[ISSUE 617] ProtectionManager Without Ethernet / Fault Runtime Redesign

.changesets/pm-no-eth-major.md

@@ -0,0 +1,21 @@
+release: major
+summary: Redesign fault handling, protections, and Board bootstrap around explicit fault policies
+
+This PR changes the public integration contract for applications built on ST-LIB.
+
+Breaking changes:
+
+- `Board` now takes the fault policy type as its first template parameter.
+- The global `FAULT` runtime is owned exclusively by `FaultController`.
+- User state machines are now nested under the global `OPERATIONAL` state through `FaultPolicy` or `FaultPolicyNoMachine`.
+- Protections now use `ProtectionEngine` and `Protections::Rules::*`; the previous `ProtectionManager` and boundary split is no longer the active model.
+- Runtime reporting is unified under `PANIC(...)`, `FAULT(...)`, `WARNING(...)`, and `INFO(...)`.
+- The real bootstrap path is `Board::init()`. Legacy `STLIB::start()`, `STLIB::update()`, `STLIB_LOW::start()`, and `STLIB_HIGH::start()` must not be used as the integration path.
+
+Migration notes:
+
+- Declare the board as `Board<YourFaultPolicy, ...>`.
+- Use `FaultPolicy<app_machine, on_fault_enter>` when you want an operational state machine nested under the global runtime.
+- Use `FaultPolicyNoMachine<on_fault_enter>` when you only need a fault-entry callback.
+- Use `DefaultFaultPolicy` when you want neither an operational machine nor a fault-entry callback.
+- In the main loop, drive the runtime through `FaultController::check_transitions()`, `ProtectionEngine::evaluate()`, and `Diagnostics::Hub::flush()`.

CMakeLists.txt

@@ -277,6 +277,7 @@ set(HALAL_CPP_NO_ETH
   ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Models/LowPowerTimer/LowPowerTimer.cpp
   ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Models/MDMA/MDMA.cpp
   ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Models/MPUManager/MPUManager.cpp
+  ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Models/Packets/Packet.cpp
   ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Models/Packets/SPIOrder.cpp
   ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Models/SPI/SPI2.cpp
   ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Models/DMA/DMA2.cpp
@@ -289,6 +290,10 @@ set(HALAL_CPP_NO_ETH
   ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Services/Communication/UART/UART.cpp
   ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Services/DigitalInputService/DigitalInputService.cpp
   ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Services/DigitalOutputService/DigitalOutputService.cpp
+  ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Services/Diagnostics/DiagnosticFormatter.cpp
+  ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Services/Diagnostics/DiagnosticSinks.cpp
+  ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Services/Diagnostics/DiagnosticTimestampProvider.cpp
+  ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Services/Diagnostics/DiagnosticsHub.cpp
   ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Services/EXTI/EXTI.cpp
   ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Services/FMAC/FMAC.cpp
   ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Services/Flash/Flash.cpp
@@ -306,7 +311,6 @@ set(HALAL_C_ETH_CORE)
 set(HALAL_CPP_ETH_CORE
   ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Models/IPV4/IPV4.cpp
   ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Models/MAC/MAC.cpp
-  ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Models/Packets/Packet.cpp
   ${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Services/Communication/SNTP/SNTP.cpp
 )
 
@@ -368,7 +372,6 @@ set(STLIB_LOW_CPP_NO_ETH
   ${CMAKE_CURRENT_LIST_DIR}/Src/ST-LIB_LOW/DigitalOutput/DigitalOutput.cpp
   ${CMAKE_CURRENT_LIST_DIR}/Src/ST-LIB_LOW/ErrorHandler/ErrorHandler.cpp
   ${CMAKE_CURRENT_LIST_DIR}/Src/ST-LIB_LOW/Math/Math.cpp
-  ${CMAKE_CURRENT_LIST_DIR}/Src/ST-LIB_LOW/ST-LIB_LOW.cpp
   ${CMAKE_CURRENT_LIST_DIR}/Src/ST-LIB_LOW/Sd/Sd.cpp
   ${CMAKE_CURRENT_LIST_DIR}/Src/ST-LIB_LOW/Sensors/DigitalSensor/DigitalSensor.cpp
   ${CMAKE_CURRENT_LIST_DIR}/Src/ST-LIB_LOW/Sensors/SensorInterrupt/SensorInterrupt.cpp
@@ -380,17 +383,15 @@ set(STLIB_LOW_CPP_NO_ETH
 
 set(STLIB_HIGH_C_ETH)
 
