On 02/02/2013 01:16 AM, Patrick Walton wrote:
On 2/1/13 11:02 PM, Brian Anderson wrote:
In the library we add this sort of function that simply guarantee that
the closure has some amount of stack available.
do reserve_stack(Standard) { rust_task_fail(); }
do reserve_stack(Tiny) {... }
do reserve_stack(Large) { }
do reserve_stack(Size(4096)) { }
My main worry about this is that it's always guesswork. Determining
how much stack a C function needs is really hard and involves doing a
lot of non-local reasoning. Getting it wrong can result in exploitable
security vulnerabilities. From a safety POV, it seems that you always
really want as big a stack as possible, unless the function is
something trivial like floor().
It's true that it's guesswork, but so is #[rust_stack], and
#[rust_stack] isn't even asking for _any_ stack, it is asking to run off
the end of the stack. Instead we could ask for a very small amount of
stack, and we would almost always get it, and nothing would be running
in the red zone (hopefully).
_______________________________________________
Rust-dev mailing list
Rust-dev@mozilla.org
https://mail.mozilla.org/listinfo/rust-dev
