Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Modular Assistive Driving System (MADS) (#57)
* improvements on the state machine for exiting controls and improvements on replay drive, and optimizations * New tests on hyundai for now to see how they behave with lkas and main button pressed interchangeably * cleaning up hyundai tests and ensuring we always cleanup mads states at the end of the tests * Adjusting tests * Adjusting the tests a bit more to ensure clean states * Cleaning up and simplifying logic * ensuring all tests always cleanup * improving the state * make static happy * Refactor safety replay script for better debugging and update Honda safety code The commit performs a comprehensive revision of the safety replay script, specifically focusing on introducing debug variables and enhancing the logging capabilities for improved debugging. Furthermore, changes were made to the Honda safety code. The test helpers within libpanda were also expanded for inclusion of additional test conditions. * Introduce 'ACC_MAIN_OFF' as a new disengagement reason in Sunnypilot's 'safety_mads.h' The Sunnypilot's 'safety_mads.h' file has been updated to include 'ACC_MAIN_OFF' as a new cause for disconnection in the 'DisengageReason' enumeration. If an 'acc_main_off' signal is received, the 'mads_exit_controls' function halts all requests for lateral control engagement. Additionally, the status of 'controls_requested_lat' now mirrors 'controls_allowed_lat' after a button press. * simpler logic cleaner * reorder code for readability * tmp * Refactor state transitions and add event handlers Renamed StateTransition to EdgeTransition for clarity and updated related logic. Introduced event handlers for button presses and ACC state changes, reducing duplicated control flow code. Improved encapsulation and maintainability by restructuring state update functions. * reorder * Refactor MADS state handling logic Removed redundant event handler functions and unnecessary timestamp fields to streamline the code. Simplified button and binary state updates by integrating logic directly into transition checks. Commented out unused fields * adding some more tests * split init * format * update naming * Refine lateral control request logic in safety_mads.h The logic for setting the `controls_requested_lat` variable in safety_mads.h has been refined. Previously, it switched state based on the current value of `controls_allowed_lat`. Now, it also takes into account the current state of `acc_main`, ensuring a more nuanced control request mechanism that accounts for different operational scenarios. * Fix button state handling in mads_exit_controls logic. Refactor button state transitions to better handle lateral control requests when ACC is active. Ensure controls are correctly disengaged under specific conditions, by setting `controls_requested_lat` more reliably during state transitions. This change improves safety by preventing inadvertent disengagement when ACC is not active. * Add test for LKAS button press with ACC main on This commit introduces a new test to ensure that controls remain enabled when the LKAS/LFA button is pressed while ACC main is on. It checks that LKAS button operations don't interfere with control permissions in this specific configuration, improving test coverage and preventing potential safety issues. * Add mismatch detection and change mads_acc_main to bool Enhanced mismatch detection logic by tracking cases where 'controls_allowed' is true while 'controls_allowed_lat' is false, updating the script to print relevant debug information. Additionally, changed the data type of 'mads_acc_main' and 'mads_acc_main_prev' from int to bool for improved type accuracy and consistency. * update controls_allowed_lat_pkt on health pkt to actually follow is_lat_active() which has the final word on whether we can allow lat or not. * Can't perform this test on toyota as we never really process a button disengagement for toyota * wow, we forgot about pcm hyundai can-fd * nuke nuke nuke * Revert "nuke nuke nuke" This reverts commit 9bf0de6. * update name * event driven update states * add get_pcm_main_cruise_available * split PCM and non-PCM main cruise tets * fix some * pcm main cruise availability mutation * toyota pass fake lkas btn pressed * more * make pcm acc main rising edge on init * only falling edge when actually 0 (need test for mutation) * misra * remove state flags, main button related * skip lkas related tests with toyota and subaru fake button * need for honda * static * mutation * misra * skip nidec pcm alt * engage mads if controls allowed rising * static * remove non pcm properties * fixup! engage mads if controls allowed rising * move back * fix static * move around * Hyundai openpilot longitudinal main cruise button state handling * main button unit test * acc_main_on mismatch unit tests * clean up old main cruise button unit tests * add more reasons * cleanup * rename * rearrange * Revert "rearrange" This reverts commit f07caaa. * more rearrange * rename * more * too slow * Revert "too slow" This reverts commit 31a249a. * too slow v2 * cleanup * rename * more cleanup * Parse more flags from alt exp, more tests, hyundai main cruise allowed * missed * mutation for controls allowed rising edge * ford mutation * Update tests/safety/test.sh Co-authored-by: DevTekVE <[email protected]> * license * unused * remove * comment * Apply suggestions from code review