On 02/02/2013 01:49 AM, Brian Anderson wrote:
On 02/02/2013 01:16 AM, Patrick Walton wrote:
On 2/1/13 11:02 PM, Brian Anderson wrote:
In the library we add this sort of function that simply guarantee that
the closure has some amount of stack available.
do reserve_stack(Standard) { rust_task_fail(); }
do reserve_stack(Tiny) {... }
do reserve_stack(Large) { }
do reserve_stack(Size(4096)) { }
My main worry about this is that it's always guesswork. Determining
how much stack a C function needs is really hard and involves doing a
lot of non-local reasoning. Getting it wrong can result in
exploitable security vulnerabilities. From a safety POV, it seems
that you always really want as big a stack as possible, unless the
function is something trivial like floor().
It's true that it's guesswork, but so is #[rust_stack], and
#[rust_stack] isn't even asking for _any_ stack, it is asking to run
off the end of the stack. Instead we could ask for a very small amount
of stack, and we would almost always get it, and nothing would be
running in the red zone (hopefully).
Also guesswork: finding the stack red zone size.
_______________________________________________
Rust-dev mailing list
Rust-dev@mozilla.org
https://mail.mozilla.org/listinfo/rust-dev
