Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754903AbdCIOW7 (ORCPT ); Thu, 9 Mar 2017 09:22:59 -0500 Received: from mail-oi0-f54.google.com ([209.85.218.54]:33528 "EHLO mail-oi0-f54.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754315AbdCIOW5 (ORCPT ); Thu, 9 Mar 2017 09:22:57 -0500 MIME-Version: 1.0 In-Reply-To: References: <20170305211254.GA3220@khazad-dum.debian.net> From: Tomas Winkler Date: Thu, 9 Mar 2017 16:21:26 +0200 Message-ID: Subject: Re: Arrays of variable length To: =?UTF-8?B?TcOlbnMgUnVsbGfDpXJk?= Cc: Henrique de Moraes Holschuh , "linux-kernel@vger.kernel.org" , linux-sparse@vger.kernel.org, Herbert Xu , Al Viro Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by mail.home.local id v29EN6G5019935 Content-Length: 2258 Lines: 54 On Thu, Mar 9, 2017 at 4:16 PM, Måns Rullgård wrote: > Tomas Winkler writes: > >> On Thu, Mar 9, 2017 at 3:02 PM, Måns Rullgård wrote: >>> Tomas Winkler writes: >>> >>>> On Mon, Mar 6, 2017 at 2:31 AM, Måns Rullgård wrote: >>>>> Henrique de Moraes Holschuh writes: >>>>> >>>>>> On Sun, 05 Mar 2017, Måns Rullgård wrote: >>>>>>> Tomas Winkler writes: >>>>>>> > Sparse complains for arrays declared with variable length >>>>>>> > >>>>>>> > 'warning: Variable length array is used' >>>>>>> > >>>>>>> > Prior to c99 this was not allowed but lgcc (c99) doesn't have problem >>>>>>> > with that https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html. >>>>>>> > And also Linux kernel compilation with W=1 doesn't complain. >>>>>>> > >>>>>>> > Since sparse is used extensively would like to ask what is the correct >>>>>>> > usage of arrays of variable length >>>>>>> > within Linux Kernel. >>>>>>> >>>>>>> Variable-length arrays are a very bad idea. Don't use them, ever. >>>>>>> If the size has a sane upper bound, just use that value statically. >>>>>>> Otherwise, you have a stack overflow waiting to happen and should be >>>>>>> using some kind of dynamic allocation instead. >>>>>>> >>>>>>> Furthermore, use of VLAs generally results in less efficient code. For >>>>>>> instance, it forces gcc to waste a register for the frame pointer, and >>>>>>> it often prevents inlining. >>>>>> >>>>>> Well, if we're going to forbid VLAs in the kernel, IMHO the kernel build >>>>>> system should call gcc with -Werror=vla to get that point across early, >>>>>> and flush out any offenders. >>>>> >>>>> If it were up to me, that's exactly what I'd do. >>>> >>>>> >>>> Some parts of the kernel depends on VLA such as ___ON_STACK macros in >>>> include/crypto/hash.h >>>> It's actually pretty neat implementation, maybe it's too harsh to >>>> disable VLA completely. >>> >>> And what happens if the requested size is insane? >> >> One option is to add '-Wvla-larger-than=n' > > If you know the upper bound, why use VLAs in the first place? This is a water mark and not actual usage, but maybe I didn't understand your comment. Tomas