-set(STLIB_HIGH_CPP_ETH
-  ${CMAKE_CURRENT_LIST_DIR}/Src/ST-LIB_HIGH/Protections/Boundary.cpp
-  ${CMAKE_CURRENT_LIST_DIR}/Src/ST-LIB_HIGH/Protections/ProtectionManager.cpp
-)
+set(STLIB_HIGH_CPP_ETH)
 
 set(STLIB_HIGH_C_NO_ETH)
 
 set(STLIB_HIGH_CPP_NO_ETH
   ${CMAKE_CURRENT_LIST_DIR}/Src/ST-LIB_HIGH/FlashStorer/FlashStorer.cpp
   ${CMAKE_CURRENT_LIST_DIR}/Src/ST-LIB_HIGH/FlashStorer/FlashVariable.cpp
-  ${CMAKE_CURRENT_LIST_DIR}/Src/ST-LIB_HIGH/ST-LIB_HIGH.cpp
+  ${CMAKE_CURRENT_LIST_DIR}/Src/ST-LIB_HIGH/Protections/FaultController.cpp
+  ${CMAKE_CURRENT_LIST_DIR}/Src/ST-LIB_HIGH/Protections/ProtectionEngine.cpp
 )
 
 # ============================
@@ -426,9 +427,6 @@ add_library(${STLIB_LIBRARY} OBJECT
   $<$<BOOL:${CMAKE_CROSSCOMPILING}>:${STLIB_HIGH_CPP_NO_ETH}>
   $<$<AND:$<BOOL:${CMAKE_CROSSCOMPILING}>,$<BOOL:${USE_ETHERNET}>>:${STLIB_HIGH_C_ETH}>
   $<$<AND:$<BOOL:${CMAKE_CROSSCOMPILING}>,$<BOOL:${USE_ETHERNET}>>:${STLIB_HIGH_CPP_ETH}>
-
-  $<$<BOOL:${CMAKE_CROSSCOMPILING}>:${CMAKE_CURRENT_LIST_DIR}/Src/ST-LIB.cpp>
-
   $<$<NOT:$<BOOL:${CMAKE_CROSSCOMPILING}>>:${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Services/Time/Scheduler.cpp>
   $<$<NOT:$<BOOL:${CMAKE_CROSSCOMPILING}>>:${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Models/TimerDomain/TimerDomain.cpp>
   $<$<NOT:$<BOOL:${CMAKE_CROSSCOMPILING}>>:${CMAKE_CURRENT_LIST_DIR}/Src/HALAL/Models/MPUManager/MPUManager.cpp>

Inc/C++Utilities/CppImports.hpp

@@ -42,3 +42,10 @@
 #include <ranges>
 #include <cstdarg>
 #include <stdarg.h>
+#include <bit>
+#include <concepts>
+#include <expected>
+#include <new>
+#include <optional>
+#include <type_traits>
+#include <variant>

Inc/C++Utilities/CppUtils.hpp

@@ -8,6 +8,10 @@ namespace chrono = std::chrono;
 namespace placeholders = std::placeholders;
 
 using std::array;
+using std::byte;
+using std::construct_at;
+using std::destroy_at;
+using std::expected;
 using std::function;
 using std::hash;
 using std::integral_constant;
@@ -17,6 +21,7 @@ using std::make_unique;
 using std::map;
 using std::move;
 using std::nullopt;
+using std::optional;
 using std::pair;
 using std::queue;
 using std::reference_wrapper;
@@ -29,6 +34,9 @@ using std::stack;
 using std::string;
 using std::stringstream;
 using std::to_string;
+using std::unexpected;
 using std::unique_ptr;
 using std::unordered_map;
+using std::variant;
 using std::vector;
+using std::visit;

Inc/C++Utilities/StaticVector.hpp

@@ -18,7 +18,7 @@ template <typename T, size_t Capacity> class StaticVector {
 
     constexpr void push_back(const T& value) {
         if (size_ >= Capacity) {
-            ErrorHandler("StaticVector capacity exceeded");
+            PANIC("StaticVector capacity exceeded");
             return;
         }
         data[size_] = value;

