2015-05-29 23:12:49 -03:00
|
|
|
#include "Copter.h"
|
|
|
|
|
2012-10-09 00:30:17 -03:00
|
|
|
//
|
|
|
|
// failsafe support
|
|
|
|
// Andrew Tridgell, December 2011
|
|
|
|
//
|
|
|
|
// our failsafe strategy is to detect main loop lockup and disarm the motors
|
|
|
|
//
|
|
|
|
|
2015-04-13 03:57:44 -03:00
|
|
|
static bool failsafe_enabled = false;
|
2017-11-13 01:59:07 -04:00
|
|
|
static uint16_t failsafe_last_ticks;
|
2012-10-09 00:30:17 -03:00
|
|
|
static uint32_t failsafe_last_timestamp;
|
|
|
|
static bool in_failsafe;
|
|
|
|
|
|
|
|
//
|
|
|
|
// failsafe_enable - enable failsafe
|
|
|
|
//
|
2015-05-29 23:12:49 -03:00
|
|
|
void Copter::failsafe_enable()
|
2012-10-09 00:30:17 -03:00
|
|
|
{
|
|
|
|
failsafe_enabled = true;
|
|
|
|
failsafe_last_timestamp = micros();
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// failsafe_disable - used when we know we are going to delay the mainloop significantly
|
|
|
|
//
|
2015-05-29 23:12:49 -03:00
|
|
|
void Copter::failsafe_disable()
|
2012-10-09 00:30:17 -03:00
|
|
|
{
|
|
|
|
failsafe_enabled = false;
|
|
|
|
}
|
2012-11-10 01:55:51 -04:00
|
|
|
|
2012-10-09 00:30:17 -03:00
|
|
|
//
|
|
|
|
// failsafe_check - this function is called from the core timer interrupt at 1kHz.
|
|
|
|
//
|
2015-05-29 23:12:49 -03:00
|
|
|
void Copter::failsafe_check()
|
2012-10-09 00:30:17 -03:00
|
|
|
{
|
2015-11-19 23:04:45 -04:00
|
|
|
uint32_t tnow = AP_HAL::micros();
|
2013-09-28 03:31:01 -03:00
|
|
|
|
2017-11-13 01:59:07 -04:00
|
|
|
const uint16_t ticks = scheduler.ticks();
|
|
|
|
if (ticks != failsafe_last_ticks) {
|
2012-10-09 00:30:17 -03:00
|
|
|
// the main loop is running, all is OK
|
2017-11-13 01:59:07 -04:00
|
|
|
failsafe_last_ticks = ticks;
|
2012-10-09 00:30:17 -03:00
|
|
|
failsafe_last_timestamp = tnow;
|
2014-10-30 01:23:09 -03:00
|
|
|
if (in_failsafe) {
|
|
|
|
in_failsafe = false;
|
2023-07-13 21:58:09 -03:00
|
|
|
LOGGER_WRITE_ERROR(LogErrorSubsystem::CPU, LogErrorCode::FAILSAFE_RESOLVED);
|
2014-10-30 01:23:09 -03:00
|
|
|
}
|
2012-10-09 00:30:17 -03:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2014-10-30 01:23:09 -03:00
|
|
|
if (!in_failsafe && failsafe_enabled && tnow - failsafe_last_timestamp > 2000000) {
|
2012-11-10 01:55:51 -04:00
|
|
|
// motors are running but we have gone 2 second since the
|
2012-10-09 00:30:17 -03:00
|
|
|
// main loop ran. That means we're in trouble and should
|
2017-01-09 03:31:26 -04:00
|
|
|
// disarm the motors->
|
2012-10-09 00:30:17 -03:00
|
|
|
in_failsafe = true;
|
2014-11-07 22:37:23 -04:00
|
|
|
// reduce motors to minimum (we do not immediately disarm because we want to log the failure)
|
2017-01-09 03:31:26 -04:00
|
|
|
if (motors->armed()) {
|
|
|
|
motors->output_min();
|
2014-11-07 22:37:23 -04:00
|
|
|
}
|
2019-02-11 04:11:20 -04:00
|
|
|
|
2023-07-13 21:58:09 -03:00
|
|
|
LOGGER_WRITE_ERROR(LogErrorSubsystem::CPU, LogErrorCode::FAILSAFE_OCCURRED);
|
2012-10-09 00:30:17 -03:00
|
|
|
}
|
|
|
|
|
2012-12-31 00:32:27 -04:00
|
|
|
if (failsafe_enabled && in_failsafe && tnow - failsafe_last_timestamp > 1000000) {
|
2012-10-09 00:30:17 -03:00
|
|
|
// disarm motors every second
|
|
|
|
failsafe_last_timestamp = tnow;
|
2017-01-09 03:31:26 -04:00
|
|
|
if(motors->armed()) {
|
|
|
|
motors->armed(false);
|
|
|
|
motors->output();
|
2012-10-09 00:30:17 -03:00
|
|
|
}
|
|
|
|
}
|
2013-09-28 03:31:01 -03:00
|
|
|
}
|
2016-08-16 07:23:27 -03:00
|
|
|
|
|
|
|
|
2024-09-04 00:48:37 -03:00
|
|
|
#if ADVANCED_FAILSAFE
|
2016-08-16 07:23:27 -03:00
|
|
|
/*
|
|
|
|
check for AFS failsafe check
|
|
|
|
*/
|
|
|
|
void Copter::afs_fs_check(void)
|
|
|
|
{
|
|
|
|
// perform AFS failsafe checks
|
2022-10-20 22:25:52 -03:00
|
|
|
g2.afs.check(last_radio_update_ms);
|
2016-08-16 07:23:27 -03:00
|
|
|
}
|
|
|
|
#endif
|