1 /*
2 * Copyright (c) 2008 Texas Instruments. All rights reserved.
3 * This program and the accompanying materials are made available under the
4 * terms of the Eclipse Public License v1.0 and Eclipse Distribution License
5 * v. 1.0 which accompanies this distribution. The Eclipse Public License is
6 * available at http://www.eclipse.org/legal/epl-v10.html and the Eclipse
7 * Distribution License is available at
8 * http://www.eclipse.org/org/documents/edl-v10.php.
9 *
10 * Contributors:
11 * Texas Instruments - initial implementation
12 * */
13 /*
14 * ======== Error.xdc ========
15 */
16
17 /*!
18 * ======== Error ========
19 * Runtime error manager
20 *
21 * The `Error` module provides mechanisms for raising, checking, and
22 * handling errors in a program. You can configure it via the
23 * `{@link Error#policy Error.policy}` and
24 * `{@link Error#raiseHook Error.raiseHook}` configuration parameters.
25 *
26 * Modules may define specific error types and reference these when
27 * raising an error. Each error type has a custom error message and
28 * can be parameterized with up to `{@link #NUMARGS}` arguments. A
29 * generic error type is provided for raising errors when not in a module.
30 *
31 * Use the `{@link #check Error_check()}` function to determine if an
32 * error has been raised. It is important to understand that it is the
33 * caller's responsibility to check the error block after calling a
34 * function that takes an error block as an argument. Otherwise, a raised
35 * error may go undetected, which could compromise the integrity of the
36 * system. For example:
37 *
38 * @p(code) 39 * Task_create(..., &eb);
40 *
41 * if (Error_check(&eb)) {
42 * ...an error has been raised...
43 * }
44 * @p 45 *
46 * The `{@link #raiseHook Error.raiseHook}` configuration parameter allows
47 * a configured function to be invoked when any error is raised. This
48 * function is passed a pointer to the error's error block and makes it
49 * easy to manage all errors from a common point. For example, you can
50 * trap any error (fatal or not) by simply setting a breakpoint in this
51 * function. You can use the following functions to extract information
52 * from an error block.
53 *
54 * @p(blist) 55 * - `{@link #getData Error_getData()}`
56 * - `{@link #getCode Error_getCode()}`
57 * - `{@link #getId Error_getId()}`
58 * - `{@link #getMsg Error_getMsg()}`
59 * - `{@link #getSite Error_getSite()}`
60 * @p 61 *
62 * The Error module provides facilities for handling errors, but the Log
63 * module also provides features for logging error events. These are separate
64 * concepts; however, to ensure that users do not have to both raise and log
65 * an error, the Error module will automatically log an error event when one
66 * is raised. The Error module logs the standard {@link Log#L_error} event,
67 * passing it the error message and arguments.
68 *
69 * The error event is logged to the Error module's logger using the Error
70 * module's diags mask. Logging of errors is enabled by default in the diags
71 * mask, but the event will not be logged unless a logger is configured for
72 * the Error module as well.
73 *
74 * To make the error event appear as though it is coming from the module which
75 * called Error_raise, the event is logged with the caller's module id and
76 * with the caller's call site information.
77 *
78 * @a(Examples) 79 * Example 1: The following example shows how a module, named ModA,
80 * defines a custom error type and shows how this error is raised by
81 * the module. The module defines an `Id` of `E_notEven` in its module
82 * specification file (in this case, `ModA.xdc`). The error's message
83 * string takes only one argument. The module also defines a `mayFail()`
84 * function that takes an error block. In the module's C source file,
85 * the function checks for the error condition and raises the error if
86 * needed.
87 *
88 * This is part of ModA's XDC specification file for the module:
89 *
90 * @p(code) 91 * config xdc.runtime.Error.Id E_notEven = {
92 * msg: "expected an even number (%d)"
93 * };
94 *
95 * Void mayFail(Int x, xdc.runtime.Error.Block *eb);
96 * @p 97 *
98 * This is part of the C code for the module:
99 *
100 * @p(code) 101 * Void ModA_mayFail(Int x, Error_Block *eb)
102 * {
103 * if ((x % 2) != 0) {
104 * Error_raise(eb, ModA_E_notEven, x, 0);
105 * ...add error handling code here...
