Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Survey: 2019 wishlist #256

Closed
japaric opened this issue Nov 13, 2018 · 84 comments
Closed

Survey: 2019 wishlist #256

japaric opened this issue Nov 13, 2018 · 84 comments

Comments

@japaric
Copy link
Member

japaric commented Nov 13, 2018

Hello embedded Rustaceans!

We are collecting a "wishlist" of things you'd like to see done, fixed or
stabilized in 2019. We'll use this data to make a roadmap for 2019, i.e. to set
the goals of the WG for 2019.

You can request anything related to embedded Rust development: language
features, bug fixes, crates, docs, etc. The more requested something is the more
likely it is to make it into the roadmap; of course, other factors will be
considered as well: amount of work required; how beneficial would it be to the
community; does it require a rust-lang/rust RFC? how likely is that RFC to be
accepted?; who has to do the bulk of the work? the embedded community or a Rust
team?; etc.

To keep things tidy let's limit comments to one request per comment. Let's
also avoid "+1" and "I'd like to see that fixed too" comments; instead use a 👍
reaction to vote for a request.

To make our job easier please use the following format:

**Category**: pick one of:

- "feature", for languange and compiler features, e.g. const generics;
- "bug fix", e.g. fix rust-lang/cargo#5730;
- "stabilization", stabilization of standard API and features, e.g. stabilize `MaybeUninit`;
- "std", for addition and changes in any of the standard crates, e.g. add `core::io`;
- "crate", e.g. write / maintain a USB stack;
- "resources", for requesting docs, user guides, cookbooks and the like;
- or leave it empty if it doesn't fit any of the categories above

**Request**: your request in a single sentence

**Rationale**: one paragraph, or several bullets, explaining how this change would
benefit the embedded community

If you'd like to extend the rationale of an already submitted request just make
a new comment referencing the original request. We'll merge your comment into
the request comment. For example:

> **Request**: the sentence that Alice wrote

This would also let us do X and Y, and it would let crate Z compile on stable!

Summary of requests

Stabilization

Bug fixes

Features

Std

Crate

Resources


cc @rust-embedded/all please check this thread every now and then and update
the summary section

@japaric
Copy link
Member Author

japaric commented Nov 13, 2018

Category: Stabilization

Request: Stabilize RFC 2282 - "Cargo profile dependencies" AKA profile-overrides

Rationale:

  • This feature is used to optimize dependencies when compiling a crate using the dev profile; this produces a small binary that is still somewhat debuggable (print x doesn't always print x = <optimized out>). Without this sometimes dev binaries are too big and won't fit in the target device!

  • This is also used to optimize specific crates, like r0, for size and mitigate the "bloat" of aggressive loop unrolling that LLVM does when the release profile (-C opt-level = 3) is used.

@japaric
Copy link
Member Author

japaric commented Nov 13, 2018

Category: Bug fix

Request: fix rust-lang/cargo#5730 - "Features of dependencies are enabled if they're enabled in build-dependencies; breaks no_std libs"

Rationale: this makes some no_std crates unnecessarily hard to use / write. Using a crate, like chrono or rand, which supports both no_std and no-no_std contexts, in a build script or procedural will break the compilation of no_std crates that depend on the build dependency. The workaround is to use the host dependency in no_std mode everywhere, but this makes build scripts and procedural macros harder to write.

@japaric
Copy link
Member Author

japaric commented Nov 13, 2018

Category: Stabilization

Request: Stabilize core::mem::MaybeUninit

Rationale: this is required to make heapless' (*) and similar libraries' const constructors work on stable.

(*) heapless is a widely used library that provides statically allocated, fixed capacity collections (Vec, String, HashMap, etc.).

@japaric
Copy link
Member Author

japaric commented Nov 13, 2018

Category: Stabilization

Request: Stabilize const fn-s that have trait bounds, e.g. const fn new() -> Mutex<T> where T: Send.

Rationale: this is required to make heapless' (*) and similar libraries' const constructors work on stable.

