Motherboard Forums


Reply
Thread Tools Display Modes

Watchdog that should be taken out and shot

 
 
Tom Lucas
Guest
Posts: n/a
 
      09-14-2006, 11:51 AM

"larwe" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ups.com...
>
> Tim Wescott wrote:
>
>> Do you know of any really good discussions of the care and feeding*
>> of
>> watchdogs? Where I've seen it done well it involved _all_ of the

>
> I haven't written anything formally on the topic, but it has been
> discussed here many times. One of the techniques I've used is to have
> an entry counter in each thread. At regular intervals (in an ISR),
> these counters are checked. If they fall within guard bands [which may
> have to be pretty wide], the WDT is kicked; otherwise, bite.
>
> Ganssle has some excellent material on the topic, of course.


Which I have found and it is very good.


 
Reply With Quote
 
 
 
 
Joerg
Guest
Posts: n/a
 
      09-14-2006, 03:49 PM
Hello Martin,

>>
>>>>>2) Write 0x1984 to the watchdog RST register to seed the counter.
>>>>>(Goodness knows why they chose that value)
>>>>
>>>>It's probably the lead developer's dog's birthday written in base 9 and
>>>>shown as a hex number. Almost certainly there is an ex post facto
>>>>explanation as to why it is the technically sound choice.
>>>>
>>>>
>>>>>Then I periodically write Ox1984 to the RST register to keep everything
>>>>>alive.
>>>>
>>>>Silly question, but "periodically" = inside an ISR?
>>>>
>>>
>>>Oh honestly Lewin, where else would you kick the dog?
>>>

>>
>>Kicking is animal cruelty...
>>
>>
>>
>>>Do you know of any really good discussions of the care and feeding* of
>>>watchdogs?

>>
>>
>>"Go Natural" works best for our shepherd mix, can be bought at our local
>>feed store ;-)

>
>
> OK, a bit late in the thread, but
> http://ganssle.com/watchdogs.htm
>


Thanks, very nice link. Jack really knows his stuff and I subscribed to
his Embedded Muse.

One statement in there that I don't really get is this: "Reloading the
program counter may not properly reinitialize the CPU’s internals." I'd
have thought that properly written code will do one thing first: Set all
the CPU internals before doing anything.

Then there is the external watchdog where he rightfully criticizes that
wiggling it's "I'm alive" line can also be done by code that has run out
of control. This begs the question: Are there reasonably priced external
WDTs that require a little serial password? If there aren't, why not? I
mean, it doesn't have to be a 128bit hacker-proof variety.

--
Regards, Joerg

http://www.analogconsultants.com
 
Reply With Quote
 
 
 
 
larwe
Guest
Posts: n/a
 
      09-14-2006, 04:09 PM

Joerg wrote:

> of control. This begs the question: Are there reasonably priced external
> WDTs that require a little serial password? If there aren't, why not? I
> mean, it doesn't have to be a 128bit hacker-proof variety.


Or a rolling code.

A 5-pin micro from Microchip might fit the bill

 
Reply With Quote
 
Robert Adsett
Guest
Posts: n/a
 
      09-14-2006, 04:11 PM

Joerg wrote:
> Hello Martin,
>
> > OK, a bit late in the thread, but
> > http://ganssle.com/watchdogs.htm
> >

>
> Thanks, very nice link. Jack really knows his stuff and I subscribed to
> his Embedded Muse.
>
> One statement in there that I don't really get is this: "Reloading the
> program counter may not properly reinitialize the CPU's internals." I'd
> have thought that properly written code will do one thing first: Set all
> the CPU internals before doing anything.
>
> Then there is the external watchdog where he rightfully criticizes that
> wiggling it's "I'm alive" line can also be done by code that has run out
> of control. This begs the question: Are there reasonably priced external
> WDTs that require a little serial password?


I don't remember seeing a password protected one but there are a few
that only allow tickles in a specific interval. So if it's tickled at
t then if you tickle outside of t + t1 +/- delta it resets. Now your
accidental reset sequence has to match the correct frequency not just
be faster than x.

