On 28/02/2026 15:41, Martin Uecker via Gcc wrote:
Am Freitag, dem 27.02.2026 um 20:54 +0100 schrieb David Brown:
On 27/02/2026 19:57, Martin Uecker via Gcc wrote:
Am Freitag, dem 27.02.2026 um 19:40 +0100 schrieb David Brown:
On 27/02/2026 18:51, Martin Uecker via Gcc wrote:
<snip>
No, it does not trigger a warning with those values. (It will if
someone changes MAX_POINTS to 250000, but that's the point of the
-Wvla-larger-than=512000.)
You are right, thank you. I was somehow confusing this with
something else.
You showed that code in your other post:
void foo(int n)
{
if (n > 100) return;
char buf[n];
foo(n);
}
I would say that definitely deserves a warning. Either make the
parameter unsigned, or check if for negative values.
In any case, the warning one gets
warning: argument to variable-length array may be too large
is then a bit confusing.
But the problem is that I like to use signed types to be able to use the
sanitizer to find overflow eerrors, and I can also use the sanitizer to find
negative sizes for VLAs. So I peronally find the warning for the negative
part unhelpful.
It is always much better if a static warning can find a problem than to
wait for the sanitizer! But I agree the message here is a bit
confusing. It appears that the warning treats the array size as an
unsigned type. If you try setting n to -1, you can see in the warning
it gives exactly how big it thinks n is.
There are lots of reasons to choose signed or unsigned types. But when
you want to be sure that your "n" is in the range 1 to 100, you really
should check that range - not just the upper bound.
So there is scope for improvement on the wording of the warnings here!
I agree. Do you have a suggestion?
Martin
How about just :
warning: Variable length array 'v' [-Wvla]
You will only see the warning if you specifically enable it - you are
getting the warning because /you/ choose to enable the warning, not
because ISO C90 forbids it. (And ISO C90 does not "forbid" VLAs - it
just doesn't have the concept.)
The same message could be given if "n" is "const" - it does not seem to
me that there should be a difference here.
Alternatively, you could have two levels of the warning - -Wvla=1 which
warns on VLAs with a size not known until runtime, and -Wvla=2 which
also warns on arrays with sizes known at compile-time but which are
still VLAs in C. (Perhaps following the C++ rules, to give an
optimisation-independent definition.) For consistency, -Wvla alone
would default to -Wvla=2.
Then you would have two warnings :
warning: Dynamically sized variable length array [-Wvla=1]
warning: Const sized array is variable length array in C [-Wvla=2]
Makes sense!
Note there is a proposal to make those constants true integer constants:
https://www.open-std.org/jtc1/sc22/wg14/www/docs/n3693.htm
That seems a good idea to me. It works fine for C++, and should also
work fine here for C.
