www.digitalmars.com         C & C++   DMDScript  

digitalmars.D - [OT] Stack safety in Rust

reply "David Nadlinger" <code klickverbot.at> writes:
Since I know several people here have been following the 
development of Rust concerning object lifetime and memory safety 
vs. (segmented) stacks, I figured this might be interesting:

http://cmr.github.io/blog/2013/10/21/on-stack-safety/

It's a new blog post by Corey Richardson, discussing how to 
mitigate memory corruption due to stack overflows.

David
Oct 21 2013
parent reply "bearophile" <bearophileHUGS lycos.com> writes:
David Nadlinger:

 http://cmr.github.io/blog/2013/10/21/on-stack-safety/

 It's a new blog post by Corey Richardson, discussing how to 
 mitigate memory corruption due to stack overflows.
(Sorry for the late answer). Very nice article, it presents a interesting hybrid strategy. It seems Rust designers have understood some of the disadvantages of the segmented stacks Walter wrote about. D used to print a "stack overflow", and it was a nice thing. Is D using a a single guard page after the stack of a thread? If this is true can't D intercept the page fault and print the that error message again? Bye, bearophile
Nov 05 2013
next sibling parent reply "qznc" <qznc web.de> writes:
On Tuesday, 5 November 2013 at 15:25:21 UTC, bearophile wrote:
 David Nadlinger:

 http://cmr.github.io/blog/2013/10/21/on-stack-safety/

 It's a new blog post by Corey Richardson, discussing how to 
 mitigate memory corruption due to stack overflows.
Very nice article, it presents a interesting hybrid strategy. It seems Rust designers have understood some of the disadvantages of the segmented stacks Walter wrote about.
They removed segmented stacks completely now. "The new runtime does not implement segmented stacks and it never will." https://mail.mozilla.org/pipermail/rust-dev/2013-November/006314.html
Nov 05 2013
next sibling parent reply Andrei Alexandrescu <SeeWebsiteForEmail erdani.org> writes:
On 11/5/13 7:50 AM, qznc wrote:
 On Tuesday, 5 November 2013 at 15:25:21 UTC, bearophile wrote:
 David Nadlinger:

 http://cmr.github.io/blog/2013/10/21/on-stack-safety/

 It's a new blog post by Corey Richardson, discussing how to mitigate
 memory corruption due to stack overflows.
Very nice article, it presents a interesting hybrid strategy. It seems Rust designers have understood some of the disadvantages of the segmented stacks Walter wrote about.
They removed segmented stacks completely now. "The new runtime does not implement segmented stacks and it never will." https://mail.mozilla.org/pipermail/rust-dev/2013-November/006314.html
Well now at least we'll get bearophile off of our backs touting segmented stacks, using Rust as the sole argument they're good :o). Andrei
Nov 05 2013
parent reply Russel Winder <russel winder.org.uk> writes:
On Tue, 2013-11-05 at 08:12 -0800, Andrei Alexandrescu wrote:
[…]
 Well now at least we'll get bearophile off of our backs touting 
 segmented stacks, using Rust as the sole argument they're good :o).
I guess we could gs/Rust/Go/g. Go uses segmented stacks and is proud of it. For Go it is likely a good architecture, D and Rust have different features and needs. -- Russel. ============================================================================= Dr Russel Winder t: +44 20 7585 2200 voip: sip:russel.winder ekiga.net 41 Buckmaster Road m: +44 7770 465 077 xmpp: russel winder.org.uk London SW11 1EN, UK w: www.russel.org.uk skype: russel_winder
Nov 06 2013
parent reply Andrei Alexandrescu <SeeWebsiteForEmail erdani.org> writes:
On 11/6/13 4:47 AM, Russel Winder wrote:
 On Tue, 2013-11-05 at 08:12 -0800, Andrei Alexandrescu wrote:
 […]
 Well now at least we'll get bearophile off of our backs touting
 segmented stacks, using Rust as the sole argument they're good :o).
I guess we could gs/Rust/Go/g. Go uses segmented stacks and is proud of it.
Go is also abandoning segmented stacks: http://goo.gl/fkCvXd Walter deserves all credit for calling this one. Andrei
Nov 06 2013
next sibling parent reply Walter Bright <newshound2 digitalmars.com> writes:
On 11/6/2013 10:33 AM, Andrei Alexandrescu wrote:
 Walter deserves all credit for calling this one.
I'm right twice a day!
Nov 06 2013
parent reply =?UTF-8?B?U2ltZW4gS2rDpnLDpXM=?= <simen.kjaras gmail.com> writes:
On 06.11.2013 23:06, Walter Bright wrote:
 On 11/6/2013 10:33 AM, Andrei Alexandrescu wrote:
 Walter deserves all credit for calling this one.
I'm right twice a day!
If you ignore the B, you're right all the time! -- Simen
Nov 06 2013
parent "Namespace" <rswhite4 googlemail.com> writes:
On Wednesday, 6 November 2013 at 22:40:21 UTC, Simen Kjærås wrote:
 On 06.11.2013 23:06, Walter Bright wrote:
 On 11/6/2013 10:33 AM, Andrei Alexandrescu wrote:
 Walter deserves all credit for calling this one.
I'm right twice a day!
If you ignore the B, you're right all the time!
Took me a moment to understand that. ^^
Nov 06 2013
prev sibling parent Russel Winder <russel winder.org.uk> writes:
On Wed, 2013-11-06 at 10:33 -0800, Andrei Alexandrescu wrote:
[…]
 Go is also abandoning segmented stacks: http://goo.gl/fkCvXd
My understanding is that that is a proposal under discussion, but I may just have missed the change.
 Walter deserves all credit for calling this one.
And the Rust and Go folk for doing the experiment, even though it seems likely to have failed. -- Russel. ============================================================================= Dr Russel Winder t: +44 20 7585 2200 voip: sip:russel.winder ekiga.net 41 Buckmaster Road m: +44 7770 465 077 xmpp: russel winder.org.uk London SW11 1EN, UK w: www.russel.org.uk skype: russel_winder
Nov 07 2013
prev sibling parent "bearophile" <bearophileHUGS lycos.com> writes:
qznc:

 They removed segmented stacks completely now.
And it seems the annotation system too was not appreciated:
 Avoiding this overhead would require an elaborate and 
 inherently unsafe system of annotation (#8822), increasing a 
 burden on the FFI interface.
Bye, bearophile
Nov 05 2013
prev sibling parent Andrej Mitrovic <andrej.mitrovich gmail.com> writes:
On 11/5/13, bearophile <bearophileHUGS lycos.com> wrote:
 D used to print a "stack overflow", and it was a nice thing.
Yes I miss this too. Issue 6088 which you've filed: http://d.puremagic.com/issues/show_bug.cgi?id=6088 Now whenever I see a really large negative number returned from the app I just assume it was a stack overflow.
Nov 05 2013