Watchdog: refactor driver

Watchdog is hardware driver. It interacts with HAL - provides wrapper to interact with the peripheral.

Provides basic functionality: start/stop, get timeout/max timeout.
It is automatically kicked by a timer, according to the timeout set in ctor.

drivers/Watchdog.cpp

@@ -17,92 +17,119 @@
 #ifdef DEVICE_WATCHDOG
 
 #include "Watchdog.h"
+#include "VirtualWatchdog.h"
+
+#define MS_TO_US(x) ((x) * 1000) //macro to convert millisecond to microsecond
 
 namespace mbed {
 
-Watchdog *Watchdog::_first = NULL;
+#if DEVICE_LPTICKER
+    /** Create singleton instance of LowPowerTicker for watchdog periodic call back of kick.
+     */
+    SingletonPtr<LowPowerTicker> Watchdog::_ticker;
+#else
+    /** Create singleton instance of Ticker for watchdog periodic call back of kick.
+     */
+    SingletonPtr<Ticker> Watchdog::_ticker;
+#endif
 
-Watchdog::Watchdog(uint32_t timeout, const char *const str): _name(str)
+bool Watchdog::_running = false;
-{
+static const uint32_t elapsed_ms = MBED_CONF_TARGET_WATCHDOG_TIMEOUT / 2;
-    _current_count = 0;
-    _is_initialized = false;
-    _next = NULL;
-    _max_timeout = timeout;
-}
 
-void Watchdog::add_to_list()
+Watchdog::Watchdog()
 {
-    this->_next = _first;
-    _first = this;
-    _is_initialized =  true;
-}
-
-void Watchdog::start()
-{
-    MBED_ASSERT(!_is_initialized);
     core_util_critical_section_enter();
-    add_to_list();
+    if (_running) {
+        // error function does not return thus exit critical section and print an error
         core_util_critical_section_exit();
-}
+        MBED_ERROR(MBED_MAKE_ERROR(MBED_MODULE_DRIVER, MBED_ERROR_CODE_OUT_OF_RESOURCES), "There's already watchdog in the system");
-
+    }
-
-void Watchdog::kick()
-{
-    MBED_ASSERT(_is_initialized);
-    core_util_critical_section_enter();
-    _current_count = 0;
     core_util_critical_section_exit();
 }
 
