| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <0a2996a7c63930b9d9a8d3792358dd9e494e27c1.camel@gwdg.de> Date: Sat, 7 Dec 2024 20:19:37 +0100 From: Martin Uecker <muecker@...g.de> To: Linus Torvalds <torvalds@...ux-foundation.org> CC: David Laight <David.Laight@...lab.com>, Vincent Mailhol <mailhol.vincent@...adoo.fr>, Luc Van Oostenryck <luc.vanoostenryck@...il.com>, Nathan Chancellor <nathan@...nel.org>, "Nick Desaulniers" <ndesaulniers@...gle.com>, Bill Wendling <morbo@...gle.com>, Justin Stitt <justinstitt@...gle.com>, Yury Norov <yury.norov@...il.com>, Rasmus Villemoes <linux@...musvillemoes.dk>, Kees Cook <kees@...nel.org>, "Gustavo A. R. Silva" <gustavoars@...nel.org>, Jani Nikula <jani.nikula@...ux.intel.com>, Joonas Lahtinen <joonas.lahtinen@...ux.intel.com>, Rodrigo Vivi <rodrigo.vivi@...el.com>, Tvrtko Ursulin <tursulin@...ulin.net>, David Airlie <airlied@...il.com>, Simona Vetter <simona@...ll.ch>, Suzuki K Poulose <suzuki.poulose@....com>, Mike Leach <mike.leach@...aro.org>, James Clark <james.clark@...aro.org>, Alexander Shishkin <alexander.shishkin@...ux.intel.com>, Rikard Falkeborn <rikard.falkeborn@...il.com>, "linux-sparse@...r.kernel.org" <linux-sparse@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "llvm@...ts.linux.dev" <llvm@...ts.linux.dev>, "linux-hardening@...r.kernel.org" <linux-hardening@...r.kernel.org>, "intel-gfx@...ts.freedesktop.org" <intel-gfx@...ts.freedesktop.org>, "dri-devel@...ts.freedesktop.org" <dri-devel@...ts.freedesktop.org>, "coresight@...ts.linaro.org" <coresight@...ts.linaro.org>, "linux-arm-kernel@...ts.infradead.org" <linux-arm-kernel@...ts.infradead.org> Subject: Re: [PATCH 02/10] compiler.h: add is_const() as a replacement of __is_constexpr() Am Samstag, dem 07.12.2024 um 10:26 -0800 schrieb Linus Torvalds: > On Sat, 7 Dec 2024 at 05:07, Martin Uecker <muecker@...g.de> wrote: > > > > VLA use *less* stack than a fixed size arrays with fixed bound. > > Not really. You end up with tons of problems, not the least of which > is how to actually analyze the stack size. It also gets *very* nasty > to have code that declares the VLA size using an argument that is then > checked afterwards - and if you have a strong preference for > "declarations before code", you end up with *horrific* issues. > > And even if you are super-careful, and you solved the analysis > problem, in practice VLAs will cause huge stack issues simply due to > code generation issues. The compiler will end up doing extra > alignment and extra frame handling and saving, to the point where any > advantages the VLA would bring is completely dwarfed by all the > disadvantages. But that all seem solvable issues on the compiler side. If you said the maximum stack size for arrays we tolerate is X, then a compiler could tell you if a) this is not guaranteed in a specific situation (-Wvla-larher-than) and b) transform the array automatically to fixed size array of size X *or* something smaller when it can show this. Because now you do the exact same thing manually while losing precise bounds checking. Martin > > We went through this. We are so *much* better off without VLAs that > it's not even funny. > > Now when the compiler says "your stack size is big", you just look > "Oh, that struct should be allocated with kmalloc, not on the stack". > Boom. Done. > > Linus
Powered by blists - more mailing lists