diff --git a/SConscript b/SConscript index 8f4db5993..f6501e88c 100644 --- a/SConscript +++ b/SConscript @@ -167,7 +167,9 @@ Export('base_project_f4', 'base_project_h7', 'build_project') # Common autogenerated includes with open("board/obj/gitversion.h", "w") as f: - f.write(f'const uint8_t gitversion[] = "{get_version(BUILDER, BUILD_TYPE)}";\n') + version = get_version(BUILDER, BUILD_TYPE) + f.write(f'extern const uint8_t gitversion[{len(version)}];\n') + f.write(f'const uint8_t gitversion[{len(version)}] = "{version}";\n') with open("board/obj/version", "w") as f: f.write(f'{get_version(BUILDER, BUILD_TYPE)}') diff --git a/board/can.h b/board/can.h new file mode 100644 index 000000000..6b1294197 --- /dev/null +++ b/board/can.h @@ -0,0 +1,7 @@ +#pragma once +#include "can_declarations.h" + +const uint8_t PANDA_CAN_CNT = 3U; +const uint8_t PANDA_BUS_CNT = 3U; + +const unsigned char dlc_to_len[DLC_TO_LEN_ARRAY_SIZE] = {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 8U, 12U, 16U, 20U, 24U, 32U, 48U, 64U}; diff --git a/board/can_comms.h b/board/can_comms.h index cd18fdf3e..99ee968b0 100644 --- a/board/can_comms.h +++ b/board/can_comms.h @@ -18,7 +18,7 @@ typedef struct { uint8_t data[72]; } asm_buffer; -asm_buffer can_read_buffer = {.ptr = 0U, .tail_size = 0U}; +static asm_buffer can_read_buffer = {.ptr = 0U, .tail_size = 0U}; int comms_can_read(uint8_t *data, uint32_t max_len) { uint32_t pos = 0U; @@ -53,7 +53,7 @@ int comms_can_read(uint8_t *data, uint32_t max_len) { return pos; } -asm_buffer can_write_buffer = {.ptr = 0U, .tail_size = 0U}; +static asm_buffer can_write_buffer = {.ptr = 0U, .tail_size = 0U}; // send on CAN void comms_can_write(const uint8_t *data, uint32_t len) { diff --git a/board/can_definitions.h b/board/can_declarations.h similarity index 81% rename from board/can_definitions.h rename to board/can_declarations.h index f3ce43782..8de9bd517 100644 --- a/board/can_definitions.h +++ b/board/can_declarations.h @@ -1,7 +1,7 @@ #pragma once -const uint8_t PANDA_CAN_CNT = 3U; -const uint8_t PANDA_BUS_CNT = 3U; +extern const uint8_t PANDA_CAN_CNT; +extern const uint8_t PANDA_BUS_CNT; // bump this when changing the CAN packet #define CAN_PACKET_VERSION 4 @@ -27,7 +27,8 @@ typedef struct { unsigned char data[CANPACKET_DATA_SIZE_MAX]; } __attribute__((packed, aligned(4))) CANPacket_t; -const unsigned char dlc_to_len[] = {0U, 1U, 2U, 3U, 4U, 5U, 6U, 7U, 8U, 12U, 16U, 20U, 24U, 32U, 48U, 64U}; +#define DLC_TO_LEN_ARRAY_SIZE 16 +extern const unsigned char dlc_to_len[DLC_TO_LEN_ARRAY_SIZE]; #define GET_BUS(msg) ((msg)->bus) #define GET_LEN(msg) (dlc_to_len[(msg)->data_len_code]) diff --git a/board/critical.h b/board/critical.h index c8cf52c7a..ae2d5c0a6 100644 --- a/board/critical.h +++ b/board/critical.h @@ -1,5 +1,9 @@ +#include "critical_declarations.h" + // ********************* Critical section helpers ********************* -volatile bool interrupts_enabled = false; +uint8_t global_critical_depth = 0U; + +static volatile bool interrupts_enabled = false; void enable_interrupts(void) { interrupts_enabled = true; @@ -10,14 +14,3 @@ void disable_interrupts(void) { interrupts_enabled = false; __disable_irq(); } - -uint8_t global_critical_depth = 0U; -#define ENTER_CRITICAL() \ - __disable_irq(); \ - global_critical_depth += 1U; - -#define EXIT_CRITICAL() \ - global_critical_depth -= 1U; \ - if ((global_critical_depth == 0U) && interrupts_enabled) { \ - __enable_irq(); \ - } diff --git a/board/critical_declarations.h b/board/critical_declarations.h new file mode 100644 index 000000000..42211d46c --- /dev/null +++ b/board/critical_declarations.h @@ -0,0 +1,17 @@ +#pragma once + +// ********************* Critical section helpers ********************* +void enable_interrupts(void); +void disable_interrupts(void); + +extern uint8_t global_critical_depth; + +#define ENTER_CRITICAL() \ + __disable_irq(); \ + global_critical_depth += 1U; + +#define EXIT_CRITICAL() \ + global_critical_depth -= 1U; \ + if ((global_critical_depth == 0U) && interrupts_enabled) { \ + __enable_irq(); \ + } diff --git a/board/faults.h b/board/faults.h index dc6c1f2aa..0fc9d2c5c 100644 --- a/board/faults.h +++ b/board/faults.h @@ -1,38 +1,4 @@ -#define FAULT_STATUS_NONE 0U -#define FAULT_STATUS_TEMPORARY 1U -#define FAULT_STATUS_PERMANENT 2U - -// Fault types, matches cereal.log.PandaState.FaultType -#define FAULT_RELAY_MALFUNCTION (1UL << 0) -#define FAULT_UNUSED_INTERRUPT_HANDLED (1UL << 1) -#define FAULT_INTERRUPT_RATE_CAN_1 (1UL << 2) -#define FAULT_INTERRUPT_RATE_CAN_2 (1UL << 3) -#define FAULT_INTERRUPT_RATE_CAN_3 (1UL << 4) -#define FAULT_INTERRUPT_RATE_TACH (1UL << 5) -#define FAULT_INTERRUPT_RATE_GMLAN (1UL << 6) // deprecated -#define FAULT_INTERRUPT_RATE_INTERRUPTS (1UL << 7) -#define FAULT_INTERRUPT_RATE_SPI_DMA (1UL << 8) -#define FAULT_INTERRUPT_RATE_SPI_CS (1UL << 9) -#define FAULT_INTERRUPT_RATE_UART_1 (1UL << 10) -#define FAULT_INTERRUPT_RATE_UART_2 (1UL << 11) -#define FAULT_INTERRUPT_RATE_UART_3 (1UL << 12) -#define FAULT_INTERRUPT_RATE_UART_5 (1UL << 13) -#define FAULT_INTERRUPT_RATE_UART_DMA (1UL << 14) -#define FAULT_INTERRUPT_RATE_USB (1UL << 15) -#define FAULT_INTERRUPT_RATE_TIM1 (1UL << 16) -#define FAULT_INTERRUPT_RATE_TIM3 (1UL << 17) -#define FAULT_REGISTER_DIVERGENT (1UL << 18) -#define FAULT_INTERRUPT_RATE_KLINE_INIT (1UL << 19) -#define FAULT_INTERRUPT_RATE_CLOCK_SOURCE (1UL << 20) -#define FAULT_INTERRUPT_RATE_TICK (1UL << 21) -#define FAULT_INTERRUPT_RATE_EXTI (1UL << 22) -#define FAULT_INTERRUPT_RATE_SPI (1UL << 23) -#define FAULT_INTERRUPT_RATE_UART_7 (1UL << 24) -#define FAULT_SIREN_MALFUNCTION (1UL << 25) -#define FAULT_HEARTBEAT_LOOP_WATCHDOG (1UL << 26) - -// Permanent faults -#define PERMANENT_FAULTS 0U +#include "faults_declarations.h" uint8_t fault_status = FAULT_STATUS_NONE; uint32_t faults = 0U; diff --git a/board/faults_declarations.h b/board/faults_declarations.h new file mode 100644 index 000000000..4ef03087b --- /dev/null +++ b/board/faults_declarations.h @@ -0,0 +1,43 @@ +#pragma once + +#define FAULT_STATUS_NONE 0U +#define FAULT_STATUS_TEMPORARY 1U +#define FAULT_STATUS_PERMANENT 2U + +// Fault types, matches cereal.log.PandaState.FaultType +#define FAULT_RELAY_MALFUNCTION (1UL << 0) +#define FAULT_UNUSED_INTERRUPT_HANDLED (1UL << 1) +#define FAULT_INTERRUPT_RATE_CAN_1 (1UL << 2) +#define FAULT_INTERRUPT_RATE_CAN_2 (1UL << 3) +#define FAULT_INTERRUPT_RATE_CAN_3 (1UL << 4) +#define FAULT_INTERRUPT_RATE_TACH (1UL << 5) +#define FAULT_INTERRUPT_RATE_GMLAN (1UL << 6) // deprecated +#define FAULT_INTERRUPT_RATE_INTERRUPTS (1UL << 7) +#define FAULT_INTERRUPT_RATE_SPI_DMA (1UL << 8) +#define FAULT_INTERRUPT_RATE_SPI_CS (1UL << 9) +#define FAULT_INTERRUPT_RATE_UART_1 (1UL << 10) +#define FAULT_INTERRUPT_RATE_UART_2 (1UL << 11) +#define FAULT_INTERRUPT_RATE_UART_3 (1UL << 12) +#define FAULT_INTERRUPT_RATE_UART_5 (1UL << 13) +#define FAULT_INTERRUPT_RATE_UART_DMA (1UL << 14) +#define FAULT_INTERRUPT_RATE_USB (1UL << 15) +#define FAULT_INTERRUPT_RATE_TIM1 (1UL << 16) +#define FAULT_INTERRUPT_RATE_TIM3 (1UL << 17) +#define FAULT_REGISTER_DIVERGENT (1UL << 18) +#define FAULT_INTERRUPT_RATE_KLINE_INIT (1UL << 19) +#define FAULT_INTERRUPT_RATE_CLOCK_SOURCE (1UL << 