-void Watchdog::stop()
-{
-    MBED_ASSERT(_is_initialized);
-    core_util_critical_section_enter();
-    remove_from_list();
-    core_util_critical_section_exit();
-}
-
-void Watchdog::remove_from_list()
-{
-    Watchdog *cur_ptr = _first,
-              *prev_ptr = NULL;
-    while (cur_ptr != NULL) {
-        if (cur_ptr == this) {
-            if (cur_ptr == _first) {
-                prev_ptr = _first;
-                _first = cur_ptr->_next;
-                prev_ptr->_next = NULL;
-            } else {
-                prev_ptr->_next = cur_ptr->_next;
-                cur_ptr->_next = NULL;
-            }
-            _is_initialized = false;
-            break;
-        } else {
-            prev_ptr = cur_ptr;
-            cur_ptr = cur_ptr->_next;
-        }
-    }
-}
-
-void Watchdog::process(uint32_t elapsed_ms)
-{
-    Watchdog *cur_ptr =  _first;
-    while (cur_ptr != NULL) {
-        if (cur_ptr->_current_count > cur_ptr->_max_timeout) {
-            system_reset();
-        } else {
-            cur_ptr->_current_count += elapsed_ms;
-        }
-        cur_ptr = cur_ptr->_next;
-    }
-}
-
 Watchdog::~Watchdog()
 {
-    if (_is_initialized) {
+    core_util_critical_section_enter();
-        stop();
+    if (_running) {
+        if (stop()) {
+            // some targets might not support stop, thus keep running true in that case
+            _running = false;
         }
+    }
+    core_util_critical_section_exit();
+}
+
+
+bool Watchdog::start()
+{
+    watchdog_status_t sts;
+    MBED_ASSERT(MBED_CONF_TARGET_WATCHDOG_TIMEOUT < get_max_timeout());
+    core_util_critical_section_enter();
+    if (_running) {
+        core_util_critical_section_exit();
+        return false;
+    }
+    watchdog_config_t config;
+    config.timeout_ms = MBED_CONF_TARGET_WATCHDOG_TIMEOUT;
+    sts = hal_watchdog_init(&config);
+    if (sts == WATCHDOG_STATUS_OK) {
+        _running = true;
+    }
+    core_util_critical_section_exit();
+    if (_running) {
+        us_timestamp_t timeout = (MS_TO_US(((elapsed_ms <= 0) ? 1 : elapsed_ms)));
+        _ticker->attach_us(callback(&Watchdog::kick), timeout);
+    }
+    return _running;
+}
+
+
+bool Watchdog::stop()
+{
+    watchdog_status_t sts;
+    bool msts = true;
+    core_util_critical_section_enter();
+    if (_running) {
+        sts = hal_watchdog_stop();
+        if (sts != WATCHDOG_STATUS_OK) {
+            msts = false;
+        } else {
+            _ticker->detach();
+            _running = false;
+        }
+
+    } else {
+        msts = false;
+    }
+    core_util_critical_section_exit();
+    return msts;
+}
+
+void Watchdog::kick()
+{
+    core_util_critical_section_enter();
+    hal_watchdog_kick();
+    // VirtualWatchdog will access the watchdog process method to verify
+    // all registered users/threads in alive state */
+    VirtualWatchdog::process(((elapsed_ms <= 0) ? 1 : elapsed_ms));
+    core_util_critical_section_exit();
+}
+
+
+bool Watchdog::is_running() const
+{
+    return _running;
+}
+
+uint32_t Watchdog::get_timeout()
+{
+    return hal_watchdog_get_reload_value();
+}
+
+uint32_t Watchdog::get_max_timeout()
+{
+    const watchdog_features_t features = hal_watchdog_get_platform_features();
+    return features.max_timeout;
 }
 
 } // namespace mbed

drivers/Watchdog.h

@@ -20,98 +20,95 @@
 
 #ifdef DEVICE_WATCHDOG
 
-#include <cstdio>
 #include "mbed_error.h"
-#include "platform/mbed_critical.h"
-#include "platform/mbed_power_mgmt.h"
 #include "mbed_assert.h"
+#include "platform/mbed_critical.h"
+#include "watchdog_api.h"
+#include <cstdio>
 
 namespace mbed {
 
 /** \addtogroup drivers */
-/** Services that need to monitor nonblocking periodic behavior or
+/** Hardware system timer that will reset the system in the case of system failures or
- *  malfunctions, such as Wi-Fi and TLS, use a software watchdog.
+ *  malfunctions.
- *  Normally, one instance of a software watchdog gets created during hardware watchdog startup, so you can access the software watchdog.
- *  The hardware watchdog periodically calls the "process" method of the services to check nonblocking periodic behavior.
  *
  * Example:
  * @code
  *
- * Watchdog watchdog(300,"Software Watchdog");
+ * Watchdog watchdog();
  * watchdog.start();
  *
  * while (true) {
- *    watchdog.kick();
- *
  *    // Application code
  * }
  * @endcode
  * @ingroup drivers
  */
-class Watchdog {
+class Watchdog : private NonCopyable<Watchdog>  {
 public:
 
-    /** Constructor configured with timeout and name for this software watchdog instance.
+    /** Constructor configured with timeout
      *
      */
-    Watchdog(uint32_t timeout = 1, const char *const str = NULL);
+    Watchdog();
     ~Watchdog();
 public:
 
