On 12/03/2011 8:46 AM, Evan Martin wrote:
It seems from the bug Brendan linked to (I skimmed, I admit) they wanted to be able to catch memory allocation failures; it's not clear to me whether that's a desirable goal in Rust. (It's not clear to me if you're out of memory whether you can write any useful non-allocating Rust code to handle the error condition.)
Not at all naive. I'd like to be able to unwind from an out-of-memory situation though. Rust domains are intended to support setting memory budgets, on a per-domain basis, which means we may have artificial memory ceilings far less than system ram. Can't enforce in general C code that calls malloc(), but can (or should) be able to enforce on the runtime structures allocated to support 'pure' rust code.
(and subprocess domains with rlimits should suffice for boxing in C code memory use, as the process itself boxes in any segfaults or other unsafe naughtiness :)
-Graydon _______________________________________________ Rust-dev mailing list [email protected] https://mail.mozilla.org/listinfo/rust-dev
