Making Rtems Device Drivers using C?

Joel Sherrill <joel@OARcorp.com> joel.sherrill at OARcorp.com
Tue Jan 4 23:14:30 UTC 2005 

Eric Valette wrote:
> Angelo Fraietta wrote:
> 
>> Surely the overhead in C++ would only be if calls were being made to 
>> C++ run time libraries from within the interrupt.
> 
> 
> Have been responsible of ChoruOs/Jaluna C++ dev tools and depending on 
> the feature you use, C++ can be seen as a strong type-checking C less 
> with very limited overhead and about no runtime requirements.

I agree with this statement completely as long as you are careful.

> If you start using rtti, exceptions, operator = overloading and abuse of 
> copy constructor, then yes if may become quite hard to usdertand d what 
> a single line statement does...

This is the real issue.  Both C++ and Ada can do things as a non-obvious
side-effect of something that looks safe and simple.  The copy 
constructor in C++ is a classic example.  Even ignoring the
likelihood of an implicit memory allocation, the possibility of
attempting to lock the run-time is always there.  Even a simple
accessor function could attempt to lock a mutex.

All of these operations probably are OK for a device driver
that is operating at task level to perform.  But if you
ever run the same code from an ISR or Timer Service Routine
or maybe even a signal handler, you run the risk of
violating any number of rulees.  Remember, even a simple
accessor function could attempt to lock the object's data
for consistency and if that accessor is called from an ISR
and it blocks, the system is toast.

Remember the old RTEMS days when C++ global constructors were
run before tasking was complete.  Some constructors would block
and destroy the system before it was even up.

Again, it is not that it CAN'T be done -- it can be.  It just
shouldn't because it is too hard to use real Ada or C++ features
and ensure that you are doing something you shouldn't.  I
know of one Ada application that was OK with TSR's written in
Ada.  Then a compiler update began to lock the run-time
in new places.  The application's TSRs broke in a new and weird
way.

Eric V.. I agree completely.  If you can stick pretty much
to plain C and just use the C++ compiler for stricter checking,
that's great.  But you have to be very careful.


-- 
Joel Sherrill, Ph.D.             Director of Research & Development
joel at OARcorp.com                 On-Line Applications Research
Ask me about RTEMS: a free RTOS  Huntsville AL 35805
    Support Available             (256) 722-9985

More information about the users mailing list