Readit NewsI assume you wouldn't ship the whole plugin runtime for each plugin that wants to host another plugin?!
I manually compile a plugin and in my system I can "refresh" a plugin and even say "activate version 1.1 of the plugin" or "activate version 1.2" of the plugin etc.
But that's something I had to build myself and is not built into wasmtime itself.
match Plugin::instantiate_async(&mut store, &component, &linker).await {
Ok(plugin) => {
match plugin
.plugin_guest_oncallback()
.call_ontimedcallback(&mut store, &callback_name)
.await
{
Ok(()) => debug!("Successfully called oncallback for {plugin_path:?}"),
Err(e) => warn!("Failed to call oncallback for {plugin_path:?}: {e}"),
}
}
Err(e) => {
error!("Failed to call oncallback for {plugin_path:?}!: {e}");
}
}
If of course I put a wasm file in the plugin folder that doesn't adhere to that definition, that wasm file isn't considered a plugin.
But I prefer the wasmtime webassembly component model approach these days.
Built a plugin system with that, which has one major upside in my book:
No stringly function invocation.
Instead of run_function("my-function-with-typo") I have a instantiated_plugin.my_function call, where I can be sure that if the plugin has been instantiated, it does have that function.
I'm not a Rust person, how do you install this? Is it something like "rustc install" or something like that?
Thanks!
Add to that that several operating systems will lie about whether you're out of memory, so the 'error' or failure will often not be on the Result() value but come in a SIGKILL instead, it's just adding complexity.
People that are actually worried about it and no how to deal with it, will be coding with a different style and can use the alloc library where/when they need to. (at least when it gets stabilized in Rust)
I've never checked core before, so I did when checking up for this discussion.
I somehow missed Result. Silly me didn't search on that page, but ofc I found it on std
https://doc.rust-lang.org/std/result/index.html
Also thanks for clarifying that values of Result can be stack-only!
It actually has to do with `panic!(...)`. When you use `unwrap()`/`expect("...")`, you use the panic macro under the hood; parts of the panicking infrastructure use a boxed trait object which could contain a static string or formatted String or anything else really. The box can allocate if it is not a ZST. I believe the alloc crate's default handler tries to avoid this kind of thing, so that it can't fail to allocate AGAIN in the failure-handling routine. It will likely do a better job than you could.
This is a live issue at the moment, so to go into any more detail I'd have to read a bunch of recent Rust issues/PRs.
If you don't have any memory your allocations are all failing. When you assemble the log message, the allocation needed to do that fails. Bang, double fault.
Now, often people don't really mean they want allocations to be able to fail generally, they're just thinking about that code they wrote that reads an entire file into RAM. If it was a 100GB file that would be a bad idea. But the best answer is: Guard the allocation you're actually worried about, don't ladle this into the fast path everybody has to deal with on every allocation.
It never occurred to me (being in non-embedded land) that returning an enum as the error or a &'static str instead of a heap structure like String, could also fail.
Seeing that Result isn't part of core, but of std, this makes sense.
Just to tickle my nerve though: theoretically speaking, with your example, it would work, right?
I couldn't allocate 100GB (because OOM or not even enough RAM to begin with) but it could be that the system can allocate the needed memory for error message just fine.
Very interesting.
With Rust's safety, it's not even that bad to re-open and re-load the binary when it changes; the big footgun with dlopen is use-after-free.
Right?