(*) heapless is a widely used library that provides statically allocated, fixed capacity collections (Vec, String, HashMap, etc.).

@Ravenslofty
Copy link

Category: "feature"

Request: MIPS intrinsic for mfc0/mtc0

Rationale: Access to the system control coprocessor in MIPS provides access for features ranging from MMU control (for devices that have it) to enabling/disabling interrupts and handling interrupts. This currently requires either external assembly, which is not optimal, or asm! which is highly unstable.

@adamgreig
Copy link
Member

Category: Stabilization

Request: thumb intrinsics (#63)

Rationale: many (all?) the intrinsics we want are in stdsimd (rust-lang/stdarch#518) and so available to nightly; it would be great to get them stabilised as well. The last RFC about this (#184) sort of stalled out.

P.S. thanks @ZirconiumX for reminding me!

@Ravenslofty
Copy link

Ravenslofty commented Nov 14, 2018

Category: Std

Request: Optimise memory routines in compiler-builtins.

Rationale: At the moment the compiler-builtins code is written to be correct and to make it as obvious for LLVM to optimise as possible. However, if LLVM does not have an internal routine to optimise these routines, it will emit the code directly, resulting in things like byte at a time memcpy, which is far from ideal. It's possible to write a 32-bit routine which should be portable to most machines and offer a ~4x speedup.

@adamgreig
Copy link
Member

Category: Crate

Request: High quality RTOS bindings

Rationale: Being able to use Rust alongside an existing RTOS (FreeRTOS, ChibiOS, mbed-os, etc) would be really attractive for those already using the RTOS but wanting to start moving to Rust. Ideally in the end we'd have a Rust RTOS anyway (and RTFM provides a really compelling alternative already) but in the immediate future good bindings would be great. There's already work in this direction such as https://github.com/hashmismatch/freertos.rs and https://github.com/thenewwazoo/ChibiOS-rust.

@thejpster
Copy link
Contributor

Category: Crate
Request: An easy to use SD/MMC and FAT32 library

Rationale: Adding SD card support to your embedded project should be as easy as using the Arduino SD library - just depend on the crate and add a on-liner connecting the SD card library to your chip's SPI peripheral. This library should prioritize ease of use over performance (i.e. polling and byte-wise transfers rather than interrupt-driven DMA block transfers), but allow for higher-performance implementations to be plugged in if required, through a generic BlockDevice trait.

@thejpster
Copy link
Contributor

thejpster commented Nov 14, 2018

Category: Crate
Request: An easy to use USB host library
Rationale: Adding support for USB thumb drives, keyboards and mice to your embedded project should be as simple as using the Arduino USB Host library.

@thejpster
Copy link
Contributor

Category: Crate
Request: An easy to use USB device library
Rationale: Adding support for emulating a USB keyboard, mice or serial port to your embedded project should be as simple as the two examples above ;)

@thejpster
Copy link
Contributor

thejpster commented Nov 14, 2018

Category: Crate
Request: An easy to use pure-Rust RTOS
Rationale: Binding to a pre-existing C based RTOS is non-trivial, as there are things the RTOS does (like memory allocation, or extensive use of #defines) which aren't necessarily a good fit for the Rust model. We should write a pure-Rust version of FreeRTOS, decomposed into re-usable core crates (queues, mutextes/semaphores, tasks, etc), and then microarch-specific implementations (e.g. rustos-queue-cortex-m).

@eldruin
Copy link
Member

eldruin commented Nov 14, 2018

Category: Bug fix
Request: Fix rust-lang/rust#42863 - "Generic associated consts can't currently be used to parameterize fixed array lengths"

Rationale: In drivers that support several devices, it would simplify the code to be able to define generic associated constants for things like buffer sizes and use them to create fixed-size arrays for data transfer, for example.

@japaric
Copy link
Member Author

japaric commented Nov 14, 2018

Category: Feature

Request: std-aware Cargo / Xargo in Cargo

Rationale:

  • with this feature people would be able to build no_std programs for custom targets, targets for which there is no rust-std component, using Cargo. The most prominent custom targets are consoles: Nintendo DS, GBA, PS2, etc. The workaround is to use a Cargo wrapper like Xargo or cargo-xbuild but these will always require nightly.