106 * return;
107 * }
108 * ...
109 * }
110 * @p 111 *
112 * @p(html) 113 * <hr />
114 * @p 115 *
116 * Example 2: The following C code supplies an error block to a function
117 * that requires one and tests the error block to see if the function
118 * raised an error. Note that an error block must be initialized before
119 * it can be used and same error block may be passed to several functions.
120 *
121 * @p(code) 122 * #include <xdc/runtime/Error.h>
123 * #include <ti/sysbios/knl/Task.h>
124 * Error_Block eb;
125 * Task_Handle tsk;
126 *
127 * Error_init(&eb);
128 * tsk = Task_create(..., &eb);
129 *
130 * if (Error_check(&eb)) {
131 * ...an error has been raised...
132 * }
133 * @p 134 *
135 * @p(html) 136 * <hr />
137 * @p 138 *
139 * Example 3: The following C code shows that you may pass `NULL` to a
140 * function requiring an error block. In this case, if the function
141 * raises an error, the program is aborted (via
142 * `{@link System#abort xdc_runtime_System_abort()}`), thus execution
143 * control will never return to the caller.
144 *
145 * @p(code) 146 * #include <xdc/runtime/Error.h>
147 * #include <ti/sysbios/knl/Task.h>
148 *
149 * tsk = Task_create(..., NULL);
150 * ...will never get here if an error was raised in Task_create...
151 * @p 152 *
153 * @p(html) 154 * <hr />
155 * @p 156 *
157 * Example 4: The following C code shows how to write a function that
158 * is not part of a module and that takes an error block and raises
159 * the generic error type provided by the Error module. Note, if the
160 * caller passes `NULL` for the error block or if the error policy is
161 * `{@link #Policy TERMINATE}`, then the call to
162 * `{@link #raise Error_raise()}` will call
163 * `{@link System#abort xdc_runtime_System_abort()}` and never return.
164 *
165 * @p(code) 166 * #include <xdc/runtime/Error.h>
167 *
168 * Void myFunc(..., Error_Block *eb)
169 * {
170 * ...
171 *
172 * if (...error condition detected...) {
173 * String myErrorMsg = "my custom error message";
174 * Error_raise(eb, Error_E_generic, myErrorMsg, 0);
175 * ...add error handling code here...
176 * return;
177 * }
178 * }
179 * @p 180 */
181
182 module Error {
183
184 /*!
185 * ======== Policy ========
186 * Error handling policies
187 *
188 * Regardless of the current policy in use, raising an error by
189 * calling `{@link #raise Error_raise}` will always invoke the
190 * error raise hook function assigned to the
191 * `{@link #raiseHook Error.raiseHook}` configuration parameter.
192 *
193 * @field(TERMINATE) All raised errors are fatal. A call to
194 * `{@link #raise Error_raise}` will never return to the caller.
195 *
196 * @field(UNWIND) Errors are returned to the caller. A call to
197 * `{@link #raise Error_raise}` will return back to the caller.
198 */
199 enum Policy {
200 TERMINATE,
201 UNWIND
202 };
203
204 /*!
205 * ======== Desc ========
206 * Error descriptor
207 *
208 * Each type of error is defined with an error descriptor. This
209 * structure groups common information about the errors of this type.
210 *
211 * @field(msg) The error message using a `printf` style format string,
212 * but limited to `{@link #NUMARGS}` arguments.
213 * This format string together with the two arguments passed
214 * to `Error_raise`` are used to create a human readable
215 * error message.
216 *
217 * @field(code) A user assignable code, 0 by default. The user may
218 * optionally set this field during config to give the
219 * error a well-known numeric code.
220 */
221 metaonlystruct Desc {
222 String msg;
223 UInt16 code;
224 };
225
226 /*!
