Hello, I am working on embedded firmware that uses minicbor, serde, wasmi. Those crates are relatively pure, don't access global storage, are not async etc. But it is kind of hard to support, because there isn't that much RAM and you don't want to give too much unused stack to threads, but you have to give them enough - so the gap is not big. When something changes, I usually have to spend some time to hunt for stack overflows and rebalance stacks. It is a miracle it didn't overflowed some stack in deployment . As for wasmi, it is the only thing that uses allocator in the whole application (everything else is written from scratch and is stored in StaticCell, making linker the to be our allocator), so when it OOMs I can just never call into wasm again and never retag any references it may have, and report an error instead of resetting the device.

I had an idea and implemented it. Using a longjump to recover. I created a crate for this, what do you think? It is probably a formal UB to jump over Rust stack frames, but if you're careful I believe it can be used.

2 posts - 2 participants

Read full topic