Re: [PATCH v5 0/2] Remove false-positive VLAs when using max()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 03/16/2018 05:25 AM, Kees Cook wrote:
In the effort to remove all VLAs from the kernel[1], it is desirable to
build with -Wvla. However, this warning is overly pessimistic, in that
it is only happy with stack array sizes that are declared as constant
expressions, and not constant values. One case of this is the evaluation
of the max() macro which, due to its construction, ends up converting
constant expression arguments into a constant value result. Attempts
to adjust the behavior of max() ran afoul of version-dependent compiler
behavior[2].

I find this commit message confusing. VLAs have precisely defined semantics which differ from other arrays, and these differences can be observable (maybe not in the kernel, but certainly for userspace), so the compiler has to treat a VLA as such even if the length is a constant known at compile time. (The original intent of the warning probably was a portability check anyway.)

If you want to catch stack frames which have unbounded size, -Werror=stack-usage=1000 or -Werror=vla-larger-than=1000 (with the constant adjusted as needed) might be the better approach.

Thanks,
Florian
--
To unsubscribe from this list: send the line "unsubscribe linux-input" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Linux Media Devel]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [Linux Wireless Networking]     [Linux Omap]

  Powered by Linux