On 08/09/2013 11:30 PM, Micah Chalmer wrote:
Hi Rust devs,
What can I assume about the safety of having a C library spawn its own threads, from
which it calls function pointers to "extern" functions written in rust? My
guess (and only a guess--I have no actual reasoning behind it) would be something like
this:
* I cannot expect anything involving tasks or the task scheduler to work
properly in this situation. That means no spawning tasks, no use of ports and
chans, and no use of @ boxes.
* I can expect plain "c-like" rust code to work, subject to the same rules
about thread safety as the equivalent C code. That could include borrowed references and
~ boxes. Rust's rules ensure basic memory integrity within each thread (except for
unsafe blocks/fns), but I would still have to be aware of potential race conditions, just
as if I were writing C in the same situation.
This is about right. The major limitation of using Rust in this type of
scenario is that there isn't a simple, supported mechanism for
communicating from outside of Rust tasks into Rust tasks, and
vice-versa. This functionality falls under the general area of runtime
embedding.
If my guesses are true, how much of the standard library can I use? What
functions make assumptions about threads and the runtime behind the scenes in
non-obvious ways? Is there a way to know? Will there be?
Most of the standard library will work. The major things that won't are
GC, task-local storage, and failure. This may or may not include
logging, depending on whether it currently depends on GC and whether you
use "%?". There's no particular way to know what specific functions are
off limits.
If my guesses are false, I would appreciate a correct view of the situation.
I've already been able to get very simple "c-like rust code" to work in a situation like
this, but I haven't done enough testing to have any confidence in it. There could be hidden race
conditions/crashes that would eventually appear, even for the simple case--my tests may have just
"accidentally worked."
No. Besides calling functions that might `fail!` unexpectedly there
shouldn't be any lurking dangers. If you do something off-limits the
process will abort.
_______________________________________________
Rust-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/rust-dev
