`secure` being on by default is dubious

purpleprotocol / mimalloc_rust

A Rust wrapper over Microsoft's MiMalloc memory allocator

MIT License

486 stars 42 forks source link

`secure` being on by default is dubious #39

Open thomcc opened 3 years ago

thomcc commented 3 years ago

Safe rust code doesn't need the extra checking (statically known to be memory-safe), and the guard pages it uses can easily cause resource exhaustion to occur very early, which will cause an abort.

I've thought this for a while but figured I'd file an issue at least.

octavonce commented 3 years ago

@thomcc I initially thought that safe defaults are best. However, now I tend to agree with you. There are still benefits to using safe mode though, for example the myriad of unsafe code instances found in many libraries.

samuelcolvin commented 2 months ago

This should be closed, secure is no longer the default.