227 * ======== Id ========
228 * Error identifier
229 *
230 * Each type of error raised is defined with a metaonly
231 * `{@link Error#Desc}`. An `Error_Id` is a 32-bit target value that
232 * encodes the information in the `Desc`. Target programs use
233 * `Error_Id` values to "raise" and check for specific errors.
234 *
235 * @a(Warning) `{@link #Id}` values may vary among different
236 * configurations of an application. For example, the addition of a
237 * new module to a program may result in a different absolute value for
238 * `{@link #E_generic}`. If you need error numbers that remain
239 * invariant, use the user definable `{@link #Desc Desc.code}` field.
240 */
241 @Encoded typedef Desc Id;
242
243 /*!
244 * ======== HookFxn ========
245 * Function called whenever an error is raised
246 *
247 * The first parameter and only parameter passed to this function is a
248 * pointer to an `Error_Block`. Even if the client passes a `NULL` error
249 * block pointer to `{@link #raise Error_raise}`, this parameter passed
250 * to this "hook" function is always `non-NULL`.
251 */
252 typedef Void (*HookFxn)(Block *);
253
254 /*!
255 * ======== NUMARGS ========
256 * Maximum number of arguments supported by an error
257 */
258 const Int NUMARGS = 2;
259
260 /*!
261 * ======== Data ========
262 * Error args
263 *
264 * The two arguments (arg1, arg2) passed to `{@link #raise}` are
265 * stored in one of these arrays within the associated Error_Block.
266 * To access these arguments use `{@link #getData}` to obtain a
267 * pointer to the Error_Block's Data array.
268 *
269 * @see #getData
270 */
271 struct Data {
272 IArg arg[NUMARGS];
273 }
274
275 /*!
276 * ======== Block ========
277 * Error block
278 *
279 * An opaque structure used to store information about errors once raised.
280 * This structure must be initialized via `{@link #init Error_init()}`
281 * before being used for the first time.
282 */
283 @Opaque struct Block {
284 UInt16 unused; /* for backward compatibility (was code) */
285 Data data; /* arguments passed to raise() */
286 Id id; /* id passed to raise() */
287 String msg; /* msg associated with id */
288 Types.Site site; /* info about Error_raise call site */
289 IArg xtra[4]; /* future expansion */
290 };
291
292 /*!
293 * ======== E_generic ========
294 * Generic error
295 *
296 * This error takes advantage of the $S specifier to allow for recursive
297 * formatting of the error message passed to error raise.
298 *
299 * For example, the following is possible:
300 * @p(code) 301 * Error_raise(eb, Error_E_generic, "Error occurred, code: %d", code);
302 * @p 303 *
304 * @see System#extendedFormats
305 * @see System#printf
306 */
307 config Id E_generic = {msg: "%$S"};
308
309 /*!
310 * ======== E_memory ========
311 * Out of memory error
312 *
313 * The first parameter must be the heap instance handle. The second
314 * parameter is the size of the object for which the allocation failed.
315 */
316 config Id E_memory = {msg: "out of memory: heap=0x%x, size=%u"};
317
318 /*!
319 * ======== E_msgCode ========
320 * Generic error that displays a string and a numeric value
321 */
322 config Id E_msgCode = {msg: "%s 0x%x"};
323
324 /*!
325 * ======== policy ========
326 * System-wide error handling policy
327 */
328 config Policy policy = UNWIND;
329
330 /*!
331 * ======== raiseHook ========
332 * The function to call whenever an error is raised
333 *
334 * If set to a non-`null` value, the referenced function is always
335 * called when an error is raised, even if the `Error` policy is
336 * `{@link #Policy TERMINATE}`. In rare cases, it is possible that a
337 * raised error does not trigger a call to `raiseHook`; see
338 * `{@link #maxDepth}`.
339 *
340 * By default, this function is set to `{@link #print Error_print}`
341 * which causes the error to be formatted and output via
342 * `{@link xdc.runtime.System#aprintf System_printf}`. Setting this
343 * configuration parameter to `null` indicates that no function hook
344 * should be called.
345 *
346 * @see #maxDepth
347 * @see #HookFxn
348 * @see #print
349 */
350 config HookFxn raiseHook = Error.print;
351
352 /*!
