Crate mem_isolate

Source
Expand description

§mem-isolate: Run unsafe code safely

It runs your function via a fork(), waits for the result, and returns it.

This grants your code access to an exact copy of memory and state at the time just before the call, but guarantees that the function will not affect the parent process’s memory footprint in any way.

It forces functions to be memory pure (pure with respect to memory), even if they aren’t.

use mem_isolate::execute_in_isolated_process;

// No heap, stack, or program memory out here...
let result = mem_isolate::execute_in_isolated_process(|| {
    // ...Can be affected by anything in here
    Box::leak(Box::new(vec![42; 1024]));
});

To keep things simple, this crate exposes only two public interfaces:

For more code examples, see examples/. This one in particular shows how you should think about error handling.

For more information, see the README.

§Supported Platforms

Because of its heavy use of POSIX system calls, this crate only supports Unix-like operating systems (e.g. Linux, macOS, BSD).

Windows and wasm support are not planned at this time.

§Feature Flags

The following crate feature flags are available:

By default, no additional features are enabled.

Re-exports§

pub use errors::MemIsolateError;

Modules§

errors
Error handling is an important part of the mem-isolate crate. If something went wrong, we want to give the caller as much context as possible about how that error affected their callable, so they are well-equipped to know what to do about it.

Macros§

trace
Conditionally emits a trace-level log message when the “tracing” feature is enabled.

Traits§

DeserializeOwned
A data structure that can be deserialized without borrowing any data from the deserializer.
Serialize
A data structure that can be serialized into any data format supported by Serde.

Functions§

execute_in_isolated_process
Executes a user-supplied callable in a forked child process so that any memory changes during execution do not affect the parent. The child serializes its result (using bincode) and writes it through a pipe, which the parent reads and deserializes.

Derive Macros§

Serialize