Expand description
§mem-isolate
: Run unsafe code safely
It runs your function via a fork()
, waits for the result, and returns it.
This grants your code access to an exact copy of memory and state at the time just before the call, but guarantees that the function will not affect the parent process’s memory footprint in any way.
It forces functions to be memory pure (pure with respect to memory), even if they aren’t.
use mem_isolate::execute_in_isolated_process;
// No heap, stack, or program memory out here...
let result = mem_isolate::execute_in_isolated_process(|| {
// ...Can be affected by anything in here
Box::leak(Box::new(vec![42; 1024]));
});
To keep things simple, this crate exposes only two public interfaces:
execute_in_isolated_process
- The function that executes your code in an isolated process.MemIsolateError
- The error type that function returns ☝️
For more code examples, see examples/
.
This one
in particular shows how you should think about error handling.
For more information, see the README.
§Supported Platforms
Because of its heavy use of POSIX system calls, this crate only supports Unix-like operating systems (e.g. Linux, macOS, BSD).
Windows and wasm support are not planned at this time.
§Feature Flags
The following crate feature flags are available:
tracing
: Enable tracing instrumentation. Instruments all high-level functions inlib.rs
and creates spans for child and parent processes inexecute_in_isolated_process
. Events are mostlydebug!
anderror!
level. Seeexamples/tracing.rs
for an example.
By default, no additional features are enabled.
Re-exports§
pub use errors::MemIsolateError;
Modules§
- errors
- Error handling is an important part of the
mem-isolate
crate. If something went wrong, we want to give the caller as much context as possible about how that error affected theircallable
, so they are well-equipped to know what to do about it.
Macros§
- trace
- Conditionally emits a trace-level log message when the “tracing” feature is enabled.
Traits§
- Deserialize
Owned - A data structure that can be deserialized without borrowing any data from the deserializer.
- Serialize
- A data structure that can be serialized into any data format supported by Serde.
Functions§
- execute_
in_ isolated_ process - Executes a user-supplied
callable
in a forked child process so that any memory changes during execution do not affect the parent. The child serializes its result (using bincode) and writes it through a pipe, which the parent reads and deserializes.