20) +#define FAULT_INTERRUPT_RATE_TICK (1UL << 21) +#define FAULT_INTERRUPT_RATE_EXTI (1UL << 22) +#define FAULT_INTERRUPT_RATE_SPI (1UL << 23) +#define FAULT_INTERRUPT_RATE_UART_7 (1UL << 24) +#define FAULT_SIREN_MALFUNCTION (1UL << 25) +#define FAULT_HEARTBEAT_LOOP_WATCHDOG (1UL << 26) + +// Permanent faults +#define PERMANENT_FAULTS 0U + +extern uint8_t fault_status; +extern uint32_t faults; + +void fault_occurred(uint32_t fault); +void fault_recovered(uint32_t fault); diff --git a/board/main.c b/board/main.c index 7f95abade..9264e06bb 100644 --- a/board/main.c +++ b/board/main.c @@ -31,7 +31,7 @@ // ********************* Serial debugging ********************* -bool check_started(void) { +static bool check_started(void) { bool started = current_board->check_ignition() || ignition_can; return started; } @@ -127,11 +127,12 @@ bool is_car_safety_mode(uint16_t mode) { // ***************************** main code ***************************** // cppcheck-suppress unusedFunction ; used in headers not included in cppcheck +// cppcheck-suppress misra-c2012-8.4 void __initialize_hardware_early(void) { early_initialization(); } -void __attribute__ ((noinline)) enable_fpu(void) { +static void __attribute__ ((noinline)) enable_fpu(void) { // enable the FPU SCB->CPACR |= ((3UL << (10U * 2U)) | (3UL << (11U * 2U))); } @@ -141,9 +142,12 @@ void __attribute__ ((noinline)) enable_fpu(void) { #define HEARTBEAT_IGNITION_CNT_OFF 2U // called at 8Hz -uint8_t loop_counter = 0U; -uint8_t prev_harness_status = HARNESS_STATUS_NC; -void tick_handler(void) { +static void tick_handler(void) { + static uint32_t siren_countdown = 0; // siren plays while countdown > 0 + static uint32_t controls_allowed_countdown = 0; + static uint8_t prev_harness_status = HARNESS_STATUS_NC; + static uint8_t loop_counter = 0U; + if (TICK_TIMER->SR != 0U) { // siren diff --git a/board/main_declarations.h b/board/main_declarations.h index a1496c0d0..2704a01a0 100644 --- a/board/main_declarations.h +++ b/board/main_declarations.h @@ -1,3 +1,5 @@ +#pragma once + // ******************** Prototypes ******************** void print(const char *a); void puth(unsigned int i); @@ -10,18 +12,15 @@ void pwm_init(TIM_TypeDef *TIM, uint8_t channel); void pwm_set(TIM_TypeDef *TIM, uint8_t channel, uint8_t percentage); // ********************* Globals ********************** -uint8_t hw_type = 0; -board *current_board; -uint32_t uptime_cnt = 0; -bool green_led_enabled = false; +extern uint8_t hw_type; +extern board *current_board; +extern uint32_t uptime_cnt; +extern bool green_led_enabled; // heartbeat state -uint32_t heartbeat_counter = 0; -bool heartbeat_lost = false; -bool heartbeat_disabled = false; // set over USB +extern uint32_t heartbeat_counter; +extern bool heartbeat_lost; +extern bool heartbeat_disabled; // set over USB // siren state -bool siren_enabled = false; -uint32_t siren_countdown = 0; // siren plays while countdown > 0 -uint32_t controls_allowed_countdown = 0; - +extern bool siren_enabled; diff --git a/board/main_definitions.h b/board/main_definitions.h new file mode 100644 index 000000000..137d98736 --- /dev/null +++ b/board/main_definitions.h @@ -0,0 +1,15 @@ +#include "main_declarations.h" + +// ********************* Globals ********************** +uint8_t hw_type = 0; +board *current_board; +uint32_t uptime_cnt = 0; +bool green_led_enabled = false; + +// heartbeat state +uint32_t heartbeat_counter = 0; +bool heartbeat_lost = false; +bool heartbeat_disabled = false; // set over USB + +// siren state +bool siren_enabled = false; diff --git a/board/power_saving.h b/board/power_saving.h