Skip to content

Remove PhantomData<*const ()> from peripherals #458

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Remove PhantomData<*const ()> from peripherals #458

wants to merge 1 commit into from

Conversation

therealprof
Copy link
Contributor

Not sure which purpose they're supposed to serve but the do seem kind of
pointless.

Signed-off-by: Daniel Egger [email protected]

@therealprof therealprof requested a review from a team as a code owner July 28, 2020 00:45
@rust-highfive
Copy link

r? @reitermarkus

(rust_highfive has picked a reviewer for you, use r? to override)

@rust-highfive rust-highfive added S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-tools labels Jul 28, 2020
@therealprof
Remove PhantomData<*const ()> from peripherals
ca88f39 
Not sure which purpose they're supposed to serve but the do seem kind of
pointless.

Signed-off-by: Daniel Egger <[email protected]>
@therealprof therealprof added the nominated Issue nominated as discussion topic for the Embedded WG meeting label Jul 28, 2020
@hannobraun
Copy link
Member

I think the purpose is to opt out of Send and Sync. PhantomData<*const ()> should prevent the compiler from deriving them automatically.

@therealprof
Copy link
Contributor Author

I think the purpose is to opt out of Send and Sync. PhantomData<*const ()> should prevent the compiler from deriving them automatically.

We manually implement Send for those (which we conversely could also remove if this PR was acceptable). Since the peripherals are not actually structures in memory but MMIO and Sync doesn't have any effect on multi-core implementations in any way I can't see the downside of allowing them to beSync, too.

@adamgreig
Copy link
Member

If these were Sync, it would be possible to store a peripheral without a Mutex in a static mut, allowing racing access between threads of execution. Since the peripherals have a modify method which is not thread-safe, I don't think we can make them Sync.

In any event I'd be very wary of removing the PhantomData so long as

Not sure which purpose they're supposed to serve

@therealprof
Copy link
Contributor Author

If these were Sync, it would be possible to store a peripheral without a Mutex in a static mut, allowing racing access between threads of execution. Since the peripherals have a modify method which is not thread-safe, I don't think we can make them Sync.

  • If you can conjure peripherals out of thin air, the point of not allowing to store them in a static mut is moot
  • Manipulating static mut is per se unsafe
  • We don't have a notion of threads in embedded, do we?

CC rust-embedded/wg#419

@therealprof therealprof marked this pull request as draft July 28, 2020 10:05
@adamgreig
Copy link
Member

Manipulating static mut is per se unsafe

Actually, since the modify methods don't need &mut self, they could even be stored in a static, right?

We don't have a notion of threads in embedded, do we?

We do have threads of execution, namely ISRs and "thread mode" (on ARM), which can race each other and respect Send/Sync.

@therealprof
Copy link
Contributor Author

We do have threads of execution, namely ISRs and "thread mode" (on ARM),

Sure do.

respect Send/Sync.

Can they though? Since they're purely implemented in hardware and you can conjure peripheral access abstractions out of thin air or completely bypass them I'm not sure how Sync really applies here or can be properly enforced by the compiler. If we wanted to make that completely safe and sound (for single-core anyway) we'd have to prevent the ability to conjure peripherals, i.e. make them true singletons.

I do agree with you though that it doesn't make sense to change this just for the sake of changing it.

@therealprof therealprof removed the nominated Issue nominated as discussion topic for the Embedded WG meeting label Jul 28, 2020
@therealprof
Copy link
Contributor Author

Let's drop this then.

@therealprof therealprof deleted the this-aint-no-opera branch July 28, 2020 11:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@reitermarkus reitermarkus

Labels
S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. T-tools
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@therealprof @rust-highfive @hannobraun @adamgreig @reitermarkus