Removed unsafe from uarte

The constructors themselves are not strictly unsafe. Interactions with DMA can be generally unsafe if a future is dropped, but that's a separate issue. It is important that we use the `unsafe` keyword diligently as it can lead to confusion otherwise.
author: huntc <[email protected]> 2021-12-01 09:14:24 +1100
committer: huntc <[email protected]> 2021-12-01 09:14:24 +1100
commit: 469852c667cd7105d5eba7b197e1e2b5b9528d15 (patch)
tree: c3a7b3e1d294ae129b38d11127dd88229fa0ed6e
parent: e36e36dab6b19ae90c6f78b1cdd2233e295bd171 (diff)
4 files changed, 34 insertions, 43 deletions
diff --git a/embassy-nrf/src/buffered_uarte.rs b/embassy-nrf/src/buffered_uarte.rs
index 717ada78d..9763774de 100644
--- a/embassy-nrf/src/buffered_uarte.rs
+++ b/embassy-nrf/src/buffered_uarte.rs
@@ -65,8 +65,7 @@ pub struct BufferedUarte<'d, U: UarteInstance, T: TimerInstance> {
 impl<'d, U: UarteInstance, T: TimerInstance> Unpin for BufferedUarte<'d, U, T> {}
 impl<'d, U: UarteInstance, T: TimerInstance> BufferedUarte<'d, U, T> {
-    /// unsafe: may not leak self or futures
+    pub fn new(
-    pub unsafe fn new(
        state: &'d mut State<'d, U, T>,
        _uarte: impl Unborrow<Target = U> + 'd,
        timer: impl Unborrow<Target = T> + 'd,
@@ -160,20 +159,22 @@ impl<'d, U: UarteInstance, T: TimerInstance> BufferedUarte<'d, U, T> {
        ppi_ch2.enable();
        Self {
-            inner: PeripheralMutex::new_unchecked(irq, &mut state.0, move || StateInner {
+            inner: unsafe {
-                phantom: PhantomData,
+                PeripheralMutex::new_unchecked(irq, &mut state.0, move || StateInner {
-                timer,
+                    phantom: PhantomData,
-                _ppi_ch1: ppi_ch1,
+                    timer,
-                _ppi_ch2: ppi_ch2,
+                    _ppi_ch1: ppi_ch1,
+                    _ppi_ch2: ppi_ch2,
-                rx: RingBuffer::new(rx_buffer),
-                rx_state: RxState::Idle,
+                    rx: RingBuffer::new(rx_buffer),
-                rx_waker: WakerRegistration::new(),
+                    rx_state: RxState::Idle,
+                    rx_waker: WakerRegistration::new(),
-                tx: RingBuffer::new(tx_buffer),
-                tx_state: TxState::Idle,
+                    tx: RingBuffer::new(tx_buffer),
-                tx_waker: WakerRegistration::new(),
+                    tx_state: TxState::Idle,
-            }),
+                    tx_waker: WakerRegistration::new(),
+                })
+            },
        }
    }
diff --git a/embassy-nrf/src/uarte.rs b/embassy-nrf/src/uarte.rs
index 459bc8436..543f7fb73 100644
--- a/embassy-nrf/src/uarte.rs
+++ b/embassy-nrf/src/uarte.rs
@@ -48,14 +48,7 @@ pub struct Uarte<'d, T: Instance> {
 impl<'d, T: Instance> Uarte<'d, T> {
    /// Creates the interface to a UARTE instance.
    /// Sets the baud rate, parity and assigns the pins to the UARTE peripheral.
-    ///
+    pub fn new(
-    /// # Safety
-    ///
-    /// The returned API is safe unless you use `mem::forget` (or similar safe mechanisms)
-    /// on stack allocated buffers which which have been passed to [`send()`](Uarte::send)
-    /// or [`receive`](Uarte::receive).
-    #[allow(unused_unsafe)]
-    pub unsafe fn new(
        _uarte: impl Unborrow<Target = T> + 'd,
        irq: impl Unborrow<Target = T::Interrupt> + 'd,
        rxd: impl Unborrow<Target = impl GpioPin> + 'd,
diff --git a/examples/nrf/src/bin/buffered_uart.rs b/examples/nrf/src/bin/buffered_uart.rs
index 90d288780..5d9075edf 100644
--- a/examples/nrf/src/bin/buffered_uart.rs
+++ b/examples/nrf/src/bin/buffered_uart.rs
@@ -24,23 +24,21 @@ async fn main(_spawner: Spawner, p: Peripherals) {
    let irq = interrupt::take!(UARTE0_UART0);
    let mut state = State::new();
-    let u = unsafe {
+    let u = BufferedUarte::new(
-        BufferedUarte::new(
+        &mut state,
-            &mut state,
+        p.UARTE0,
-            p.UARTE0,
+        p.TIMER0,
-            p.TIMER0,
+        p.PPI_CH0,
-            p.PPI_CH0,
+        p.PPI_CH1,
-            p.PPI_CH1,
+        irq,
-            irq,
+        p.P0_08,
-            p.P0_08,
+        p.P0_06,
-            p.P0_06,
+        NoPin,
-            NoPin,
+        NoPin,
-            NoPin,
+        config,
-            config,
+        &mut rx_buffer,
-            &mut rx_buffer,
+        &mut tx_buffer,
-            &mut tx_buffer,
+    );
-        )
-    };
    pin_mut!(u);
    info!("uarte initialized!");
diff --git a/examples/nrf/src/bin/uart.rs b/examples/nrf/src/bin/uart.rs
index 6b89e083d..208961c8b 100644
--- a/examples/nrf/src/bin/uart.rs
+++ b/examples/nrf/src/bin/uart.rs
@@ -18,8 +18,7 @@ async fn main(_spawner: Spawner, p: Peripherals) {
    config.baudrate = uarte::Baudrate::BAUD115200;
    let irq = interrupt::take!(UARTE0_UART0);
-    let mut uart =
+    let mut uart = uarte::Uarte::new(p.UARTE0, irq, p.P0_08, p.P0_06, NoPin, NoPin, config);
-        unsafe { uarte::Uarte::new(p.UARTE0, irq, p.P0_08, p.P0_06, NoPin, NoPin, config) };
    info!("uarte initialized!");
author	huntc <[email protected]>	2021-12-01 09:14:24 +1100
committer	huntc <[email protected]>	2021-12-01 09:14:24 +1100
commit	469852c667cd7105d5eba7b197e1e2b5b9528d15 (patch)
tree	c3a7b3e1d294ae129b38d11127dd88229fa0ed6e
parent	e36e36dab6b19ae90c6f78b1cdd2233e295bd171 (diff)

