--IiWWkuE4o1pzlECpY07
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Wed, 2006-08-16 at 13:39 +0900, MenTaLguY wrote:
> The only way I know of to bypass it is with a call to a continuation,
> since that doesn't unwind the stack in quite the normal way.
> Unfortunately, you can't just toss a continuation into another thread
> like you can an exception.

I've got one last thought on this:  maybe I'm looking at the problem the
wrong way around.  i.e., maybe the thing to do is to perform Sandbox
evals in separate threads (perhaps from a sandbox thread pool, if thread
startup overhead matters).

For instance:

 t = Thread.new { do_eval( str ) }
 t.join( timeout )
 if t.status != "dead"
   t.kill!
   raise TimeoutException, "timeout exceeded"
 end
 t.value

Now, this still requires some interpreter hacking to do an ensure-less
kill (our hypothetical Thread#kill!), but I think it's a much easier
problem to unceremoneously blow away a thread than it is to carefully
unwind the stack partway whilst still sidestepping ensure.

(You do still need to capture and relay exceptions raised in the thread,
but that's not too hard.  It'd be even easier if there were a
Thread#value analog for exceptions.)

-mental

--IiWWkuE4o1pzlECpY07
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQBE4ztvSuZBmZzm14ERAsceAKCJ9fQUj/GmJlkq48SI+Ei5eJ7MHwCgilz6
LWVzAdJLXsLeR5K4dajE2Ygłµe
-----END PGP SIGNATURE-----

--IiWWkuE4o1pzlECpY07--