Front page | perl.perl5.porters |
Postings from May 2021
From: Nicholas Clark
May 19, 2021 19:24
Message ID: 20210519192350.GX16703@etla.org
On Wed, May 19, 2021 at 07:21:04PM +0200, Tomasz Konojacki wrote:
> On Wed, 19 May 2021 13:30:25 +0000
> Nicholas Clark <firstname.lastname@example.org> wrote:
> > I have put the current version at https://github.com/Perl/perl5/wiki/C99
> That list includes Variable Length Arrays, but it doesn't mention their
> numerous drawbacks. Just like gets() they're *extremely* unsafe.
> VLAs are allocated on the stack. The stack in C tends to be rather small
> (in the order of a few megabytes), so it's very easy to overflow it.
> There's no portable way to find out how much stack space is available.
> VLAs don't signal errors, they just overflow the stack when you request
> too much memory.
Thanks. I'd remembered that they were allocated on the stack, and that
overflowing the stack is undefined behaviour. I'd not realised that stack
size was usually small enough that this was a real risk, and that (further)
even if you attempt to guard against it, you can't (portably) because you
can't know how much stack space you have left.
I updated that page.
> C11 has made VLAs optional (in C99 they were mandatory) and some
> compliant compilers (e.g. Visual C++) have chosen not to implement it.
As Steve Hay has demonstrated.
> I think not only we shouldn't use them, but also we should explictly ban
> them with something like "-Wvla -Werror=vla".
Yes, I think that this is a good idea. I'm not going to look into it
right now, but I will try to remember to, and figure out what to probe
for, and where in our setup.
(Unless anyone else wants to beat me to it.)