Skip to content

da14531: port da14531_protocol_format to Rust #1723

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
benma wants to merge 3 commits into
base: master
Choose a base branch
from
Open

da14531: port da14531_protocol_format to Rust #1723

benma wants to merge 3 commits into from

Conversation

@benma
Copy link
Collaborator

@benma benma commented Dec 22, 2025
edited
Loading

C unit tests for the C impl are added.

Then the C function is ported to Rust, while still passing the C tests.

Then the C tests are ported.

This way we can be reasonably sure that the Rust port is correct.

da14531: add unit tests for da14531_protocol_format
d7e572f 
The asserts are changed as they were off by one (in the safe
conversative direction).
@benma benma requested a review from NickeZ December 22, 2025 11:48
@benma benma removed the request for review from NickeZ December 22, 2025 12:25
@benma benma marked this pull request as draft December 22, 2025 12:25
@benma benma force-pushed the da14531-2 branch 2 times, most recently from 4939c69 to ac811f1 Compare December 22, 2025 13:10
@benma benma requested a review from NickeZ December 22, 2025 13:16
@benma benma marked this pull request as ready for review December 22, 2025 13:16
NickeZ
NickeZ requested changes Dec 22, 2025
View reviewed changes
Copy link
Collaborator

@NickeZ NickeZ left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very nice, but I think the naming is wrong, it should probably be in a crate called "serial link protocol" or something more like that. Maybe "bitbox interchip serial protocol". The serial link protocol is unrelated to da14531. (technically it is the "SAMD51 to DA14531 serial link protocol").

I also saw an excessive amount of similar tests (1 for every single-byte sequence?) instead of some variance, like various lengths.

There are no negative tests (which isn't a blocker), so no invalid sequences are tested.

I would also prefer if we could handle failure by resetting the communication stack rather than panicking. But this means that we need to return Result instead of panic.

benma's agent added 2 commits December 22, 2025 15:21
da14531: port da14531_protocol_format to Rust
c292423 
Using the CRC dep we already have in Rust. We expose a helper
rust_da14531_crc function too for an unrelated call to CRC so we can
get rid of crc.c/crc.h.

C unit tests added for da14531_protocol_format still pass, showing the
Rust port is correct for the cases tested.
da14531: port protocol format C unit tests to Rust
f62a4c7
@benma
Copy link
Collaborator Author

benma commented Dec 22, 2025

Very nice, but I think the naming is wrong,

Renamed the crate

There are no negative tests (which isn't a blocker), so no invalid sequences are tested.

There can be no negative tests, right? It's encoding, not decoding - one can encode any payload.

I would also prefer if we could handle failure by resetting the communication stack rather than panicking. But this means that we need to return Result instead of panic.

Can we postpone that to another PR? For this PR I'd like to keep it refactor-only, not change functionality.

NickeZ
NickeZ reviewed Dec 22, 2025
View reviewed changes
src/rust/bitbox-framed-serial-link/src/lib.rs
let len_bytes = payload_len.to_le_bytes();

let mut idx = 0usize;
assert!(idx < out.len());
Copy link
Collaborator

@NickeZ NickeZ Dec 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

asf4 ASSERT is the same as rust debug_assert.

Copy link
Collaborator

@NickeZ NickeZ Dec 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Indexing in rust is checked, so you don't need out-of-bounds checks.

@NickeZ
Copy link
Collaborator

NickeZ commented Dec 22, 2025
edited
Loading

There can be no negative tests, right? It's encoding, not decoding - one can encode any payload.

Can check what happens if out-buf is to small.

I would also prefer if we could handle failure by resetting the communication stack rather than panicking. But this means that we need to return Result instead of panic.

Can we postpone that to another PR? For this PR I'd like to keep it refactor-only, not change functionality.

👍

@benma
Copy link
Collaborator Author

benma commented Dec 22, 2025

Can check what happens if out-buf is to small.

It will run into the assert, not sure how to test that in C. In Rust, I could add a test to check if it panics, but I don't see how that is helpful.

@NickeZ
Copy link
Collaborator

NickeZ commented Dec 22, 2025

It will run into the assert, not sure how to test that in C. In Rust, I could add a test to check if it panics, but I don't see how that is helpful.

I didn't even see the c-tests initially when I reviewed.

@benma
Copy link
Collaborator Author

benma commented Dec 22, 2025

It will run into the assert, not sure how to test that in C. In Rust, I could add a test to check if it panics, but I don't see how that is helpful.

I didn't even see the c-tests initially when I reviewed.

Should have read the PR comment 🤓 😄

#1723 (comment)

@NickeZ
Copy link
Collaborator

NickeZ commented Dec 22, 2025

It will run into the assert, not sure how to test that in C. In Rust, I could add a test to check if it panics, but I don't see how that is helpful.

I didn't even see the c-tests initially when I reviewed.

Should have read the PR comment 🤓 😄

#1723 (comment)

Yeah, I was very confused when I only saw rust unit tests :P

@benma
Copy link
Collaborator Author

benma commented Dec 30, 2025

Split first commit into separate PR so we can see full CI passing on it: #1726

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@NickeZ NickeZ NickeZ requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@benma @NickeZ