  • this would also let people recompile core / std with different compilation settings, for example using -C opt-level=s instead of the default -C opt-level=3

This is planned work for the Cargo team so I mainly want to gauge interest and check how important is it for you to get this stabilized in 2019. Please vote with a 👍 if this would be great to have available in nightly, OR with a 🎉 if it's vital for you to have this working on stable.

@japaric
Copy link
Member Author

japaric commented Nov 14, 2018

Category: Std

Request: math support in core

Rationale: there's nothing OS specific about math libraries. x.tan() should Just Work in no_std context. There are no_std libraries that provide math support but having this in core and maintained by the Rust team means that we can freely use unstable features like inline assembly end SIMD to make the implementations as performant as possible.

@DrSensor
Copy link

DrSensor commented Nov 14, 2018

Category: Resources

Request: Table/List of comparison/example between embedded_hal API vs Arduino API

Rationale: This will help in teaching newcomer about embedded rust. Especially the one who doesn't have experience in firmware programming. Also, it makes it easier for someone to port some of Arduino libraries into rust drivers.

@ramn
Copy link

ramn commented Nov 14, 2018

Category: feature
Request: Support for AVR
Rationale: There are many Arduinos lying around. Would be nice to rust them up!

@dapperfu
Copy link

@dapperfu
Copy link

dapperfu commented Nov 15, 2018

  • Category: feature
  • Request: PowerPC e200 core compiler support.
    The NXP MPC5748G and MPC5744P are ASIL-B and ASIL-D certified chips, respectively. They feature various e200 cores. NXP also has 2 'inexpensive' (relatively speaking) development boards for each of the chips:
    • DEVKIT-MPC5748G - Ultra-Reliable MCUs for Automotive & Industrial Control and Gateway
    • DEVKIT-MPC5744P - dual e200z4 lockstep cores, motor control, safety, and communication interfaces to facilitate a complete safety/chassis solution.
  • Rationale: Offering a 'clean' break from existing compilers would lower the barrier of entry for people wanting to start developing for functional safety. Currently NXP has released an e200 GCC port based on GCC 4.9.4. The other options are WindRiver diab ($$) and Green Hills Software compilers ($$$$).

@Sh4rK
Copy link

Sh4rK commented Nov 15, 2018

Category: stabilization
Request: Stabilize async/await (and all needed underlying machinery).
Rationale: It's great that embedded-hal supports async via the nb crate, but if I'm not mistaken, most drivers and user code use the blocking interface. It would be great if they could transition to being asynchronous, to be used in a multitasking system.

@Sh4rK
Copy link

Sh4rK commented Nov 15, 2018

Category: crate
Request: A task scheduler.
Rationale: Once we have async support (#256 (comment)), we should have a task scheduler that makes it possible to write multi-tasked embedded programs. In this context what I mean by a task would probably be a Future from the core library. I'm not exactly sure on the specifics, but I'm thinking something like rtfm (compile-time guarantee of safe and efficient access to shared resources), but with the priorities assigned to tasks (Futures), instead of specific interrupts. A possible option is to actually implement this in rtfm itself.

(Side note: I would probably be able to help writing this.)

@paoloteti
Copy link

Category: feature

Request: Add support for Cortex-R52

Rationale: One of the most advanced real-time embedded CPU out there. As the first Armv8-R processor, Cortex-R52 introduces support for an hypervisor. It is part of the NXP S32 automotive platform.

