the heap. Basically, if you think VLA's are a risk then you should be thinking long and hard about whether C is the right language for you, or if you really have understood the situation.
Third: How do you handle the situation when you need more memory than the stack offers? This is highly insecure and leads to not easy readable code.
I'm pretty sure VLA is not allowed in kernel space.
And no: I use C++ and Rust where such an optimization is used securely by appropriate libraries.
- Likes 1
Comment
-
Originally posted by DavidBrown View PostI don't know where you got the impression that C++ is "trying to move away from templates".
Functions with auto parameters are another example that comes to mind, at the moment. Technically, the are templates, but it's a way to write a function template without using traditional template syntax. I'm sure I've run across others.
Comment
-
Originally posted by Steffo View PostFirst: The heap is much (!) bigger than the stack.
Second, you don't get heap allocation if the memory is not sufficient. You get a null pointer instead which you check against.
Some people like to write "try it and see" code. They may even have code to check if malloc() returns 0. Nine times out of ten, at least, they will fail to handle the error situation correctly and 99 times out of 100 they will not test their error handling code properly.
If you write "look before you leap" code, you do it the same way whether you are using VLAs (or alloca()) or the heap.
Third: How do you handle the situation when you need more memory than the stack offers?
This is highly insecure and leads to not easy readable code.
I'm pretty sure VLA is not allowed in kernel space.
And no: I use C++ and Rust where such an optimization is used securely by appropriate libraries.
VLA's are a tool. You use them when they are appropriate, and when you know how to use them correctly and safely - just like any other feature in any programming language. Used correctly, they are vastly more efficient than heap-allocated arrays for small short-lived arrays. Don't be scared of them - learn how to use them, and use them if they are right for the code in question.
- Likes 1
Comment
Comment