SoylentNews

martyb [soylentnews.org] writes:

https://www.phoronix.com/scan.php?page=news_item&px=Linux-Kills-The-VLA [phoronix.com]:

VLAs [(Varable Length Arrays)] allow for array lengths to be determined at run-time rather than compile time. The Linux kernel has long relied upon VLAs in different parts of the kernel -- including within structures -- but going on for months now (and years if counting the kernel Clang'ing efforts) has been to remove the usage of variable-length arrays within the kernel. The problems with them are:

- Using variable-length arrays can add some minor run-time overhead to the code due to needing to determine the size of the array at run-time.

- VLAs within structures is not supported by the LLVM Clang compiler and thus an issue for those wanting to build the kernel outside of GCC, Clang only supports the C99-style VLAs.

- Arguably most importantly is there can be security implications from VLAs around the kernel's stack usage.

[...] Kees Cook[*] sent out the pull request today for VLA removal [iu.edu] that now enables the "-Wvla" compiler flag to emit a warning should any variable-length array be found within the kernel's C code. That will help prevent new code from inadvertently using VLAs and also spot any lingering kernel code still relying upon this behavior.

Kees Cook wrote that there still might be a few places where VLAs could be found, "there may be a couple more VLAs hiding in hard-to-find randconfigs, but nothing big has shaken out in the last month or so in linux-next. We should be basically VLA-free now! Wheee. :)"

[*] KeesCook [ubuntu.com].

Have you ever used VLAs? Removed them? Why?

Original Submission