NaxdyOrg/embassy
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #3131 from dflemstr/less-implicit-panics

Browse source 
Less implicit panics
This commit is contained in:
Dario Nieuwenhuis 2024-06-28 23:41:02 +00:00 committed by GitHub
commit bd0243d12f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
18 changed files with 69 additions and 43 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
embassy-boot-nrf/src/lib.rs
View file

@ -20,7 +20,13 @@ impl<const BUFFER_SIZE: usize> BootLoader<BUFFER_SIZE> {
pub fn prepare<ACTIVE: NorFlash, DFU: NorFlash, STATE: NorFlash>(
config: BootLoaderConfig<ACTIVE, DFU, STATE>,
) -> Self {
Self::try_prepare::<ACTIVE, DFU, STATE>(config).expect("Boot prepare error")
if let Ok(loader) = Self::try_prepare::<ACTIVE, DFU, STATE>(config) {
loader
} else {
// Use explicit panic instead of .expect() to ensure this gets routed via defmt/etc.
// properly
panic!("Boot prepare error")
}
}
/// Inspect the bootloader state and perform actions required before booting, such as swapping firmware

8
embassy-boot-rp/src/lib.rs
View file

@ -21,7 +21,13 @@ impl<const BUFFER_SIZE: usize> BootLoader<BUFFER_SIZE> {
pub fn prepare<ACTIVE: NorFlash, DFU: NorFlash, STATE: NorFlash>(
config: BootLoaderConfig<ACTIVE, DFU, STATE>,
) -> Self {
Self::try_prepare::<ACTIVE, DFU, STATE>(config).expect("Boot prepare error")
if let Ok(loader) = Self::try_prepare::<ACTIVE, DFU, STATE>(config) {
loader
} else {
// Use explicit panic instead of .expect() to ensure this gets routed via defmt/etc.
// properly
panic!("Boot prepare error")
}
}
/// Inspect the bootloader state and perform actions required before booting, such as swapping firmware

8
embassy-boot-stm32/src/lib.rs
View file

@ -20,7 +20,13 @@ impl BootLoader {
pub fn prepare<ACTIVE: NorFlash, DFU: NorFlash, STATE: NorFlash, const BUFFER_SIZE: usize>(
config: BootLoaderConfig<ACTIVE, DFU, STATE>,
) -> Self {
Self::try_prepare::<ACTIVE, DFU, STATE, BUFFER_SIZE>(config).expect("Boot prepare error")
if let Ok(loader) = Self::try_prepare::<ACTIVE, DFU, STATE, BUFFER_SIZE>(config) {
loader
} else {
// Use explicit panic instead of .expect() to ensure this gets routed via defmt/etc.
// properly
panic!("Boot prepare error")
}
}
/// Inspect the bootloader state and perform actions required before booting, such as swapping firmware

2
embassy-boot/src/test_flash/asynch.rs
View file

@ -43,7 +43,7 @@ where
}
fn create_partition<T: NorFlash>(mutex: &Mutex<NoopRawMutex, T>) -> Partition<NoopRawMutex, T> {
Partition::new(mutex, 0, mutex.try_lock().unwrap().capacity() as u32)
Partition::new(mutex, 0, unwrap!(mutex.try_lock()).capacity() as u32)
}
}

