On Tue, Nov 25, 2025 at 01:14:23PM +0000, Peter Maydell wrote:
> On Tue, 25 Nov 2025 at 12:20, Daniel P. Berrangé <[email protected]> wrote:
> >
> > On Tue, Nov 25, 2025 at 11:38:59AM +0100, Moritz Haase wrote:
> > > + if (i_arg) {
> > > + new_argv = g_alloca(sizeof(void *));
> > > + new_argv[0] = i_arg;
> >
> > FYI, use of g_alloca() is no longer permitted in QEMU code.
> >
> > I thought we blocked that with -Walloca, but it seems we do not.
> > We ought to fix that gap.
>
> We don't because we haven't yet eradicated all existing uses
> of alloca type functions. We did that for the system emulation
> code, but didn't find a way to add the -Walloca warning only
> for the non-linux-user code:
>
> https://lore.kernel.org/qemu-devel/[email protected]/
>
> There are still a handful of alloca() calls in linux-user/
> and bsd-user/ which ideally we would convert but which haven't
> been very high priority to clean up (because a linux user
> guest can scribble all over QEMU memory anyway if it likes,
> so being able to overrun the stack by passing a large value
> into an alloca size doesn't let it do anything it couldn't
> do by other means).
I think we can fix that with a pragma. eg Add -Walloca to meson.build
for everything, then add _Pragma("GCC diagnostic ignored -Walloca") to
only linux-user/syscall.c and bsd-user/os-syscall.c files.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
