Add a shutdown command & state to the picubed#313
Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cpp-linter Review
Used clang-format v20.1.2
Click here for the full clang-format patch
diff --git a/src/states/shutdown/shutdown_state.c b/src/states/shutdown/shutdown_state.c
index b360e48..8acdcf5 100644
--- a/src/states/shutdown/shutdown_state.c
+++ b/src/states/shutdown/shutdown_state.c
@@ -25,6 +25,5 @@ state_id_t shutdown_get_next_state(slate_t *slate)
-sched_state_t shutdown_state = {
- .name = "shutdown",
- .id = STATE_SHUTDOWN,
- .num_tasks = 1,
- .task_list = {&watchdog_task},
- .get_next_state = &shutdown_get_next_state};
+sched_state_t shutdown_state = {.name = "shutdown",
+ .id = STATE_SHUTDOWN,
+ .num_tasks = 1,
+ .task_list = {&watchdog_task},
+ .get_next_state = &shutdown_get_next_state};
Have any feedback or feature suggestions? Share it here.
There was a problem hiding this comment.
Cpp-linter Review
Used clang-format v20.1.2
Click here for the full clang-format patch
diff --git a/src/states/shutdown/shutdown_state.c b/src/states/shutdown/shutdown_state.c
index b360e48..8acdcf5 100644
--- a/src/states/shutdown/shutdown_state.c
+++ b/src/states/shutdown/shutdown_state.c
@@ -25,6 +25,5 @@ state_id_t shutdown_get_next_state(slate_t *slate)
-sched_state_t shutdown_state = {
- .name = "shutdown",
- .id = STATE_SHUTDOWN,
- .num_tasks = 1,
- .task_list = {&watchdog_task},
- .get_next_state = &shutdown_get_next_state};
+sched_state_t shutdown_state = {.name = "shutdown",
+ .id = STATE_SHUTDOWN,
+ .num_tasks = 1,
+ .task_list = {&watchdog_task},
+ .get_next_state = &shutdown_get_next_state};
Have any feedback or feature suggestions? Share it here.
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
megargayu
left a comment
megargayu
left a comment
There was a problem hiding this comment.
LGTM except for the two questions below--lmk if they make sense.
Also I thought shutdown meant like a completely system shutdown (i,e. no code running)? I think I am misunderstanding what shutdown means...
| LOG_INFO("Shutdown timeout reached (3 months). Reinitializing."); | ||
| slate->shutdown_triggered = false; | ||
| slate->shutdown_cmd_counter = 0; | ||
| return STATE_INIT; |
There was a problem hiding this comment.
On FLIGHT, STATE_INIT will do burn wire. Presumably if we were able to get to shutdown state, wouldn't we have already done initialization & burn wire? Should we be moving to e.g. STATE_RUNNING?
There was a problem hiding this comment.
Good point, will look into this, but I think you're right.
|
|
||
| state_id_t running_get_next_state(slate_t *slate) | ||
| { | ||
| if (slate->shutdown_triggered) |
There was a problem hiding this comment.
If we shut down, wait 3 months, and then it goes back to running (or init -> burn wire -> running), then wouldn't this go back?
a) Is that desirable behavior (infinite shutdown loop)? And if so:
b) Why did we pick 3 months before it just loops back? Is it just an arbitrary number?
There was a problem hiding this comment.
The shutdown_triggered flag is set to false before the shutdown state returns the state to go back to after 3 months, so after 3 months, it'll run like normal again. In terms of why it's a 3 month timer, this was mostly out of suggestion from Yiheng when I was working on it. I'll go ahead and ping him if there's a specific reason for this timing that I might be forgetting.
There was a problem hiding this comment.
Update: 3 months doesn't matter, anything will work. We need to be able to get back into the codebase, see comment below.
|
To update this PR based on talks:
Therefore, this PR will work as it is. However, two things I think should be implemented:
Note: This would also help solve #87. |
…DOWN commands. PAYLOAD_SHUTDOWN is a TODO since PAYLOAD_TURN_OFF has a similar purpose
2 participants
Added a new shutdown command that, when received 3 times consecutively, puts the satellite into a shutdown state, where it doesn't respond to communications or transmit any signals. After 3 months in shutdown, the satellite will automatically exit the shutdown state and go back to the regular running state.