20
embassy-stm32/src/can/bxcan/registers.rs
View file

@ -299,9 +299,9 @@ impl Registers {
mb.tdtr().write(|w| w.set_dlc(frame.header().len() as u8));
mb.tdlr()
.write(|w| w.0 = u32::from_ne_bytes(frame.data()[0..4].try_into().unwrap()));
.write(|w| w.0 = u32::from_ne_bytes(unwrap!(frame.data()[0..4].try_into())));
mb.tdhr()
.write(|w| w.0 = u32::from_ne_bytes(frame.data()[4..8].try_into().unwrap()));
.write(|w| w.0 = u32::from_ne_bytes(unwrap!(frame.data()[4..8].try_into())));
let id: IdReg = frame.id().into();
mb.tir().write(|w| {
w.0 = id.0;
@ -321,7 +321,7 @@ impl Registers {
data[4..8].copy_from_slice(&mb.tdhr().read().0.to_ne_bytes());
let len = mb.tdtr().read().dlc();
Some(Frame::new(Header::new(id.id(), len, id.rtr()), &data).unwrap())
Some(unwrap!(Frame::new(Header::new(id.id(), len, id.rtr()), &data)))
} else {
// Abort request failed because the frame was already sent (or being sent) on
// the bus. All mailboxes are now free. This can happen for small prescaler
@ -404,12 +404,12 @@ impl Registers {
let rir = fifo.rir().read();
let id: embedded_can::Id = if rir.ide() == Ide::STANDARD {
embedded_can::StandardId::new(rir.stid()).unwrap().into()
unwrap!(embedded_can::StandardId::new(rir.stid())).into()
} else {
let stid = (rir.stid() & 0x7FF) as u32;
let exid = rir.exid() & 0x3FFFF;
let id = (stid << 18) | (exid);
embedded_can::ExtendedId::new(id).unwrap().into()
unwrap!(embedded_can::ExtendedId::new(id)).into()
};
let rdtr = fifo.rdtr().read();
let data_len = rdtr.dlc();
@ -422,7 +422,7 @@ impl Registers {
data[0..4].copy_from_slice(&fifo.rdlr().read().0.to_ne_bytes());
data[4..8].copy_from_slice(&fifo.rdhr().read().0.to_ne_bytes());
let frame = Frame::new(Header::new(id, data_len, rtr), &data).unwrap();
let frame = unwrap!(Frame::new(Header::new(id, data_len, rtr), &data));
let envelope = Envelope { ts, frame };
rfr.modify(|v| v.set_rfom(true));
@ -484,13 +484,9 @@ impl IdReg {
/// Returns the identifier.
fn id(self) -> embedded_can::Id {
if self.is_extended() {
embedded_can::ExtendedId::new(self.0 >> Self::EXTENDED_SHIFT)
.unwrap()
.into()
unwrap!(embedded_can::ExtendedId::new(self.0 >> Self::EXTENDED_SHIFT)).into()
} else {
embedded_can::StandardId::new((self.0 >> Self::STANDARD_SHIFT) as u16)
.unwrap()
.into()
unwrap!(embedded_can::StandardId::new((self.0 >> Self::STANDARD_SHIFT) as u16)).into()
}
}

2
embassy-stm32/src/flash/asynch.rs
View file

@ -117,7 +117,7 @@ pub(super) async unsafe fn write_chunked(base: u32, size: u32, offset: u32, byte
family::lock();
});
family::write(address, chunk.try_into().unwrap()).await?;
family::write(address, unwrap!(chunk.try_into())).await?;
address += WRITE_SIZE as u32;
}
Ok(())

2
embassy-stm32/src/flash/common.rs
View file

@ -125,7 +125,7 @@ pub(super) unsafe fn write_chunk_unlocked(address: u32, chunk: &[u8]) -> Result<
family::lock();
});
family::blocking_write(address, chunk.try_into().unwrap())
family::blocking_write(address, unwrap!(chunk.try_into()))
}
pub(super) unsafe fn write_chunk_with_critical_section(address: u32, chunk: &[u8]) -> Result<(), Error> {

2
embassy-stm32/src/flash/f0.rs
View file

@ -37,7 +37,7 @@ pub(crate) unsafe fn disable_blocking_write() {
pub(crate) unsafe fn blocking_write(start_address: u32, buf: &[u8; WRITE_SIZE]) -> Result<(), Error> {
let mut address = start_address;
for chunk in buf.chunks(2) {
write_volatile(address as *mut u16, u16::from_le_bytes(chunk.try_into().unwrap()));
write_volatile(address as *mut u16, u16::from_le_bytes(unwrap!(chunk.try_into())));
address += chunk.len() as u32;
// prevents parallelism errors

2
embassy-stm32/src/flash/f1f3.rs
View file

@ -37,7 +37,7 @@ pub(crate) unsafe fn disable_blocking_write() {
pub(crate) unsafe fn blocking_write(start_address: u32, buf: &[u8; WRITE_SIZE]) -> Result<(), Error> {
let mut address = start_address;
for chunk in buf.chunks(2) {
write_volatile(address as *mut u16, u16::from_le_bytes(chunk.try_into().unwrap()));
write_volatile(address as *mut u16, u16::from_le_bytes(unwrap!(chunk.try_into())));
address += chunk.len() as u32;
// prevents parallelism errors

