feat(port_std): implement graceful shutdown

Author: yvt

src/constance_port_std/src/lib.rs

@@ -175,7 +175,9 @@ impl State {
     }
 
     /// Initialize the user-mode scheduling system and boot the kernel.
-    pub fn port_boot<System: Kernel>(&self) -> ! {
+    ///
+    /// Returns when the shutdown initiated by [`shutdown`] completes.
+    pub fn port_boot<System: Kernel>(&self) {
         // Create a UMS thread group.
         let (thread_group, join_handle) = ums::ThreadGroup::new(sched::SchedState::new::<System>());
 
@@ -202,8 +204,6 @@ impl State {
         if let Err(e) = join_handle.join() {
             std::panic::resume_unwind(e);
         }
-
-        panic!("the system has been shut down")
     }
 
     pub unsafe fn dispatch_first_task<System: PortInstance>(&'static self) -> !
@@ -299,14 +299,7 @@ impl State {
                 Tsm::Uninit => unreachable!(),
             }
         } else {
-            // Since we don't have timers or real interrupts yet, this means
-            // we are in deadlock.
-            //
-            // The test code currently relies on this behavior (panic on
-            // deadlock) to exit the dispatcher loop. When we have timers
-            // and interrupts, we need to devise another way to exit the
-            // dispatcher loop.
-            panic!("No task to schedule");
+            None
         };
     }
 
@@ -537,6 +530,22 @@ impl State {
     }
 }
 
+/// Initiate graceful shutdown.
+///
+/// The shutdown completes when all threads complete execution. Usually, the
+/// process will exit after this.
+///
+/// Note: There is no safe way to restart the simulated system without
+/// restarting an entire process.
+pub fn shutdown<System: PortInstance>() {
+    System::port_state()
+        .thread_group
+        .get()
+        .unwrap()
+        .lock()
+        .shutdown();
+}
+
 #[macro_export]
 macro_rules! use_port {
     (unsafe $vis:vis struct $sys:ident) => {

src/constance_port_std/tests/test_suite.rs

@@ -4,6 +4,7 @@
 #![feature(never_type)]
 #![feature(const_mut_refs)]
 
+use constance_port_std::PortInstance;
 use std::sync::atomic::{AtomicBool, Ordering};
 
 struct KernelTestUtil {
@@ -17,34 +18,27 @@ impl KernelTestUtil {
         }
     }
 
-    fn success(&self) {
+    fn success<System: PortInstance>(&self) {
         self.is_successful.store(true, Ordering::Relaxed);
+        constance_port_std::shutdown::<System>();
     }
 
     fn fail(&self) {
         panic!("test failed");
     }
 
-    fn run(&self, func: impl FnOnce() -> !) {
+    fn run(&self, func: impl FnOnce()) {
         let _ = env_logger::try_init();
 
-        let panic_info = std::panic::catch_unwind(std::panic::AssertUnwindSafe(func))
-            .err()
-            .unwrap();
-
-        // "No task to schedule" is not a failure - it's the only way to stop
-        // the dispatcher loop
-        if let Some(msg) = panic_info.downcast_ref::<&'static str>() {
-            if msg.contains("No task to schedule") {
-                if self.is_successful.load(Ordering::Relaxed) {
-                    return;
-                }
+        if let Err(panic_info) = std::panic::catch_unwind(std::panic::AssertUnwindSafe(func)) {
+            std::panic::resume_unwind(panic_info);
+        }
 
-                panic!("The program deadlocked without calling `success`");
-            }
+        if self.is_successful.load(Ordering::Relaxed) {
+            return;
         }
 
-        std::panic::resume_unwind(panic_info);
+        panic!("The program deadlocked without calling `success`");
     }
 }
 
@@ -67,7 +61,7 @@ macro_rules! instantiate_kernel_tests {
                     &COTTAGE
                 }
                 fn success() {
-                    TEST_UTIL.success();
+                    TEST_UTIL.success::<System>();
                 }
                 fn fail() {
                     TEST_UTIL.fail();