mhu/reflow-oven-control-sw
2
0
Fork 0
Code Issues 4 Pull Requests Releases 4 Wiki Activity

Compare commits

base: mhu:e0f61af7099a99c82e859c34dbba96ab8df838ed
Branches Tags
mhu:dev
mhu:temp-profile-checker
mhu:master
mhu:jenkins
mhu:error-mem-viewer
mhu:v0.5-1
mhu:v0.5
mhu:v0.4
mhu:v0.3
mhu:v0.2-test
mhu:v0.1-hardware-test
..
compare: mhu:2f6590416de4acebfd064649852925d382c87ba8
Branches Tags
mhu:temp-profile-checker
mhu:dev
mhu:master
mhu:jenkins
mhu:error-mem-viewer
mhu:v0.5-1
mhu:v0.5
mhu:v0.4
mhu:v0.3
mhu:v0.2-test
mhu:v0.1-hardware-test

No commits in common. "e0f61af7099a99c82e859c34dbba96ab8df838ed" and "2f6590416de4acebfd064649852925d382c87ba8" have entirely different histories.
e0f61af709 ... 2f6590416d

3 changed files with 16 additions and 28 deletions
Show Stats Expand all files Collapse all files

2
stm-firmware/include/reflow-controller/safety/safety-memory.h
View File

@ -55,7 +55,7 @@ struct safety_memory_header {
uint32_t config_overrides_len; /**< @brief Length of override entries in words */
uint32_t err_memory_offset; /**< @brief Offset of the error memory */
uint32_t err_memory_end; /**< @brief End of the error memory. This points to the word after the error memory, containing the CRC of the whole backup RAM. */
uint32_t crc; /**< @brief CRC of the header */
uint32_t magic_i; /**< @brief Invers Magic. Set to the bitwise inverse of @ref SAFETY_MEMORY_MAGIC */
};
struct safety_memory_boot_status {

13
stm-firmware/safety/fault.c
View File

@ -26,16 +26,14 @@
void HardFault_Handler(void)
{
/* This is a non recoverable fault. Stop the oven */
/* This is a non recoverable fault. Hang here */
oven_driver_set_power(0);
oven_driver_apply_power_level();
/* Set the error led */
led_set(0, 1);
/* Try the real panic mode */
panic_mode();
while (1);
}
/* Overwrite default handler. Go to panic mode */
@ -46,9 +44,12 @@ void __int_default_handler(void)
void panic_mode(void)
{
/* This variable is static, because I don't want it to be on the stack */
static struct safety_memory_boot_status IN_SECTION(.ccm.bss) boot_status;
/* Panic mode is esentially the same as a hardfault,
* but it can be expected, that more functionality is still usable
*/
oven_driver_set_power(0);
oven_driver_apply_power_level();
@ -58,6 +59,6 @@ void panic_mode(void)
(void)safety_memory_set_boot_status(&boot_status);
}
/* Let the watchdog do the rest */
while (1);
}

29
stm-firmware/safety/safety-memory.c
View File

@ -76,21 +76,13 @@ static enum safety_memory_state safety_memory_get_header(struct safety_memory_he
if (res)
return SAFETY_MEMORY_INIT_CORRUPTED;
/* Check magic */
if (header->magic != SAFETY_MEMORY_MAGIC) {
/* Magic invalid */
/* Check magics */
if (header->magic != SAFETY_MEMORY_MAGIC || header->magic_i != (uint32_t)(~SAFETY_MEMORY_MAGIC)) {
/* Magics invalid */
ret = SAFETY_MEMORY_INIT_FRESH;
goto return_val;
}
/* Check the header crc */
crc_unit_reset();
crc_unit_input_array((uint32_t *)header, wordsize_of(struct safety_memory_header));
if (crc_unit_get_crc() != 0UL) {
ret = SAFETY_MEMORY_INIT_CORRUPTED;
goto return_val;
}
res = 0;
if (header->boot_status_offset < wordsize_of(struct safety_memory_header))
res++;
@ -114,14 +106,8 @@ return_val:
return ret;
}
static void safety_memory_write_and_patch_header(struct safety_memory_header *header)
static void safety_memory_write_header(const struct safety_memory_header *header)
{
/* Patch the CRC */
crc_unit_reset();
crc_unit_input_array((uint32_t *)header, wordsize_of(struct safety_memory_header) - 1U);
header->crc = crc_unit_get_crc();
/* Write to memory */
backup_ram_write_data(0UL, (uint32_t *)header, wordsize_of(*header));
}
@ -135,9 +121,10 @@ static void safety_memory_write_new_header(void)
header.err_memory_offset = header.config_overrides_offset + SAFETY_MEMORY_CONFIG_OVERRIDE_COUNT;
header.err_memory_end = header.err_memory_offset;
header.magic = SAFETY_MEMORY_MAGIC;
header.magic_i = ~SAFETY_MEMORY_MAGIC;
backup_ram_wipe();
safety_memory_write_and_patch_header(&header);
safety_memory_write_header(&header);
}
static int safety_memory_check_crc()
@ -412,7 +399,7 @@ int safety_memory_insert_error_entry(struct error_memory_entry *entry)
/* Still fits in memory */
backup_ram_write_data(header.err_memory_end, &input_data, 1UL);
header.err_memory_end++;
safety_memory_write_and_patch_header(&header);
safety_memory_write_header(&header);
safety_memory_gen_crc();
ret = 0;
}
@ -448,7 +435,7 @@ int safety_memory_insert_error_entry(struct error_memory_entry *entry)
if ((addr + 1) < backup_ram_get_size_in_words()) {
backup_ram_write_data(addr, &input_data, 1UL);
header.err_memory_end++;
safety_memory_write_and_patch_header(&header);
safety_memory_write_header(&header);
} else {
ret = -3;
goto return_value;