Lines 23-42 in Fault.cpp as shown above have the unfortunate side effect that falling edges (signalling conditions of Faults going from true, to false) do not cause the xxx_fault.base field to become faults once a faulting condition goes away. This is because unsignal() does not have a corresponding set(false) call.
This is explicitly apparent in all of the ADCS telemetry from flight because the adcs_monitor.functional_fault.base field shows as true, along with wheel1_fault.base, wheel2_fault.base, wheel3_fault.base, wheel_pot_fault.base, despite the corresponding havt_deviceX fields all reporting as True, indicating the devices are working.
However, this does not cause bugged behavior in flight (other than bad telemetry).
When push comes to shove, and is_faulted() is actually called in the fault handler, there is proper either set(true) or set(false) calls.
Lines 23-42 in Fault.cpp as shown above have the unfortunate side effect that falling edges (signalling conditions of Faults going from true, to false) do not cause the
xxx_fault.basefield to become faults once a faulting condition goes away. This is becauseunsignal()does not have a correspondingset(false)call.This is explicitly apparent in all of the ADCS telemetry from flight because the adcs_monitor.functional_fault.base field shows as true, along with wheel1_fault.base, wheel2_fault.base, wheel3_fault.base, wheel_pot_fault.base, despite the corresponding havt_deviceX fields all reporting as True, indicating the devices are working.
However, this does not cause bugged behavior in flight (other than bad telemetry). When push comes to shove, and
is_faulted()is actually called in the fault handler, there is proper eitherset(true)orset(false)calls.