diff --git a/embassy-nrf/src/buffered_uarte.rs b/embassy-nrf/src/buffered_uarte.rs index 717ada78d..9763774de 100644 --- a/embassy-nrf/src/buffered_uarte.rs +++ b/embassy-nrf/src/buffered_uarte.rs
@@ -65,8 +65,7 @@ pub struct BufferedUarte<'d, U: UarteInstance, T: TimerInstance> {
65	impl<'d, U: UarteInstance, T: TimerInstance> Unpin for BufferedUarte<'d, U, T> {}	65	impl<'d, U: UarteInstance, T: TimerInstance> Unpin for BufferedUarte<'d, U, T> {}
66		66
67	impl<'d, U: UarteInstance, T: TimerInstance> BufferedUarte<'d, U, T> {	67	impl<'d, U: UarteInstance, T: TimerInstance> BufferedUarte<'d, U, T> {
68	/// unsafe: may not leak self or futures	68	pub fn new(
69	pub unsafe fn new(
70	state: &'d mut State<'d, U, T>,	69	state: &'d mut State<'d, U, T>,
71	_uarte: impl Unborrow<Target = U> + 'd,	70	_uarte: impl Unborrow<Target = U> + 'd,
72	timer: impl Unborrow<Target = T> + 'd,	71	timer: impl Unborrow<Target = T> + 'd,
@@ -160,20 +159,22 @@ impl<'d, U: UarteInstance, T: TimerInstance> BufferedUarte<'d, U, T> {
160	ppi_ch2.enable();	159	ppi_ch2.enable();
161		160
162	Self {	161	Self {
163	inner: PeripheralMutex::new_unchecked(irq, &mut state.0, move \|\| StateInner {	162	inner: unsafe {
164	phantom: PhantomData,	163	PeripheralMutex::new_unchecked(irq, &mut state.0, move \|\| StateInner {
165	timer,	164	phantom: PhantomData,
166	_ppi_ch1: ppi_ch1,	165	timer,
167	_ppi_ch2: ppi_ch2,	166	_ppi_ch1: ppi_ch1,
168		167	_ppi_ch2: ppi_ch2,
169	rx: RingBuffer::new(rx_buffer),	168
170	rx_state: RxState::Idle,	169	rx: RingBuffer::new(rx_buffer),
171	rx_waker: WakerRegistration::new(),	170	rx_state: RxState::Idle,
172		171	rx_waker: WakerRegistration::new(),
173	tx: RingBuffer::new(tx_buffer),	172
174	tx_state: TxState::Idle,	173	tx: RingBuffer::new(tx_buffer),
175	tx_waker: WakerRegistration::new(),	174	tx_state: TxState::Idle,
176	}),	175	tx_waker: WakerRegistration::new(),
		176	})
		177	},
177	}	178	}
178	}	179	}
179		180


