Mirror
/
ardupilot
mirror of https://github.com/ArduPilot/ardupilot
5
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
ardupilot/Rover/failsafe.cpp

155 lines
4.9 KiB
C++
Raw Blame History

/*
failsafe support
Andrew Tridgell, December 2011
*/
#include "Rover.h"
#include <stdio.h>
/*
our failsafe strategy is to detect main loop lockup and disarm.
*/
/*
this failsafe_check function is called from the core timer interrupt
at 1kHz.
*/
void Rover::failsafe_check()
{
static uint16_t last_ticks;
static uint32_t last_timestamp;
const uint32_t tnow = AP_HAL::micros();
const uint16_t ticks = scheduler.ticks();
if (ticks != last_ticks) {
// the main loop is running, all is OK
last_ticks = ticks;
last_timestamp = tnow;
return;
}
if (tnow - last_timestamp > 200000) {
// we have gone at least 0.2 seconds since the main loop
// ran. That means we're in trouble, or perhaps are in
// an initialisation routine or log erase. disarm the motors
// To-Do: log error
if (arming.is_armed()) {
// disarm motors
arming.disarm(AP_Arming::Method::CPUFAILSAFE);
}
}
}
/*
called to set/unset a failsafe event.
*/
void Rover::failsafe_trigger(uint8_t failsafe_type, const char* type_str, bool on)
{
uint8_t old_bits = failsafe.bits;
if (on) {
failsafe.bits |= failsafe_type;
} else {
failsafe.bits &= ~failsafe_type;
}
if (old_bits == 0 && failsafe.bits != 0) {
// a failsafe event has started
failsafe.start_time = millis();
}
if (failsafe.triggered != 0 && failsafe.bits == 0) {
// a failsafe event has ended
gcs().send_text(MAV_SEVERITY_INFO, "%s Failsafe Cleared", type_str);
}
failsafe.triggered &= failsafe.bits;
if ((failsafe.triggered == 0) &&
(failsafe.bits != 0) &&
(millis() - failsafe.start_time > g.fs_timeout * 1000) &&
(control_mode != &mode_rtl) &&
((control_mode != &mode_hold || (g2.fs_options & (uint32_t)Failsafe_Options::Failsafe_Option_Active_In_Hold)))) {
failsafe.triggered = failsafe.bits;
gcs().send_text(MAV_SEVERITY_WARNING, "%s Failsafe", type_str);
// clear rc overrides
RC_Channels::clear_overrides();
if ((control_mode == &mode_auto) &&
((failsafe_type == FAILSAFE_EVENT_THROTTLE && g.fs_throttle_enabled == FS_THR_ENABLED_CONTINUE_MISSION) ||
(failsafe_type == FAILSAFE_EVENT_GCS && g.fs_gcs_enabled == FS_GCS_ENABLED_CONTINUE_MISSION))) {
// continue with mission in auto mode
} else {
switch (g.fs_action) {
case Failsafe_Action_None:
break;
case Failsafe_Action_RTL:
if (!set_mode(mode_rtl, ModeReason::FAILSAFE)) {
set_mode(mode_hold, ModeReason::FAILSAFE);
}
break;
case Failsafe_Action_Hold:
set_mode(mode_hold, ModeReason::FAILSAFE);
break;
case Failsafe_Action_SmartRTL:
if (!set_mode(mode_smartrtl, ModeReason::FAILSAFE)) {
if (!set_mode(mode_rtl, ModeReason::FAILSAFE)) {
set_mode(mode_hold, ModeReason::FAILSAFE);
}
}
break;
case Failsafe_Action_SmartRTL_Hold:
if (!set_mode(mode_smartrtl, ModeReason::FAILSAFE)) {
set_mode(mode_hold, ModeReason::FAILSAFE);
}
break;
}
}
}
}
void Rover::handle_battery_failsafe(const char* type_str, const int8_t action)
{
switch ((Failsafe_Action)action) {
case Failsafe_Action_None:
break;
case Failsafe_Action_SmartRTL:
if (set_mode(mode_smartrtl, ModeReason::BATTERY_FAILSAFE)) {
break;
}
FALLTHROUGH;
case Failsafe_Action_RTL:
if (set_mode(mode_rtl, ModeReason::BATTERY_FAILSAFE)) {
break;
}
FALLTHROUGH;
case Failsafe_Action_Hold:
set_mode(mode_hold, ModeReason::BATTERY_FAILSAFE);
break;
case Failsafe_Action_SmartRTL_Hold:
if (!set_mode(mode_smartrtl, ModeReason::BATTERY_FAILSAFE)) {
set_mode(mode_hold, ModeReason::BATTERY_FAILSAFE);
}
break;
case Failsafe_Action_Terminate:
#if ADVANCED_FAILSAFE == ENABLED
char battery_type_str[17];
snprintf(battery_type_str, 17, "%s battery", type_str);
g2.afs.gcs_terminate(true, battery_type_str);
#else
arming.disarm(AP_Arming::Method::BATTERYFAILSAFE);
#endif // ADVANCED_FAILSAFE == ENABLED
break;
}
}
#if ADVANCED_FAILSAFE == ENABLED
/*
check for AFS failsafe check
*/
void Rover::afs_fs_check(void)
{
// perform AFS failsafe checks
g2.afs.check(g2.fence.get_breaches() != 0, failsafe.last_valid_rc_ms);
}
#endif
Reference in New Issue View Git Blame Copy Permalink