[Bug c++/110848] Consider enabling -Wvla by default in C++ modes
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110848 --- Comment #6 from Aaron Ballman --- (In reply to Andrew Pinski from comment #4) > Maybe my issue is this has been a documented extension for 20 years now. Which is totally fair -- we don't usually enable congratulatory diagnostics by default. > -pedantic or -std=c++NN has always rejected it like it should. GCC has other > extensions which folks could use by accident too (like statement > expressions). Why is VLA special here? FWIW, I can't honestly say I've ever seen someone use a statement expression accidentally, though I believe it's possible to do so if you work hard enough at it. That said, I think misuse of accidental VLAs has more opportunity for poor security behavior (specifically around attacker-controllable stack usage) than for statement expressions. Given the security concerns coupled with the ease of accidental usage, I think VLAs *are* different than statement expressions. Some supporting evidence of the confusion in the wild: https://stackoverflow.com/questions/70912167/how-do-i-tell-if-i-am-using-vla-variable-length-array https://stackoverflow.com/questions/39334435/variable-length-array-vla-in-c-compilers https://ddanilov.me/default-non-standard-features/ https://meta.stackoverflow.com/questions/376955/what-should-i-do-when-an-op-uses-variable-length-arrays-vlas-in-c https://cplusplus.com/forum/beginner/284866/ (Granted, there's confusion about *everything* in C and C++.) It's worth noting that -std=c++NN does *not* reject use of VLAs; you have to pass -pedantic or -Wvla to get the diagnostic: https://godbolt.org/z/PGorTYG7r
[Bug c++/110848] Consider enabling -Wvla by default in C++ modes
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110848 Martin Uecker changed: What|Removed |Added CC||muecker at gwdg dot de --- Comment #5 from Martin Uecker --- I am not entirely convinced std::vector is actually superior in terms of performance nor security. The code looks better to for VLAs even with bounds checking. https://godbolt.org/z/xhvPePGbb Although compiler support could be better and their usefulness in C++ without other VM types is limited compared to C.
[Bug c++/110848] Consider enabling -Wvla by default in C++ modes
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110848 --- Comment #4 from Andrew Pinski --- Maybe my issue is this has been a documented extension for 20 years now. -pedantic or -std=c++NN has always rejected it like it should. GCC has other extensions which folks could use by accident too (like statement expressions). Why is VLA special here?
[Bug c++/110848] Consider enabling -Wvla by default in C++ modes
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110848 --- Comment #3 from Aaron Ballman --- (In reply to Andrew Pinski from comment #1) > Since VLA support has been a GNU C++ extension way before it was proposed to > WG21, I doubt we want to enable this by default. I think it boils down to whether you think users are using it on purpose or by accident. My experience has been that more people use this by accident than not in C++ and are unhappily surprised when they learn of it (sometimes by porting to other compilers (like MSVC) that don't have the extension, sometimes through other means like static analysis, etc). Given that there are security implications with them, they're very easy to use accidentally, there are more idiomatic approaches like std::vector, and that code generation can be quite a bit slower for VLAs than other approaches, I think warning on them by default is justifiable (the folks using them on purpose can add -Wno-vla to disable the diagnostic, but I honestly expect them to be in the minority). Do you have evidence there's a lot of intentional use of this feature in C++ in the wild?
[Bug c++/110848] Consider enabling -Wvla by default in C++ modes
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110848 --- Comment #2 from Andrew Pinski --- GCC has documented VLA extensions for C++ support since r0-35216-g4b404517536c85 (PR 930 which was done in 2001). So
[Bug c++/110848] Consider enabling -Wvla by default in C++ modes
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110848 Andrew Pinski changed: What|Removed |Added Severity|normal |enhancement Keywords||diagnostic --- Comment #1 from Andrew Pinski --- Since VLA support has been a GNU C++ extension way before it was proposed to WG21, I doubt we want to enable this by default.
