dereferencing null

H. S. Teoh hsteoh at quickfur.ath.cx
Sat Mar 3 20:20:40 PST 2012


On Sat, Mar 03, 2012 at 07:34:50PM -0800, Walter Bright wrote:
[...]
> 3. Intercepting and recovering from seg faults, div by 0, etc., all
> sounds great on paper. In practice, it is almost always wrong. The
> only exception (!) to the rule is when sandboxing a plugin (as you
> suggested). Making such a sandbox work is highly system specific, and
> doesn't always fit into the D exception model (in fact, it never does
> outside of Windows).
[...]

I wonder if there's some merit to a std.sandbox module in Phobos...

In Linux (any Posix), for example, it could run the sandbox code inside
a fork()ed process, and watch for termination by signal, for example.
Data could be returned via a pipe, or maybe a shared memory segment of
some sort.

Don't know how this would work on Windows, but presumably there are
clean ways of doing it that doesn't endanger the health of the process
creating the sandbox.


T

-- 
Freedom of speech: the whole world has no right *not* to hear my spouting off!


More information about the Digitalmars-d mailing list