Commit 8a396c51 authored by homunkulus's avatar homunkulus

Auto merge of #58 - japaric:init-resources, r=japaric

safe `&'static mut` references via init.resources

see RFC #59 for details
parents 0f5784c2 a238fd5d
**/*.rs.bk
*.org
.#*
.gdb_history
Cargo.lock
target/
......@@ -15,11 +15,13 @@ version = "0.3.0"
[dependencies]
cortex-m = { git = "https://github.com/japaric/cortex-m" }
untagged-option = "0.1.1"
rtfm-core = "0.1.0"
# rtfm-core = "0.2.0"
rtfm-core = { git = "https://github.com/japaric/rtfm-core" }
cortex-m-rtfm-macros = { path = "macros" }
[target.'cfg(target_arch = "x86_64")'.dev-dependencies]
compiletest_rs = "0.3.3"
# compiletest_rs = "0.3.4"
compiletest_rs = { git = "https://github.com/dwrensha/compiletest-rs", branch = "rustup" }
[dev-dependencies.cortex-m-rt]
features = ["abort-on-panic"]
......
#![deny(unsafe_code)]
#![deny(warnings)]
#![feature(proc_macro)]
#![no_std]
extern crate cortex_m_rtfm as rtfm;
extern crate stm32f103xx;
use rtfm::{app, Threshold};
pub struct Foo;
app! {
device: stm32f103xx,
resources: {
static CO_OWNED: Foo = Foo;
static ON: Foo = Foo;
static OWNED: Foo = Foo;
static SHARED: Foo = Foo;
},
idle: {
resources: [OWNED, SHARED],
},
tasks: {
SYS_TICK: {
path: sys_tick,
resources: [CO_OWNED, ON, SHARED],
},
TIM2: {
enabled: false,
path: tim2,
priority: 1,
resources: [CO_OWNED],
},
},
}
fn init(_p: ::init::Peripherals, _r: ::init::Resources) {}
fn idle(_t: &mut Threshold, _r: ::idle::Resources) -> ! {
loop {}
}
fn sys_tick(_t: &mut Threshold, _r: SYS_TICK::Resources) {}
fn tim2(_t: &mut Threshold, _r: TIM2::Resources) {}
......@@ -63,22 +63,22 @@ mod main {
*r.OWNED != *r.OWNED;
if *r.OWNED {
if r.SHARED.claim(t, |shared, _| **shared) {
if r.SHARED.claim(t, |shared, _| *shared) {
rtfm::wfi();
}
} else {
r.SHARED.claim_mut(t, |shared, _| **shared = !**shared);
r.SHARED.claim_mut(t, |shared, _| *shared = !*shared);
}
}
}
}
fn sys_tick(_t: &mut Threshold, r: SYS_TICK::Resources) {
**r.ON = !**r.ON;
fn sys_tick(_t: &mut Threshold, mut r: SYS_TICK::Resources) {
*r.ON = !*r.ON;
**r.CO_OWNED += 1;
*r.CO_OWNED += 1;
}
fn tim2(_t: &mut Threshold, r: TIM2::Resources) {
**r.CO_OWNED += 1;
fn tim2(_t: &mut Threshold, mut r: TIM2::Resources) {
*r.CO_OWNED += 1;
}
......@@ -70,5 +70,5 @@ fn exti0(t: &mut Threshold, r: EXTI0::Resources) {
// This task has direct access to the resources
fn exti1(t: &mut Threshold, r: EXTI1::Resources) {
work(t, r.GPIOA, r.SPI1);
work(t, &r.GPIOA, &r.SPI1);
}
//! Demonstrates initialization of resources in `init`.
#![deny(unsafe_code)]
#![deny(warnings)]
#![feature(proc_macro)]
......
......@@ -77,11 +77,11 @@ fn idle() -> ! {
// `r` is the set of resources this task has access to. `SYS_TICK::Resources`
// has one field per resource declared in `app!`.
#[allow(unsafe_code)]
fn sys_tick(_t: &mut Threshold, r: SYS_TICK::Resources) {
fn sys_tick(_t: &mut Threshold, mut r: SYS_TICK::Resources) {
// toggle state
**r.ON = !**r.ON;
*r.ON = !*r.ON;
if **r.ON {
if *r.ON {
// set the pin PC13 high
// NOTE(unsafe) atomic write to a stateless register
unsafe {
......
......@@ -42,12 +42,12 @@ fn idle() -> ! {
}
}
fn sys_tick(_t: &mut Threshold, r: SYS_TICK::Resources) {
fn sys_tick(_t: &mut Threshold, mut r: SYS_TICK::Resources) {
// ..
// This task can't be preempted by `tim2` so it has direct access to the
// resource data
**r.COUNTER += 1;
*r.COUNTER += 1;
// ..
}
......@@ -61,7 +61,7 @@ fn tim2(t: &mut Threshold, mut r: TIM2::Resources) {
// lead to undefined behavior.
r.COUNTER.claim_mut(t, |counter, _t| {
// `claim_mut` creates a critical section
**counter += 1;
*counter += 1;
});
// ..
......
//! Safe creation of `&'static mut` references
#![deny(unsafe_code)]
#![deny(warnings)]
#![feature(proc_macro)]
#![no_std]
extern crate cortex_m_rtfm as rtfm;
extern crate stm32f103xx;
use rtfm::app;
app! {
device: stm32f103xx,
resources: {
static BUFFER: [u8; 16] = [0; 16];
},
init: {
resources: [BUFFER],
},
}
fn init(_p: init::Peripherals, r: init::Resources) {
let _buf: &'static mut [u8] = r.BUFFER;
}
fn idle() -> ! {
loop {
rtfm::wfi();
}
}
......@@ -42,18 +42,18 @@ fn idle() -> ! {
// As both tasks are running at the same priority one can't preempt the other.