Co-authored-by: DevTekVE <[email protected]> * comment * refactor alternative experience handling with helper function * use always allowed mads button alt exp * rename * parenthesis * use alternative experience for unit tests inits * cleanup * rename * mutation tests for alternative experience flags * bump timer * test for disengage and no disengage lateral on brake * test allow MADS engage with brake pressed * rename * move around * button combo test * use acc_main_on directly from global * fix caught failures from last commit's fix * Revert "use acc_main_on directly from global" This reverts commit 346964f. * Properly fix lmao * Add support for LKAS button handling across Chrysler platforms Introduced LKAS button message parsing for multiple Chrysler platforms, including specific handling for center stack button messages. Updated tests and safety configurations to reflect these changes, ensuring compatibility with different vehicle variants. This enhances modularity and improves safety feature integration. * Dockerfile: point to sunnypilot/opendbc * Happy days :) * clean * testx * Revert "Happy days :)" This reverts commit 7ea27b5. * symlink prior building * comment * only parse mads lateral, not stock op's lateral * do not allow controls allowed if acc_main_on is off * expose system_enabled, do not allow controls allowed to steer if system_mads is off * fix hyundai tests with acc_main_on requirement * fix test with new controls allowed with system_mads off * fix replay drive * Change 'DISABLE_DISENGAGE_LATERAL_ON_BRAKE' to 'DISENGAGE_LATERAL_ON_BRAKE' The commit modifies the usage of the 'DISABLE_DISENGAGE_LATERAL_ON_BRAKE' variable globally and replaces it with 'DISENGAGE_LATERAL_ON_BRAKE'. This change promotes correct and clear semantics, since the variable now indicates a state rather than the negation of a state. * Adding some more debug printouts on replay drive * remove unified engagement mode in panda * treat MADS button as user entry * controls allow should be allowed at all times * squash! treat MADS button as user entry * heartbeat for mads * heartbeat mismatch exit control * remove always allow mads button from alt * move to safety_mads * check heartbeat directly in main * remove main cruise allowed from alt * uint * squash! check heartbeat directly in main * update tests * not needed * fix mads_exit_controls sometimes not assigning disengage reason * more disengage lateral on brake tests * extern * missesd * honda mutation test * again * rename * more dlob test * update name * fix tests * fix panda tests * Refactor MADS state management to simplify pointer usage. This change replaces many pointer-based state variables with direct ones, improving code readability and reducing complexity. It also standardizes the use of `const` for parameters and updates function implementations accordingly. These improvements enhance maintainability and reduce potential for pointer-related errors. * Simplify braking logic in m_mads_check_braking function Removed redundant conditions to streamline braking logic. This change maintains functionality while improving code readability and maintainability. Only necessary checks are now performed to determine disengagement. * Prevent lateral control engagement during braking Added a condition to disable lateral control engagement when braking with disengage-on-brake enabled. This change is marked as a demonstration and is not final for merging. Moved the disengage_reason to be set only when an actual disengagement occurred. * Refactor MADS state handling and fix type consistency Remove redundant `get_mads_state` inline definition and migrate it to a static function. Fix return type syntax in `get_mads_pending_disengage_reason`. Minor formatting adjustments improve readability and code clarity. Refactor disengagement logic with enhanced reason tracking Added distinction between active and pending disengagement reasons to improve system state tracking. Updated related enums, structs, and logic to ensure proper handling during control transitions. Added new safety tests to verify behavior under braking and ACC conditions. Refactoring lateral control permissions and brake checks in MADS This revision refactors the MADS safety code. The aim is to simplify and improve readability. Operations and checks for brake states and lateral control permissions have been consolidated into fewer methods. In addition, unused 'previous_disengage' state tracking has been removed from MADSState structure to avoid unnecessary state tracking. Moreover, the 'can_allow_controls_lat' function has been removed entirely and its functionality has been incorporated into other functions, reducing the function count and complexity of the code. The braking status is now tracked with BinaryStateTracking for consistency. These changes maintain the system's functionality while optimizing the code and improving maintainability. * Why MISRA, why!? WHY!???? I DIDNT EVEN TOUCH THIS FILE OR NOWHERE NEAR! * Some format * no more messing with misra * const * more generic names * revert to validate * are you srs * make gpio.h stock again and add to supression lists the check on gpio.h since we are not even touching it and we don't plan on ever doing so * hard code to skip heartbeat check * update comment * cleanup * Update tests/safety/test_honda.py --------- Co-authored-by: DevTekVE <[email protected]>
- Loading branch information
1 parent
463bcee
commit 3ae376e