Robert

 
Reply With Quote
 
Joerg
Guest
Posts: n/a
 
      09-14-2006, 04:52 PM
Hello Robert,

>>
>>>OK, a bit late in the thread, but
>>>http://ganssle.com/watchdogs.htm
>>>

>>
>>Thanks, very nice link. Jack really knows his stuff and I subscribed to
>>his Embedded Muse.
>>
>>One statement in there that I don't really get is this: "Reloading the
>>program counter may not properly reinitialize the CPU's internals." I'd
>>have thought that properly written code will do one thing first: Set all
>>the CPU internals before doing anything.
>>
>>Then there is the external watchdog where he rightfully criticizes that
>>wiggling it's "I'm alive" line can also be done by code that has run out
>>of control. This begs the question: Are there reasonably priced external
>>WDTs that require a little serial password?

>
>
> I don't remember seeing a password protected one but there are a few
> that only allow tickles in a specific interval. So if it's tickled at
> t then if you tickle outside of t + t1 +/- delta it resets. Now your
> accidental reset sequence has to match the correct frequency not just
> be faster than x.
>


I have seen those as well. However, that may cost you a timer or at
least one of the CCRs.

--
Regards, Joerg

http://www.analogconsultants.com
 
Reply With Quote
 
Steve at fivetrees
Guest
Posts: n/a
 
      09-14-2006, 07:11 PM
"Joerg" <(E-Mail Removed)> wrote in message
news:kSeOg.1655$(E-Mail Removed) t...
> Hello Martin,
>> OK, a bit late in the thread, but
>> http://ganssle.com/watchdogs.htm

>
> Thanks, very nice link. Jack really knows his stuff and I subscribed to
> his Embedded Muse.
>
> One statement in there that I don't really get is this: "Reloading the
> program counter may not properly reinitialize the CPU’s internals." I'd
> have thought that properly written code will do one thing first: Set all
> the CPU internals before doing anything.


Yes, true. But that doesn't necessary put all the CPU hardware in the same
state as a hardware reset. You'd think so, wouldn't you, but it doesn't.

If you've done any hardware design, you'll know about excluded states (which
are hardware states that normal sequencing won't exit from). Following an
EMI glitch (not normal software behaviour, or even software runaway), the
state of the CPU is effectively random. If you're really unlucky, you could
wind up with an excluded state somewhere on the CPU. (Or more likely a
microcontroller - more on-chip subsystems.)

I've seen this happen in practice, with code which did indeed reset
everything as per the datasheet. The CPU partially worked, but not
completely. This wasn't my design, and I was trying to convince the designer
to use a hardware watchdog, when this came up. Result: he used a hardware
watchdog.

Steve
http://www.fivetrees.com


 
Reply With Quote
 
Joerg
Guest
Posts: n/a
 
      09-14-2006, 07:25 PM
Hello Steve,


> "Joerg" <(E-Mail Removed)> wrote in message
> news:kSeOg.1655$(E-Mail Removed) t...
>
>>Hello Martin,
>>
>>>OK, a bit late in the thread, but
>>>http://ganssle.com/watchdogs.htm

>>
>>Thanks, very nice link. Jack really knows his stuff and I subscribed to
>>his Embedded Muse.
>>
>>One statement in there that I don't really get is this: "Reloading the
>>program counter may not properly reinitialize the CPU’s internals." I'd
>>have thought that properly written code will do one thing first: Set all
>>the CPU internals before doing anything.

>
>
> Yes, true. But that doesn't necessary put all the CPU hardware in the same
> state as a hardware reset. You'd think so, wouldn't you, but it doesn't.
>
> If you've done any hardware design, you'll know about excluded states (which
> are hardware states that normal sequencing won't exit from). Following an
> EMI glitch (not normal software behaviour, or even software runaway), the
> state of the CPU is effectively random. If you're really unlucky, you could
> wind up with an excluded state somewhere on the CPU. (Or more likely a
> microcontroller - more on-chip subsystems.)
>


Yes, it can happen. But it shouldn't. Unstable states are often a sign
of a not too careful hardware or chip design. I mostly design around
discretes and logic. There I pay meticulous attention to undefined
states. IOW that there is always some way out. Mostly this is easy, for
example when a register can set five different parameters I make sure
that the unused states 5 through 7 map to something meaningful and don't
just point to lalaland.

If in doubt always have the watchdog do a full HW reset.


