reflow-oven-control-sw/stm-firmware/safety/fault.c
2022-07-16 13:01:38 +02:00

84 lines
2.5 KiB
C

/* Reflow Oven Controller
*
* Copyright (C) 2020 Mario Hüttel <mario.huettel@gmx.net>
*
* This file is part of the Reflow Oven Controller Project.
*
* The reflow oven controller is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*
* The Reflow Oven Control Firmware is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with the reflow oven controller project.
* If not, see <http://www.gnu.org/licenses/>.
*/
#include <reflow-controller/oven-driver.h>
#include <reflow-controller/digio.h>
#include <reflow-controller/safety/fault.h>
#include <reflow-controller/safety/safety-memory.h>
#include <helper-macros/helper-macros.h>
/**
* @brief Handler for hard faults.
*
* This hard fault handler will turn of the oven output and go to panic mode.
* @note Depending on the fault condition some of the things done here could fail.
*/
void HardFault_Handler(void)
{
/* This is a non recoverable fault. Stop the oven */
oven_driver_set_power(0);
oven_driver_apply_power_level();
/* Set the error led */
led_set(0, 1);
/* Try the real panic mode */
panic_mode();
}
/* Overwrite default handler. Go to panic mode */
/**
* @brief Default interrupt handler. This will trigger a panic.
* @note This function should never be called during normal operation.
*/
void __int_default_handler(void)
{
panic_mode();
}
/**
* @brief Put the device into panic mode.
*
* This function can be used when a irrecoverable error is encountered.
* The function will:
* - Disable the oven output
* - Set the panic flag in the safety memory
* - Hang and wait for the watchdog to trigger a system reset.
*
* The panic state will be entered after the reset due to the set panic flag in the safety memory
*/
void panic_mode(void)
{
/* This variable is static, because I don't want it to be on the stack */
static struct safety_memory_boot_status IN_SECTION(.ccm.bss) boot_status;
oven_driver_set_power(0);
oven_driver_apply_power_level();
if (!safety_memory_get_boot_status(&boot_status)) {
boot_status.reset_from_panic = 0xFFFFFFFF;
(void)safety_memory_set_boot_status(&boot_status);
}
/* Let the watchdog do the rest */
while (1)
;
}