1. Real-time OS system state captured
by ATS language
Real-time OS system state captured
by ATS language
Real-time OS system state captured
by ATS language
Real-time OS system state captured
by ATS language
Real-time OS system state captured
by ATS language
Kiwamu OkabeKiwamu OkabeKiwamu OkabeKiwamu OkabeKiwamu Okabe

2. Real-time OS: ChibiOS/RTReal-time OS: ChibiOS/RTReal-time OS: ChibiOS/RTReal-time OS: ChibiOS/RTReal-time OS: ChibiOS/RT
☆ http://www.chibios.org/☆ http://www.chibios.org/☆ http://www.chibios.org/☆ http://www.chibios.org/☆ http://www.chibios.org/
☆ Simple/Small/Fast/Portable real-time OS☆ Simple/Small/Fast/Portable real-time OS☆ Simple/Small/Fast/Portable real-time OS☆ Simple/Small/Fast/Portable real-time OS☆ Simple/Small/Fast/Portable real-time OS
☆ Run on ARM Cortex-M*, Arduino Uno, PowerPC
e200
☆ Run on ARM Cortex-M*, Arduino Uno, PowerPC
e200
☆ Run on ARM Cortex-M*, Arduino Uno, PowerPC
e200
☆ Run on ARM Cortex-M*, Arduino Uno, PowerPC
e200
☆ Run on ARM Cortex-M*, Arduino Uno, PowerPC
e200
☆ Context Switch (STM32F4xx): 0.40 µsec☆ Context Switch (STM32F4xx): 0.40 µsec☆ Context Switch (STM32F4xx): 0.40 µsec☆ Context Switch (STM32F4xx): 0.40 µsec☆ Context Switch (STM32F4xx): 0.40 µsec
☆ Kernel Size (STM32F4xx): 6172 byte☆ Kernel Size (STM32F4xx): 6172 byte☆ Kernel Size (STM32F4xx): 6172 byte☆ Kernel Size (STM32F4xx): 6172 byte☆ Kernel Size (STM32F4xx): 6172 byte

3. System state in ChibiOS/RTSystem state in ChibiOS/RTSystem state in ChibiOS/RTSystem state in ChibiOS/RTSystem state in ChibiOS/RT

4. Class of system API in ChibiOS/RTClass of system API in ChibiOS/RTClass of system API in ChibiOS/RTClass of system API in ChibiOS/RTClass of system API in ChibiOS/RT
☆ "Normal" must be called on Thread☆ "Normal" must be called on Thread☆ "Normal" must be called on Thread☆ "Normal" must be called on Thread☆ "Normal" must be called on Thread
☆ "S-Class" must be called on S-Locked☆ "S-Class" must be called on S-Locked☆ "S-Class" must be called on S-Locked☆ "S-Class" must be called on S-Locked☆ "S-Class" must be called on S-Locked
☆ "I-Class" must be called on I-Locked or S-Locked☆ "I-Class" must be called on I-Locked or S-Locked☆ "I-Class" must be called on I-Locked or S-Locked☆ "I-Class" must be called on I-Locked or S-Locked☆ "I-Class" must be called on I-Locked or S-Locked
☆ "X-Class" must be called on Thread, S-Locked or
I-Locked
☆ "X-Class" must be called on Thread, S-Locked or
I-Locked
☆ "X-Class" must be called on Thread, S-Locked or
I-Locked
☆ "X-Class" must be called on Thread, S-Locked or
I-Locked
☆ "X-Class" must be called on Thread, S-Locked or
I-Locked
☆ "Special" have special execution requirements☆ "Special" have special execution requirements☆ "Special" have special execution requirements☆ "Special" have special execution requirements☆ "Special" have special execution requirements
☆ "Object Initializers" can be used in any state☆ "Object Initializers" can be used in any state☆ "Object Initializers" can be used in any state☆ "Object Initializers" can be used in any state☆ "Object Initializers" can be used in any state

5. Example: chSysLock()Example: chSysLock()Example: chSysLock()Example: chSysLock()Example: chSysLock()
☆ Enters the kernel lock mode☆ Enters the kernel lock mode☆ Enters the kernel lock mode☆ Enters the kernel lock mode☆ Enters the kernel lock mode
☆ Special function☆ Special function☆ Special function☆ Special function☆ Special function
☆ Should be called on Thread state☆ Should be called on Thread state☆ Should be called on Thread state☆ Should be called on Thread state☆ Should be called on Thread state
☆ Change system state into S-Locked state☆ Change system state into S-Locked state☆ Change system state into S-Locked state☆ Change system state into S-Locked state☆ Change system state into S-Locked state

6. Example: chVTSetI()Example: chVTSetI()Example: chVTSetI()Example: chVTSetI()Example: chVTSetI()
☆ Enables a virtual timer☆ Enables a virtual timer☆ Enables a virtual timer☆ Enables a virtual timer☆ Enables a virtual timer
☆ I-Class function☆ I-Class function☆ I-Class function☆ I-Class function☆ I-Class function
☆ Should be called on I-Locked or S-Locked state☆ Should be called on I-Locked or S-Locked state☆ Should be called on I-Locked or S-Locked state☆ Should be called on I-Locked or S-Locked state☆ Should be called on I-Locked or S-Locked state
☆ Doesn't change system state☆ Doesn't change system state☆ Doesn't change system state☆ Doesn't change system state☆ Doesn't change system state

7. Using system API in CUsing system API in CUsing system API in CUsing system API in CUsing system API in C
static�void�tmr_init(void�*p)�{
��chEvtObjectInit(&inserted_event);
��chEvtObjectInit(&removed_event);
��chSysLock();
��cnt�=�POLLING_INTERVAL;
��chVTSetI(&tmr,�MS2ST(POLLING_DELAY),�tmrfunc,�p);
��chSysUnlock();
}
static�void�tmr_init(void�*p)�{
��chEvtObjectInit(&inserted_event);
��chEvtObjectInit(&removed_event);
��chSysLock();
��cnt�=�POLLING_INTERVAL;
��chVTSetI(&tmr,�MS2ST(POLLING_DELAY),�tmrfunc,�p);
��chSysUnlock();
}
static�void�tmr_init(void�*p)�{
��chEvtObjectInit(&inserted_event);
��chEvtObjectInit(&removed_event);
��chSysLock();
��cnt�=�POLLING_INTERVAL;
��chVTSetI(&tmr,�MS2ST(POLLING_DELAY),�tmrfunc,�p);
��chSysUnlock();
}
static�void�tmr_init(void�*p)�{
��chEvtObjectInit(&inserted_event);
��chEvtObjectInit(&removed_event);
��chSysLock();
��cnt�=�POLLING_INTERVAL;
��chVTSetI(&tmr,�MS2ST(POLLING_DELAY),�tmrfunc,�p);
��chSysUnlock();
}
static�void�tmr_init(void�*p)�{
��chEvtObjectInit(&inserted_event);
��chEvtObjectInit(&removed_event);
��chSysLock();
��cnt�=�POLLING_INTERVAL;
��chVTSetI(&tmr,�MS2ST(POLLING_DELAY),�tmrfunc,�p);
��chSysUnlock();
}
☆ tmr_init() function begins on Thread state☆ tmr_init() function begins on Thread state☆ tmr_init() function begins on Thread state☆ tmr_init() function begins on Thread state☆ tmr_init() function begins on Thread state

8. Undefined behavior by wrong calling!Undefined behavior by wrong calling!Undefined behavior by wrong calling!Undefined behavior by wrong calling!Undefined behavior by wrong calling!
static�void�tmr_init(void�*p)�{
��chEvtObjectInit(&inserted_event);
��chEvtObjectInit(&removed_event);
��chSysLockFromISR();���//�wrong�call!
��cnt�=�POLLING_INTERVAL;
��chVTSetI(&tmr,�MS2ST(POLLING_DELAY),�tmrfunc,�p);
��chSysUnlockFromISR();�//�wrong�call!
}
static�void�tmr_init(void�*p)�{
��chEvtObjectInit(&inserted_event);
��chEvtObjectInit(&removed_event);
��chSysLockFromISR();���//�wrong�call!
��cnt�=�POLLING_INTERVAL;
��chVTSetI(&tmr,�MS2ST(POLLING_DELAY),�tmrfunc,�p);
��chSysUnlockFromISR();�//�wrong�call!
}
static�void�tmr_init(void�*p)�{
��chEvtObjectInit(&inserted_event);
��chEvtObjectInit(&removed_event);
��chSysLockFromISR();���//�wrong�call!
��cnt�=�POLLING_INTERVAL;
��chVTSetI(&tmr,�MS2ST(POLLING_DELAY),�tmrfunc,�p);
��chSysUnlockFromISR();�//�wrong�call!
}
static�void�tmr_init(void�*p)�{
��chEvtObjectInit(&inserted_event);
��chEvtObjectInit(&removed_event);
��chSysLockFromISR();���//�wrong�call!
��cnt�=�POLLING_INTERVAL;
��chVTSetI(&tmr,�MS2ST(POLLING_DELAY),�tmrfunc,�p);
��chSysUnlockFromISR();�//�wrong�call!
}
static�void�tmr_init(void�*p)�{
��chEvtObjectInit(&inserted_event);
��chEvtObjectInit(&removed_event);
��chSysLockFromISR();���//�wrong�call!
��cnt�=�POLLING_INTERVAL;
��chVTSetI(&tmr,�MS2ST(POLLING_DELAY),�tmrfunc,�p);
��chSysUnlockFromISR();�//�wrong�call!
}
☆ The code has no error at compile-time, but...☆ The code has no error at compile-time, but...☆ The code has no error at compile-time, but...☆ The code has no error at compile-time, but...☆ The code has no error at compile-time, but...
☆ it may cause undefined behavior at run-time!☆ it may cause undefined behavior at run-time!☆ it may cause undefined behavior at run-time!☆ it may cause undefined behavior at run-time!☆ it may cause undefined behavior at run-time!

9. Want to avoid it at compile-time...Want to avoid it at compile-time...Want to avoid it at compile-time...Want to avoid it at compile-time...Want to avoid it at compile-time...
☆ The system state is a state machine.☆ The system state is a state machine.☆ The system state is a state machine.☆ The system state is a state machine.☆ The system state is a state machine.
☆ Type system captures it at compile-time?☆ Type system captures it at compile-time?☆ Type system captures it at compile-time?☆ Type system captures it at compile-time?☆ Type system captures it at compile-time?

10. ATS language can do that!ATS language can do that!ATS language can do that!ATS language can do that!ATS language can do that!
☆ http://www.ats-lang.org/☆ http://www.ats-lang.org/☆ http://www.ats-lang.org/☆ http://www.ats-lang.org/☆ http://www.ats-lang.org/
☆ Syntax is similar to ML☆ Syntax is similar to ML☆ Syntax is similar to ML☆ Syntax is similar to ML☆ Syntax is similar to ML
☆ DML-style dependent types / Linear types☆ DML-style dependent types / Linear types☆ DML-style dependent types / Linear types☆ DML-style dependent types / Linear types☆ DML-style dependent types / Linear types
☆ Theorem proving / Safely use pointer☆ Theorem proving / Safely use pointer☆ Theorem proving / Safely use pointer☆ Theorem proving / Safely use pointer☆ Theorem proving / Safely use pointer
☆ Without GC / Without runtime☆ Without GC / Without runtime☆ Without GC / Without runtime☆ Without GC / Without runtime☆ Without GC / Without runtime
☆ Compiled into C language code☆ Compiled into C language code☆ Compiled into C language code☆ Compiled into C language code☆ Compiled into C language code

11. ATS programing on ChibiOS/RTATS programing on ChibiOS/RTATS programing on ChibiOS/RTATS programing on ChibiOS/RTATS programing on ChibiOS/RT
☆ https://github.com/fpiot/chibios-ats-2☆ https://github.com/fpiot/chibios-ats-2☆ https://github.com/fpiot/chibios-ats-2☆ https://github.com/fpiot/chibios-ats-2☆ https://github.com/fpiot/chibios-ats-2
☆ ATS code is found at following:☆ ATS code is found at following:☆ ATS code is found at following:☆ ATS code is found at following:☆ ATS code is found at following:
☆ https://github.com/fpiot/chibios-ats-2/blob/
master/demos/STM32/RT-STM32F746G-
DISCOVERY-LWIP-FATFS-USB/main.dats
☆ https://github.com/fpiot/chibios-ats-2/blob/
master/demos/STM32/RT-STM32F746G-
DISCOVERY-LWIP-FATFS-USB/main.dats
☆ https://github.com/fpiot/chibios-ats-2/blob/
master/demos/STM32/RT-STM32F746G-
DISCOVERY-LWIP-FATFS-USB/main.dats
☆ https://github.com/fpiot/chibios-ats-2/blob/
master/demos/STM32/RT-STM32F746G-
DISCOVERY-LWIP-FATFS-USB/main.dats
☆ https://github.com/fpiot/chibios-ats-2/blob/
master/demos/STM32/RT-STM32F746G-
DISCOVERY-LWIP-FATFS-USB/main.dats

12. DemoDemoDemoDemoDemo
https://youtu.be/Riw5C_ZrK-Yhttps://youtu.be/Riw5C_ZrK-Yhttps://youtu.be/Riw5C_ZrK-Yhttps://youtu.be/Riw5C_ZrK-Yhttps://youtu.be/Riw5C_ZrK-Y

13. Define linear type for system stateDefine linear type for system stateDefine linear type for system stateDefine linear type for system stateDefine linear type for system state
#define�chss_init�������0
#define�chss_thread�����1
#define�chss_irqsusp����2
#define�chss_irqdisable�3
#define�chss_irqwait����4
#define�chss_isr��������5
#define�chss_slock������6
#define�chss_ilock������7
absvtype�chss(s:int)
vtypedef�chss_any�=�[s:int�￨�chss_init�<=�s;�s�<=�chss_ilock]�chss(s)
vtypedef�chss_iclass�=�[s:int�￨�s�==�chss_slock�￨￨�s�==�chss_ilock]�chss(s)
#define�chss_init�������0
#define�chss_thread�����1
#define�chss_irqsusp����2
#define�chss_irqdisable�3
#define�chss_irqwait����4
#define�chss_isr��������5
#define�chss_slock������6
#define�chss_ilock������7
absvtype�chss(s:int)
vtypedef�chss_any�=�[s:int�￨�chss_init�<=�s;�s�<=�chss_ilock]�chss(s)
vtypedef�chss_iclass�=�[s:int�￨�s�==�chss_slock�￨￨�s�==�chss_ilock]�chss(s)
#define�chss_init�������0
#define�chss_thread�����1
#define�chss_irqsusp����2
#define�chss_irqdisable�3
#define�chss_irqwait����4
#define�chss_isr��������5
#define�chss_slock������6
#define�chss_ilock������7
absvtype�chss(s:int)
vtypedef�chss_any�=�[s:int�￨�chss_init�<=�s;�s�<=�chss_ilock]�chss(s)
vtypedef�chss_iclass�=�[s:int�￨�s�==�chss_slock�￨￨�s�==�chss_ilock]�chss(s)
#define�chss_init�������0
#define�chss_thread�����1
#define�chss_irqsusp����2
#define�chss_irqdisable�3
#define�chss_irqwait����4
#define�chss_isr��������5
#define�chss_slock������6
#define�chss_ilock������7
absvtype�chss(s:int)
vtypedef�chss_any�=�[s:int�￨�chss_init�<=�s;�s�<=�chss_ilock]�chss(s)
vtypedef�chss_iclass�=�[s:int�￨�s�==�chss_slock�￨￨�s�==�chss_ilock]�chss(s)
#define�chss_init�������0
#define�chss_thread�����1
#define�chss_irqsusp����2
#define�chss_irqdisable�3
#define�chss_irqwait����4
#define�chss_isr��������5
#define�chss_slock������6
#define�chss_ilock������7
absvtype�chss(s:int)
vtypedef�chss_any�=�[s:int�￨�chss_init�<=�s;�s�<=�chss_ilock]�chss(s)
vtypedef�chss_iclass�=�[s:int�￨�s�==�chss_slock�￨￨�s�==�chss_ilock]�chss(s)
☆ Linear type "chss" depends on static int.☆ Linear type "chss" depends on static int.☆ Linear type "chss" depends on static int.☆ Linear type "chss" depends on static int.☆ Linear type "chss" depends on static int.
☆ The int represents ID of system state.☆ The int represents ID of system state.☆ The int represents ID of system state.☆ The int represents ID of system state.☆ The int represents ID of system state.

14. Import system API from CImport system API from CImport system API from CImport system API from CImport system API from C
extern�fun�chSysLock�(!chss(chss_thread)�>>�chss(chss_slock)�￨�):�void
��=�"mac#"
extern�fun�chSysUnlock�(!chss(chss_slock)�>>�chss(chss_thread)�￨�):�void
��=�"mac#"
extern�fun�chSysLockFromISR�(!chss(chss_isr)�>>�chss(chss_ilock)�￨�):�void
��=�"mac#"
extern�fun�chSysUnlockFromISR�(!chss(chss_ilock)�>>�chss(chss_isr)�￨�):�void
��=�"mac#"
extern�fun�chEvtBroadcastI�(!chss_iclass�￨�cPtr0(event_source_t)):�void
��=�"mac#"
extern�fun�chEvtObjectInit�(!chss_any�￨�cPtr0(event_source_t)):�void�=�"mac#"
extern�fun�chVTSetI�(!chss_iclass�￨�cPtr0(virtual_timer_t),�systime_t,
��vtfunc_t,�cPtr0(BaseBlockDevice)):�void�=�"mac#"
extern�fun�chSysLock�(!chss(chss_thread)�>>�chss(chss_slock)�￨�):�void
��=�"mac#"
extern�fun�chSysUnlock�(!chss(chss_slock)�>>�chss(chss_thread)�￨�):�void
��=�"mac#"
extern�fun�chSysLockFromISR�(!chss(chss_isr)�>>�chss(chss_ilock)�￨�):�void
��=�"mac#"
extern�fun�chSysUnlockFromISR�(!chss(chss_ilock)�>>�chss(chss_isr)�￨�):�void
��=�"mac#"
extern�fun�chEvtBroadcastI�(!chss_iclass�￨�cPtr0(event_source_t)):�void
��=�"mac#"
extern�fun�chEvtObjectInit�(!chss_any�￨�cPtr0(event_source_t)):�void�=�"mac#"
extern�fun�chVTSetI�(!chss_iclass�￨�cPtr0(virtual_timer_t),�systime_t,
��vtfunc_t,�cPtr0(BaseBlockDevice)):�void�=�"mac#"
extern�fun�chSysLock�(!chss(chss_thread)�>>�chss(chss_slock)�￨�):�void
��=�"mac#"
extern�fun�chSysUnlock�(!chss(chss_slock)�>>�chss(chss_thread)�￨�):�void
��=�"mac#"
extern�fun�chSysLockFromISR�(!chss(chss_isr)�>>�chss(chss_ilock)�￨�):�void
��=�"mac#"
extern�fun�chSysUnlockFromISR�(!chss(chss_ilock)�>>�chss(chss_isr)�￨�):�void
��=�"mac#"
extern�fun�chEvtBroadcastI�(!chss_iclass�￨�cPtr0(event_source_t)):�void
��=�"mac#"
extern�fun�chEvtObjectInit�(!chss_any�￨�cPtr0(event_source_t)):�void�=�"mac#"
extern�fun�chVTSetI�(!chss_iclass�￨�cPtr0(virtual_timer_t),�systime_t,
��vtfunc_t,�cPtr0(BaseBlockDevice)):�void�=�"mac#"
extern�fun�chSysLock�(!chss(chss_thread)�>>�chss(chss_slock)�￨�):�void
��=�"mac#"
extern�fun�chSysUnlock�(!chss(chss_slock)�>>�chss(chss_thread)�￨�):�void
��=�"mac#"
extern�fun�chSysLockFromISR�(!chss(chss_isr)�>>�chss(chss_ilock)�￨�):�void
��=�"mac#"
extern�fun�chSysUnlockFromISR�(!chss(chss_ilock)�>>�chss(chss_isr)�￨�):�void
��=�"mac#"
extern�fun�chEvtBroadcastI�(!chss_iclass�￨�cPtr0(event_source_t)):�void
��=�"mac#"
extern�fun�chEvtObjectInit�(!chss_any�￨�cPtr0(event_source_t)):�void�=�"mac#"
extern�fun�chVTSetI�(!chss_iclass�￨�cPtr0(virtual_timer_t),�systime_t,
��vtfunc_t,�cPtr0(BaseBlockDevice)):�void�=�"mac#"
extern�fun�chSysLock�(!chss(chss_thread)�>>�chss(chss_slock)�￨�):�void
��=�"mac#"
extern�fun�chSysUnlock�(!chss(chss_slock)�>>�chss(chss_thread)�￨�):�void
��=�"mac#"
extern�fun�chSysLockFromISR�(!chss(chss_isr)�>>�chss(chss_ilock)�￨�):�void
��=�"mac#"
extern�fun�chSysUnlockFromISR�(!chss(chss_ilock)�>>�chss(chss_isr)�￨�):�void
��=�"mac#"
extern�fun�chEvtBroadcastI�(!chss_iclass�￨�cPtr0(event_source_t)):�void
��=�"mac#"
extern�fun�chEvtObjectInit�(!chss_any�￨�cPtr0(event_source_t)):�void�=�"mac#"
extern�fun�chVTSetI�(!chss_iclass�￨�cPtr0(virtual_timer_t),�systime_t,
��vtfunc_t,�cPtr0(BaseBlockDevice)):�void�=�"mac#"

15. Using system API in ATSUsing system API in ATSUsing system API in ATSUsing system API in ATSUsing system API in ATS
128�extern�fun�tmr_init�(!chss(chss_thread)�￨�ptr):�void�=�"mac#"
129�implement�tmr_init�(pss�￨�p)�=�{
130���val�bbdp�=�$UN.cast{cPtr0(BaseBlockDevice)}(p)
131�
132���val�()�=�chEvtObjectInit�(pss�￨�inserted_event_p)
133���val�()�=�chEvtObjectInit�(pss�￨�removed_event_p)
134���val�()�=�chSysLock�(pss�￨�)
135���extvar�"cnt"�=�POLLING_INTERVAL
136���val�()�=�chVTSetI�(pss�￨�tmr_p,�MS2ST�(POLLING_DELAY),�tmrfunc,�bbdp)
137���val�()�=�chSysUnlock�(pss�￨�)
138�}
128�extern�fun�tmr_init�(!chss(chss_thread)�￨�ptr):�void�=�"mac#"
129�implement�tmr_init�(pss�￨�p)�=�{
130���val�bbdp�=�$UN.cast{cPtr0(BaseBlockDevice)}(p)
131�
132���val�()�=�chEvtObjectInit�(pss�￨�inserted_event_p)
133���val�()�=�chEvtObjectInit�(pss�￨�removed_event_p)
134���val�()�=�chSysLock�(pss�￨�)
135���extvar�"cnt"�=�POLLING_INTERVAL
136���val�()�=�chVTSetI�(pss�￨�tmr_p,�MS2ST�(POLLING_DELAY),�tmrfunc,�bbdp)
137���val�()�=�chSysUnlock�(pss�￨�)
138�}
128�extern�fun�tmr_init�(!chss(chss_thread)�￨�ptr):�void�=�"mac#"
129�implement�tmr_init�(pss�￨�p)�=�{
130���val�bbdp�=�$UN.cast{cPtr0(BaseBlockDevice)}(p)
131�
132���val�()�=�chEvtObjectInit�(pss�￨�inserted_event_p)
133���val�()�=�chEvtObjectInit�(pss�￨�removed_event_p)
134���val�()�=�chSysLock�(pss�￨�)
135���extvar�"cnt"�=�POLLING_INTERVAL
136���val�()�=�chVTSetI�(pss�￨�tmr_p,�MS2ST�(POLLING_DELAY),�tmrfunc,�bbdp)
137���val�()�=�chSysUnlock�(pss�￨�)
138�}
128�extern�fun�tmr_init�(!chss(chss_thread)�￨�ptr):�void�=�"mac#"
129�implement�tmr_init�(pss�￨�p)�=�{
130���val�bbdp�=�$UN.cast{cPtr0(BaseBlockDevice)}(p)
131�
132���val�()�=�chEvtObjectInit�(pss�￨�inserted_event_p)
133���val�()�=�chEvtObjectInit�(pss�￨�removed_event_p)
134���val�()�=�chSysLock�(pss�￨�)
135���extvar�"cnt"�=�POLLING_INTERVAL
136���val�()�=�chVTSetI�(pss�￨�tmr_p,�MS2ST�(POLLING_DELAY),�tmrfunc,�bbdp)
137���val�()�=�chSysUnlock�(pss�￨�)
138�}
128�extern�fun�tmr_init�(!chss(chss_thread)�￨�ptr):�void�=�"mac#"
129�implement�tmr_init�(pss�￨�p)�=�{
130���val�bbdp�=�$UN.cast{cPtr0(BaseBlockDevice)}(p)
131�
132���val�()�=�chEvtObjectInit�(pss�￨�inserted_event_p)
133���val�()�=�chEvtObjectInit�(pss�￨�removed_event_p)
134���val�()�=�chSysLock�(pss�￨�)
135���extvar�"cnt"�=�POLLING_INTERVAL
136���val�()�=�chVTSetI�(pss�￨�tmr_p,�MS2ST�(POLLING_DELAY),�tmrfunc,�bbdp)
137���val�()�=�chSysUnlock�(pss�￨�)
138�}
☆ Every function takes linear type as 1st argument☆ Every function takes linear type as 1st argument☆ Every function takes linear type as 1st argument☆ Every function takes linear type as 1st argument☆ Every function takes linear type as 1st argument

16. If you call wrong system API...If you call wrong system API...If you call wrong system API...If you call wrong system API...If you call wrong system API...
128�extern�fun�tmr_init�(!chss(chss_thread)�￨�ptr):�void�=�"mac#"
129�implement�tmr_init�(pss�￨�p)�=�{
130���val�bbdp�=�$UN.cast{cPtr0(BaseBlockDevice)}(p)
131�
132���val�()�=�chEvtObjectInit�(pss�￨�inserted_event_p)
133���val�()�=�chEvtObjectInit�(pss�￨�removed_event_p)
134���val�()�=�chSysLockFromISR�(pss�￨�)���//�wrong�call!
135���extvar�"cnt"�=�POLLING_INTERVAL
136���val�()�=�chVTSetI�(pss�￨�tmr_p,�MS2ST�(POLLING_DELAY),�tmrfunc,�bbdp)
137���val�()�=�chSysUnlockFromISR�(pss�￨�)�//�wrong�call!
138�}
128�extern�fun�tmr_init�(!chss(chss_thread)�￨�ptr):�void�=�"mac#"
129�implement�tmr_init�(pss�￨�p)�=�{
130���val�bbdp�=�$UN.cast{cPtr0(BaseBlockDevice)}(p)
131�
132���val�()�=�chEvtObjectInit�(pss�￨�inserted_event_p)
133���val�()�=�chEvtObjectInit�(pss�￨�removed_event_p)
134���val�()�=�chSysLockFromISR�(pss�￨�)���//�wrong�call!
135���extvar�"cnt"�=�POLLING_INTERVAL
136���val�()�=�chVTSetI�(pss�￨�tmr_p,�MS2ST�(POLLING_DELAY),�tmrfunc,�bbdp)
137���val�()�=�chSysUnlockFromISR�(pss�￨�)�//�wrong�call!
138�}
128�extern�fun�tmr_init�(!chss(chss_thread)�￨�ptr):�void�=�"mac#"
129�implement�tmr_init�(pss�￨�p)�=�{
130���val�bbdp�=�$UN.cast{cPtr0(BaseBlockDevice)}(p)
131�
132���val�()�=�chEvtObjectInit�(pss�￨�inserted_event_p)
133���val�()�=�chEvtObjectInit�(pss�￨�removed_event_p)
134���val�()�=�chSysLockFromISR�(pss�￨�)���//�wrong�call!
135���extvar�"cnt"�=�POLLING_INTERVAL
136���val�()�=�chVTSetI�(pss�￨�tmr_p,�MS2ST�(POLLING_DELAY),�tmrfunc,�bbdp)
137���val�()�=�chSysUnlockFromISR�(pss�￨�)�//�wrong�call!
138�}
128�extern�fun�tmr_init�(!chss(chss_thread)�￨�ptr):�void�=�"mac#"
129�implement�tmr_init�(pss�￨�p)�=�{
130���val�bbdp�=�$UN.cast{cPtr0(BaseBlockDevice)}(p)
131�
132���val�()�=�chEvtObjectInit�(pss�￨�inserted_event_p)
133���val�()�=�chEvtObjectInit�(pss�￨�removed_event_p)
134���val�()�=�chSysLockFromISR�(pss�￨�)���//�wrong�call!
135���extvar�"cnt"�=�POLLING_INTERVAL
136���val�()�=�chVTSetI�(pss�￨�tmr_p,�MS2ST�(POLLING_DELAY),�tmrfunc,�bbdp)
137���val�()�=�chSysUnlockFromISR�(pss�￨�)�//�wrong�call!
138�}
128�extern�fun�tmr_init�(!chss(chss_thread)�￨�ptr):�void�=�"mac#"
129�implement�tmr_init�(pss�￨�p)�=�{
130���val�bbdp�=�$UN.cast{cPtr0(BaseBlockDevice)}(p)
131�
132���val�()�=�chEvtObjectInit�(pss�￨�inserted_event_p)
133���val�()�=�chEvtObjectInit�(pss�￨�removed_event_p)
134���val�()�=�chSysLockFromISR�(pss�￨�)���//�wrong�call!
135���extvar�"cnt"�=�POLLING_INTERVAL
136���val�()�=�chVTSetI�(pss�￨�tmr_p,�MS2ST�(POLLING_DELAY),�tmrfunc,�bbdp)
137���val�()�=�chSysUnlockFromISR�(pss�￨�)�//�wrong�call!
138�}

17. ATS finds the error at compile-time!ATS finds the error at compile-time!ATS finds the error at compile-time!ATS finds the error at compile-time!ATS finds the error at compile-time!
$�patsopt�-o�build/obj/main.c�-d�main.dats
/home/kiwamu/src/chibios-ats-2/demos/STM32/RT-STM32F746G-DISCOVERY-LWIP-
FATFS-USB/main.dats:�4617(line=134,�offs=30)�--�4620(line=134,�offs=33):�
error(3):�unsolved�constraint:�C3NSTRprop(C3TKmain();�S2Eeqeq(S2Eintinf(1);�
S2Eintinf(5)))
$�patsopt�-o�build/obj/main.c�-d�main.dats
/home/kiwamu/src/chibios-ats-2/demos/STM32/RT-STM32F746G-DISCOVERY-LWIP-
FATFS-USB/main.dats:�4617(line=134,�offs=30)�--�4620(line=134,�offs=33):�
error(3):�unsolved�constraint:�C3NSTRprop(C3TKmain();�S2Eeqeq(S2Eintinf(1);�
S2Eintinf(5)))
$�patsopt�-o�build/obj/main.c�-d�main.dats
/home/kiwamu/src/chibios-ats-2/demos/STM32/RT-STM32F746G-DISCOVERY-LWIP-
FATFS-USB/main.dats:�4617(line=134,�offs=30)�--�4620(line=134,�offs=33):�
error(3):�unsolved�constraint:�C3NSTRprop(C3TKmain();�S2Eeqeq(S2Eintinf(1);�
S2Eintinf(5)))
$�patsopt�-o�build/obj/main.c�-d�main.dats
/home/kiwamu/src/chibios-ats-2/demos/STM32/RT-STM32F746G-DISCOVERY-LWIP-
FATFS-USB/main.dats:�4617(line=134,�offs=30)�--�4620(line=134,�offs=33):�
error(3):�unsolved�constraint:�C3NSTRprop(C3TKmain();�S2Eeqeq(S2Eintinf(1);�
S2Eintinf(5)))
$�patsopt�-o�build/obj/main.c�-d�main.dats
/home/kiwamu/src/chibios-ats-2/demos/STM32/RT-STM32F746G-DISCOVERY-LWIP-
FATFS-USB/main.dats:�4617(line=134,�offs=30)�--�4620(line=134,�offs=33):�
error(3):�unsolved�constraint:�C3NSTRprop(C3TKmain();�S2Eeqeq(S2Eintinf(1);�
S2Eintinf(5)))
☆ It means that ATS compiler can't solve "1 == 5",☆ It means that ATS compiler can't solve "1 == 5",☆ It means that ATS compiler can't solve "1 == 5",☆ It means that ATS compiler can't solve "1 == 5",☆ It means that ATS compiler can't solve "1 == 5",
☆ while checking Thread state "chss
(chss_thread)" equals ISR state "chss(chss_isr)".
☆ while checking Thread state "chss
(chss_thread)" equals ISR state "chss(chss_isr)".
☆ while checking Thread state "chss
(chss_thread)" equals ISR state "chss(chss_isr)".
☆ while checking Thread state "chss
(chss_thread)" equals ISR state "chss(chss_isr)".
☆ while checking Thread state "chss
(chss_thread)" equals ISR state "chss(chss_isr)".
☆ Because "chss_thread" is 1 and "chss_isr" is 5.☆ Because "chss_thread" is 1 and "chss_isr" is 5.☆ Because "chss_thread" is 1 and "chss_isr" is 5.☆ Because "chss_thread" is 1 and "chss_isr" is 5.☆ Because "chss_thread" is 1 and "chss_isr" is 5.

18. Let's enjoy capturing properties by ATS!Let's enjoy capturing properties by ATS!Let's enjoy capturing properties by ATS!Let's enjoy capturing properties by ATS!Let's enjoy capturing properties by ATS!
☆ http://www.ats-lang.org/☆ http://www.ats-lang.org/☆ http://www.ats-lang.org/☆ http://www.ats-lang.org/☆ http://www.ats-lang.org/
☆ http://jats-ug.metasepi.org/☆ http://jats-ug.metasepi.org/☆ http://jats-ug.metasepi.org/☆ http://jats-ug.metasepi.org/☆ http://jats-ug.metasepi.org/

19. Ads: Join Life Robotics Inc.Ads: Join Life Robotics Inc.Ads: Join Life Robotics Inc.Ads: Join Life Robotics Inc.Ads: Join Life Robotics Inc.
☆ https://liferobotics.jp/career☆ https://liferobotics.jp/career☆ https://liferobotics.jp/career☆ https://liferobotics.jp/career☆ https://liferobotics.jp/career
☆ Embedded development in agile style☆ Embedded development in agile style☆ Embedded development in agile style☆ Embedded development in agile style☆ Embedded development in agile style
☆ Specification language developed by OCaml!☆ Specification language developed by OCaml!☆ Specification language developed by OCaml!☆ Specification language developed by OCaml!☆ Specification language developed by OCaml!

20. Ads: Dive into VeriFast!Ads: Dive into VeriFast!Ads: Dive into VeriFast!Ads: Dive into VeriFast!Ads: Dive into VeriFast!
☆ https://people.cs.kuleuven.be/~bart.jacobs/
verifast/
☆ https://people.cs.kuleuven.be/~bart.jacobs/
verifast/
☆ https://people.cs.kuleuven.be/~bart.jacobs/
verifast/
☆ https://people.cs.kuleuven.be/~bart.jacobs/
verifast/
☆ https://people.cs.kuleuven.be/~bart.jacobs/
verifast/
☆ A verifier for single-threaded and multithreaded
C and Java programs annotated with
preconditions and postconditions written in
separation logic.
☆ A verifier for single-threaded and multithreaded
C and Java programs annotated with
preconditions and postconditions written in
separation logic.
☆ A verifier for single-threaded and multithreaded
C and Java programs annotated with
preconditions and postconditions written in
separation logic.
☆ A verifier for single-threaded and multithreaded
C and Java programs annotated with
preconditions and postconditions written in
separation logic.
☆ A verifier for single-threaded and multithreaded
C and Java programs annotated with
preconditions and postconditions written in
separation logic.
☆ Next meetup at Friday, July 22, 6:30 p.m.☆ Next meetup at Friday, July 22, 6:30 p.m.☆ Next meetup at Friday, July 22, 6:30 p.m.☆ Next meetup at Friday, July 22, 6:30 p.m.☆ Next meetup at Friday, July 22, 6:30 p.m.
☆ https://fpiot.doorkeeper.jp/events/47626☆ https://fpiot.doorkeeper.jp/events/47626☆ https://fpiot.doorkeeper.jp/events/47626☆ https://fpiot.doorkeeper.jp/events/47626☆ https://fpiot.doorkeeper.jp/events/47626

21. Ads: Functional Ikamusume at C90!Ads: Functional Ikamusume at C90!Ads: Functional Ikamusume at C90!Ads: Functional Ikamusume at C90!Ads: Functional Ikamusume at C90!
☆ http://www.paraiso-lang.org/ikmsm/☆ http://www.paraiso-lang.org/ikmsm/☆ http://www.paraiso-lang.org/ikmsm/☆ http://www.paraiso-lang.org/ikmsm/☆ http://www.paraiso-lang.org/ikmsm/
☆ AlphaGo☆ AlphaGo☆ AlphaGo☆ AlphaGo☆ AlphaGo
☆ Real-time OS and ATS language☆ Real-time OS and ATS language☆ Real-time OS and ATS language☆ Real-time OS and ATS language☆ Real-time OS and ATS language
☆ Internal set theory☆ Internal set theory☆ Internal set theory☆ Internal set theory☆ Internal set theory
☆ 日曜日⻄ｆ32a☆ 日曜日⻄ｆ32a☆ 日曜日⻄ｆ32a☆ 日曜日⻄ｆ32a☆ 日曜日⻄ｆ32a

22. License of photos #1License of photos #1License of photos #1License of photos #1License of photos #1
*�Creative�Commons�BBB�￨�Flickr
��https://www.flickr.com/photos/steren/2732488224/
��Copyright:�Steren�Giannini�/�License:�CC�BY�2.0
*�Circle�Packing�Artifacts�￨�Some�artifacts�from�an�agent-base��￨�Flickr
��https://www.flickr.com/photos/blprnt/4217234991/in/photostream/
��Copyright:�Jer�Thorp�/�License:�CC�BY�2.0
*�Mercedes�Benz�S�Class�Coupe�Concept�￨�Maurizio�Pesce�￨�Flickr
��https://www.flickr.com/photos/pestoverde/16656096747/
��Copyright:�Maurizio�Pesce�/�License:�CC�BY�2.0
*�labyrinthine�circuit�board�lines�￨�In�the�center�of�the�roun��￨�Flickr
��https://www.flickr.com/photos/hinkelstone/2435823037/
��Copyright:�Karl-Ludwig�Poggemann�/�License:�CC�BY�2.0
*�Anime�Friends�-�2008�￨�Ricardo�清介�⼋⽊�￨�Flickr
��https://www.flickr.com/photos/riyagi/11696094664/
��Copyright:�Ricardo�清介�⼋⽊�/�License:�CC�BY�2.0
*�Creative�Commons�BBB�￨�Flickr
��https://www.flickr.com/photos/steren/2732488224/
��Copyright:�Steren�Giannini�/�License:�CC�BY�2.0
*�Circle�Packing�Artifacts�￨�Some�artifacts�from�an�agent-base��￨�Flickr
��https://www.flickr.com/photos/blprnt/4217234991/in/photostream/
��Copyright:�Jer�Thorp�/�License:�CC�BY�2.0
*�Mercedes�Benz�S�Class�Coupe�Concept�￨�Maurizio�Pesce�￨�Flickr
��https://www.flickr.com/photos/pestoverde/16656096747/
��Copyright:�Maurizio�Pesce�/�License:�CC�BY�2.0
*�labyrinthine�circuit�board�lines�￨�In�the�center�of�the�roun��￨�Flickr
��https://www.flickr.com/photos/hinkelstone/2435823037/
��Copyright:�Karl-Ludwig�Poggemann�/�License:�CC�BY�2.0
*�Anime�Friends�-�2008�￨�Ricardo�清介�⼋⽊�￨�Flickr
��https://www.flickr.com/photos/riyagi/11696094664/
��Copyright:�Ricardo�清介�⼋⽊�/�License:�CC�BY�2.0
*�Creative�Commons�BBB�￨�Flickr
��https://www.flickr.com/photos/steren/2732488224/
��Copyright:�Steren�Giannini�/�License:�CC�BY�2.0
*�Circle�Packing�Artifacts�￨�Some�artifacts�from�an�agent-base��￨�Flickr
��https://www.flickr.com/photos/blprnt/4217234991/in/photostream/
��Copyright:�Jer�Thorp�/�License:�CC�BY�2.0
*�Mercedes�Benz�S�Class�Coupe�Concept�￨�Maurizio�Pesce�￨�Flickr
��https://www.flickr.com/photos/pestoverde/16656096747/
��Copyright:�Maurizio�Pesce�/�License:�CC�BY�2.0
*�labyrinthine�circuit�board�lines�￨�In�the�center�of�the�roun��￨�Flickr
��https://www.flickr.com/photos/hinkelstone/2435823037/
��Copyright:�Karl-Ludwig�Poggemann�/�License:�CC�BY�2.0
*�Anime�Friends�-�2008�￨�Ricardo�清介�⼋⽊�￨�Flickr
��https://www.flickr.com/photos/riyagi/11696094664/
��Copyright:�Ricardo�清介�⼋⽊�/�License:�CC�BY�2.0
*�Creative�Commons�BBB�￨�Flickr
��https://www.flickr.com/photos/steren/2732488224/
��Copyright:�Steren�Giannini�/�License:�CC�BY�2.0
*�Circle�Packing�Artifacts�￨�Some�artifacts�from�an�agent-base��￨�Flickr
��https://www.flickr.com/photos/blprnt/4217234991/in/photostream/
��Copyright:�Jer�Thorp�/�License:�CC�BY�2.0
*�Mercedes�Benz�S�Class�Coupe�Concept�￨�Maurizio�Pesce�￨�Flickr
��https://www.flickr.com/photos/pestoverde/16656096747/
��Copyright:�Maurizio�Pesce�/�License:�CC�BY�2.0
*�labyrinthine�circuit�board�lines�￨�In�the�center�of�the�roun��￨�Flickr
��https://www.flickr.com/photos/hinkelstone/2435823037/
��Copyright:�Karl-Ludwig�Poggemann�/�License:�CC�BY�2.0
*�Anime�Friends�-�2008�￨�Ricardo�清介�⼋⽊�￨�Flickr
��https://www.flickr.com/photos/riyagi/11696094664/
��Copyright:�Ricardo�清介�⼋⽊�/�License:�CC�BY�2.0
*�Creative�Commons�BBB�￨�Flickr
��https://www.flickr.com/photos/steren/2732488224/
��Copyright:�Steren�Giannini�/�License:�CC�BY�2.0
*�Circle�Packing�Artifacts�￨�Some�artifacts�from�an�agent-base��￨�Flickr
��https://www.flickr.com/photos/blprnt/4217234991/in/photostream/
��Copyright:�Jer�Thorp�/�License:�CC�BY�2.0
*�Mercedes�Benz�S�Class�Coupe�Concept�￨�Maurizio�Pesce�￨�Flickr
��https://www.flickr.com/photos/pestoverde/16656096747/
��Copyright:�Maurizio�Pesce�/�License:�CC�BY�2.0
*�labyrinthine�circuit�board�lines�￨�In�the�center�of�the�roun��￨�Flickr
��https://www.flickr.com/photos/hinkelstone/2435823037/
��Copyright:�Karl-Ludwig�Poggemann�/�License:�CC�BY�2.0
*�Anime�Friends�-�2008�￨�Ricardo�清介 ⼋⽊�￨�Flickr
��https://www.flickr.com/photos/riyagi/11696094664/
��Copyright:�Ricardo�清介 ⼋⽊�/�License:�CC�BY�2.0

23. License of photos #2License of photos #2License of photos #2License of photos #2License of photos #2
*�Cardcaptor�Sakura�￨�moby.to/0j3c6l�￨�KniBaron�￨�Flickr
��https://www.flickr.com/photos/knightbaron/15966847927/
��Copyright:�KniBaron�/�License:�CC�BY�2.0
*�Horizon�￨�Chris�￨�Flickr
��https://www.flickr.com/photos/sparkyc/104995140/
��Copyright:�Chris�/�License:�CC�BY�2.0
*�YouTube�logo�￨�Rego�Korosi�￨�Flickr
��https://www.flickr.com/photos/korosirego/4481461680/
��Copyright:�Rego�Korosi�/�License:�CC�BY-SA�2.0
*�Cardcaptor�Sakura�￨�moby.to/0j3c6l�￨�KniBaron�￨�Flickr
��https://www.flickr.com/photos/knightbaron/15966847927/
��Copyright:�KniBaron�/�License:�CC�BY�2.0
*�Horizon�￨�Chris�￨�Flickr
��https://www.flickr.com/photos/sparkyc/104995140/
��Copyright:�Chris�/�License:�CC�BY�2.0
*�YouTube�logo�￨�Rego�Korosi�￨�Flickr
��https://www.flickr.com/photos/korosirego/4481461680/
��Copyright:�Rego�Korosi�/�License:�CC�BY-SA�2.0
*�Cardcaptor�Sakura�￨�moby.to/0j3c6l�￨�KniBaron�￨�Flickr
��https://www.flickr.com/photos/knightbaron/15966847927/
��Copyright:�KniBaron�/�License:�CC�BY�2.0
*�Horizon�￨�Chris�￨�Flickr
��https://www.flickr.com/photos/sparkyc/104995140/
��Copyright:�Chris�/�License:�CC�BY�2.0
*�YouTube�logo�￨�Rego�Korosi�￨�Flickr
��https://www.flickr.com/photos/korosirego/4481461680/
��Copyright:�Rego�Korosi�/�License:�CC�BY-SA�2.0
*�Cardcaptor�Sakura�￨�moby.to/0j3c6l�￨�KniBaron�￨�Flickr
��https://www.flickr.com/photos/knightbaron/15966847927/
��Copyright:�KniBaron�/�License:�CC�BY�2.0
*�Horizon�￨�Chris�￨�Flickr
��https://www.flickr.com/photos/sparkyc/104995140/
��Copyright:�Chris�/�License:�CC�BY�2.0
*�YouTube�logo�￨�Rego�Korosi�￨�Flickr
��https://www.flickr.com/photos/korosirego/4481461680/
��Copyright:�Rego�Korosi�/�License:�CC�BY-SA�2.0
*�Cardcaptor�Sakura�￨�moby.to/0j3c6l�￨�KniBaron�￨�Flickr
��https://www.flickr.com/photos/knightbaron/15966847927/
��Copyright:�KniBaron�/�License:�CC�BY�2.0
*�Horizon�￨�Chris�￨�Flickr
��https://www.flickr.com/photos/sparkyc/104995140/
��Copyright:�Chris�/�License:�CC�BY�2.0
*�YouTube�logo�￨�Rego�Korosi�￨�Flickr
��https://www.flickr.com/photos/korosirego/4481461680/
��Copyright:�Rego�Korosi�/�License:�CC�BY-SA�2.0