diff --git a/doc/source/firmware/safety.rst b/doc/source/firmware/safety.rst index e741b89..ba22094 100644 --- a/doc/source/firmware/safety.rst +++ b/doc/source/firmware/safety.rst @@ -10,7 +10,7 @@ Severe error flags, like a drifting reference voltage, stop the PID controller a The controller stays in a usable state. After the errors have been cleared, normal operation may continue. On the other hand, fatal errors like an over-temperature error, or memory problem, lead to the activation of the :ref:`safety_panic`, -which forces the output zero, but does not allow any more interaction. +which forces the output zero, but does not allow any further interaction. .. toctree:: :maxdepth: 2 diff --git a/stm-firmware/Makefile b/stm-firmware/Makefile index 701f726..67b2f40 100644 --- a/stm-firmware/Makefile +++ b/stm-firmware/Makefile @@ -47,7 +47,7 @@ CFILES += fatfs/diskio.c fatfs/ff.c fatfs/ffsystem.c fatfs/ffunicode.c fatfs/shi CFILES += pid-controller.c oven-driver.c CFILES += settings/settings.c settings/settings-sd-card.c -CFILES += safety/safety-adc.c safety/safety-controller.c safety/watchdog.c safety/fault.c +CFILES += safety/safety-adc.c safety/safety-controller.c safety/watchdog.c safety/fault.c safety/safety-memory.c DEBUG_DEFINES = -DDEBUGBUILD RELEASE_DEFINES = diff --git a/stm-firmware/include/reflow-controller/safety/backup-memory.h b/stm-firmware/include/reflow-controller/safety/backup-memory.h deleted file mode 100644 index 737c890..0000000 --- a/stm-firmware/include/reflow-controller/safety/backup-memory.h +++ /dev/null @@ -1,52 +0,0 @@ -/* Reflow Oven Controller -* -* Copyright (C) 2020 Mario Hüttel -* -* This file is part of the Reflow Oven Controller Project. -* -* The reflow oven controller is free software: you can redistribute it and/or modify -* it under the terms of the GNU General Public License version 2 as -* published by the Free Software Foundation. -* -* The Reflow Oven Control Firmware is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU General Public License for more details. -* -* You should have received a copy of the GNU General Public License -* along with the reflow oven controller project. -* If not, see . -*/ - -#ifndef __SAFETY_MEMORY_H__ -#define __SAFETY_MEMORY_H__ - -/** - * @brief Magic number to signal a valid safety memory header. - */ -#define SAFETY_MEMORY_MAGIC 0x12AA5CB7 - -/** - * @brief Offset address for the safety_memory_header. - * @note Any other value than 0UL doesn't really make sense. Therfore, this should not be changed. - */ -#define SAFETY_MEMORY_HEADER_ADDRESS 0UL - -/** - * @brief Safety memory header - */ -struct safety_memory_header { - uint32_t magic; /**< @brief Magic. Set to SAFETY_MEMORY_MAGIC */ - uint32_t boot_status_offset; /**< Offset of the safety_memory_boot_status struct (in 32 bit words)*/ - uint32_t err_memory_offset; /**< Offset of the error memory */ - uint32_t err_memory_end; /**< End of the error memory. This points to the word after the error memory, containing the CRC of the whole backup RAM. */ - uint32_t magic_i; /**< @brief Invers Magic. Set to ~SAFETY_MEMORY_MAGIC */ -}; - -struct safety_memory_boot_status { - uint32_t reboot_to_bootloader; - uint32_t code_updated; -} - - -#endif /* __SAFETY_MEMORY_H__ */ diff --git a/stm-firmware/include/reflow-controller/safety/safety-memory.h b/stm-firmware/include/reflow-controller/safety/safety-memory.h index f248547..028de14 100644 --- a/stm-firmware/include/reflow-controller/safety/safety-memory.h +++ b/stm-firmware/include/reflow-controller/safety/safety-memory.h @@ -18,33 +18,37 @@ * If not, see . */ -#ifndef __WATCHDOG_H__ -#define __WATCHDOG_H__ +#ifndef __SAFETY_MEMORY_H__ +#define __SAFETY_MEMORY_H__ -#include #include -#include /** - * @brief Setup the watchdog for the safety controller - * @param Prescaler to use for the 32 KHz LSI clock - * @return 0 if successful - * @note Once the watchdog is enabled, it cannot be turned off! + * @brief Magic number to signal a valid safety memory header. */ -int watchdog_setup(uint8_t prescaler); +#define SAFETY_MEMORY_MAGIC 0x12AA5CB7 /** - * @brief Reset watchdog counter - * @param magic Magic value to prevent this fuinction from being called randomly - * @return 0 if successful + * @brief Offset address for the safety_memory_header. + * @note Any other value than 0UL doesn't really make sense. Therfore, this should not be changed. */ -int watchdog_ack(uint32_t magic); +#define SAFETY_MEMORY_HEADER_ADDRESS 0UL /** - * @brief Check if reset was generated by the watchdog. - * @note This also clears the relevant flag, so the function will reutrn false when called a second time - * @return + * @brief Safety memory header */ -bool watchdog_check_reset_source(void); +struct safety_memory_header { + uint32_t magic; /**< @brief Magic. Set to @ref SAFETY_MEMORY_MAGIC */ + uint32_t boot_status_offset; /**< @brief Offset of the safety_memory_boot_status struct (in 32 bit words)*/ + uint32_t err_memory_offset; /**< @brief Offset of the error memory */ + uint32_t err_memory_end; /**< @brief End of the error memory. This points to the word after the error memory, containing the CRC of the whole backup RAM. */ + uint32_t magic_i; /**< @brief Invers Magic. Set to the bitwise inverse of @ref SAFETY_MEMORY_MAGIC */ +}; -#endif /* __WATCHDOG_H__ */ +struct safety_memory_boot_status { + uint32_t reboot_to_bootloader; + uint32_t code_updated; +}; + + +#endif /* __SAFETY_MEMORY_H__ */