index 61541cae9..7fcc181ea 100644 --- a/board/power_saving.h +++ b/board/power_saving.h @@ -1,9 +1,8 @@ +#include "power_saving_declarations.h" + // WARNING: To stay in compliance with the SIL2 rules laid out in STM UM1840, we should never implement any of the available hardware low power modes. // See rule: CoU_3 -#define POWER_SAVE_STATUS_DISABLED 0 -#define POWER_SAVE_STATUS_ENABLED 1 - int power_save_status = POWER_SAVE_STATUS_DISABLED; void set_power_save_state(int state) { diff --git a/board/power_saving_declarations.h b/board/power_saving_declarations.h new file mode 100644 index 000000000..7a474a559 --- /dev/null +++ b/board/power_saving_declarations.h @@ -0,0 +1,11 @@ +#pragma once + +// WARNING: To stay in compliance with the SIL2 rules laid out in STM UM1840, we should never implement any of the available hardware low power modes. +// See rule: CoU_3 + +#define POWER_SAVE_STATUS_DISABLED 0 +#define POWER_SAVE_STATUS_ENABLED 1 + +extern int power_save_status; + +void set_power_save_state(int state); diff --git a/board/provision.h b/board/provision.h index 2a8ce893d..d191e53f6 100644 --- a/board/provision.h +++ b/board/provision.h @@ -3,9 +3,9 @@ #define PROVISION_CHUNK_LEN 0x20 -const unsigned char unprovisioned_text[] = "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"; - void get_provision_chunk(uint8_t *resp) { + const unsigned char unprovisioned_text[] = "\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"; + (void)memcpy(resp, (uint8_t *)PROVISION_CHUNK_ADDRESS, PROVISION_CHUNK_LEN); if (memcmp(resp, unprovisioned_text, 0x20) == 0) { (void)memcpy(resp, "unprovisioned\x00\x00\x00testing123\x00\x00\xa3\xa6\x99\xec", 0x20); diff --git a/board/safety.h b/board/safety.h index 048d7cca4..1c1616e72 100644 --- a/board/safety.h +++ b/board/safety.h @@ -1,5 +1,5 @@ #include "safety_declarations.h" -#include "can_definitions.h" +#include "can.h" // include the safety policies. #include "safety/safety_defaults.h" diff --git a/board/stm32f4/stm32f4_config.h b/board/stm32f4/stm32f4_config.h index 85baff25b..faef88f99 100644 --- a/board/stm32f4/stm32f4_config.h +++ b/board/stm32f4/stm32f4_config.h @@ -33,11 +33,11 @@ #define PROVISION_CHUNK_ADDRESS 0x1FFF79E0U #define DEVICE_SERIAL_NUMBER_ADDRESS 0x1FFF79C0U -#include "can_definitions.h" +#include "can.h" #include "comms_definitions.h" #ifndef BOOTSTUB - #include "main_declarations.h" + #include "main_definitions.h" #else #include "bootstub_declarations.h" #endif diff --git a/board/stm32h7/stm32h7_config.h b/board/stm32h7/stm32h7_config.h index 64f149848..fcf14876f 100644 --- a/board/stm32h7/stm32h7_config.h +++ b/board/stm32h7/stm32h7_config.h @@ -46,11 +46,11 @@ separate IRQs for RX and TX. #define PROVISION_CHUNK_ADDRESS 0x080FFFE0U #define DEVICE_SERIAL_NUMBER_ADDRESS 0x080FFFC0U -#include "can_definitions.h" +#include "can.h" #include "comms_definitions.h" #ifndef BOOTSTUB - #include "main_declarations.h" + #include "main_definitions.h" #else #include "bootstub_declarations.h" #endif diff --git a/tests/libpanda/panda.c b/tests/libpanda/panda.c index f34c02804..66a21f80c 100644 --- a/tests/libpanda/panda.c +++ b/tests/libpanda/panda.c @@ -1,6 +1,6 @@ #include "fake_stm.h" #include "config.h" -#include "can_definitions.h" +#include "can.h" bool can_init(uint8_t can_number) { return true; } void process_can(uint8_t can_number) { } @@ -16,7 +16,7 @@ void can_tx_comms_resume_spi(void) { }; #include "libc.h" #include "boards/board_declarations.h" #include "safety.h" -#include "main_declarations.h" +#include "main_definitions.h" #include "drivers/can_common.h" can_ring *rx_q = &can_rx_q;