@grossws
Copy link

grossws commented Nov 15, 2018

Category: stabilization

Request: stabilize alloc-related functional (alloc and allocator_api), see RFC 1398 and related issues/rfcs

Rationale: It would allow to use dynamic heap-allocated structures on stable

@jacobrosenthal
Copy link

Category: resources

Request: are-we-no-std-yet style community push

Rationale: push no_std amongst important libraries and a guide to helping library authors avoid std stuff they may not need, feature gate stuff they do

@geomatsi
Copy link

Category: resources

Request: Improve documentation needed to start experimenting with Rust on AVR, MSP430, RISC-V

Rationale: The more people start to experiment with those platforms the better - more testing, more drivers, etc. Using Rust on cortex-m chips has been greatly simplified and streamlined during this year. Other mcu platforms are not yet there and have a more steep learning curve now. It would be great to have introductory documents for some available development boards (LaunchPads, Arduinos) explaining how to get started with Rust on those boards: how to prepare environment (Xargo/Cargo), maintained crates (HAL, drivers, etc), troubleshooting (e.g. where to post LLVM issues), and so on.

@therealprof
Copy link
Contributor

Category: resources

Request: Improve crates.io or create separate site for no_std crates

Rationale: It is still very hard to find suitable crates for no_std development on crates.io since searching for keywords is hit and miss and it's not possible to include/exclude categories.

@eddyp
Copy link

eddyp commented Dec 20, 2018

Category: crate
Request: singleton! and other arch independent APIs in arch independent lib (instead of cortex-m)
Rationale: Starting or prepping for some other bare metal arch such as Cortex R52, Cortex A53, AVR or Power e200 would need similar constructs without pulling any of the Cortex-m specific code. It's just plain good architecture.

@TeXitoi
Copy link

TeXitoi commented Dec 20, 2018

@eddyp in the linked repository, you can see that I have a portable sub crate that can be compiled on any architecture, the main crate is device specific (depending on cortex_m{,_rt{,fm}}). The tests are run on the portable crate.

@Lokathor
Copy link

Lokathor commented Dec 20, 2018

@eddyp my target has no std lib (EDIT: and no atomics, so even proptest with nostd doesn't work), so I can not build my examples at all if cargo is trying to build quickcheck.

https://travis-ci.org/rust-console/gba/builds/470340649

So, yes, i want almost all my tests to be built and run on a big beefy x86 machine with 50 cores and such.

@japaric
Copy link
Member Author

japaric commented Dec 21, 2018

Category: stabilization

Request: complete and stabilize the last bits of procedural macros (macros 1.2): crate level attributes and attributes on modules

Rationale: Right now DSLs that require whole crate analysis to work and want to support the stable channel (e.g Real Time for The Masses v0.4) are forced to expose APIs like #[attr] const MODULE: () = { fn foo() { /* .. */ } /* more items */ } that use const items as modules instead of supporting proper modules because attributes on module are unstable. Also, users should be able to write their applications against the DSL and split it across several files but that is not possible today because crate level attributes are buggy. Completing these two features would lead to more ergonomic DSLs that work on stable; they may also lead to stable DSLs for testing (AKA Custom Test Frameworks) that support no_std targets.

@Lokathor
Copy link

Lokathor commented Dec 30, 2018

Category Feature

Request: A way to get a pointer to and length of a function compiled within the program.

Rationale: Within an embedded context, you might have a bit of code that you want to execute from some place other than the default memory storage. Sometimes you want to copy a function to a different piece of memory and then execute it there. It's already possible to have a pointer to a blob of bytes and then transmute it into a pointer to the function type in question, the only problem is that you can't currently talk about the compiled output of a function within rust, so you can't describe that you want to copy it into a particular part of memory.

@eddyp
Copy link

eddyp commented Dec 30, 2018

@Lokathor if the linker generated start function and end function symbols wouldn't that cover it? Maybe generate per function or per file with a flag that triggers these symbols to be generated? That would also assume inlining would not occur for those functions.

@Lokathor
Copy link

Yeah, something like a function attribute and/or proc-macro where you tag a specific function as "transferable" would probably be enough. It doesn't need to be an ability available for every single function ever.

@eddyp
Copy link

eddyp commented Dec 30, 2018

@Lokathor would the presence of that flag imply no_mangle?