diff --git a/embassy-nrf/src/uarte.rs b/embassy-nrf/src/uarte.rs index 459bc8436..543f7fb73 100644 --- a/embassy-nrf/src/uarte.rs +++ b/embassy-nrf/src/uarte.rs
@@ -48,14 +48,7 @@ pub struct Uarte<'d, T: Instance> {
48	impl<'d, T: Instance> Uarte<'d, T> {	48	impl<'d, T: Instance> Uarte<'d, T> {
49	/// Creates the interface to a UARTE instance.	49	/// Creates the interface to a UARTE instance.
50	/// Sets the baud rate, parity and assigns the pins to the UARTE peripheral.	50	/// Sets the baud rate, parity and assigns the pins to the UARTE peripheral.
51	///	51	pub fn new(
52	/// # Safety
53	///
54	/// The returned API is safe unless you use `mem::forget` (or similar safe mechanisms)
55	/// on stack allocated buffers which which have been passed to [`send()`](Uarte::send)
56	/// or [`receive`](Uarte::receive).
57	#[allow(unused_unsafe)]
58	pub unsafe fn new(
59	_uarte: impl Unborrow<Target = T> + 'd,	52	_uarte: impl Unborrow<Target = T> + 'd,
60	irq: impl Unborrow<Target = T::Interrupt> + 'd,	53	irq: impl Unborrow<Target = T::Interrupt> + 'd,
61	rxd: impl Unborrow<Target = impl GpioPin> + 'd,	54	rxd: impl Unborrow<Target = impl GpioPin> + 'd,


diff --git a/examples/nrf/src/bin/buffered_uart.rs b/examples/nrf/src/bin/buffered_uart.rs index 90d288780..5d9075edf 100644 --- a/examples/nrf/src/bin/buffered_uart.rs +++ b/examples/nrf/src/bin/buffered_uart.rs
@@ -24,23 +24,21 @@ async fn main(_spawner: Spawner, p: Peripherals) {
24		24
25	let irq = interrupt::take!(UARTE0_UART0);	25	let irq = interrupt::take!(UARTE0_UART0);
26	let mut state = State::new();	26	let mut state = State::new();
27	let u = unsafe {	27	let u = BufferedUarte::new(
28	BufferedUarte::new(	28	&mut state,
29	&mut state,	29	p.UARTE0,
30	p.UARTE0,	30	p.TIMER0,
31	p.TIMER0,	31	p.PPI_CH0,
32	p.PPI_CH0,	32	p.PPI_CH1,
33	p.PPI_CH1,	33	irq,
34	irq,	34	p.P0_08,
35	p.P0_08,	35	p.P0_06,
36	p.P0_06,	36	NoPin,
37	NoPin,	37	NoPin,
38	NoPin,	38	config,
39	config,	39	&mut rx_buffer,
40	&mut rx_buffer,	40	&mut tx_buffer,
41	&mut tx_buffer,	41	);
42	)
43	};
44	pin_mut!(u);	42	pin_mut!(u);
45		43
46	info!("uarte initialized!");	44	info!("uarte initialized!");


diff --git a/examples/nrf/src/bin/uart.rs b/examples/nrf/src/bin/uart.rs index 6b89e083d..208961c8b 100644 --- a/examples/nrf/src/bin/uart.rs +++ b/examples/nrf/src/bin/uart.rs
@@ -18,8 +18,7 @@ async fn main(_spawner: Spawner, p: Peripherals) {
18	config.baudrate = uarte::Baudrate::BAUD115200;	18	config.baudrate = uarte::Baudrate::BAUD115200;
19		19
20	let irq = interrupt::take!(UARTE0_UART0);	20	let irq = interrupt::take!(UARTE0_UART0);
21	let mut uart =	21	let mut uart = uarte::Uarte::new(p.UARTE0, irq, p.P0_08, p.P0_06, NoPin, NoPin, config);
22	unsafe { uarte::Uarte::new(p.UARTE0, irq, p.P0_08, p.P0_06, NoPin, NoPin, config) };
23		22
24	info!("uarte initialized!");	23	info!("uarte initialized!");
25		24