8
embassy-stm32/src/flash/f4.rs
View file

@ -277,7 +277,7 @@ pub(crate) unsafe fn blocking_write(start_address: u32, buf: &[u8; WRITE_SIZE])
unsafe fn write_start(start_address: u32, buf: &[u8; WRITE_SIZE]) {
let mut address = start_address;
for val in buf.chunks(4) {
write_volatile(address as *mut u32, u32::from_le_bytes(val.try_into().unwrap()));
write_volatile(address as *mut u32, u32::from_le_bytes(unwrap!(val.try_into())));
address += val.len() as u32;
// prevents parallelism errors
@ -379,7 +379,7 @@ fn get_result(sr: Sr) -> Result<(), Error> {
}
fn save_data_cache_state() {
let dual_bank = get_flash_regions().last().unwrap().bank == FlashBank::Bank2;
let dual_bank = unwrap!(get_flash_regions().last()).bank == FlashBank::Bank2;
if dual_bank {
// Disable data cache during write/erase if there are two banks, see errata 2.2.12
let dcen = pac::FLASH.acr().read().dcen();
@ -391,7 +391,7 @@ fn save_data_cache_state() {
}
fn restore_data_cache_state() {
let dual_bank = get_flash_regions().last().unwrap().bank == FlashBank::Bank2;
let dual_bank = unwrap!(get_flash_regions().last()).bank == FlashBank::Bank2;
if dual_bank {
// Restore data cache if it was enabled
let dcen = DATA_CACHE_WAS_ENABLED.load(Ordering::Relaxed);
@ -410,7 +410,7 @@ pub(crate) fn assert_not_corrupted_read(end_address: u32) {
#[allow(unused)]
let second_bank_read =
get_flash_regions().last().unwrap().bank == FlashBank::Bank2 && end_address > (FLASH_SIZE / 2) as u32;
unwrap!(get_flash_regions().last()).bank == FlashBank::Bank2 && end_address > (FLASH_SIZE / 2) as u32;
#[cfg(any(
feature = "stm32f427ai",

2
embassy-stm32/src/flash/f7.rs
View file

@ -40,7 +40,7 @@ pub(crate) unsafe fn disable_blocking_write() {
pub(crate) unsafe fn blocking_write(start_address: u32, buf: &[u8; WRITE_SIZE]) -> Result<(), Error> {
let mut address = start_address;
for val in buf.chunks(4) {
write_volatile(address as *mut u32, u32::from_le_bytes(val.try_into().unwrap()));
write_volatile(address as *mut u32, u32::from_le_bytes(unwrap!(val.try_into())));
address += val.len() as u32;
// prevents parallelism errors

2
embassy-stm32/src/flash/g.rs
View file

@ -41,7 +41,7 @@ pub(crate) unsafe fn disable_blocking_write() {
pub(crate) unsafe fn blocking_write(start_address: u32, buf: &[u8; WRITE_SIZE]) -> Result<(), Error> {
let mut address = start_address;
for val in buf.chunks(4) {
write_volatile(address as *mut u32, u32::from_le_bytes(val.try_into().unwrap()));
write_volatile(address as *mut u32, u32::from_le_bytes(unwrap!(val.try_into())));
address += val.len() as u32;
// prevents parallelism errors

2
embassy-stm32/src/flash/h50.rs
View file

@ -44,7 +44,7 @@ pub(crate) unsafe fn disable_blocking_write() {
pub(crate) unsafe fn blocking_write(start_address: u32, buf: &[u8; WRITE_SIZE]) -> Result<(), Error> {
let mut address = start_address;
for val in buf.chunks(4) {
write_volatile(address as *mut u32, u32::from_le_bytes(val.try_into().unwrap()));
write_volatile(address as *mut u32, u32::from_le_bytes(unwrap!(val.try_into())));
address += val.len() as u32;
// prevents parallelism errors

