From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932067AbdCIND1 convert rfc822-to-8bit (ORCPT ); Thu, 9 Mar 2017 08:03:27 -0500 Received: from unicorn.mansr.com ([81.2.72.234]:44996 "EHLO unicorn.mansr.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754048AbdCINDZ (ORCPT ); Thu, 9 Mar 2017 08:03:25 -0500 From: =?iso-8859-1?Q?M=E5ns_Rullg=E5rd?= To: Tomas Winkler Cc: Henrique de Moraes Holschuh , "linux-kernel\@vger.kernel.org" , linux-sparse@vger.kernel.org, Herbert Xu , Al Viro Subject: Re: Arrays of variable length References: <20170305211254.GA3220@khazad-dum.debian.net> Date: Thu, 09 Mar 2017 13:02:11 +0000 In-Reply-To: (Tomas Winkler's message of "Thu, 9 Mar 2017 09:54:54 +0200") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8BIT Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Tomas Winkler writes: > On Mon, Mar 6, 2017 at 2:31 AM, Måns Rullgård wrote: >> Henrique de Moraes Holschuh writes: >> >>> On Sun, 05 Mar 2017, Måns Rullgård wrote: >>>> Tomas Winkler writes: >>>> > Sparse complains for arrays declared with variable length >>>> > >>>> > 'warning: Variable length array is used' >>>> > >>>> > Prior to c99 this was not allowed but lgcc (c99) doesn't have problem >>>> > with that https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html. >>>> > And also Linux kernel compilation with W=1 doesn't complain. >>>> > >>>> > Since sparse is used extensively would like to ask what is the correct >>>> > usage of arrays of variable length >>>> > within Linux Kernel. >>>> >>>> Variable-length arrays are a very bad idea. Don't use them, ever. >>>> If the size has a sane upper bound, just use that value statically. >>>> Otherwise, you have a stack overflow waiting to happen and should be >>>> using some kind of dynamic allocation instead. >>>> >>>> Furthermore, use of VLAs generally results in less efficient code. For >>>> instance, it forces gcc to waste a register for the frame pointer, and >>>> it often prevents inlining. >>> >>> Well, if we're going to forbid VLAs in the kernel, IMHO the kernel build >>> system should call gcc with -Werror=vla to get that point across early, >>> and flush out any offenders. >> >> If it were up to me, that's exactly what I'd do. > >> > Some parts of the kernel depends on VLA such as ___ON_STACK macros in > include/crypto/hash.h > It's actually pretty neat implementation, maybe it's too harsh to > disable VLA completely. And what happens if the requested size is insane? -- Måns Rullgård From mboxrd@z Thu Jan 1 00:00:00 1970 From: =?iso-8859-1?Q?M=E5ns_Rullg=E5rd?= Subject: Re: Arrays of variable length Date: Thu, 09 Mar 2017 13:02:11 +0000 Message-ID: References: <20170305211254.GA3220@khazad-dum.debian.net> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8BIT Return-path: In-Reply-To: (Tomas Winkler's message of "Thu, 9 Mar 2017 09:54:54 +0200") Sender: linux-kernel-owner@vger.kernel.org To: Tomas Winkler Cc: Henrique de Moraes Holschuh , "linux-kernel@vger.kernel.org" , linux-sparse@vger.kernel.org, Herbert Xu , Al Viro List-Id: linux-sparse@vger.kernel.org Tomas Winkler writes: > On Mon, Mar 6, 2017 at 2:31 AM, Måns Rullgård wrote: >> Henrique de Moraes Holschuh writes: >> >>> On Sun, 05 Mar 2017, Måns Rullgård wrote: >>>> Tomas Winkler writes: >>>> > Sparse complains for arrays declared with variable length >>>> > >>>> > 'warning: Variable length array is used' >>>> > >>>> > Prior to c99 this was not allowed but lgcc (c99) doesn't have problem >>>> > with that https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html. >>>> > And also Linux kernel compilation with W=1 doesn't complain. >>>> > >>>> > Since sparse is used extensively would like to ask what is the correct >>>> > usage of arrays of variable length >>>> > within Linux Kernel. >>>> >>>> Variable-length arrays are a very bad idea. Don't use them, ever. >>>> If the size has a sane upper bound, just use that value statically. >>>> Otherwise, you have a stack overflow waiting to happen and should be >>>> using some kind of dynamic allocation instead. >>>> >>>> Furthermore, use of VLAs generally results in less efficient code. For >>>> instance, it forces gcc to waste a register for the frame pointer, and >>>> it often prevents inlining. >>> >>> Well, if we're going to forbid VLAs in the kernel, IMHO the kernel build >>> system should call gcc with -Werror=vla to get that point across early, >>> and flush out any offenders. >> >> If it were up to me, that's exactly what I'd do. > >> > Some parts of the kernel depends on VLA such as ___ON_STACK macros in > include/crypto/hash.h > It's actually pretty neat implementation, maybe it's too harsh to > disable VLA completely. And what happens if the requested size is insane? -- Måns Rullgård