Inc/HALAL/HALAL.hpp

@@ -68,13 +68,3 @@
 #include "HALAL/Services/Communication/Ethernet/LWIP/UDP/DatagramSocket.hpp"
 #include "HALAL/Services/Communication/SNTP/SNTP.hpp"
 #endif
-
-namespace HALAL {
-
-#ifdef STLIB_ETH
-void start(MAC mac, IPV4 ip, IPV4 subnet_mask, IPV4 gateway, UART::Peripheral& printf_peripheral);
-#else
-void start(UART::Peripheral& printf_peripheral);
-#endif
-
-} // namespace HALAL

Inc/HALAL/Models/DMA/DMA2.hpp

@@ -498,7 +498,7 @@ struct DMADomain {
 
                 instances[i].dma = {};
                 if (stream == Stream::none) {
-                    ErrorHandler("DMA stream must be selected before init");
+                    PANIC("DMA stream must be selected before init");
                     continue;
                 }
 
@@ -507,7 +507,7 @@ struct DMADomain {
 
                 if (HAL_DMA_Init(&instances[i].dma) != HAL_OK) {
                     instances[i].dma = {};
-                    ErrorHandler("DMA Init failed");
+                    PANIC("DMA Init failed");
                     continue;
                 }
 

Inc/HALAL/Models/MDMA/MDMA.hpp

@@ -146,7 +146,7 @@ class MDMA {
 
         void init_node(void* src, void* dst, size_t size) {
             if (size == 0) {
-                ErrorHandler("MDMA: zero-length transfer is invalid");
+                PANIC("MDMA: zero-length transfer is invalid");
                 return;
             }
 
@@ -220,7 +220,7 @@ class MDMA {
             nodeConfig.Init.BufferTransferLength = buf_len;
 
             if (HAL_MDMA_LinkedList_CreateNode(&node, &nodeConfig) != HAL_OK) {
-                ErrorHandler("Error creating linked list in MDMA");
+                PANIC("Error creating linked list in MDMA");
             }
 
             // HAL_MDMA_LinkedList_CreateNode only sets the request field in CTBR;

Inc/HALAL/Models/MPUManager/MPUManager.hpp

@@ -12,7 +12,7 @@ class MPUManager {
         no_cached_ram_occupied_bytes = no_cached_ram_occupied_bytes + size;
         if (no_cached_ram_occupied_bytes > NO_CACHED_RAM_MAXIMUM_SPACE) {
             uint32_t excess_bytes = no_cached_ram_occupied_bytes - NO_CACHED_RAM_MAXIMUM_SPACE;
-            ErrorHandler("Maximum capacity on non cached ram heap exceeded by %d", excess_bytes);
+            PANIC("Maximum capacity on non cached ram heap exceeded by %d", excess_bytes);
             return nullptr;
         }
         return buffer;

Inc/HALAL/Models/Packets/SPIOrder.hpp

@@ -78,20 +78,15 @@ class SPIBaseOrder {
     SPIBaseOrder(uint16_t id, uint16_t master_data_size, uint16_t slave_data_size)
         : id(id), master_data_size(master_data_size), slave_data_size(slave_data_size) {
         if (id == 0) {
-            ErrorHandler(
-                "Cannot use 0 as the SPIOrderID, as it is reserved to the no Order ready signal"
-            );
+            PANIC("Cannot use 0 as the SPIOrderID, as it is reserved to the no Order ready signal");
         }
         if (master_data_size > slave_data_size) {
             payload_size = master_data_size + PAYLOAD_OVERHEAD + PAYLOAD_TAIL;
         } else {
             payload_size = slave_data_size + PAYLOAD_OVERHEAD + PAYLOAD_TAIL;
         }
         if (payload_size > SPI_MAXIMUM_PAYLOAD_SIZE_BYTES) {
-            ErrorHandler(
-                "Cannot declare SPIOrder %d as its size surpasses the maximum data size",
-                id
-            );
+            PANIC("Cannot declare SPIOrder %d as its size surpasses the maximum data size", id);
         }
         MISO_payload = new uint8_t[payload_size]{0};
         MOSI_payload = new uint8_t[payload_size]{0};