353 * ======== maxDepth ========
354 * Maximum number of concurrent calls to `{@link #raiseHook}`
355 *
356 * To prevent errors that occur in the raiseHook function from
357 * causing an infinite recursion, the maximum number of concurrent
358 * calls to `{@link #raiseHook}` is limited by `Error_maxDepth`. If
359 * the number of concurrent calls exceeds `Error_maxDepth`, the
360 * `raiseHook` function is not called.
361 *
362 * In multi-threaded systems, errors raised by separate threads may
363 * be detected as recursive calls to `raiseHook`. So, setting
364 * `Error.maxDepth` to a small value may - in rare instances - result in
365 * `errorHook` not being called for some raised errors.
366 *
367 * If it is important that all raised errors trigger a call to the
368 * `raiseHook` function, set `Error.maxDepth` to an impossibly large
369 * number (0xffff) and either ensure that the raise hook never calls a
370 * function that can raise an error or add checks in `raiseHook` to
371 * protect against "double faults".
372 */
373 config UInt16 maxDepth = 16;
374
375 /*!
376 * ======== check ========
377 * Return TRUE if an error was raised
378 *
379 * @param(eb) pointer to an `Error_Block` or `NULL`
380 *
381 * @a(returns) 382 * If `eb` is non-`NULL` and `{@link #policy Error.policy} == UNWIND` and
383 * an error was raised on `eb`, this function returns `TRUE`. Otherwise,
384 * it returns `FALSE`.
385 */
386 Bool check(Block *eb);
387
388 /*!
389 * ======== getData ========
390 * Get an error's argument list
391 *
392 * @param(eb) non-`NULL` pointer to an `Error_Block`
393 *
394 * @a(returns) 395 * `getData` returns an array of type `{@link #Data}` with
396 * `{@link #NUMARGS}` elements containing the arguments provided
397 * at the time the error was raised.
398 *
399 * @see #raise
400 */
401 Data *getData(Block *eb);
402
403 /*!
404 * ======== getCode ========
405 * Get an error's code
406 *
407 * @param(eb) non-`NULL` pointer to an `Error_Block`
408 *
409 * @a(returns) 410 * `getCode` returns the error code associated with this error block.
411 *
412 * @see #raise
413 * @see #Desc
414 */
415 UInt16 getCode(Block *eb);
416
417 /*!
418 * ======== getId ========
419 * Get an error's id
420 *
421 * @param(eb) non-`NULL` pointer to an `Error_Block`
422 *
423 * @a(Warning) 424 * `Error_Id` values may vary among different configurations
425 * of an application. For example, the addition of a new module to a
426 * program may result in a different absolute value for
427 * `{@link #E_generic}`. If you need error numbers that remain
428 * invariant, use the user definable `{@link #Desc Desc.code}` field.
429 *
430 * @see #raise
431 * @see #Desc
432 */
433 Id getId(Block *eb);
434
435 /*!
436 * ======== getMsg ========
437 * Get an error's "printf" format string
438 *
439 * @param(eb) non-`NULL` pointer to an `Error_Block`
440 *
441 * @see #raise
442 * @see #Desc
443 */
444 String getMsg(Block *eb);
445
446 /*!
447 * ======== getSite ========
448 * Get an error's call site info
449 *
450 * @param(eb) non-`NULL` pointer to an `Error_Block`
451 *
452 * @a(returns) 453 * `getSite` returns a pointer to an initialized
454 * `{@link Types#Site Types.Site}` structure. However, in the
455 * event that the call site was compiled with `xdc_FILE` defined to
456 * be `NULL` (to minimize string space overhead) the `file`
457 * field may be set to `NULL`.
458 *
459 * @see #raise
460 * @see #Desc
461 */
462 Types.Site *getSite(Block *eb);
463
464 /*!
465 * ======== idToCode ========
466 * Extract the user's error code associated with an `Error_Id`
467 *
468 * @param(id) `Error_Id` from which to extract the user defined
469 * code
470 * @_nodoc 471 */
472 @Macro UInt16 idToCode(Id id);
473
474 /*!
