-1

The question is:

How should I configure the Watchdog Timer if I have 3 tasks with different priorities and different execution time?

Say:

Task1: Highest Priority , Exec. Time = 5 ms

Task2: Medium Priority , Exec. Time = 10 ms

Task3: Lowest Priority , Exec. Time = 15 ms

W.Wafi
  • 11
  • 2
  • What are your requirements? If your requirements say "The system should detect a hung task after at least 5 minutes", it's 5 minutes. – tofro Aug 01 '18 at 11:29
  • I am the one who building the system, so I need to know how to properly set this requirement – W.Wafi Aug 01 '18 at 11:39
  • How fast do you want to recover from a crash, then? For most types of devices, *seconds* are alright. There is normally absolutely no need to align the watchdog with any task loop times and run into problems with an unnecessarily triggered watchdog when you make changes to your program and thus loop timing. – tofro Aug 01 '18 at 11:42
  • As fast as I can. So, I should configure the WDT for the overall time period of the system ? or for the longest task ? – W.Wafi Aug 01 '18 at 11:54
  • It’s more complicated than that, because you want an OR of all tasks running- this won’t work without intertask comms. It depends a lot on how interdependent your tasks are. – tofro Aug 01 '18 at 12:00
  • See [Strategy for feeding a watchdog in a multitask environment](https://stackoverflow.com/questions/14758045/strategy-for-feeding-a-watchdog-in-a-multitask-environment) for related information. – kkrambo Aug 01 '18 at 12:44
  • Have you chosen a basic 'heartbeat' rate yet? A hearbeat is typically driven by a customer requirement. For example, in an embedded system for telecom transport, every status input must be read once per second. This supports the worst case reporting requirement. Example: upon the occurrence of a LOS alarm (loss of signal, i.e. a wire or fiber cut), the software shall detect and deliver the alarm to the 'user' (typically a serial screen) in 1.5 +/- 0.5 seconds. (I encourage you to sketch this timing scenario out). So, what is your systems heartbeat? and why? – 2785528 Aug 04 '18 at 01:33

2 Answers2

3

The proper way to do this is

  1. Create a special watchdog task that waits on 3 semaphores/mutexes/message queues (sequentially) in a loop
  2. Feed those three semaphores from your worker tasks (each task feeds one semaphore of the watchdog task)
  3. re-set the watchdog timer in the watchdog task's loop to the sum of the loop timing of all worker tasks (worst case) plus some headroom.

If any of your worker tasks or the watchdog tasks hangs, it will eventually block the watchdog task and the watchdog will expire. You want to make sure the watchdog is only re-triggered when all tasks are running properly. Use the simplest inter-task communication means your RTOS provides to make it as robust as possible against crashes.

tofro
  • 5,640
  • 14
  • 31
  • .. and make the dog task the highest priority to prevent a higher-priority thread that is stuck looping from preventing the dog bite by starving the poor pup of CPU execution. – Martin James Aug 20 '18 at 20:14
  • @MartinJames Exactly when the WD task is not getting CPU, the WD is going to trigger. And that's what we want - if a higher prio thread is stuck looping we **want** the WD to kick in - The WD task's priority is actually not very relevant, as long as it's getting *some* CPU to keep the system alive in the good case. – tofro Aug 20 '18 at 22:22
-1

Look at this definition A watchdog timer is an electronic timer that is used to detect and recover from computer malfunctions. During normal operation, the computer regularly resets the watchdog timer to prevent it from elapsing, or "timing out"

So you set the watchdog timer value, that trigger watchdog when you are sure none of 3 tasks is running. To be more accurate, you reset the timer when you are sure all of the tasks are running. When a single task stopped due to unknown reason, you want to trigger watchdog (you can read more on it)

Now the real thing, what should be time for watchdog timer? you need to set a timer when you want to restart the program, so include all wait time for a task, delays in tasks and check worst-case time (max time) for all tasks to be executed at least once. then set the timer value a little bit more than this max value.

Umair
  • 336
  • 1
  • 16