> > I don't have an issue with how post_send/post_recv would > work; just pointing out that type checking is lost, which can > lead to accessing invalid memory. > For example, an application cannot just define struct > rdma_wc and then call rdma_poll_cq() and have it work. This > would result in stack corruption, yet matches the defined API. > > - Sean >
So would you favor changing the signature to match the largest size, with comment to the effect that you *could* use a cast and a smaller object but only if you are sure. I can see the danger of someone just using 'rdma_wc', so flipping the naming convention would definitely make sense. As to the size. Is there a size smaller than 256 that crosses over into a significantly safer stack allocation but is still *very* safe in terms of 'sure to be big enough'? Keep in mind that 'struct sockaddr' has problems precisely because 'biggest possible address' turned out to be too small. _______________________________________________ openib-general mailing list [email protected] http://openib.org/mailman/listinfo/openib-general To unsubscribe, please visit http://openib.org/mailman/listinfo/openib-general