6
embassy-stm32/src/flash/h7.rs
View file

@ -62,7 +62,7 @@ pub(crate) unsafe fn blocking_write(start_address: u32, buf: &[u8; WRITE_SIZE])
let mut res = None;
let mut address = start_address;
for val in buf.chunks(4) {
write_volatile(address as *mut u32, u32::from_le_bytes(val.try_into().unwrap()));
write_volatile(address as *mut u32, u32::from_le_bytes(unwrap!(val.try_into())));
address += val.len() as u32;
res = Some(blocking_wait_ready(bank));
@ -71,7 +71,7 @@ pub(crate) unsafe fn blocking_write(start_address: u32, buf: &[u8; WRITE_SIZE])
w.set_eop(true);
}
});
if res.unwrap().is_err() {
if unwrap!(res).is_err() {
break;
}
}
@ -82,7 +82,7 @@ pub(crate) unsafe fn blocking_write(start_address: u32, buf: &[u8; WRITE_SIZE])
bank.cr().write(|w| w.set_pg(false));
res.unwrap()
unwrap!(res)
}
pub(crate) unsafe fn blocking_erase_sector(sector: &FlashSector) -> Result<(), Error> {

2
embassy-stm32/src/flash/l.rs
View file

@ -63,7 +63,7 @@ pub(crate) unsafe fn disable_blocking_write() {
pub(crate) unsafe fn blocking_write(start_address: u32, buf: &[u8; WRITE_SIZE]) -> Result<(), Error> {
let mut address = start_address;
for val in buf.chunks(4) {
write_volatile(address as *mut u32, u32::from_le_bytes(val.try_into().unwrap()));
write_volatile(address as *mut u32, u32::from_le_bytes(unwrap!(val.try_into())));
address += val.len() as u32;
// prevents parallelism errors

2
embassy-stm32/src/flash/u0.rs
View file

@ -41,7 +41,7 @@ pub(crate) unsafe fn disable_blocking_write() {
pub(crate) unsafe fn blocking_write(start_address: u32, buf: &[u8; WRITE_SIZE]) -> Result<(), Error> {
let mut address = start_address;
for val in buf.chunks(4) {
write_volatile(address as *mut u32, u32::from_le_bytes(val.try_into().unwrap()));
write_volatile(address as *mut u32, u32::from_le_bytes(unwrap!(val.try_into())));
address += val.len() as u32;
// prevents parallelism errors

2
embassy-stm32/src/flash/u5.rs
View file

@ -56,7 +56,7 @@ pub(crate) unsafe fn disable_blocking_write() {
pub(crate) unsafe fn blocking_write(start_address: u32, buf: &[u8; WRITE_SIZE]) -> Result<(), Error> {
let mut address = start_address;
for val in buf.chunks(4) {
write_volatile(address as *mut u32, u32::from_le_bytes(val.try_into().unwrap()));
write_volatile(address as *mut u32, u32::from_le_bytes(unwrap!(val.try_into())));
address += val.len() as u32;
// prevents parallelism errors

32
embassy-stm32/src/rcc/mod.rs
View file

@ -138,11 +138,17 @@ impl RccInfo {
pub(crate) fn enable_and_reset_with_cs(&self, _cs: CriticalSection) {
if self.refcount_idx_or_0xff != 0xff {
let refcount_idx = self.refcount_idx_or_0xff as usize;
unsafe {
crate::_generated::REFCOUNTS[refcount_idx] += 1;
}
if unsafe { crate::_generated::REFCOUNTS[refcount_idx] } > 1 {
return;
// Use .get_mut instead of []-operator so that we control how bounds checks happen.
// Otherwise, core::fmt will be pulled in here in order to format the integer in the
// out-of-bounds error.
if let Some(refcount) = unsafe { crate::_generated::REFCOUNTS.get_mut(refcount_idx) } {
*refcount += 1;
if *refcount > 1 {
return;
}
} else {
panic!("refcount_idx out of bounds: {}", refcount_idx)
}
}
@ -196,11 +202,17 @@ impl RccInfo {
pub(crate) fn disable_with_cs(&self, _cs: CriticalSection) {
if self.refcount_idx_or_0xff != 0xff {
let refcount_idx = self.refcount_idx_or_0xff as usize;
unsafe {
crate::_generated::REFCOUNTS[refcount_idx] -= 1;
}
if unsafe { crate::_generated::REFCOUNTS[refcount_idx] } > 0 {
return;
// Use .get_mut instead of []-operator so that we control how bounds checks happen.
// Otherwise, core::fmt will be pulled in here in order to format the integer in the
// out-of-bounds error.
if let Some(refcount) = unsafe { crate::_generated::REFCOUNTS.get_mut(refcount_idx) } {
*refcount -= 1;
if *refcount > 0 {
return;
}
} else {
panic!("refcount_idx out of bounds: {}", refcount_idx)
}
}