> I've seen this happen in practice, with code which did indeed reset
> everything as per the datasheet. The CPU partially worked, but not
> completely. This wasn't my design, and I was trying to convince the designer
> to use a hardware watchdog, when this came up. Result: he used a hardware
> watchdog.
>


That's the beauty of design reviews. Even if it's just two people in an
informal review. All of us can make mistakes.

--
Regards, Joerg

http://www.analogconsultants.com
 
Reply With Quote
 
Not Really Me
Guest
Posts: n/a
 
      09-14-2006, 07:47 PM

"Tom Lucas" <news@REMOVE_auto_THIS_flame_TO_REPLY.clara.co.u k> wrote in
message news:(E-Mail Removed)...
> "Tom Lucas" <news@REMOVE_auto_THIS_flame_TO_REPLY.clara.co.u k> wrote in
> message news:(E-Mail Removed)...
>> I've been trying to implement the watchdog timer on my Sharp79524 and it
>> appears that the mutt is sleeping on the job!
>>
>> I believe I have it set up to trigger after about 3s of inactivity but it
>> doesn't seem to reset the system at all.

>
> Problem Solved!
>
> It turns out that the address of the watchdog register is actually
> 0xFFFE3000 instead of the 0xFFFC3000 that is shown in the user guide. This
> is a case where RTFM has caused the problem!
>
> D'oh!
>


Oooh, we hate when that happens.

Appears to be wrong only on the one page. In the register descriptions it
is correct.

Scott


 
Reply With Quote
 
Dave
Guest
Posts: n/a
 
      09-15-2006, 01:24 AM
On Thu, 14 Sep 2006 13:47:17 -0600, Not Really Me wrote:

>
> "Tom Lucas" <news@REMOVE_auto_THIS_flame_TO_REPLY.clara.co.u k> wrote in
> message news:(E-Mail Removed)...
>>
>> It turns out that the address of the watchdog register is actually
>> 0xFFFE3000 instead of the 0xFFFC3000 that is shown in the user guide. This
>> is a case where RTFM has caused the problem!
>>
>> D'oh!
>>

>
> Oooh, we hate when that happens.
>
> Appears to be wrong only on the one page. In the register descriptions it
> is correct.


Ah Ha! Tom, you didn't RTWFM! W->Whole


~Dave~
 
Reply With Quote
 
Tom Lucas
Guest
Posts: n/a
 
      09-15-2006, 08:57 AM
"Dave" <(E-Mail Removed)> wrote in message
news(E-Mail Removed)...
> On Thu, 14 Sep 2006 13:47:17 -0600, Not Really Me wrote:
>
>>
>> "Tom Lucas" <news@REMOVE_auto_THIS_flame_TO_REPLY.clara.co.u k> wrote
>> in
>> message news:(E-Mail Removed)...
>>>
>>> It turns out that the address of the watchdog register is actually
>>> 0xFFFE3000 instead of the 0xFFFC3000 that is shown in the user
>>> guide. This
>>> is a case where RTFM has caused the problem!
>>>
>>> D'oh!
>>>

>>
>> Oooh, we hate when that happens.
>>
>> Appears to be wrong only on the one page. In the register
>> descriptions it
>> is correct.

>
> Ah Ha! Tom, you didn't RTWFM! W->Whole


The dirty buggers - I reckon they did that on purpose. Next time I will
assume that the manual was written by an evil sadist hell-bent on
derailing my project and I shall be better prepared!


 
Reply With Quote
 
 
 
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: Record of Properties and Things Taken From Patrick Ashley Meuser"-Bianca" Named Patrick Ashley Meuser as Noticed or Recovered Patrick Meuser-Bianca Intel 0 06-21-2008 06:53 PM
JOHN NAVAS: I should NEVER have taken your advice about CBK Batteries - AVOID AT ALL COST Jim IBM Thinkpad 6 08-19-2006 06:18 PM
BE6-II v1.0 no BIOS backup taken... DeeDee Abit 6 05-09-2004 02:47 PM
Digital Output is taken by another application Chris Roth ATI 0 09-12-2003 10:12 PM
DIgital Output is taken by another application Chris Roth Nvidia 0 09-12-2003 10:12 PM


All times are GMT. The time now is 08:12 PM.


Welcome!
Welcome to Motherboard Point
 

Advertisment