Docs/defensive-coding-guide
2
0
Fork 0
Code Issues 3 Pull requests 1 Projects Releases Packages Wiki Activity Actions

Do not use alloca inside a loop #21

Merged
ryanlerch merged 1 commit from alloca-loops into master 2022-02-11 12:34:45 +00:00
Conversation 11 Commits 1 Files changed 1 +2 -1
ret2libc commented 2022-01-31 11:59:11 +00:00
Contributor
Copy link
No description provided.
fweimer commented 2022-01-31 13:25:58 +00:00
First-time contributor
Copy link

The advise is good, but alloca memory can be deallocated on scope exit if the scope contains a VLA. I don't think compilers diagnose this properly.

The advise is good, but `alloca` memory can be deallocated on scope exit if the scope contains a VLA. I don't think compilers diagnose this properly.
ret2libc commented 2022-01-31 13:39:43 +00:00
Author
Contributor
Copy link

From the man page it says:

The  alloca() function allocates size bytes of space in the stack frame of the caller.  This temporary space is automatically freed when the function that called alloca() returns to its caller.

If it is deallocated on scope exit it goes against the description, doesn't it?

From the man page it says: ``` The alloca() function allocates size bytes of space in the stack frame of the caller. This temporary space is automatically freed when the function that called alloca() returns to its caller. ``` If it is deallocated on scope exit it goes against the description, doesn't it?
fweimer commented 2022-01-31 13:56:00 +00:00
First-time contributor
Copy link

Huh, it turns out I misremembered, and according to the GCC documentation, calling alloca inhibits VLA deallocation, not the other way round:

The space for a variable-length array is deallocated as soon as the array name’s scope ends, unless you also use alloca in this scope.

https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html

A short test program confirms this:

#include <alloca.h>

void f1 (int *, int *);

void f2 (int n)
{
  for (int i = 0; i < n; ++i)
    {
      int a[n];
      int *b = alloca (sizeof (*b) * n);
      f1 (a, b);
    }
}
Huh, it turns out I misremembered, and according to the GCC documentation, calling `alloca` inhibits VLA deallocation, not the other way round: > The space for a variable-length array is deallocated as soon as the array name’s scope ends, unless you also use `alloca` in this scope. https://gcc.gnu.org/onlinedocs/gcc/Variable-Length.html A short test program confirms this: ```c #include <alloca.h> void f1 (int *, int *); void f2 (int n) { for (int i = 0; i < n; ++i) { int a[n]; int *b = alloca (sizeof (*b) * n); f1 (a, b); } } ```
huzaifas commented 2022-02-03 05:43:53 +00:00
Contributor
Copy link

@fweimer so we are good to commit this right?

@fweimer so we are good to commit this right?
fweimer commented 2022-02-03 09:53:07 +00:00
First-time contributor
Copy link

@huzaifas It's still not completely accurate.

Maybe add a sentence that discourages mixing VLAs and alloca in the same function?

@huzaifas It's still not completely accurate. Maybe add a sentence that discourages mixing VLAs and `alloca` in the same function?
ret2libc commented 2022-02-03 10:14:35 +00:00
Author
Contributor
Copy link

Ok I will add that!

Ok I will add that!
huzaifas commented 2022-02-04 03:46:07 +00:00
Contributor
Copy link

@ret2libc ok, i will wait for the change in the patch, before i commit :)

@ret2libc ok, i will wait for the change in the patch, before i commit :)
ret2libc commented 2022-02-08 15:25:40 +00:00
Author
Contributor
Copy link

1 new commit added

  • Notify about mixing VLA and alloca
**1 new commit added** * ``Notify about mixing VLA and alloca``
ret2libc commented 2022-02-08 15:26:01 +00:00
Author
Contributor
Copy link

@huzaifas @fweimer sentence added about mixing VLA and alloca.

@huzaifas @fweimer sentence added about mixing VLA and alloca.
ret2libc commented 2022-02-11 12:31:38 +00:00
Author
Contributor
Copy link

rebased onto 34c100361b

rebased onto 34c100361b0d11ad18d4a2e113d4b97aae770a0d
huzaifas commented 2022-02-11 12:34:46 +00:00
Contributor
Copy link

Pull-Request has been merged by huzaifas

Pull-Request has been merged by huzaifas
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
Closed As
Duplicate
Closed with the reason of Duplicate

  
Closed As
Fixed
Closed with the reason of Fixed

  
Closed As
Insufficient data
Closed with the reason of Insufficient data

  
Closed As
Invalid
Closed with the reason of Invalid

No labels
Closed As
Duplicate
Closed As
Fixed
Closed As
Insufficient data
Closed As
Invalid
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
3 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: Docs/defensive-coding-guide#21
No description provided.
Delete branch "alloca-loops"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?