Skip to content
Snippets Groups Projects
Commit 76092a42 authored by Per Lindgren's avatar Per Lindgren
Browse files

wip

parent 9f5798d1
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 35 additions and 22 deletions
examples/eq.rs
+ 35
22
View file @ 76092a42
...@@ -24,25 +24,29 @@ pub enum State { ...@@ -24,25 +24,29 @@ pub enum State {
use State::*; use State::*;
const DISCREPENCY: u32 = 2; //const DISCREPANCY: u32 = 2;
const DISCREPANCY: u32 = 1;
//const HORIZON: usize = (DISCREPANCY + 4 - 1) as usize;
const HORIZON: usize = (DISCREPANCY + 4 + 1) as usize;
const T: bool = true; const T: bool = true;
const F: bool = false; const F: bool = false;
#[no_mangle] #[no_mangle]
fn main() { fn main() {
let mut DATA: [Data; (DISCREPENCY + 3) as usize] = unsafe { core::mem::uninitialized() }; let mut DATA: [Data; HORIZON] = unsafe { core::mem::uninitialized() };
ksymbol!(&mut DATA, "DATA"); ksymbol!(&mut DATA, "DATA");
let mut STATE_HISTORY: [State; (DISCREPENCY + 3) as usize] = let mut STATE_H: [State; HORIZON] = unsafe { core::mem::uninitialized() };
unsafe { core::mem::uninitialized() };
let mut CNTR_HISTORY: [u32; (DISCREPENCY + 3) as usize] = unsafe { core::mem::uninitialized() }; let mut CNTR_H: [u32; HORIZON] = unsafe { core::mem::uninitialized() };
let mut TIMEOUT_CNTR: u32 = unsafe { core::mem::uninitialized() }; let mut TIMEOUT_CNTR: u32 = unsafe { core::mem::uninitialized() };
let mut STATE = S8001; let mut STATE = S8001;
for i in 0..(DISCREPENCY + 3) as usize { for i in 0..HORIZON {
periodic(&mut STATE, &mut TIMEOUT_CNTR, &mut DATA[i as usize]); periodic(&mut STATE, &mut TIMEOUT_CNTR, &mut DATA[i]);
STATE_H[i] = STATE;
CNTR_H[i] = TIMEOUT_CNTR;
// invariants // invariants
// S8000 -> a & b // S8000 -> a & b
...@@ -71,13 +75,13 @@ fn main() { ...@@ -71,13 +75,13 @@ fn main() {
// transition invariants // transition invariants
if i > 0 { if i > 0 {
match STATE_HISTORY[i - 1] { match STATE_H[i - 1] {
C001 | C002 | C003 => { C001 | C002 | C003 => {
// transitions from error // transitions from error
kassert!((STATE == S8001) | (STATE == STATE_HISTORY[i - 1])); kassert!((STATE_H[i] == S8001) | (STATE == STATE_H[i - 1]));
} }
S8005 => { S8005 => {
kassert!((STATE == S8001) | (STATE == C003) | (STATE == STATE_HISTORY[i - 1])); kassert!((STATE_H[i] == S8001) | (STATE == C003) | (STATE == STATE_H[i - 1]));
} }
_ => (), _ => (),
} }
...@@ -91,20 +95,32 @@ fn main() { ...@@ -91,20 +95,32 @@ fn main() {
S8004 | S8005 | S8014 => { S8004 | S8005 | S8014 => {
// remaining in a waiting state decreases the counter // remaining in a waiting state decreases the counter
if i > 0 { if i > 0 {
if STATE_HISTORY[i - 1] == STATE { if STATE_H[i - 1] == STATE_H[i] {
kassert!(TIMEOUT_CNTR < CNTR_HISTORY[i - 1]); kassert!(TIMEOUT_CNTR < CNTR_H[i - 1]);
} }
} }
// Waiting states -> !timeout // Waiting states -> !timeout
// Waiting states implies that TIMEOUT_CNTR has not yet expired // Waiting states implies that TIMEOUT_CNTR has not yet expired
// and that the time remaining is not longer than the discrepency // and that the time remaining is not longer than the DISCREPANCY
kassert!(0 < TIMEOUT_CNTR && TIMEOUT_CNTR <= DISCREPENCY); kassert!(0 < TIMEOUT_CNTR && TIMEOUT_CNTR <= DISCREPANCY);
} }
_ => {} _ => {}
} }
// // liveness?
// if i == HORIZON - 1 {
// let mut ok = false;
// for j in 0..=i {
// if STATE_H[j] == S8001 {
// ok = true;
// }
// }
// kassert!(ok);
// }
// if i > 0 { // if i > 0 {
// match STATE_HISTORY[i - 1] { // match STATE_H[i - 1] {
// C001 | C002 | C003 | S8005 => { // C001 | C002 | C003 | S8005 => {
// // no (immediate) transition from error / recover to Enable state // // no (immediate) transition from error / recover to Enable state
// kassert!(!(STATE == S8000)); // kassert!(!(STATE == S8000));
...@@ -118,10 +134,7 @@ fn main() { ...@@ -118,10 +134,7 @@ fn main() {
// } // }
// } // }
STATE_HISTORY[i] = STATE; unsafe { core::ptr::read_volatile(&STATE_H[i]) };
CNTR_HISTORY[i] = TIMEOUT_CNTR;
unsafe { core::ptr::read_volatile(&STATE_HISTORY[i]) };
} }
} }
...@@ -130,7 +143,7 @@ fn periodic(STATE: &mut State, TIMEOUT_CNTR: &mut u32, data: &Data) { ...@@ -130,7 +143,7 @@ fn periodic(STATE: &mut State, TIMEOUT_CNTR: &mut u32, data: &Data) {
S8000 => match (data.a, data.b) { S8000 => match (data.a, data.b) {
(F, F) => S8001, (F, F) => S8001,
(F, T) | (T, F) => { (F, T) | (T, F) => {
*TIMEOUT_CNTR = DISCREPENCY; *TIMEOUT_CNTR = DISCREPANCY;
S8005 S8005
} }
(T, T) => S8000, (T, T) => S8000,
...@@ -138,11 +151,11 @@ fn periodic(STATE: &mut State, TIMEOUT_CNTR: &mut u32, data: &Data) { ...@@ -138,11 +151,11 @@ fn periodic(STATE: &mut State, TIMEOUT_CNTR: &mut u32, data: &Data) {
S8001 => match (data.a, data.b) { S8001 => match (data.a, data.b) {
(F, F) => S8001, (F, F) => S8001,
(F, T) => { (F, T) => {
*TIMEOUT_CNTR = DISCREPENCY; *TIMEOUT_CNTR = DISCREPANCY;
S8014 S8014
} }
(T, F) => { (T, F) => {
*TIMEOUT_CNTR = DISCREPENCY; *TIMEOUT_CNTR = DISCREPANCY;
S8004 S8004
} }
(T, T) => S8000, (T, T) => S8000,
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment