[erlang-questions] Erlang introspection
Matthias Lang
matthias@REDACTED
Wed Nov 26 11:08:17 CET 2008
On Tuesday, November 25, Charles Ahn wrote:
> Isn't there also a problem about memory use in this case? Because atoms
> are never garbage collected, if this service runs too long you could
> completely run out of memory as people try all kinds of weird function
> names.
You can address that specific problem by using list_to_existing_atom/1
instead of list_to_atom/1.
But there are so many such problems that you can't plug them one at a
time. E.g. you can prevent people from calling os:cmd("rm -rf *") and
you can also block lists:duplicate(9999999999999, 1), but there'll
always be one more nasty case. (E.g. lists:seq, which not only eats
RAM, but also has a last element which raises some people's blood
pressure to dangerous levels)
So you need to do something general. There's some (old) academic work
on that, in the form of 'safe erlang' and Ulf Wiger presented some
newer work in a similar direction at the 2006 EUC
(http://erlhive.sourceforge.net/).
A practical and general way to deal with the out-of-memory problem is
to use the OS to limit memory the Erlang VM can grab and then use
something, perhaps another Erlang VM, to restart the VM whenever it
dies. Dumb and robust.
Matt
More information about the erlang-questions
mailing list