read/cfi: limit the stack depth in UnwindContext (#687)

This is a better default. Users can switch back to Vec
if they need it.

src/read/cfi.rs

@@ -1,5 +1,5 @@
 #[cfg(feature = "read")]
-use alloc::vec::Vec;
+use alloc::boxed::Box;
 
 use core::cmp::{Ord, Ordering};
 use core::fmt::{self, Debug};
@@ -1894,11 +1894,13 @@ pub trait UnwindContextStorage<R: Reader>: Sized {
 
 #[cfg(feature = "read")]
 const MAX_RULES: usize = 192;
+#[cfg(feature = "read")]
+const MAX_UNWIND_STACK_DEPTH: usize = 4;
 
 #[cfg(feature = "read")]
 impl<R: Reader> UnwindContextStorage<R> for StoreOnHeap {
     type Rules = [(Register, RegisterRule<R>); MAX_RULES];
-    type Stack = Vec<UnwindTableRow<R, Self>>;
+    type Stack = Box<[UnwindTableRow<R, Self>; MAX_UNWIND_STACK_DEPTH]>;
 }
 
 /// Common context needed when evaluating the call frame unwinding information.

src/read/util.rs

@@ -71,7 +71,39 @@ macro_rules! impl_array {
     }
 }
 
+#[cfg(feature = "read")]
+macro_rules! impl_box {
+    () => {};
+    ($n:literal $($rest:tt)*) => {
+        // SAFETY: does not modify the content in storage.
+        unsafe impl<T> Sealed for Box<[T; $n]> {
+            type Storage = Box<[MaybeUninit<T>; $n]>;
+
+            fn new_storage() -> Self::Storage {
+                // SAFETY: An uninitialized `[MaybeUninit<_>; _]` is valid.
+                Box::new(unsafe { MaybeUninit::uninit().assume_init() })
+            }
+        }
+
+        impl<T> ArrayLike for Box<[T; $n]> {
+            type Item = T;
+
+            fn as_slice(storage: &Self::Storage) -> &[MaybeUninit<T>] {
+                &storage[..]
+            }
+
+            fn as_mut_slice(storage: &mut Self::Storage) -> &mut [MaybeUninit<T>] {
+                &mut storage[..]
+            }
+        }
+
+        impl_box!($($rest)*);
+    }
+}
+
 impl_array!(0 1 2 3 4 8 16 32 64 128 192);
+#[cfg(feature = "read")]
+impl_box!(0 1 2 3 4 8 16 32 64 128 192);
 
 #[cfg(feature = "read")]
 unsafe impl<T> Sealed for Vec<T> {