Photon in other state, Safe Mode needed, but I can't go there. Need your suggestion!

Hi everyone,

I’m new to Particle. It didn’t take me long to decide using Photon in the next project for my clients in other states. The OTA update feature is the main reason for my decision.

The only thing worries me a bit is, if I did something wrong in the program, the Photon would be disconnected from the Particle Cloud and my clients wouldn’t be very happy to put it into Safe Mode for me.

I know at the moment I can’t put the device into Safe Mode with firmware API or remotely through the Particle Console. Of course I’ll be very careful when programming, but what if that really happened? Do you have any suggestions or good ideas to handle that?

Thanks a lot!

Karl

We'd need to know what you expect could go wrong?

If you flash a completely bonkers program, how would be able to trust any Safe Mode action, without the help of the users?

But if you have some less "supersticious" error case, you should be able to cater for that.

A rather common error is the general inability to reach the cloud but provided the WiFi is set up correctly you can have your program force the system into Safe Mode.

So that's not quite true:

You can!

But without WiFi correctly set up, Safe Mode won't help you a lot either.

Kind of obvious, but testing your code on a local device before shipping it out into production seems to be a good idea in general.

2 Likes

Hi @ScruffR, thanks for your reply!

One of my examples is, I tried the TCPClient code from https://docs.particle.io/reference/firmware/photon/#tcpclient. I didn’t expect anything would go wrong. But actually the IP address in the code cannot be reached from my end. So then I got the green breathing light and my Photon disconnected from the cloud. It really confused me for a pretty much whole day. I had to put the Photon into safe mode from time to time to get the cloud connection back and re-flash it.

I guess there must be a lot of tricks to make ‘safe’ programs. When I said ‘safe’ I meant, the devices can always be connecting to the cloud, no matter how other things go wrong.

Keep learning!

Cheers,
Karl

Thanks @Moors7, I’ll do :smile:

That is pretty much a problem with code like this (taken from that example)

  if (!client.connected())
  {
    Serial.println();
    Serial.println("disconnecting.");
    client.stop();
    for(;;);  // <--- BAD!!!! will kill the cloud connection
  }

That's a minimum requirement for "safe" programming, not to have infinite loops and if you have long running sections, make sure to call Particle.process() often enough.
So as a rule of thumb, avoid them (where possible), put timeout logic in anything that might take longer than a few seconds, adopt non-blocking coding styles.

Additionally using SYSTEM_THREAD(ENABLED) helps keeping the cloud connected.

3 Likes

Thanks so much for your help! Really useful suggestions!