@Lokathor
Copy link

Ahhhh.... maybe? That's actually a really tough one. I think it's not necessary, even if you might want it in some cases.

Functions in Rust can already name other functions in Rust and the language handles it for you.

// the fact that `ValType::func` gets mangled doesn't stop this from working right
let mapped_opt_val = opt_val.map(ValType::func);

So if you've got a Rust program that doesn't care about outside code being able to find its symbols, then you won't need to apply the no_mangle flag in that case. I think we can leave it up to a case by case basis.

Just spitballing, but a "complete" program might look something like this:

#![no_std]
#![feature(start)]

#[panic_handler]
fn panic(_info: &core::panic::PanicInfo) -> ! {
  loop {}
}

#[transferable_fn]
pub fn runs_from_ram(x: isize) -> isize {
    x // pretend this does something interesting
}

#[start]
fn main(_argc: isize, _argv: *const *const u8) -> isize {
    // This will point to the target location, transmuted to the correct fn type
    let fptr: fn(u32) -> u32 = {
        // Naturally users will need to be able to check the size of a
        // compiled function somehow
        if transfer_fn_size!(runs_from_ram) < 0xFF {
            unsafe {
                // This must panic if 0, should probably panic if unaligned,
                // otherwise it does a memcopy to put the code in place
                transfer_fn_here!(0x300_0000, runs_from_ram)
            }
        } else {
            panic!("your func was too large!")
        }
    };
    fptr(5);
}

@eddyp
Copy link

eddyp commented Jan 1, 2019

Category: crate/feature/resources

Request: stabilize/document how to access to cpu specific instructions (e.g. nop, dsb, isb, wfi, msr, mrs, cpsie... for ARM, msync, isync, mtspr, mfspr, mbar... for Power)

Rationale: On low level code such as RTOSes context switching, exception handling or HW programming there are often very specific assembly instructions which must occur in very specific sequences and with precise timings to correctly program or control hardware state. These can rely on barriers, special purpose register accesses or HW specific instructions to be issued and lacking a stable intrinsics APIs/ documentation makes this a problem for people considering to move to Rust because one is forced to face complex systems (build.rs or c/asm/rust combinations using make and calling rustc directly), and this is drawing focus away from the hard but very powerful new concepts rust brings to the table, decreasing the chance of switching to Rust.

Since inline asm seems to be still far away, maybe the solution is some crate that provides precompiled .s code for the instructions similar to the HardFaultTrampoline snippet via macros (e.g. dsb! or asmDsb!) that would guarantee to be inlined when called, similar to C compiler intrinsics such as __DSB() plus some documentation to make sure people working on other platforms, say AVR or RISC-V, implement similar interfaces.

@eddyp
Copy link

eddyp commented Jan 2, 2019

Category: feature/resources

Request: Provide fine grained custom memory sections layout (similar to C #pragma ... section)

Rationale: In embedded applications it is often specific memory ranges are used for specific purposes and not all memory has the same properties, for example noncacheable memory ranges, tightly coupled instruction or data memories, ECC SRAM memories, etc. It follows that it should be possible to define some specific custom memory sections via the linker script - memory.x - and, also, instruct the linker to put symbols on those sections.

With most embedded C/C++ tool chains it is possible to use compiler specific #pragma ... section clauses to inform the compiler and the linker to land in a custom region all symbols of a specific type declared/defined starting below the #pragma until the end of the file or another #pragma reversing the section choice. For example, put initialized data in .eccdata custom region instead of the default .data. A mechanism like #pragma ... section data "mydata" + #pragma ... section data default is preferable to per function/file attributes since typically there are multiple specific global symbols which must be placed in the special memories, but these are neither a few nor all of them from a file.

@Ravenslofty
Copy link

Why can't you use #[link_section = "foo"]?

@adamgreig
Copy link
Member

@eddyp It doesn't completely answer your question, but for Cortex-M there's the cortex-m crate, which provides precompiled instructions as you describe, and for link sections the quickstart shows an example of doing this here. It isn't quite complete since there's no rt support for initialisation in those sections yet, though.

