Hello all!
I want to be able to reset my system in case that something goes terribly wrong and it gets stuck at an infinite while for example or anything else unexpected happens(memory leaks etc.). The watchdog timer is a good solution but i also need to backup some values to an external memory before reseting. Is there a way of doing this with a kind of "watchdog timer ISR"? So that if a "watchdog interrupt " occurs i can backup my precious data and then reset the system.
From what i saw the watchdog timer DOES NOT offer the capability of doing anything else except resetting the system when something goes wrong. IF IT DOES please show me the way!!!!:)
Alternatively i was wondering if i could use a hardware timer in the place of the watchdog timer so that: when a system crash occurs i will be able to go to the timer ISR and from there backup my values and then reset my system? Or is it the watchodg timer the only timer that can recover/reset the system after a serious error?
It is very urgent for me cause i need to be 100% that my system wont ever stop functioning and wont lose the data calculated(if a system crash occurs)
P.S. I'm using Zstack 2.5.0
Thanks in advance
Nikos
Interesting embedded system dilemma you have to solve.
Obviously, using a H/W timer in lieue of the Watchdog timer is not an option, since bad code can disable interrupts before going into an infinite loop, in which case the H/W Timer interrupt is never realized.
But, using a H/W timer to regularly backup critical data is an interesting option. The thing is, you want to have a checksum on your critical data (and thus anytime that your data changes, you have to re-calculate the checksum) because you don't want to save garbage in the case when the out-of-control code walks on memory before finally crashing the system and being saved by the Watchdog.
BUT - backing up too frequently to internal flash (e.g. OSAL_NV) will cause the internal flash pages to wear out and fail.
So - you can consider making all of your critical data no-init data - the IAR startup will not zero it or assign it to starting values. Like this:
__no_init uint16 criticalVal1;__no_init uint16 criticalVal2;__no_init critical_struct_t criticalStruct1;
Then, your powerup init code has to check the reset reason, and when the reset reason is a watchdog reset (and the checksum of your data passes) then you use the variables as they stand with no initialization.
But note that __no_init variables don't save you from an unexpected power failure.
Depending on how much money you can spend, there are external NV chips with enough capacitance that they sense power-down/brown-out and never lose data. So you would add this to your board and acces it via SPI or something.
Hello Dirty Harry,
thanks for the answer, very enlightening(after that i tried crashing the system by freeing a NULL pointer and the HW timer didnt work). Sorry for the late reply on this but i had been running with other stuff the days after. I have an external memory (EEPROM) and a chip able to detect power failures.
This is my main question:
The thing is i'm trying to understand what you said about no_init variables. If i declare all critical data no_init then if i recover from a watchdog reset i will be able to get the values i had before system crash from these variables?(i think i'am a bit confused with what you 've said) Can you give an example on a simple use of no_init values and watchdog timer? If yes that would help a lot!!
If i wasnt clear please tell me so that i can be more specific. Thanks in advance and thanks in general for your help in various subjects at the TI forums.