replace the ceiling token with a preemption threshold token

This commit is contained in:
Jorge Aparicio 2017-05-08 12:05:42 -05:00
parent 2063697c62
commit fc4cb7d472
18 changed files with 260 additions and 216 deletions

View file

@ -17,7 +17,7 @@ quote = "0.3.15"
syn = "0.11.10" syn = "0.11.10"
[dependencies] [dependencies]
cortex-m = "0.2.4" cortex-m = "0.2.5"
static-ref = "0.1.0" static-ref = "0.1.0"
typenum = "1.7.0" typenum = "1.7.0"

View file

@ -39,16 +39,25 @@ fn main() {
}, },
); );
// Ceilings // Ceilings and thresholds
for i in 0..(1 << bits) + 1 { for i in 0..(1 << bits) + 1 {
let c = Ident::new(format!("C{}", i)); let c = Ident::new(format!("C{}", i));
let t = Ident::new(format!("T{}", i));
let u = Ident::new(format!("U{}", i)); let u = Ident::new(format!("U{}", i));
let doc = format!("A ceiling of {}", i); let doc = format!("A ceiling of {}", i);
tokens.push( tokens.push(
quote! { quote! {
#[doc = #doc] #[doc = #doc]
pub type #c = C<::typenum::#u>; pub type #c = Ceiling<::typenum::#u>;
},
);
let doc = format!("A preemption threshold of {}", i);
tokens.push(
quote! {
#[doc = #doc]
pub type #t = Threshold<::typenum::#u>;
}, },
); );
} }
@ -58,23 +67,21 @@ fn main() {
let p = Ident::new(format!("P{}", i)); let p = Ident::new(format!("P{}", i));
let u = Ident::new(format!("U{}", i)); let u = Ident::new(format!("U{}", i));
let doc = if i == 0 { let doc = format!(
format!("A priority of 0, the lowest priority") "A priority of {}{}",
} else { i,
format!( if i == 0 {
"A priority of {}{}", ", the lowest priority"
i, } else if i == (1 << bits) {
if i == (1 << bits) { ", the highest priority"
", the highest priority" } else {
} else { ""
"" }
} );
)
};
tokens.push( tokens.push(
quote! { quote! {
#[doc = #doc] #[doc = #doc]
pub type #p = P<::typenum::#u>; pub type #p = Priority<::typenum::#u>;
}, },
); );
} }
@ -99,13 +106,21 @@ fn main() {
let u = Ident::new(format!("U{}", (1 << bits))); let u = Ident::new(format!("U{}", (1 << bits)));
let c = Ident::new(format!("C{}", (1 << bits))); let c = Ident::new(format!("C{}", (1 << bits)));
let p = Ident::new(format!("P{}", (1 << bits)));
let t = Ident::new(format!("T{}", (1 << bits)));
tokens.push( tokens.push(
quote! { quote! {
/// Maximum ceiling /// Maximum ceiling
pub type CMAX = #c; pub type CMax = #c;
/// Maximum priority
pub type PMax = #p;
/// Maximum preemption threshold
pub type TMax = #t;
/// Maximum priority level /// Maximum priority level
pub type UMAX = ::typenum::#u; pub type UMax = ::typenum::#u;
}, },
); );

View file

@ -14,17 +14,18 @@
//! # Features //! # Features
//! //!
//! - **Event triggered tasks** as the unit of concurrency. //! - **Event triggered tasks** as the unit of concurrency.
//! - Supports prioritization of tasks and, thus, **preemptive multitasking**. //! - Support for prioritization of tasks and, thus, **preemptive
//! multitasking**.
//! - **Efficient and data race free memory sharing** through fine grained *non //! - **Efficient and data race free memory sharing** through fine grained *non
//! global* critical sections. //! global* critical sections.
//! - **Deadlock free execution**, guaranteed at compile time. //! - **Deadlock free execution**, guaranteed at compile time.
//! - **Minimal scheduling overhead** as the scheduler has no "software //! - **Minimal scheduling overhead** as the scheduler has no "software
//! component"; the hardware does all the scheduling. //! component"; the hardware does all the scheduling.
//! - **Highly efficient memory usage**. All the tasks share the call stack and //! - **Highly efficient memory usage**. All the tasks share a single call stack
//! there's no hard dependency on a dynamic allocator. //! and there's no hard dependency on a dynamic memory allocator.
//! - **All Cortex M3, M4 and M7 devices are fully supported**. M0(+) is //! - **All Cortex M3, M4 and M7 devices are fully supported**. M0(+) is
//! partially supported as the whole API is not available (due to missing //! partially supported as the whole API is not available due to missing
//! hardware features). //! hardware features.
//! - The number of task priority levels is configurable at compile time through //! - The number of task priority levels is configurable at compile time through
//! the `P2` (4 levels), `P3` (8 levels), etc. Cargo features. The number of //! the `P2` (4 levels), `P3` (8 levels), etc. Cargo features. The number of
//! priority levels supported by the hardware is device specific but this //! priority levels supported by the hardware is device specific but this
@ -76,18 +77,18 @@
//! // device crate generated using svd2rust //! // device crate generated using svd2rust
//! extern crate stm32f30x; //! extern crate stm32f30x;
//! //!
//! use rtfm::{C0, C16, P0}; //! use rtfm::{P0, T0, TMax};
//! //!
//! // TASKS (None in this example) //! // TASKS (None in this example)
//! tasks!(stm32f30x, {}); //! tasks!(stm32f30x, {});
//! //!
//! // INITIALIZATION PHASE //! // INITIALIZATION PHASE
//! fn init(_priority: P0, _ceiling: &C16) { //! fn init(_priority: P0, _threshold: &TMax) {
//! hprintln!("INIT"); //! hprintln!("INIT");
//! } //! }
//! //!
//! // IDLE LOOP //! // IDLE LOOP
//! fn idle(_priority: P0, _ceiling: C0) -> ! { //! fn idle(_priority: P0, _threshold: T0) -> ! {
//! hprintln!("IDLE"); //! hprintln!("IDLE");
//! //!
//! // Sleep //! // Sleep
@ -112,7 +113,8 @@
//! //!
//! - `idle`, a never ending function that runs after `init`. //! - `idle`, a never ending function that runs after `init`.
//! //!
//! Note that both `init` and `idle` have priority 0, the lowest priority. //! Both `init` and `idle` have a priority of 0, the lowest priority. In RTFM,
//! a higher priority value means more urgent.
//! //!
//! # One task //! # One task
//! //!
@ -127,16 +129,16 @@
//! extern crate stm32f30x; //! extern crate stm32f30x;
//! //!
//! use stm32f30x::interrupt::Tim7; //! use stm32f30x::interrupt::Tim7;
//! use rtfm::{C0, C1, C16, Local, P0, P1}; //! use rtfm::{Local, P0, P1, T0, T1, TMax};
//! //!
//! // INITIALIZATION PHASE //! // INITIALIZATION PHASE
//! fn init(_priority: P0, _ceiling: &C16) { //! fn init(_priority: P0, _threshold: &TMax) {
//! // Configure TIM7 for periodic interrupts //! // Configure TIM7 for periodic interrupts
//! // Configure GPIO for LED driving //! // Configure GPIO for LED driving
//! } //! }
//! //!
//! // IDLE LOOP //! // IDLE LOOP
//! fn idle(_priority: P0, _ceiling: C0) -> ! { //! fn idle(_priority: P0, _threshold: T0) -> ! {
//! // Sleep //! // Sleep
//! loop { //! loop {
//! rtfm::wfi(); //! rtfm::wfi();
@ -152,7 +154,7 @@
//! }, //! },
//! }); //! });
//! //!
//! fn periodic(mut task: Tim7, _priority: P1, _ceiling: C1) { //! fn periodic(mut task: Tim7, _priority: P1, _threshold: T1) {
//! // Task local data //! // Task local data
//! static STATE: Local<bool, Tim7> = Local::new(false); //! static STATE: Local<bool, Tim7> = Local::new(false);
//! //!
@ -196,9 +198,7 @@
//! use core::cell::Cell; //! use core::cell::Cell;
//! //!
//! use stm32f30x::interrupt::{Tim6Dacunder, Tim7}; //! use stm32f30x::interrupt::{Tim6Dacunder, Tim7};
//! use rtfm::{C0, C1, C16, P0, P1, Resource}; //! use rtfm::{C1, P0, P1, Resource, T0, T1, TMax};
//!
//! // omitted: `idle`, `init`
//! //!
//! tasks!(stm32f30x, { //! tasks!(stm32f30x, {
//! t1: Task { //! t1: Task {
@ -216,25 +216,25 @@
//! // Data shared between tasks `t1` and `t2` //! // Data shared between tasks `t1` and `t2`
//! static COUNTER: Resource<Cell<u32>, C1> = Resource::new(Cell::new(0)); //! static COUNTER: Resource<Cell<u32>, C1> = Resource::new(Cell::new(0));
//! //!
//! fn init(priority: P0, ceiling: &C16) { //! fn init(priority: P0, threshold: &TMax) {
//! // .. //! // ..
//! } //! }
//! //!
//! fn idle(priority: P0, ceiling: C0) -> ! { //! fn idle(priority: P0, threshold: T0) -> ! {
//! // Sleep //! // Sleep
//! loop { //! loop {
//! rtfm::wfi(); //! rtfm::wfi();
//! } //! }
//! } //! }
//! //!
//! fn t1(_task: Tim6Dacunder, priority: P1, ceiling: C1) { //! fn t1(_task: Tim6Dacunder, priority: P1, threshold: T1) {
//! let counter = COUNTER.access(&priority, &ceiling); //! let counter = COUNTER.access(&priority, &threshold);
//! //!
//! counter.set(counter.get() + 1); //! counter.set(counter.get() + 1);
//! } //! }
//! //!
//! fn t2(_task: Tim7, priority: P1, ceiling: C1) { //! fn t2(_task: Tim7, priority: P1, threshold: T1) {
//! let counter = COUNTER.access(&priority, &ceiling); //! let counter = COUNTER.access(&priority, &threshold);
//! //!
//! counter.set(counter.get() + 2); //! counter.set(counter.get() + 2);
//! } //! }
@ -272,7 +272,7 @@
//! use core::cell::Cell; //! use core::cell::Cell;
//! //!
//! use stm32f30x::interrupt::{Tim6Dacunder, Tim7}; //! use stm32f30x::interrupt::{Tim6Dacunder, Tim7};
//! use rtfm::{C0, C1, C16, C2, P0, P1, P2, Resource}; //! use rtfm::{C2, P0, P1, P2, Resource, T0, T1, T2, TMax};
//! //!
//! tasks!(stm32f30x, { //! tasks!(stm32f30x, {
//! t1: Task { //! t1: Task {
@ -289,23 +289,23 @@
//! //!
//! static COUNTER: Resource<Cell<u32>, C2> = Resource::new(Cell::new(0)); //! static COUNTER: Resource<Cell<u32>, C2> = Resource::new(Cell::new(0));
//! //!
//! fn init(priority: P0, ceiling: &C16) { //! fn init(priority: P0, threshold: &TMax) {
//! // .. //! // ..
//! } //! }
//! //!
//! fn idle(priority: P0, ceiling: C0) -> ! { //! fn idle(priority: P0, threshold: T0) -> ! {
//! // Sleep //! // Sleep
//! loop { //! loop {
//! rtfm::wfi(); //! rtfm::wfi();
//! } //! }
//! } //! }
//! //!
//! fn t1(_task: Tim6Dacunder, priority: P1, ceiling: C1) { //! fn t1(_task: Tim6Dacunder, priority: P1, threshold: T1) {
//! // .. //! // ..
//! //!
//! ceiling.raise( //! threshold.raise(
//! &COUNTER, |ceiling: &C2| { //! &COUNTER, |threshold: &T2| {
//! let counter = COUNTER.access(&priority, ceiling); //! let counter = COUNTER.access(&priority, threshold);
//! //!
//! counter.set(counter.get() + 1); //! counter.set(counter.get() + 1);
//! } //! }
@ -314,8 +314,8 @@
//! // .. //! // ..
//! } //! }
//! //!
//! fn t2(_task: Tim7, priority: P2, ceiling: C2) { //! fn t2(_task: Tim7, priority: P2, threshold: T2) {
//! let counter = COUNTER.access(&priority, &ceiling); //! let counter = COUNTER.access(&priority, &threshold);
//! //!
//! counter.set(counter.get() + 2); //! counter.set(counter.get() + 2);
//! } //! }
@ -328,9 +328,10 @@
//! //!
//! To avoid data races, `t1` must modify `COUNTER` in an atomic way; i.e. `t2` //! To avoid data races, `t1` must modify `COUNTER` in an atomic way; i.e. `t2`
//! most not preempt `t1` while `COUNTER` is being modified. This is //! most not preempt `t1` while `COUNTER` is being modified. This is
//! accomplished by [`raise`](./struct.C.html#method.raise)-ing the `ceiling`. //! accomplished by [`raise`](./struct.C.html#method.raise)-ing the preemption
//! This creates a critical section, denoted by a closure; for whose execution, //! `threshold`. This creates a critical section, denoted by a closure; for
//! `COUNTER` is accessible but `t2` is blocked from preempting `t1`. //! whose execution, `COUNTER` is accessible while `t2` is prevented from
//! preempting `t1`.
//! //!
//! How `t2` accesses `COUNTER` remains unchanged. Since `t1` can't preempt `t2` //! How `t2` accesses `COUNTER` remains unchanged. Since `t1` can't preempt `t2`
//! due to the differences in priority; no critical section is needed in `t2`. //! due to the differences in priority; no critical section is needed in `t2`.
@ -339,11 +340,12 @@
//! required because the ceiling must be the maximum between `P1` and `P2`. //! required because the ceiling must be the maximum between `P1` and `P2`.
//! //!
//! Finally, it should be noted that the critical section in `t1` will only //! Finally, it should be noted that the critical section in `t1` will only
//! block tasks with a priority of 2 or lower. This is exactly what the ceiling //! block tasks with a priority of 2 or lower. This is exactly what the
//! represents: it's the "bar" that a task priority must pass in order to be //! preemption threshold represents: it's the "bar" that a task priority must
//! able to preempt the current task / critical section. Note that a task with //! pass in order to be able to preempt the current task / critical section.
//! e.g. a priority of 3 (`P3`) effectively imposes a ceiling of 3 (`C3`) //! Note that a task with a priority of e.g. 3 (`P3`) effectively imposes a
//! because only other task with a priority of 4 or greater can preempt it. //! threshold of 3 (`C3`) because only a task with a priority of 4 or greater
//! can preempt it.
//! //!
//! # Peripherals as resources //! # Peripherals as resources
//! //!
@ -357,7 +359,7 @@
//! extern crate cortex_m_rtfm as rtfm; //! extern crate cortex_m_rtfm as rtfm;
//! extern crate stm32f30x; //! extern crate stm32f30x;
//! //!
//! use rtfm::{C0, C16, P0, Peripheral}; //! use rtfm::{P0, Peripheral, T0, TMax};
//! //!
//! peripherals!(stm32f30x, { //! peripherals!(stm32f30x, {
//! GPIOA: Peripheral { //! GPIOA: Peripheral {
@ -372,14 +374,14 @@
//! //!
//! tasks!(stm32f30x, {}); //! tasks!(stm32f30x, {});
//! //!
//! fn init(priority: P0, ceiling: &C16) { //! fn init(priority: P0, threshold: &TMax) {
//! let gpioa = GPIOA.access(&priority, &ceiling); //! let gpioa = GPIOA.access(&priority, threshold);
//! let rcc = RCC.access(&priority, &ceiling); //! let rcc = RCC.access(&priority, threshold);
//! //!
//! // .. //! // ..
//! } //! }
//! //!
//! fn idle(_priority: P0) -> ! { //! fn idle(_priority: P0, _threshold: T0) -> ! {
//! // Sleep //! // Sleep
//! loop { //! loop {
//! rtfm::wfi(); //! rtfm::wfi();
@ -491,10 +493,10 @@ pub struct Resource<T, C> {
data: UnsafeCell<T>, data: UnsafeCell<T>,
} }
impl<T, RC> Resource<T, C<RC>> impl<T, RC> Resource<T, Ceiling<RC>>
where where
RC: GreaterThanOrEqual<U0>, RC: GreaterThanOrEqual<U0>,
RC: LessThanOrEqual<UMAX>, RC: LessThanOrEqual<UMax>,
{ {
/// Creates a new resource /// Creates a new resource
pub const fn new(data: T) -> Self { pub const fn new(data: T) -> Self {
@ -505,7 +507,7 @@ where
} }
} }
impl<T, RC> Resource<T, C<RC>> { impl<T, RC> Resource<T, Ceiling<RC>> {
/// Grants data race free and deadlock free access to the resource data /// Grants data race free and deadlock free access to the resource data
/// ///
/// This operation is zero cost and doesn't impose any additional blocking. /// This operation is zero cost and doesn't impose any additional blocking.
@ -516,16 +518,16 @@ impl<T, RC> Resource<T, C<RC>> {
/// ///
/// - The resource ceiling must be greater than or equal to the task /// - The resource ceiling must be greater than or equal to the task
/// priority /// priority
/// - The system ceiling must be greater than or equal to the resource /// - The preemption threshold must be greater than or equal to the resource
/// ceiling /// ceiling
pub fn access<'cs, TP, SC>( pub fn access<'cs, TP, PT>(
&'static self, &'static self,
_priority: &P<TP>, _task_priority: &Priority<TP>,
_current_ceiling: &'cs C<SC>, _preemption_threshold: &'cs Threshold<PT>,
) -> Ref<'cs, T> ) -> Ref<'cs, T>
where where
RC: GreaterThanOrEqual<TP>, RC: GreaterThanOrEqual<TP>,
SC: GreaterThanOrEqual<RC>, PT: GreaterThanOrEqual<RC>,
{ {
unsafe { Ref::new(&*self.data.get()) } unsafe { Ref::new(&*self.data.get()) }
} }
@ -545,10 +547,10 @@ where
_ceiling: PhantomData<PC>, _ceiling: PhantomData<PC>,
} }
impl<P, CEILING> Peripheral<P, C<CEILING>> impl<P, PC> Peripheral<P, Ceiling<PC>>
where where
CEILING: GreaterThanOrEqual<U0>, PC: GreaterThanOrEqual<U0>,
CEILING: LessThanOrEqual<UMAX>, PC: LessThanOrEqual<UMax>,
{ {
#[doc(hidden)] #[doc(hidden)]
pub const unsafe fn _new(peripheral: cortex_m::peripheral::Peripheral<P>,) pub const unsafe fn _new(peripheral: cortex_m::peripheral::Peripheral<P>,)
@ -560,16 +562,16 @@ where
} }
} }
impl<Periph, RC> Peripheral<Periph, C<RC>> { impl<Periph, PC> Peripheral<Periph, Ceiling<PC>> {
/// See [Resource.access](./struct.Resource.html#method.access) /// See [Resource.access](./struct.Resource.html#method.access)
pub fn access<'cs, TP, SC>( pub fn access<'cs, TP, PT>(
&'static self, &'static self,
_priority: &P<TP>, _task_priority: &Priority<TP>,
_system_ceiling: &'cs C<SC>, _preemption_threshold: &'cs Threshold<PT>,
) -> Ref<'cs, Periph> ) -> Ref<'cs, Periph>
where where
RC: GreaterThanOrEqual<TP>, PC: GreaterThanOrEqual<TP>,
SC: GreaterThanOrEqual<RC>, PT: GreaterThanOrEqual<PC>,
{ {
unsafe { Ref::new(&*self.peripheral.get()) } unsafe { Ref::new(&*self.peripheral.get()) }
} }
@ -582,17 +584,17 @@ unsafe impl<T, C> Sync for Peripheral<T, C> {}
/// No task can preempt the execution of the closure /// No task can preempt the execution of the closure
pub fn atomic<R, F>(f: F) -> R pub fn atomic<R, F>(f: F) -> R
where where
F: FnOnce(&CMAX) -> R, F: FnOnce(&TMax) -> R,
{ {
let primask = ::cortex_m::register::primask::read(); let primask = ::cortex_m::register::primask::read();
::cortex_m::interrupt::disable(); ::cortex_m::interrupt::disable();
let r = f(&C { _marker: PhantomData }); let r = f(&Threshold { _marker: PhantomData });
// If the interrupts were active before our `disable` call, then re-enable // If the interrupts were active before our `disable` call, then re-enable
// them. Otherwise, keep them disabled // them. Otherwise, keep them disabled
if primask.is_active() { if primask.is_active() {
::cortex_m::interrupt::enable(); unsafe { ::cortex_m::interrupt::enable() }
} }
r r
@ -601,7 +603,7 @@ where
/// Disables a `task` /// Disables a `task`
/// ///
/// The task won't run even if the underlying interrupt is raised /// The task won't run even if the underlying interrupt is raised
pub fn disable<T, TP>(_task: fn(T, P<TP>, C<TP>)) pub fn disable<T, N>(_task: fn(T, Priority<N>, Threshold<N>))
where where
T: Context + Nr, T: Context + Nr,
{ {
@ -613,7 +615,7 @@ where
} }
/// Enables a `task` /// Enables a `task`
pub fn enable<T, TP>(_task: fn(T, P<TP>, C<TP>)) pub fn enable<T, N>(_task: fn(T, Priority<N>, Threshold<N>))
where where
T: Context + Nr, T: Context + Nr,
{ {
@ -644,7 +646,7 @@ pub fn logical2hw(logical: u8) -> u8 {
} }
/// Requests the execution of a `task` /// Requests the execution of a `task`
pub fn request<T, TP>(_task: fn(T, P<TP>, C<TP>)) pub fn request<T, N>(_task: fn(T, Priority<N>, Threshold<N>))
where where
T: Context + Nr, T: Context + Nr,
{ {
@ -671,31 +673,36 @@ where
} }
#[doc(hidden)] #[doc(hidden)]
pub fn _validate_priority<TP>(_: &P<TP>) pub fn _validate_priority<TP>(_: &Priority<TP>)
where where
TP: Cmp<U0, Output = Greater> + LessThanOrEqual<UMAX>, TP: Cmp<U0, Output = Greater> + LessThanOrEqual<UMax>,
{ {
} }
/// A type-level ceiling /// Resource ceiling
pub struct C<T> { pub struct Ceiling<N> {
_marker: PhantomData<N>,
}
/// Preemption threshold
pub struct Threshold<T> {
_marker: PhantomData<T>, _marker: PhantomData<T>,
} }
impl<SC> C<SC> { impl<PT> Threshold<PT> {
/// Raises the system ceiling to match the `resource` ceiling /// Raises the preemption threshold to match the `resource` ceiling
#[cfg(not(thumbv6m))] #[cfg(not(thumbv6m))]
pub fn raise<RC, RES, R, F>(&self, _resource: &'static RES, f: F) -> R pub fn raise<RC, RES, R, F>(&self, _resource: &'static RES, f: F) -> R
where where
RES: ResourceLike<Ceiling = RC>, RES: ResourceLike<Ceiling = RC>,
RC: Cmp<SC, Output = Greater> + Cmp<UMAX, Output = Less> + Unsigned, RC: Cmp<PT, Output = Greater> + Cmp<UMax, Output = Less> + Unsigned,
F: FnOnce(&C<RC>) -> R, F: FnOnce(&Threshold<RC>) -> R,
{ {
unsafe { unsafe {
let old_basepri = basepri::read(); let old_basepri = basepri::read();
basepri_max::write(logical2hw(RC::to_u8())); basepri_max::write(logical2hw(RC::to_u8()));
barrier!(); barrier!();
let ret = f(&C { _marker: PhantomData }); let ret = f(&Threshold { _marker: PhantomData });
barrier!(); barrier!();
basepri::write(old_basepri); basepri::write(old_basepri);
ret ret
@ -703,12 +710,12 @@ impl<SC> C<SC> {
} }
} }
/// A type-level priority /// Priority
pub struct P<T> { pub struct Priority<N> {
_marker: PhantomData<T>, _marker: PhantomData<N>,
} }
impl<T> P<T> impl<T> Priority<T>
where where
T: Unsigned, T: Unsigned,
{ {
@ -726,11 +733,11 @@ pub unsafe trait ResourceLike {
type Ceiling; type Ceiling;
} }
unsafe impl<P, RC> ResourceLike for Peripheral<P, C<RC>> { unsafe impl<P, PC> ResourceLike for Peripheral<P, Ceiling<PC>> {
type Ceiling = RC; type Ceiling = PC;
} }
unsafe impl<T, RC> ResourceLike for Resource<T, C<RC>> { unsafe impl<T, RC> ResourceLike for Resource<T, Ceiling<RC>> {
type Ceiling = RC; type Ceiling = RC;
} }
@ -798,18 +805,22 @@ macro_rules! peripherals {
/// The `$Interrupt` handlers are defined in the `$device` crate. /// The `$Interrupt` handlers are defined in the `$device` crate.
/// ///
/// Apart from defining the listed `$tasks`, the `init` and `idle` functions /// Apart from defining the listed `$tasks`, the `init` and `idle` functions
/// must be defined as well. `init` has signature `fn(P0, &C16)`, and `idle` has /// must be defined as well. `init` has signature `fn(P0, &TMax)`, and `idle`
/// signature `fn(P0) -> !`. /// has signature `fn(P0) -> !`.
/// ///
/// # Example /// # Example
/// ///
/// ``` ignore /// ``` ignore
/// #[feature(used)]
/// #[no_std]
///
/// extern crate cortex_m_rt;
/// #[macro_use] /// #[macro_use]
/// extern crate cortex_m_rtfm as rtfm; /// extern crate cortex_m_rtfm as rtfm;
/// // device crate generated using `svd2rust` /// // device crate generated using `svd2rust`
/// extern crate stm32f30x; /// extern crate stm32f30x;
/// ///
/// use rtfm::{C16, P0, P1, P2}; /// use rtfm::{P0, P1, P2, T0, T1, T2, TMax};
/// use stm32f30x::interrupt::{Exti0, Tim7}; /// use stm32f30x::interrupt::{Exti0, Tim7};
/// ///
/// tasks!(stm32f30x, { /// tasks!(stm32f30x, {
@ -825,11 +836,11 @@ macro_rules! peripherals {
/// }, /// },
/// }); /// });
/// ///
/// fn init(priority: P0, ceiling: C16) { /// fn init(priority: P0, threshold: &TMax) {
/// // .. /// // ..
/// } /// }
/// ///
/// fn idle(priority: P0) -> ! { /// fn idle(priority: P0, threshold: T0) -> ! {
/// // Sleep /// // Sleep
/// loop { /// loop {
/// rtfm::wfi(); /// rtfm::wfi();
@ -837,11 +848,11 @@ macro_rules! peripherals {
/// } /// }
/// ///
/// // NOTE signature must match the tasks! declaration /// // NOTE signature must match the tasks! declaration
/// fn periodic(task: Tim7, priority: P1) { /// fn periodic(task: Tim7, priority: P1, threshold: T1) {
/// // .. /// // ..
/// } /// }
/// ///
/// fn button(task: Exti0, priority: P2) { /// fn button(task: Exti0, priority: P2, threshold: T2) {
/// // .. /// // ..
/// } /// }
/// ``` /// ```
@ -855,22 +866,22 @@ macro_rules! tasks {
},)* },)*
}) => { }) => {
fn main() { fn main() {
$crate::atomic(|cmax| { $crate::atomic(|t_max| {
fn validate_signature(_: fn($crate::P0, &$crate::CMAX)) {} fn validate_signature(_: fn($crate::P0, &$crate::TMax)) {}
validate_signature(init); validate_signature(init);
let p0 = unsafe { ::core::mem::transmute::<_, P0>(()) }; let p0 = unsafe { ::core::mem::transmute::<_, P0>(()) };
init(p0, cmax); init(p0, t_max);
set_priorities(); set_priorities();
enable_tasks(); enable_tasks();
}); });
fn validate_signature(_: fn($crate::P0, $crate::C0) -> !) {} fn validate_signature(_: fn($crate::P0, $crate::T0) -> !) {}
validate_signature(idle); validate_signature(idle);
let p0 = unsafe { ::core::mem::transmute::<_, P0>(()) }; let p0 = unsafe { ::core::mem::transmute::<_, P0>(()) };
let c0 = unsafe { ::core::mem::transmute::<_, C0>(()) }; let t0 = unsafe { ::core::mem::transmute::<_, T0>(()) };
idle(p0, c0); idle(p0, t0);
fn set_priorities() { fn set_priorities() {
// NOTE(safe) this function runs in an interrupt free context // NOTE(safe) this function runs in an interrupt free context
@ -914,17 +925,17 @@ macro_rules! tasks {
) { ) {
fn validate_signature<N>( fn validate_signature<N>(
_: fn(::$device::interrupt::$Interrupt, _: fn(::$device::interrupt::$Interrupt,
$crate::P<N>, $crate::Priority<N>,
$crate::C<N>)) {} $crate::Threshold<N>)) {}
validate_signature(::$task); validate_signature(::$task);
let p = unsafe { let p = unsafe {
::core::mem::transmute::<_, $crate::$P>(()) ::core::mem::transmute::<_, $crate::$P>(())
}; };
let c = unsafe { let t = unsafe {
::core::mem::transmute(()) ::core::mem::transmute(())
}; };
$crate::_validate_priority(&p); $crate::_validate_priority(&p);
::$task(task, p, c) ::$task(task, p, t)
} }
$task $task

View file

@ -1,6 +1,6 @@
extern crate cortex_m_rtfm as rtfm; extern crate cortex_m_rtfm as rtfm;
use rtfm::{C1, C2, C3, C4, C5, P2, Resource}; use rtfm::{C1, C2, C3, C4, C5, P2, Resource, T2};
static R1: Resource<i32, C4> = Resource::new(0); static R1: Resource<i32, C4> = Resource::new(0);
static R2: Resource<i32, C3> = Resource::new(0); static R2: Resource<i32, C3> = Resource::new(0);
@ -9,27 +9,27 @@ static R4: Resource<i32, C5> = Resource::new(0);
static R5: Resource<i32, C1> = Resource::new(0); static R5: Resource<i32, C1> = Resource::new(0);
static R6: Resource<i32, C2> = Resource::new(0); static R6: Resource<i32, C2> = Resource::new(0);
fn j1(prio: P2, ceil: C2) { fn j1(prio: P2, thr: T2) {
ceil.raise( thr.raise(
&R1, |ceil| { &R1, |thr| {
// NOTE SC = System Ceiling, P = task Priority // NOTE PT = Preemption Threshold, TP = Task Priority
// CAN access a resource with ceiling RC when SC > RC // CAN access a resource with ceiling RC when PT > RC
let r2 = R2.access(&prio, ceil); let r2 = R2.access(&prio, thr);
// CAN access a resource with ceiling RC when SC == RC // CAN access a resource with ceiling RC when PT == RC
let r3 = R3.access(&prio, ceil); let r3 = R3.access(&prio, thr);
// CAN'T access a resource with ceiling RC when SC < RC // CAN'T access a resource with ceiling RC when PT < RC
let r4 = R4.access(&prio, ceil); let r4 = R4.access(&prio, thr);
//~^ error //~^ error
// CAN'T access a resource with ceiling RC when RC < P // CAN'T access a resource with ceiling RC when RC < TP
let r5 = R5.access(&prio, ceil); let r5 = R5.access(&prio, thr);
//~^ error //~^ error
// CAN access a resource with ceiling RC when RC == P // CAN access a resource with ceiling RC when RC == tP
let r6 = R6.access(&prio, ceil); let r6 = R6.access(&prio, thr);
} }
); );
} }

View file

@ -1,19 +1,19 @@
extern crate cortex_m_rtfm as rtfm; extern crate cortex_m_rtfm as rtfm;
use rtfm::{C2, C3, P0, P2, Resource}; use rtfm::{C2, C3, P0, P2, Resource, T2};
static R1: Resource<(), C3> = Resource::new(()); static R1: Resource<(), C3> = Resource::new(());
fn j1(prio: P2, ceil: C2) { fn j1(prio: P2, thr: T2) {
let c3 = ceil.raise( let t3 = thr.raise(
&R1, |ceil| { &R1, |thr| {
// forbidden: ceiling token can't outlive the critical section // forbidden: ceiling token can't outlive the critical section
ceil //~ error thr //~ error
} }
); );
// Would be bad: lockless access to a resource with ceiling = 3 // Would be bad: lockless access to a resource with ceiling = 3
let r2 = R1.access(&prio, c3); let r2 = R1.access(&prio, t3);
} }
fn j2(prio: P0) { fn j2(prio: P0) {

View file

@ -1,42 +1,36 @@
extern crate cortex_m_rtfm as rtfm; extern crate cortex_m_rtfm as rtfm;
use rtfm::{C16, C1, C2, C3, P1, P16, P2, P3, Resource}; use rtfm::{CMax, C2, P1, P2, P3, PMax, Resource, T1, T2, T3, TMax};
static R1: Resource<i32, C2> = Resource::new(0); static R1: Resource<i32, C2> = Resource::new(0);
// You CAN'T use `raise` to lower the system ceiling
fn j1(prio: P3, ceil: C3) {
ceil.raise(&R1, |ceil| {});
//~^ error
}
// You don't need to raise the ceiling to access a resource with ceiling equal // You don't need to raise the ceiling to access a resource with ceiling equal
// to the task priority. // to the task priority.
fn j2(prio: P2, ceil: C2) { fn j1(prio: P2, thr: T2) {
ceil.raise(&R1, |_| {}); thr.raise(&R1, |_| {});
//~^ error //~^ error
// OK // OK
let r1 = R1.access(&prio, &ceil); let r1 = R1.access(&prio, &thr);
} }
// You CAN access a resource with ceiling C from a task with priority P if C > P // You CAN access a resource with ceiling C from a task with priority P if C > P
// and you raise the ceiling first // if you raise the preemption threshold first
fn j3(prio: P1, ceil: C1) { fn j2(prio: P1, thr: T1) {
// OK // OK
ceil.raise(&R1, |ceil| { let r1 = R1.access(&prio, ceil); }) thr.raise(&R1, |thr| { let r1 = R1.access(&prio, thr); })
} }
static R2: Resource<i32, C16> = Resource::new(0); static R2: Resource<i32, CMax> = Resource::new(0);
// Tasks with priority less than P16 can't access a resource with ceiling C16 // Tasks with priority less than P16 can't access a resource with ceiling CMax
fn j4(prio: P1, ceil: C1) { fn j4(prio: P1, thr: T1) {
ceil.raise(&R2, |ceil| {}); thr.raise(&R2, |thr| {});
//~^ error //~^ error
} }
// Only tasks with priority P16 can access a resource with ceiling C16 // Only tasks with priority P16 can directly access a resource with ceiling CMax
fn j5(prio: P16, ceil: C16) { fn j5(prio: PMax, thr: TMax) {
// OK // OK
let r2 = R2.access(&prio, &ceil); let r2 = R2.access(&prio, &thr);
} }

View file

@ -5,7 +5,7 @@
#[macro_use] #[macro_use]
extern crate cortex_m_rtfm as rtfm; extern crate cortex_m_rtfm as rtfm;
use rtfm::{C16, P0, P1}; use rtfm::{P0, P1, T0, TMax};
use device::interrupt::Exti0; use device::interrupt::Exti0;
peripherals!(device, { peripherals!(device, {
@ -22,9 +22,9 @@ peripherals!(device, {
tasks!(device, {}); tasks!(device, {});
fn init(_: P0, _: &C16) {} fn init(_: P0, _: &TMax) {}
fn idle(_: P0) -> ! { fn idle(_: P0, _: T0) -> ! {
loop {} loop {}
} }

View file

@ -6,7 +6,7 @@
#[macro_use] #[macro_use]
extern crate cortex_m_rtfm as rtfm; extern crate cortex_m_rtfm as rtfm;
use rtfm::{C0, C16, P0, P1}; use rtfm::{P0, P1, T0, TMax};
use device::interrupt::Exti0; use device::interrupt::Exti0;
peripherals!(device, { peripherals!(device, {
@ -28,9 +28,9 @@ mod foo {
tasks!(device, {}); tasks!(device, {});
fn init(_: P0, _: &C16) {} fn init(_: P0, _: &TMax) {}
fn idle(_: P0, _: C0) -> ! { fn idle(_: P0, _: T0) -> ! {
loop {} loop {}
} }

View file

@ -1,13 +1,13 @@
extern crate cortex_m_rtfm as rtfm; extern crate cortex_m_rtfm as rtfm;
use rtfm::{C1, C2, C3, C4, P1, P3, Resource}; use rtfm::{C2, P1, P3, Resource, T1, T3};
static R1: Resource<i32, C2> = Resource::new(0); static R1: Resource<i32, C2> = Resource::new(0);
fn j1(prio: P1, ceil: C1) { fn j1(prio: P1, thr: T1) {
ceil.raise( thr.raise(
&R1, |ceil| { &R1, |thr| {
let r1 = R1.access(&prio, ceil); let r1 = R1.access(&prio, thr);
// `j2` preempts this critical section // `j2` preempts this critical section
rtfm::request(j2); rtfm::request(j2);
@ -15,12 +15,12 @@ fn j1(prio: P1, ceil: C1) {
); );
} }
fn j2(_task: Task, prio: P3, ceil: C3) { fn j2(_task: Task, prio: P3, thr: T3) {
rtfm::atomic( rtfm::atomic(
|ceil| { |thr| {
// OK C2 (R1's ceiling) <= C16 (system ceiling) // OK C2 (R1's ceiling) <= T16 (preemption threshold)
// BAD C2 (R1's ceiling) < P3 (j2's priority) // BAD C2 (R1's ceiling) < P3 (j2's priority)
let r1 = R1.access(&prio, &ceil); let r1 = R1.access(&prio, &thr);
//~^ error //~^ error
}, },
); );

View file

@ -1,14 +1,14 @@
extern crate cortex_m_rtfm as rtfm; extern crate cortex_m_rtfm as rtfm;
use rtfm::{C1, C2, C3, C4, P1, P3, Resource}; use rtfm::{C2, C4, P1, P3, Resource, T1, T3};
static R1: Resource<i32, C2> = Resource::new(0); static R1: Resource<i32, C2> = Resource::new(0);
static R2: Resource<i32, C4> = Resource::new(0); static R2: Resource<i32, C4> = Resource::new(0);
fn j1(prio: P1, ceil: C1) { fn j1(prio: P1, thr: T1) {
ceil.raise( thr.raise(
&R1, |ceil| { &R1, |thr| {
let r1 = R1.access(&prio, ceil); let r1 = R1.access(&prio, thr);
// `j2` preempts this critical section // `j2` preempts this critical section
rtfm::request(j2); rtfm::request(j2);
@ -16,12 +16,12 @@ fn j1(prio: P1, ceil: C1) {
); );
} }
fn j2(_task: Task, prio: P3, ceil: C3) { fn j2(_task: Task, prio: P3, thr: T3) {
ceil.raise( thr.raise(
&R2, |ceil| { &R2, |thr| {
// OK C2 (R1's ceiling) <= C4 (system ceiling) // OK C2 (R1's ceiling) <= T4 (preemption threshold)
// BAD C2 (R1's ceiling) < P3 (j2's priority) // BAD C2 (R1's ceiling) < P3 (j2's priority)
let r1 = R1.access(&prio, ceil); let r1 = R1.access(&prio, thr);
//~^ error //~^ error
} }
); );

24
tests/cfail/raise.rs Normal file
View file

@ -0,0 +1,24 @@
extern crate cortex_m_rtfm as rtfm;
use rtfm::{C2, CMax, P1, P3, Resource, T1, T3};
static R1: Resource<i32, C2> = Resource::new(0);
// You CAN'T use `raise` to lower the preemption level
fn j1(prio: P3, thr: T3) {
thr.raise(&R1, |thr| {});
//~^ error
}
static R2: Resource<i32, CMax> = Resource::new(0);
// You CAN'T `raise` the preemption level to the maximum
fn j2(prio: P1, thr: T1) {
thr.raise(&R2, |thr| {});
//~^ error
// Instead use `rtfm::atomic` to access a resource with ceiling C16
rtfm::atomic(|thr| {
let r2 = R2.access(&prio, thr);
});
}

View file

@ -5,7 +5,7 @@
#[macro_use] #[macro_use]
extern crate cortex_m_rtfm as rtfm; extern crate cortex_m_rtfm as rtfm;
use rtfm::{C0, C1, C16, P0, P1}; use rtfm::{P0, P1, T0, T1, TMax};
use device::interrupt::Exti0; use device::interrupt::Exti0;
// WRONG: Tasks can't have a priority of 0. // WRONG: Tasks can't have a priority of 0.
@ -18,13 +18,13 @@ tasks!(device, {
}, },
}); });
fn init(_: P0, _: &C16) {} fn init(_: P0, _: &TMax) {}
fn idle(_: P0, _: C0) -> ! { fn idle(_: P0, _: T0) -> ! {
loop {} loop {}
} }
fn j1(_task: Exti0, _prio: P1, _ceil: C1) {} fn j1(_task: Exti0, _prio: P1, _thr: T1) {}
// fake device crate // fake device crate
extern crate core; extern crate core;

View file

@ -5,7 +5,7 @@
#[macro_use] #[macro_use]
extern crate cortex_m_rtfm as rtfm; extern crate cortex_m_rtfm as rtfm;
use rtfm::{C0, C1, C16, C2, P0, P1, P2}; use rtfm::{P0, P1, P2, T0, T1, T2, TMax};
use device::interrupt::{Exti0, Exti1}; use device::interrupt::{Exti0, Exti1};
// WRONG: Two tasks mapped to the same interrupt handler // WRONG: Two tasks mapped to the same interrupt handler
@ -22,15 +22,15 @@ tasks!(device, {
}, },
}); });
fn init(_: P0, _: &C16) {} fn init(_: P0, _: &TMax) {}
fn idle(_: P0, _: C0) -> ! { fn idle(_: P0, _: T0) -> ! {
loop {} loop {}
} }
fn j1(_task: Exti0, _prio: P1, _ceil: C1) {} fn j1(_task: Exti0, _prio: P1, _thr: T1) {}
fn j2(_task: Exti0, _prio: P2, _ceil: C2) {} fn j2(_task: Exti0, _prio: P2, _thr: T2) {}
// fake device crate // fake device crate
extern crate core; extern crate core;

View file

@ -6,7 +6,7 @@
extern crate cortex_m_rtfm as rtfm; extern crate cortex_m_rtfm as rtfm;
use device::interrupt::Exti0; use device::interrupt::Exti0;
use rtfm::{C0, C1, C16, P0, P1}; use rtfm::{P0, P1, T0, T1, TMax};
tasks!(device, { tasks!(device, {
j1: Task { j1: Task {
@ -16,12 +16,12 @@ tasks!(device, {
}, },
}); });
fn init(_: P0, _: &C16) {} fn init(_: P0, _: &TMax) {}
// WRONG. `idle` must have signature `fn(P0, C0) -> !` // WRONG. `idle` must have signature `fn(P0, C0) -> !`
fn idle(_: P0, _: C0) {} fn idle(_: P0, _: T0) {}
fn j1(_task: Exti0, _prio: P1, _ceil: C1) {} fn j1(_task: Exti0, _prio: P1, _thr: T1) {}
// fake device crate // fake device crate
extern crate core; extern crate core;

View file

@ -5,7 +5,7 @@
#[macro_use] #[macro_use]
extern crate cortex_m_rtfm as rtfm; extern crate cortex_m_rtfm as rtfm;
use rtfm::{C0, C1, C16, P0, P1}; use rtfm::{P0, P1, T0, T1, TMax};
use device::interrupt::Exti0; use device::interrupt::Exti0;
tasks!(device, { tasks!(device, {
@ -16,14 +16,14 @@ tasks!(device, {
}, },
}); });
// WRONG. `init` must have signature `fn(P0, &C16)` // WRONG. `init` must have signature `fn(P0, &TMax)`
fn init(_: P0, _: &C1) {} fn init(_: P0, _: &T1) {}
fn idle(_: P0, _: C0) -> ! { fn idle(_: P0, _: T0) -> ! {
loop {} loop {}
} }
fn j1(_task: Exti0, _prio: P1, _ceil: C1) {} fn j1(_task: Exti0, _prio: P1, _thr: T1) {}
// fake device crate // fake device crate
extern crate core; extern crate core;

View file

@ -6,7 +6,7 @@
extern crate cortex_m_rtfm as rtfm; extern crate cortex_m_rtfm as rtfm;
use device::interrupt::Exti0; use device::interrupt::Exti0;
use rtfm::{C0, C1, C16, C2, P0, P1, P2}; use rtfm::{P0, P1, P2, T0, T1, T2, TMax};
tasks!(device, { tasks!(device, {
j1: Task { j1: Task {
@ -16,14 +16,14 @@ tasks!(device, {
}, },
}); });
fn init(_: P0, _: &C16) {} fn init(_: P0, _: &TMax) {}
fn idle(_: P0, _: C0) -> ! { fn idle(_: P0, _: T0) -> ! {
loop {} loop {}
} }
// Wrong priority token. Declared P1, got P2 // Wrong priority token. Declared P1, got P2
fn j1(_task: Exti0, _prio: P2, _ceil: C2) {} fn j1(_task: Exti0, _prio: P2, _thr: T2) {}
// fake device crate // fake device crate
extern crate core; extern crate core;

View file

@ -6,7 +6,7 @@
extern crate cortex_m_rtfm as rtfm; extern crate cortex_m_rtfm as rtfm;
use device::interrupt::{Exti0, Exti1}; use device::interrupt::{Exti0, Exti1};
use rtfm::{C0, C1, C16, P0, P1}; use rtfm::{P0, P1, T0, T1, TMax};
tasks!(device, { tasks!(device, {
j1: Task { j1: Task {
@ -16,14 +16,14 @@ tasks!(device, {
}, },
}); });
fn init(_: P0, _: &C16) {} fn init(_: P0, _: &TMax) {}
fn idle(_: P0, _: C0) -> ! { fn idle(_: P0, _: T0) -> ! {
loop {} loop {}
} }
// Wrong task token. Declared Exti0, got Exti1 // Wrong task token. Declared Exti0, got Exti1
fn j1(_task: Exti1, _prio: P1, _ceil: C1) {} fn j1(_task: Exti1, _prio: P1, _thr: T1) {}
// fake device crate // fake device crate
extern crate core; extern crate core;

View file

@ -5,7 +5,7 @@
#[macro_use] #[macro_use]
extern crate cortex_m_rtfm as rtfm; extern crate cortex_m_rtfm as rtfm;
use rtfm::{C0, C1, C16, C2, P0, P1}; use rtfm::{C2, P0, P1, T0, T2, TMax};
use device::interrupt::Exti0; use device::interrupt::Exti0;
tasks!(device, { tasks!(device, {
@ -16,14 +16,14 @@ tasks!(device, {
}, },
}); });
fn init(_: P0, _: &C16) {} fn init(_: P0, _: &TMax) {}
fn idle(_: P0, _: C0) -> ! { fn idle(_: P0, _: T0) -> ! {
loop {} loop {}
} }
// Wrong ceiling token. `prio` and `ceil` must match in levels // Wrong ceiling token. `prio` and `thr` must match in levels
fn j1(_task: Exti0, _prio: P1, _ceil: C2) {} fn j1(_task: Exti0, _prio: P1, _thr: T2) {}
// fake device crate // fake device crate
extern crate core; extern crate core;