@eddyp
Copy link

eddyp commented Jan 2, 2019

@ZirconiumX you can but is not desirable since in typical code I am thinking about you want to say "from this point on in the file onwards, all uninitialized data should be placed in .noncachablebss, until the end off the file or another choice for the section" or "all functions from this point should be placed in the tightly coupled instruction memory, until I explicitly revert to using flash".

And it gets very tedious soon to add such attributes for each symbol when there are many symbols in a file that should be placed in that section, but definitely not all of them nor just a few.

@eddyp
Copy link

eddyp commented Jan 2, 2019

@adamgreig I was aware of the crate and the precompiled stuff, but from what I could see and understand from the sources, there were some problems with them:

  1. The instructions are actually small asm functions made up of the instruction and a bx lr instruction or the instruction is missing entirely (nop); this creates problems: they assume the stack is set, the timings will be incorrect, the pipeline its filled with junk or instruction cache could be polluted, a specific required instruction sequence can't be created (e.g. after MPU programming a dsb followed by a isb is required); unless the compiler inlines the bx at all times these are problematic; if it does, nop is broken and should be fixed
  2. The interface should be nicer and stable and/or standard so any new implementations for cores which are not cortex m have the same look and feel, hence my proposal to use macros.

Regarding sections, I am not only referring to data sections, but also .text; also see the answer above regarding what's missing from current link_section solution.

I know it might mean that llvm must first add such support, but all C tool chains I've worked with have this #pragma mechanism: Green Hills, Windriver Diab, Cosmic, IAR, ARM/DS-5, Code Warrior.

@therealprof
Copy link
Contributor

Category: Std

Request: Provide a #[init] attribute to allow for an initialisation function

Rationale: To ensure safe initialisation of the MCU, data and peripherals we might want to have a #[init] attribute allowing the user to define a application initialisation within an automatic critical section to prevent interrupts or multiple cores to accidentally cause disturbances. It would also allow to teach the users good practises about setting up resources and making them available safely available to interrupt/exception handlers and in addition would make it easier to apply special treatment to the #[entry] function, e.g. executing as a #[ramfunc].

@therealprof
Copy link
Contributor

Category: crate

Request: Supplement the Mutex<RefCell<Option<...>>> dance by something more user friendly

Rationale: To share peripherals and other resources between interrupt/exception handlers and e.g. the main loop the user currently has to create a static Mutex<RefCell<Option<...>>> variable with a fully specified type, move the resource into it, and borrow in the interrupt handler after setting up the critical section which is very tedious, confusing to users and allow error prone. It would be nice to do the same in a much more convenient way, e.g. by providing a macro for the setup and free functions to allow for easy access (and e.g. checking for already set up resources) with or without already obtained criticial section.

@Lokathor
Copy link

Lokathor commented Jan 8, 2019

Is that for multithreaded handlers? Because on a single core, I've been assured by some very serious people that you can just share a global between the main thread and the interrupt handler if it's always accessed in a volatile way.

Speaking of which, on armv4t you must have an interrupt handler written with 32-bit arm state. Is that the same on later arm devices, and are you just programming the whole program in ARM state? I know it was asked about +thumb and -thumb above, but if there was a way to even write just the handler as ARM and the rest of the program as Thumb that'd be enough for most of the desired use case.

@tekjar
Copy link

tekjar commented Jan 14, 2019

Does writing android HALs with HIDL support fall under purview of rust embedded?

@jamesmunns
Copy link
Member

For anyone here who added an item to the wishlist, please consider adding your item to the Not Yet Awesome Embedded Rust List to make the need for your wishlist item more visible!

@eldruin
Copy link
Member

eldruin commented Aug 11, 2020

2019 finished. Maybe we can create a follow up issue for 2020. Nominating for next week's meeting.

@adamgreig
Copy link
Member

Closing as we're now well into 2020; if anything outstanding from this list is still relevant please add it to the not-yet-awesome embedded rust list, or create a new issue to track it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests