Merge remote-tracking branch 'origin/main' into cfdp-fault-handler-event
All checks were successful
EIVE/eive-obsw/pipeline/pr-main This commit looks good
All checks were successful
EIVE/eive-obsw/pipeline/pr-main This commit looks good
This commit is contained in:
commit
be9d00be04
@ -23,6 +23,8 @@ will consitute of a breaking change warranting a new major release:
|
|||||||
- Proper back pressure handling for the CFDP handler, where the `LiveTmTask` is able to throttle
|
- Proper back pressure handling for the CFDP handler, where the `LiveTmTask` is able to throttle
|
||||||
the CFDP handler.
|
the CFDP handler.
|
||||||
- Added CFDP fault handler events.
|
- Added CFDP fault handler events.
|
||||||
|
- The EIVE system will command the payload OFF explicitely again when receiving the
|
||||||
|
`power::POWER_LEVEL_CRITICAL` event.
|
||||||
|
|
||||||
## Fixed
|
## Fixed
|
||||||
|
|
||||||
@ -37,6 +39,11 @@ will consitute of a breaking change warranting a new major release:
|
|||||||
is not in normal mode.
|
is not in normal mode.
|
||||||
- MPSoC debug mode.
|
- MPSoC debug mode.
|
||||||
|
|
||||||
|
## Changed
|
||||||
|
|
||||||
|
- Added a 3 second delay in the EIVE system between commanding all PL components except the SUPV,
|
||||||
|
and the SUPV itself OFF when the power level becomes low or critical.
|
||||||
|
|
||||||
# [v7.1.0] 2023-10-11
|
# [v7.1.0] 2023-10-11
|
||||||
|
|
||||||
- Bumped `eive-tmtc` to v5.8.0.
|
- Bumped `eive-tmtc` to v5.8.0.
|
||||||
|
@ -70,6 +70,9 @@ void EiveSystem::performChildOperation() {
|
|||||||
}
|
}
|
||||||
pdecRecoveryLogic();
|
pdecRecoveryLogic();
|
||||||
i2cRecoveryLogic();
|
i2cRecoveryLogic();
|
||||||
|
if (forcePlOffState != ForcePlOffState::NONE) {
|
||||||
|
forceOffPayload();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
ReturnValue_t EiveSystem::initialize() {
|
ReturnValue_t EiveSystem::initialize() {
|
||||||
@ -203,10 +206,14 @@ void EiveSystem::handleEventMessages() {
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case power::POWER_LEVEL_LOW: {
|
case power::POWER_LEVEL_LOW: {
|
||||||
forceOffPayload();
|
forcePlOffState = ForcePlOffState::FORCE_ALL_EXCEPT_SUPV_OFF;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case power::POWER_LEVEL_CRITICAL:
|
case power::POWER_LEVEL_CRITICAL: {
|
||||||
|
// Force payload off in any case. It really should not be on when the power level
|
||||||
|
// becomes critical, but better be safe than sorry..
|
||||||
|
forcePlOffState = ForcePlOffState::FORCE_ALL_EXCEPT_SUPV_OFF;
|
||||||
|
// Also set the STR assembly to faulty, which should cause a fallback to SAFE mode.
|
||||||
CommandMessage msg;
|
CommandMessage msg;
|
||||||
HealthMessage::setHealthMessage(&msg, HealthMessage::HEALTH_SET, HasHealthIF::FAULTY);
|
HealthMessage::setHealthMessage(&msg, HealthMessage::HEALTH_SET, HasHealthIF::FAULTY);
|
||||||
ReturnValue_t result = MessageQueueSenderIF::sendMessage(
|
ReturnValue_t result = MessageQueueSenderIF::sendMessage(
|
||||||
@ -217,6 +224,7 @@ void EiveSystem::handleEventMessages() {
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
sif::debug << "EiveSystem: Did not subscribe to event " << event.getEvent() << std::endl;
|
sif::debug << "EiveSystem: Did not subscribe to event " << event.getEvent() << std::endl;
|
||||||
@ -403,38 +411,46 @@ void EiveSystem::pdecRecoveryLogic() {
|
|||||||
|
|
||||||
void EiveSystem::forceOffPayload() {
|
void EiveSystem::forceOffPayload() {
|
||||||
CommandMessage msg;
|
CommandMessage msg;
|
||||||
|
ReturnValue_t result;
|
||||||
// set PL to faulty
|
// set PL to faulty
|
||||||
HealthMessage::setHealthMessage(&msg, HealthMessage::HEALTH_SET, HasHealthIF::FAULTY);
|
HealthMessage::setHealthMessage(&msg, HealthMessage::HEALTH_SET, HasHealthIF::FAULTY);
|
||||||
|
|
||||||
ReturnValue_t result = commandQueue->sendMessage(plPcduQueueId, &msg);
|
if (forcePlOffState == ForcePlOffState::FORCE_ALL_EXCEPT_SUPV_OFF) {
|
||||||
if (result != returnvalue::OK) {
|
|
||||||
sif::error << "EIVE System: Sending FAULTY command to PL PCDU failed" << std::endl;
|
|
||||||
}
|
|
||||||
|
|
||||||
result = commandQueue->sendMessage(plocMpsocQueueId, &msg);
|
result = commandQueue->sendMessage(plocMpsocQueueId, &msg);
|
||||||
if (result != returnvalue::OK) {
|
if (result != returnvalue::OK) {
|
||||||
sif::error << "EIVE System: Sending FAULTY command to PLOC MPSOC failed" << std::endl;
|
sif::error << "EIVE System: Sending FAULTY command to PLOC MPSOC failed" << std::endl;
|
||||||
}
|
}
|
||||||
|
|
||||||
result = commandQueue->sendMessage(plocSupervisorQueueId, &msg);
|
|
||||||
if (result != returnvalue::OK) {
|
|
||||||
sif::error << "EIVE System: Sending FAULTY command to PLOC SUPERVISOR failed" << std::endl;
|
|
||||||
}
|
|
||||||
|
|
||||||
result = commandQueue->sendMessage(cameraQueueId, &msg);
|
result = commandQueue->sendMessage(cameraQueueId, &msg);
|
||||||
if (result != returnvalue::OK) {
|
if (result != returnvalue::OK) {
|
||||||
sif::error << "EIVE System: Sending FAULTY command to PL CAM failed" << std::endl;
|
sif::error << "EIVE System: Sending FAULTY command to PL CAM failed" << std::endl;
|
||||||
}
|
}
|
||||||
|
|
||||||
result = commandQueue->sendMessage(scexQueueId, &msg);
|
result = commandQueue->sendMessage(scexQueueId, &msg);
|
||||||
if (result != returnvalue::OK) {
|
if (result != returnvalue::OK) {
|
||||||
sif::error << "EIVE System: Sending FAULTY command to SCEX failed" << std::endl;
|
sif::error << "EIVE System: Sending FAULTY command to SCEX failed" << std::endl;
|
||||||
}
|
}
|
||||||
|
|
||||||
result = commandQueue->sendMessage(radSensorQueueId, &msg);
|
result = commandQueue->sendMessage(radSensorQueueId, &msg);
|
||||||
if (result != returnvalue::OK) {
|
if (result != returnvalue::OK) {
|
||||||
sif::error << "EIVE System: Sending FAULTY command to RAD SENSOR failed" << std::endl;
|
sif::error << "EIVE System: Sending FAULTY command to RAD SENSOR failed" << std::endl;
|
||||||
}
|
}
|
||||||
|
result = commandQueue->sendMessage(plPcduQueueId, &msg);
|
||||||
|
if (result != returnvalue::OK) {
|
||||||
|
sif::error << "EIVE System: Sending FAULTY command to PL PCDU failed" << std::endl;
|
||||||
|
}
|
||||||
|
forcePlOffState = ForcePlOffState::WAITING;
|
||||||
|
supvOffDelay.resetTimer();
|
||||||
|
}
|
||||||
|
|
||||||
|
if (forcePlOffState == ForcePlOffState::WAITING and supvOffDelay.hasTimedOut()) {
|
||||||
|
forcePlOffState = ForcePlOffState::FORCE_SUPV_OFF;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (forcePlOffState == ForcePlOffState::FORCE_SUPV_OFF) {
|
||||||
|
result = commandQueue->sendMessage(plocSupervisorQueueId, &msg);
|
||||||
|
if (result != returnvalue::OK) {
|
||||||
|
sif::error << "EIVE System: Sending FAULTY command to PLOC SUPERVISOR failed" << std::endl;
|
||||||
|
}
|
||||||
|
forcePlOffState = ForcePlOffState::NONE;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
void EiveSystem::commonI2cRecoverySequenceFinish() {
|
void EiveSystem::commonI2cRecoverySequenceFinish() {
|
||||||
|
@ -22,6 +22,12 @@ class EiveSystem : public Subsystem, public HasActionsIF {
|
|||||||
[[nodiscard]] MessageQueueId_t getCommandQueue() const override;
|
[[nodiscard]] MessageQueueId_t getCommandQueue() const override;
|
||||||
|
|
||||||
private:
|
private:
|
||||||
|
enum class ForcePlOffState {
|
||||||
|
NONE,
|
||||||
|
FORCE_ALL_EXCEPT_SUPV_OFF,
|
||||||
|
WAITING,
|
||||||
|
FORCE_SUPV_OFF
|
||||||
|
} forcePlOffState = ForcePlOffState::NONE;
|
||||||
enum class I2cRebootState {
|
enum class I2cRebootState {
|
||||||
NONE,
|
NONE,
|
||||||
SYSTEM_MODE_BOOT,
|
SYSTEM_MODE_BOOT,
|
||||||
@ -37,6 +43,7 @@ class EiveSystem : public Subsystem, public HasActionsIF {
|
|||||||
bool alreadyTriedI2cRecovery = false;
|
bool alreadyTriedI2cRecovery = false;
|
||||||
|
|
||||||
uint8_t frameDirtyErrorCounter = 0;
|
uint8_t frameDirtyErrorCounter = 0;
|
||||||
|
Countdown supvOffDelay = Countdown(3000);
|
||||||
Countdown frameDirtyCheckCd = Countdown(10000);
|
Countdown frameDirtyCheckCd = Countdown(10000);
|
||||||
// If the PDEC reset was already attempted in the last 2 minutes, there is a high chance that
|
// If the PDEC reset was already attempted in the last 2 minutes, there is a high chance that
|
||||||
// only a full reboot will fix the issue.
|
// only a full reboot will fix the issue.
|
||||||
|
2
tmtc
2
tmtc
@ -1 +1 @@
|
|||||||
Subproject commit 6bd94cc167179fba04ff188d38eb5801496760bc
|
Subproject commit 43d6b986953a815c7c020cf73a957f1678c76549
|
Loading…
x
Reference in New Issue
Block a user