// Thus both tasks have direct access to the resource
fn sys_tick(_t: &mut Threshold, r: SYS_TICK::Resources) {
fn sys_tick(_t: &mut Threshold, mut r: SYS_TICK::Resources) {
// ..
**r.COUNTER += 1;
*r.COUNTER += 1;
// ..
}
fn tim2(_t: &mut Threshold, r: TIM2::Resources) {
fn tim2(_t: &mut Threshold, mut r: TIM2::Resources) {
// ..
**r.COUNTER += 1;
*r.COUNTER += 1;
// ..
}
......@@ -12,7 +12,8 @@ version = "0.2.1"
[dependencies]
error-chain = "0.10.0"
quote = "0.3.15"
rtfm-syntax = "0.2.0"
# rtfm-syntax = "0.2.0"
rtfm-syntax = { git = "https://github.com/japaric/rtfm-syntax" }
syn = "0.11.11"
[lib]
......
......@@ -17,6 +17,13 @@ pub enum Ownership {
}
impl Ownership {
pub fn ceiling(&self) -> u8 {
match *self {
Ownership::Owned { priority } => priority,
Ownership::Shared { ceiling } => ceiling,
}
}
pub fn is_owned(&self) -> bool {
match *self {
Ownership::Owned { .. } => true,
......
......@@ -77,7 +77,38 @@ pub fn app(app: check::App) -> Result<App> {
}
fn resources(app: &App) -> Result<()> {
for name in &app.init.resources {
if let Some(resource) = app.resources.get(name) {
ensure!(
resource.expr.is_some(),
"resource `{}`, allocated to `init`, must have an initial value",
name
);
} else {
bail!(
"resource `{}`, allocated to `init`, must be a data resource",
name
);
}
ensure!(
!app.idle.resources.contains(name),
"resources assigned to `init` can't be shared with `idle`"
);
ensure!(
app.tasks
.iter()
.all(|(_, task)| !task.resources.contains(name)),
"resources assigned to `init` can't be shared with tasks"
)
}
for resource in app.resources.keys() {
if app.init.resources.contains(resource) {
continue;
}
if app.idle.resources.contains(resource) {
continue;
}
......
This diff is collapsed.
......@@ -84,7 +84,7 @@ extern crate untagged_option;
use core::u8;
pub use rtfm_core::{Resource, Static, Threshold};
pub use rtfm_core::{Resource, Threshold};
pub use cortex_m::asm::{bkpt, wfi};
pub use cortex_m_rtfm_macros::app;
#[doc(hidden)]
......
#![deny(warnings)]
#![feature(proc_macro)]
#![no_std]
extern crate cortex_m_rtfm as rtfm;
extern crate stm32f103xx;
use rtfm::app;
app! { //~ proc macro panicked
device: stm32f103xx,
resources: {
static BUFFER: [u8; 16] = [0; 16];
},
init: {
resources: [BUFFER],
},
idle: {
// ERROR resources assigned to `init` can't be shared with `idle`
resources: [BUFFER],
},
}
fn init(_p: init::Peripherals, _r: init::Resources) {}
fn idle(_r: init::Resources) -> ! {
loop {}
}
#![deny(warnings)]
#![feature(proc_macro)]
#![no_std]
extern crate cortex_m_rtfm as rtfm;
extern crate stm32f103xx;
use rtfm::app;
app! { //~ proc macro panicked
device: stm32f103xx,
resources: {
static BUFFER: [u8; 16] = [0; 16];
},
init: {
resources: [BUFFER],
},
tasks: {
SYS_TICK: {
path: sys_tick,
// ERROR resources assigned to `init` can't be shared with tasks
resources: [BUFFER],
},
},
}
fn init(_p: init::Peripherals) {}
fn idle() -> ! {
loop {}
}
fn sys_tick() {}
......@@ -45,22 +45,24 @@ fn idle() -> ! {
}
fn exti0(mut t: &mut Threshold, mut r: EXTI0::Resources) {
// ERROR need to lock to access the resource because priority < ceiling
if *r.ON {
//~^ error type `EXTI0::ON` cannot be dereferenced
}
// OK need to lock to access the resource
if r.ON.claim(&mut t, |on, _| **on) {}
if r.ON.claim(&mut t, |on, _| *on) {}
// OK can claim a resource with maximum ceiling
r.MAX.claim_mut(&mut t, |max, _| **max += 1);
r.MAX.claim_mut(&mut t, |max, _| *max += 1);
}
fn exti1(mut t: &mut Threshold, r: EXTI1::Resources) {
// ERROR no need to lock. Has direct access because priority == ceiling
if (**r.ON).claim(&mut t, |on, _| **on) {
//~^ error no method named `claim` found for type
}
// OK to directly access the resource because priority == ceiling
if *r.ON {}
if **r.ON {
// OK
}
// though the resource can still be claimed -- the claim is a no-op
if r.ON.claim(&mut t, |on, _| *on) {}
}
fn exti2(_t: &mut Threshold, _r: EXTI2::Resources) {}
......@@ -9,7 +9,7 @@ extern crate stm32f103xx;
use rtfm::{app, Threshold};
app! { //~ error bound `rtfm::Threshold: core::marker::Send` is not satisfied
app! { //~ error bound `*const (): core::marker::Send` is not satisfied
device: stm32f103xx,
resources: {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment