fix(embassy-init): move out peripherals required for drivers earlier #337
Conversation
| @@ -34,14 +36,10 @@ async fn wifi_cyw43_task(runner: Runner<'static, Output<'static>, CywSpi>) -> ! | |||
| runner.run().await | |||
| } | |||
|
|
|||
| pub async fn device<'a, 'b: 'a>( | |||
| mut p: &'a mut OptionalPeripherals, | |||
| pub async fn init<'a>( | |||
There was a problem hiding this comment.
I renamed this function for consistency with other driver modules; this is not a breaking change as this module is private.
ROMemories
force-pushed
the
fix/extract-driver-peripherals-earlier-in-init
branch
2 times, most recently
from
69c482f
to
22a7c9e
Compare
Previously, it would have been possible for user tasks to take peripherals out of `OptionalPeripherals` *before* the required peripherals had been extracted for drivers. This now takes the peripherals before starting the user tasks, making this scenario impossible.
ROMemories
force-pushed
the
fix/extract-driver-peripherals-earlier-in-init
branch
from
22a7c9e
to
d2cbe4e
Compare
|
Marking as draft as this requires a separate PR to improve the macro error message, that would need to be landed first. |
| @@ -143,13 +143,23 @@ fn init() { | |||
|
|
|||
| #[embassy_executor::task] | |||
| async fn init_task(mut peripherals: arch::OptionalPeripherals) { | |||
| use crate::define_peripherals::TakePeripherals; | |||
There was a problem hiding this comment.
Style: move imports to top of file.
There was a problem hiding this comment.
I'd rather keep this import closer to its usage locations, given that its usage is non-obvious.
| @@ -34,7 +32,9 @@ impl<'a> Driver<'a> for UsbDriver { | |||
| } | |||
| } | |||
|
|
|||
| pub fn driver(_peripherals: &mut arch::OptionalPeripherals) -> UsbDriver { | |||
| crate::define_peripherals!(Peripherals {}); | |||
There was a problem hiding this comment.
This definition is what triggers the different macro error message. As the error message is clearer this way, this doesn't seem like an issue.
|
Unmarking as draft as the different error message is only due to defining |
|
I'm not sure I agree with this direction.
|
I'm not sure I understand your comment; this only changes part of the driver initialization, fixing bugs in case users enabled specific drivers through Cargo features (e.g., RIOT-rs/src/riot-rs-embassy/src/arch/nrf/usb.rs Lines 26 to 27 in e44eaca By moving out peripherals earlier, before user tasks, this prevents this panic in drivers; instead the users'
This is only driver initialization; the |
Hmya, the user code would then most likely panic in its This practically moves back taking / splitting of the peripherals back into a central function, but in a way that "users" cannot replicate, b/c they're bound to tasks that only get the full We're basically chickening out of handling our |
What I think might be preferable would be a way to track where peripherals were taken (e.g., modify "take()" to |
we could also have two task lists, one for those that need to hook into the regular init, and one "default" that is only started after all regular init has taken place. |
These early peripherals extractions are feature-gated the same way the associated drivers are. When users enable driver Cargo features, this implies asking us to handle the required peripherals; so if users also try to obtain the peripherals required for that driver, it's a bug in users' code. Users still have full access to all peripherals, unless they enable driver Cargo features. |
Description
Previously, it would have been possible for user tasks to take peripherals out of
OptionalPeripheralsbefore the required peripherals had been extracted for drivers.This now takes the peripherals before starting the user tasks, making this impossible for tasks.
Issues/PRs references
N/A
Open Questions
None.
Change checklist