-    /** Start an independent watchdog timer with specified parameters.
+    /** Start the watchdog timer
      *
-     * Assert for multiple calls of start.
+     *
+     *  @return status true if the watchdog timer was started
+     *                 successfully. assert if one of the input parameters is out of range for the current platform.
+     *                 false if watchdog timer was not started
      */
-    void start();
+    bool start();
 
-    /** This stops the watchdog timer.
+    /** Stops the watchdog timer
      *
-     * Calling this function disables any running
+     * Calling this function will attempt to disable any currently running
-     * watchdog timers if the platform supports them.
+     * watchdog timers if supported by the current platform.
      *
-     * Assert without calling start.
+     * @return Returns true if the watchdog timer was successfully
+     *         stopped, Returns false if the watchdog cannot be disabled
+     *         on the current platform or if the timer was never started.
      */
-    void stop();
+    bool stop();
 
-    /** This function refreshes the watchdog timer.
+    /** Get the watchdog timer refresh value
      *
-     * Call this function periodically before the watchdog times out.
+     * This function returns the refresh timeout of the watchdog timer.
-     * Otherwise, the system resets.
      *
-     * If the watchdog timer is not running, this function does nothing.
+     * @return Reload value for the watchdog timer in milliseconds.
      */
-    void kick();
+    uint32_t get_timeout() const;
 
-    /** mbed_watchdog_manager (runs by periodic call from ticker) used this API interface
+    /** Get the maximum refresh value for the current platform in milliseconds
-     *  to go through all the registered user/threads of watchdog.
      *
-     *  @param elapsed_ms    completed ticker callback elapsed milliseconds
+     * @return Maximum refresh value supported by the watchdog for the current
-     *
+     *         platform in milliseconds
-     * Call this function from mbed_watchdog_manager_kick to monitor all the
-     * user/threads alive states.
-     *
-     * Otherwise, the system resets.
      */
-    static void process(uint32_t elapsed_ms);
+    uint32_t get_max_timeout() const;
-protected :
 
-    /** Use add_to_list to store the registered user in the list.
+    /** Check if watchdog is already running
-      * This API is only used to call from start.
-      */
-    void add_to_list();
-
-    /** Use remove_from_list to remove the entry from the list.
-      * This API is only used to call from stop.
      *
+     * @return Maximum refresh value supported by the watchdog for the current
+     *         platform in milliseconds
      */
-    void remove_from_list();
+    bool is_running() const;
+
 private:
-    uint32_t _max_timeout; //_max_timeout initialized via constructor while creating instance of this class
+    static void kick();
-    const char *_name; //To store the details of user
+    static uint32_t _elapsed_ms;
-    uint32_t _current_count; //this parameter is used to reset everytime threads/user calls kick
+    static bool _running;
-    bool _is_initialized; //To control start and stop functionality
+#if DEVICE_LPTICKER
-    static Watchdog *_first; //List to store the user/threads who called start
+    /** Create singleton instance of LowPowerTicker for watchdog periodic call back of kick.
-    Watchdog *_next;
+     */
+    static SingletonPtr<LowPowerTicker> _ticker;
+#else
+    /** Create singleton instance of Ticker for watchdog periodic call back of kick.
+     */
+    static SingletonPtr<Ticker> _ticker;
+#endif
 };
 
 } // namespace mbed

targets/targets.json

@@ -48,10 +48,9 @@
                 "help": "Run tickless from the microsecond ticker rather than the low power ticker. Running tickless off of the microsecond ticker improves interrupt latency on targets which use lpticker_delay_ticks",
                 "value": false
             },
-            "hw-watchdog_timeout": {
+            "watchdog-timeout": {
-                "help": "Define the timeout in ms value LowPowerTicker to do HW kick",
+                "help": "Define the timeout in ms to do HW kick",
-                "value": "800",
+                "value": "800"
-                "macro_name": "HW_WATCHDOG_TIMEOUT"
             }
         }
     },