Communities

Writing

Codidact Meta

The Great Outdoors

Photography & Video

Scientific Speculation

Cooking

Electrical Engineering

Judaism

Languages & Linguistics

$Mathematics$

tag:snake search within a tag

answers:0 unanswered questions

user:xxxx search by author id

score:0.5 posts with 0.5+ score

"snake oil" exact phrase

votes:4 posts with 4+ votes

created:<1w created < 1 week ago

post_type:xxxx type of post

Search help

Notifications

Mark all as read See all your notifications »

Q&A Papers Meta

Q&A

Posts Tags Edits

Ask Question

Comments on Is Feeding a Watchdog Timer from an ISR a Bad Practice?

Post

Is Feeding a Watchdog Timer from an ISR a Bad Practice?

+3

−0

In an embedded system, I require a watchdog to be able to pass ESD qualifications (the main reason for the watchdog requirement is that the device wasn't able to pass the harshest tests of the IEC 61000-4-2 standard). Having no experience with watchdogs, I went through this Memfault article. I liked the events "registration" and "flags" since it easily allows us to do conditional ORing of events depending on the system's state. Plus it feels scalable.

For the feeding part, here's what I put in place:

/** @brief Raise the event flag and feed the watchdog if all required event flags are set.
 *
 *  @param[in] event_flag  Bitmask corresponding to the triggering event.
 */
static void watchdog_feed_if_all_events_set(watchdog_event_t event_flag)
{
    /* Declare as volatile since this function could be called from concurrent ISRs. */
    static volatile watchdog_event_t watchdog_fed_events;

    enter_critical();

    watchdog_fed_events |= event_flag;

    if ((watchdog_fed_events & watchdog_required_events) == watchdog_required_events) {
        bsp_watchdog_feed();
        watchdog_fed_events = 0;
    }
    exit_critical();
}

This function can then be called from any part of the application, including from ISRs.

Now for the question:

I was told it was senseless to feed a watchdog from an ISR and that a redesign is required, but no rationale was provided. I see nothing wrong with my implementation and it works just fine. I feel like a watchdog design is closely related/dependent to the system on which it is implemented and that there are no one-size-fits-all designs.

Am I missing something? Why would someone want to avoid feeding a watchdog from an ISR?

C embedded-systems watchdog interrupt

posted about 15 hours ago

CC BY-SA 4.0

14h ago by Nick Alexeev‭

drkfrx‭

16 reputation 1 0 3 1

Raw

Markdown

History

is a duplicate

This question has been asked before and has already been answered. It should be marked as a duplicate.

Please enter the URL of the proposed duplicate in the details field below.

not constructive

This question cannot be answered in a way that is helpful to anyone. It's not possible to learn something from possible answers, except for the solution for the specific problem of the asker.

1 comment thread

"XY problem" about ESD (4 comments)

Lundin‭ wrote about 15 hours ago · edited about 14 hours ago

copy link

As we discussed before, ESD causing memory corruption or hanging the MCU etc are just symptoms. ESD testing is just as likely to regard a sudden MCU reset by a watchdog or other means as a fail criteria. If possible, I would encourage you to post a separate question here addressing the electronics design and the ESD problem, to solve the root cause.