You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
IMPORTANT: Unfortunately, (12) triggered a wave of changes in storage and legacy code, just because of the shared prototype of __fatal_error(). All affected code was changed appropriately, and as a result, the T1 model no longer reports the expression and function name on the fatal error screen (there's just the file and line - which is still more than on other models).
while you're at this, maybe you would like to look at #744 ? (not required for this PR but it might be an opportunity to fold it in)
It looks like error_shutdown(..) can now perfectly replace the ensure(secfalse, ...) macro. The thing to consider is that we will lose file and line information in debug builds. If this is not a problem (and I think it isn't since all these ensure(secfalse instances contain quite unique messages), I can make this change within this PR. Should I? @matejcik
In the storage, I've replaced ensure(secfalse with handle_fault.
In the storage tests, I've left it unchanged.
I've also change it Ii the display/i2c drivers, but we should not call it at all and return with an error instead. However, this is not related to this PR.
i don't think that is correct, as handle_fault will additionally bump the fault counter, which makes no sense in that location (we wiped the storage right before)
Aaaa, I didn't notice that. So I reverted this change here. In this file, it seems better to be consistent and not introduce a call to error_shutdown. See 8b23004
Aaaa, I didn't notice that. So I reverted this change here. In this file, it seems better to be consistent and not introduce a call to error_shutdown. See 8b23004
it's helpful if you post in your own comment, instead of editing mine :)
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
cepetr
force-pushed
the
cepetr/rsod-fix
branch
2 times, most recently
from
This PR improves error handling in both C and Rust code:
and finally saves about 12KB of FLASH (without affecting the functionality)
common.c/common.hand moved to the platform-independentlib/error_handling.h/.c.error_shutdown().show_pin_too_many_screen()andshow_wipe_code_screen().error_shutdown()and introducederror_shutdown_ex()for more complex cases.__fatal_error()witherror_shutdown()as the former is low-level and private toerror_handling.c.show_install_restricted_screen()to a more appropriate location (fromsecret.ctoerror_handling.c).error_shutdown()function, eliminating dual implementations in Rust and C.render_on_displaywhen an error occurred during drawing on the T3T1 model.dbg_trace!macro, aprint!-like macro for printing to the debug console.ensure!,unwrap!, andfatal_error!.panic!by callsto fatal_error!.fatal_error!has now just single parameter -messageassert()andensure()macro to not print evaluated expression and filename with full path.IMPORTANT: Unfortunately, (12) triggered a wave of changes in storage and legacy code, just because of the shared prototype of
__fatal_error(). All affected code was changed appropriately, and as a result, the T1 model no longer reports the expression and function name on the fatal error screen (there's just the file and line - which is still more than on other models).