Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932588AbdCIO1c convert rfc822-to-8bit (ORCPT ); Thu, 9 Mar 2017 09:27:32 -0500 Received: from unicorn.mansr.com ([81.2.72.234]:45478 "EHLO unicorn.mansr.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932210AbdCIO13 (ORCPT ); Thu, 9 Mar 2017 09:27:29 -0500 From: =?iso-8859-1?Q?M=E5ns_Rullg=E5rd?= To: Tomas Winkler Cc: Henrique de Moraes Holschuh , "linux-kernel\@vger.kernel.org" , linux-sparse@vger.kernel.org, Herbert Xu , Al Viro Subject: Re: Arrays of variable length References: <20170305211254.GA3220@khazad-dum.debian.net> Date: Thu, 09 Mar 2017 14:26:29 +0000 In-Reply-To: (Tomas Winkler's message of "Thu, 9 Mar 2017 16:21:26 +0200") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8BIT Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2511 Lines: 61 Tomas Winkler writes: > On Thu, Mar 9, 2017 at 4:16 PM, M?ns Rullg?rd wrote: >> Tomas Winkler writes: >> >>> On Thu, Mar 9, 2017 at 3:02 PM, M?ns Rullg?rd wrote: >>>> Tomas Winkler writes: >>>> >>>>> On Mon, Mar 6, 2017 at 2:31 AM, M?ns Rullg?rd wrote: >>>>>> Henrique de Moraes Holschuh writes: >>>>>> >>>>>>> On Sun, 05 Mar 2017, M?ns Rullg?rd wrote: >>>>>>>> Tomas Winkler writes: >>>>>>>> > Sparse complains for arrays declared with variable length >>>>>>>> > >>>>>>>> > 'warning: Variable length array is used' >>>>>>>> > >>>>>>>> > Prior to c99 this was not allowed but lgcc (c99) doesn't have problem >>>>>>>> > with that https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html. >>>>>>>> > And also Linux kernel compilation with W=1 doesn't complain. >>>>>>>> > >>>>>>>> > Since sparse is used extensively would like to ask what is the correct >>>>>>>> > usage of arrays of variable length >>>>>>>> > within Linux Kernel. >>>>>>>> >>>>>>>> Variable-length arrays are a very bad idea. Don't use them, ever. >>>>>>>> If the size has a sane upper bound, just use that value statically. >>>>>>>> Otherwise, you have a stack overflow waiting to happen and should be >>>>>>>> using some kind of dynamic allocation instead. >>>>>>>> >>>>>>>> Furthermore, use of VLAs generally results in less efficient code. For >>>>>>>> instance, it forces gcc to waste a register for the frame pointer, and >>>>>>>> it often prevents inlining. >>>>>>> >>>>>>> Well, if we're going to forbid VLAs in the kernel, IMHO the kernel build >>>>>>> system should call gcc with -Werror=vla to get that point across early, >>>>>>> and flush out any offenders. >>>>>> >>>>>> If it were up to me, that's exactly what I'd do. >>>>> >>>>>> >>>>> Some parts of the kernel depends on VLA such as ___ON_STACK macros in >>>>> include/crypto/hash.h >>>>> It's actually pretty neat implementation, maybe it's too harsh to >>>>> disable VLA completely. >>>> >>>> And what happens if the requested size is insane? >>> >>> One option is to add '-Wvla-larger-than=n' >> >> If you know the upper bound, why use VLAs in the first place? > > This is a water mark and not actual usage, but maybe I didn't > understand your comment. If there is an upper bound known at compile time, why not simply use that size statically? If there is no upper bound, well, then you have a problem. -- M?ns Rullg?rd