|
|
|
|
@@ -37,57 +37,58 @@
|
|
|
|
|
#include <stddef.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <reflow-controller/safety/safety-memory.h>
|
|
|
|
|
#include <reflow-controller/oven-driver.h>
|
|
|
|
|
#include <helper-macros/helper-macros.h>
|
|
|
|
|
|
|
|
|
|
#define check_flag_persistent(flag) ((flag)->persistency && (flag)->persistency->persistency)
|
|
|
|
|
#define get_flag_weight(flag) ((flag)->weight ? (flag->weight->weight) : SAFETY_FLAG_CONFIG_WEIGHT_NONE)
|
|
|
|
|
|
|
|
|
|
struct safety_weight {
|
|
|
|
|
uint32_t start_dummy;
|
|
|
|
|
enum config_weight weight;
|
|
|
|
|
enum safety_flag flag;
|
|
|
|
|
volatile struct error_flag *flag_ptr;
|
|
|
|
|
uint32_t end_dummy;
|
|
|
|
|
uint32_t start_dummy;
|
|
|
|
|
enum config_weight weight;
|
|
|
|
|
enum safety_flag flag;
|
|
|
|
|
volatile struct error_flag *flag_ptr;
|
|
|
|
|
uint32_t end_dummy;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct safety_persistency {
|
|
|
|
|
uint32_t start_dummy;
|
|
|
|
|
bool persistency;
|
|
|
|
|
enum safety_flag flag;
|
|
|
|
|
volatile struct error_flag *flag_ptr;
|
|
|
|
|
uint32_t end_dummy;
|
|
|
|
|
uint32_t start_dummy;
|
|
|
|
|
bool persistency;
|
|
|
|
|
enum safety_flag flag;
|
|
|
|
|
volatile struct error_flag *flag_ptr;
|
|
|
|
|
uint32_t end_dummy;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct error_flag {
|
|
|
|
|
const char *name;
|
|
|
|
|
enum safety_flag flag;
|
|
|
|
|
bool error_state;
|
|
|
|
|
bool error_state_inv;
|
|
|
|
|
volatile struct safety_persistency *persistency;
|
|
|
|
|
volatile struct safety_weight *weight;
|
|
|
|
|
uint32_t key;
|
|
|
|
|
const char *name;
|
|
|
|
|
enum safety_flag flag;
|
|
|
|
|
bool error_state;
|
|
|
|
|
bool error_state_inv;
|
|
|
|
|
volatile struct safety_persistency *persistency;
|
|
|
|
|
volatile struct safety_weight *weight;
|
|
|
|
|
uint32_t key;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct timing_mon {
|
|
|
|
|
const char *name;
|
|
|
|
|
enum timing_monitor monitor;
|
|
|
|
|
enum safety_flag associated_flag;
|
|
|
|
|
uint64_t min_delta;
|
|
|
|
|
uint64_t max_delta;
|
|
|
|
|
uint64_t last;
|
|
|
|
|
uint64_t calculated_delta;
|
|
|
|
|
bool enabled;
|
|
|
|
|
const char *name;
|
|
|
|
|
enum timing_monitor monitor;
|
|
|
|
|
enum safety_flag associated_flag;
|
|
|
|
|
uint64_t min_delta;
|
|
|
|
|
uint64_t max_delta;
|
|
|
|
|
uint64_t last;
|
|
|
|
|
uint64_t calculated_delta;
|
|
|
|
|
bool enabled;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct analog_mon {
|
|
|
|
|
const char *name;
|
|
|
|
|
enum analog_value_monitor monitor;
|
|
|
|
|
enum safety_flag associated_flag;
|
|
|
|
|
float min;
|
|
|
|
|
float max;
|
|
|
|
|
float value;
|
|
|
|
|
bool valid;
|
|
|
|
|
uint64_t timestamp;
|
|
|
|
|
const char *name;
|
|
|
|
|
enum analog_value_monitor monitor;
|
|
|
|
|
enum safety_flag associated_flag;
|
|
|
|
|
float min;
|
|
|
|
|
float max;
|
|
|
|
|
float value;
|
|
|
|
|
bool valid;
|
|
|
|
|
uint64_t timestamp;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static volatile struct error_flag IN_SECTION(.ccm.data) flags[] = {
|
|
|
|
|
@@ -119,9 +120,9 @@ static volatile struct timing_mon IN_SECTION(.ccm.data) timings[] = {
|
|
|
|
|
|
|
|
|
|
static volatile struct analog_mon IN_SECTION(.ccm.data) analog_mons[] = {
|
|
|
|
|
ANA_MON_ENTRY(ERR_AMON_VREF, SAFETY_ADC_VREF_MVOLT - SAFETY_ADC_VREF_TOL_MVOLT,
|
|
|
|
|
SAFETY_ADC_VREF_MVOLT + SAFETY_ADC_VREF_TOL_MVOLT, ERR_FLAG_AMON_VREF),
|
|
|
|
|
SAFETY_ADC_VREF_MVOLT + SAFETY_ADC_VREF_TOL_MVOLT, ERR_FLAG_AMON_VREF),
|
|
|
|
|
ANA_MON_ENTRY(ERR_AMON_UC_TEMP, SAFETY_ADC_TEMP_LOW_LIM, SAFETY_ADC_TEMP_HIGH_LIM,
|
|
|
|
|
ERR_FLAG_AMON_UC_TEMP),
|
|
|
|
|
ERR_FLAG_AMON_UC_TEMP),
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static const struct safety_weight default_flag_weights[] = { SAFETY_CONFIG_DEFAULT_WEIGHTS };
|
|
|
|
|
@@ -216,6 +217,9 @@ static void init_safety_flag_persistencies_from_default(void)
|
|
|
|
|
|
|
|
|
|
static bool error_flag_get_status(const volatile struct error_flag *flag)
|
|
|
|
|
{
|
|
|
|
|
if (!flag)
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
if (flag->error_state == flag->error_state_inv) {
|
|
|
|
|
return true;
|
|
|
|
|
} else {
|
|
|
|
|
@@ -576,6 +580,31 @@ static void safety_controller_do_systick_checking()
|
|
|
|
|
last_systick = systick;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void safety_controller_handle_weighted_flags()
|
|
|
|
|
{
|
|
|
|
|
uint32_t weight_index;
|
|
|
|
|
volatile struct safety_weight *current_weight;
|
|
|
|
|
|
|
|
|
|
for (weight_index = 0; weight_index < COUNT_OF(flag_weights); weight_index++) {
|
|
|
|
|
current_weight = &flag_weights[weight_index];
|
|
|
|
|
if (error_flag_get_status(current_weight->flag_ptr)) {
|
|
|
|
|
switch (current_weight->weight) {
|
|
|
|
|
case SAFETY_FLAG_CONFIG_WEIGHT_NONE:
|
|
|
|
|
break;
|
|
|
|
|
case SAFETY_FLAG_CONFIG_WEIGHT_PID:
|
|
|
|
|
oven_pid_abort();
|
|
|
|
|
break;
|
|
|
|
|
case SAFETY_FLAG_CONFIG_WEIGHT_PANIC:
|
|
|
|
|
/* Expected fallthrough */
|
|
|
|
|
default:
|
|
|
|
|
oven_pid_abort();
|
|
|
|
|
panic_mode();
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int safety_controller_handle()
|
|
|
|
|
{
|
|
|
|
|
int ret = 0;
|
|
|
|
|
@@ -583,12 +612,9 @@ int safety_controller_handle()
|
|
|
|
|
safety_controller_check_stack();
|
|
|
|
|
safety_controller_handle_safety_adc();
|
|
|
|
|
safety_controller_handle_memory_checks();
|
|
|
|
|
|
|
|
|
|
safety_controller_do_systick_checking();
|
|
|
|
|
|
|
|
|
|
safety_controller_process_monitor_checks();
|
|
|
|
|
|
|
|
|
|
/* TODO: Check flag weights and trigger appropriate safety action */
|
|
|
|
|
safety_controller_handle_weighted_flags();
|
|
|
|
|
|
|
|
|
|
ret |= watchdog_ack(WATCHDOG_MAGIC_KEY);
|
|
|
|
|
|
|
|
|
|
|
