On 5/31/17 6:36 PM, Moritz Maxeiner wrote:
On Wednesday, 31 May 2017 at 21:45:51 UTC, H. S. Teoh wrote:
This is an interesting use case, because conceptually speaking, each
vibe.d fibre actually represents an independent computation, so any
fatal errors like out-of-bounds bugs should cause the termination of
the *fibre*, rather than *everything* that just happens to be running
in the same process.
While I agree on a theoretical level about the fact that in principal
only the fibre (and the same argument goes for threads) should
terminate, the problem is that fibres, as well as threads, share the
same virtual memory of a process, i.e. memory corruption in one fibre
(or thread) cannot in general be safely contained and kept from
spreading to the other fibres (or threads; except in the thread case one
might argue if you know the memory corruption to have happened only in
TLS then you can kill the thread, but I don't know how you would prove
that).
Again, there has not been memory corruption. There is a confusion
rampant in this thread that preventing *attempted* memory corruption
must mean there *is* memory corruption. One does not require the other.
-Steve