475 * ======== idToUid ========
476 * Extract the unique error id associated with an `Error_Id`
477 *
478 * @param(id) `Error_Id` from which to extract the system unique
479 * id associated with the specified `Error_Id`
480 * @_nodoc 481 */
482 @Macro UInt16 idToUid(Id id);
483
484 /*!
485 * ======== init ========
486 * Put an error block into its initial state
487 *
488 * To ensure reliable error detection, clients must call `init` for
489 * an `Error_Block` prior to any use.
490 *
491 * If the same Error Block is used multiple times, only the last error
492 * raised is retained.
493 *
494 * @param(eb) pointer to an `Error_Block` or `NULL`
495 *
496 * If `eb` is `NULL` this function simply returns.
497 */
498 Void init(Block *eb);
499
500 /*!
501 * ======== print ========
502 * Print error using System.printf()
503 *
504 * This function prints the error using `System_printf()`. The output
505 * is on a single line terminated with a new line character and has the
506 * following form:
507 * @p(code) 508 * <site>: <file>, line <line_num>: <err_msg>
509 * @p 510 * where `<site>` is the module that raised the error, `<file>` and
511 * `<line_num>` are the file and line number of the containing the call
512 * site of the `Error_raise()`, and `<err_msg>` is the error message
513 * rendered with the arguments associated with the error.
514 *
515 * @param(eb) pointer to an `Error_Block` or `NULL`
516 *
517 * If `eb` is `NULL` this function simply returns with no output.
518 *
519 * @a(Warning) 520 * This function is not protected by a gate and, as a result,
521 * if two threads call this method concurrently, the output of the two
522 * calls will be intermingled. To prevent intermingled error output,
523 * you can either wrap all calls to this method with an appropriate
524 * `Gate_enter`/`Gate_leave` pair or simply ensure that only one
525 * thread in the system ever calls this method.
526 */
527 Void print(Block *eb);
528
529 /*!
530 * ======== raise ========
531 * Raise an error
532 *
533 * This function is used to raise an `Error` by writing call site,
534 * error ID, and error argument information into the `Error_Block`
535 * pointed to by `eb`.
536 *
537 * If `Error_raise` is called more than once on an `Error_Block` object,
538 * the previous error information is overwritten; only the last error
539 * is retained in the `Error_Block` object.
540 *
541 * In all cases, any configured `{@link #raiseHook Error.raiseHook}`
542 * function is called with a non-`NULL` pointer to a fully
543 * initialized `Error_Block` object.
544 *
545 * @param(eb) pointer to an `Error_Block` or `NULL`
546 *
547 * If `eb` is `NULL` or `{@link #policy Error.policy} == TERMINATE`,
548 * this function does not return to the caller; after calling any
549 * configured `{@link #raiseHook}`, `System_abort` is called with the
550 * string `"xdc.runtime.Error.raise: terminating execution\n"`.
551 *
552 * @param(id) the error to raise
553 *
554 * This pointer identifies the class of error being raised;
555 * the error class indicates how to interpret any subsequent
556 * arguments passed to `{@link #raise}`.
557 *
558 * @param(arg1) error's first argument
559 *
560 * The argument interpreted by the first control character
561 * in the error message format string. It is ignored if not needed.
562 *
563 * @param(arg2) error's second argument
564 *
565 * The argument interpreted by the second control character
566 * in the error message format string. It is ignored if not needed.
567 */
568 @Macro Void raise(Block *eb, Id id, IArg arg1, IArg arg2);
569
570 /*! @_nodoc */
571 Void raiseX(Block *eb, Types.ModuleId mod, CString file, Int line,
572 Id id, IArg arg1, IArg arg2);
573
574 internal:
575
576 struct Module_State {
577 UInt16 count;
578 };
579
580 }
581 /*
582 * @(#) xdc.runtime; 2, 1, 0,438; 12-19-2013 19:53:35; /db/ztree/library/trees/xdc/xdc-z63x/src/packages/
583 */
584