* safety
* static!
* ALLOW_DEBUG
* fix
* fix 12.3
* remove comment
* no debug
* move stuff to debug
* only usage
* cleanup
* canfd hyundai
* no include for now
* indent
* comment for ford suppression
* also gm
* remove suppression
* only safety headers
* cleanup
* main
* can_comms
* main_declarations->main_definitions
* rename this also
* can_definitions
* faults
* power_saving
* provision
* gitversion
* not included
* no include for now
* some refactoring still needing to be done here
* 50hz
* set rx checks
* tx msgs
* test
* fix
* forgot to check this since it's static now
* enable_gas_interceptor
* more
* remove int funcs since are common
* generic!
* not generic
* need to set counter now
* set_enable_gas_interceptor not needed
* already reset in safety init
* fix test
* remove gas_interceptor_detected (partly)
* oof need for hjonda too
* edit structs
* more honda (still broken)
* fix typo
* shift these down
* can also make this extensible
* stash
* defining classes is much simpler, maybe in future we will have some sort of wrapper after some more thought
* remove create_interceptor_test now
* add lta interceptor
* clean up print
* clean up
* once
* type hint
* rm
* no interceptor with stock long + good test
* add interceptor counter to honda
* need alt interceptor + set rx checks for honda
* we were never testing button enable with nidec + interceptor!
honda almost all passing
* these fixes make sense
* clean up
* better
* clean up test cov
* clean up
* not needed
* fix tx msgs
* clean up
* cppcheck
* fix
* unnecessary
* stash
* if x > xy.x[0], then subsequent x < xy.x[i+1] enforces it is monotonic, or uses last y
* rm
* test safety tick
* coverage: include safety.h
* car-only test
* MAX
* op
* add safety_config_valid
* new fields
* add check
* do first one
* first two
* all done
* fix all output
* simpler
* unused now
* fix body and elm
* fix that
* fix misra
* revert that
* found another bug!
* update test
* why does toyota add 1 but not chrysler?!
* test/fix others
* clean up
* more
* global
* clean up
* one function to reset AND update
* without abs and only negative values: this is not caught (since negative error < 1)
* ugly draft
* clean up, tests work
* now only should use this function
* better cmt
* better loc
* constant in python too!
* actually duplicate comment
* ford curvature rate limits draft
* make common angle tests work with curvature
* comment
* no need for this
* extra line
* fix test
* generic curvature test class
* more reasonable limits
* adjust limits
* draft
* works
* works
* clean up
* add vehicle speed
* works
* clean up
* clean up
* more clean up
* more clean up
* lower
* double
* add updated bp
* remove
* can clean that up
* draft
* this works!
* think that's the correct placement
* try this
* closer
* use min
* add/sub one to not falsely trip
* remove old angle error safety
* i'm not sure if clamp is more readable
* fix that
* fix
* stash
* fix these tests
* ternary
* floats are a pain
* draft, works kinda
* even better
* round that
* need tolerance
* this should work (adding tol=1 wouldn't let us have multiple rate limits)
* test works
* clamp breaks if low is higher than high :(((
down from 150 blocked msgs to 7!
* no blocked msgs!!!
* test a whole bunch
* stash
* stash
* clean up test
* clean up test to be more like torque (+ speeds)
* clean up
* cmt
* test up
* up and down are good
* rename and remove
* this is tested
* uncomment
* this is tested by ensuring we move towards error at a minimum rate
* not used any more
* revert common
* clean up test_ford a bit more
* some clean up (combine variables where it makes sense)
* yeah can't use clamp since min isn't always < max, min(max(.. handles this
* clean up
* revert that
* comments
* cmt
* another
* that's old
* misra!
* Update board/safety/safety_ford.h
* Update board/safety/safety_ford.h
* add todo, fix test case
* more clear, matches panda
* add comment
* Update tests/safety/test_ford.py
* more fine speed increments
* rm comment
* better names
* this is expected behavior (tested by common checks)
* CURVATURE_ERROR_LIMIT_SPEED
* better name?
* pretty clean!
* same for up
* only used in one place now
* these are now clear
* common term
* make vehicle_speed a sample_t
* need to use values[0]
* speed is a float
* Revert "speed is a float"
This reverts commit 01af02f1d3.
* Revert "need to use values[0]"
This reverts commit 8f6d68345a.
* Revert "make vehicle_speed a sample_t"
This reverts commit ecd8dc86b6.
* safety fixes for new speed sample
* test fixes for new speed sample
* fix misra and make intermediate variable
* this isn't needed
* convert vehicle_speed into sample_t, change no behavior
* draft
* round
* test
* clean up
* round
* round all
* use min
* remove round macro from this PR
* reset speed measurement
* debug
* bbd
* rm
* revert
* test above and below
* need this now
* misra pt 1
* misra pt 2
* misra pt 3
* i don't understand this one, not different from other cases
* fix test
* test
* revert that
* draft
* test the sample_t works properly for safety modes that use it (angle only)
* can combine these tests
* test decimals
* global
* misra
comment
* suggestions
* fix
* use new helper
* reset min torque meas too
* add test that fails
* cmt
* cmt
* clean up test
* don't be random
* above test tests this pretty much
* test angle too
* fix
* also test driver torque
* whoops
* whoops
* draft clean up
* always check
* add angle to name
* ford sends curvature when not steering and bit is 0.
it's not torque, curvature of 0 will still apply torque
* need this to be generic
* formatting
* rm
* test that we can send curvature=0 if enabled=False while control_allowed=True (let's say EPS faults, OP doesn't want to actuate)
* revert ford tests to master
* this <i>should</i> preserve behavior
* this is fine to remove
* and this should also be covered
* yeet
* change opt name, combine checks, much better!
* one more
* modes
* Add comment
* misra has a bug :(
* ugh
* make this clear
* ?
* order
* fix
* comments
* set ford vehicle speed
* parse yaw rate signals
* misra
* misra
* misra
* misra
* draft
* update module
* already checked
* and set it properly
* some stuff
* draft
* clean up (will fail tests because we don't send yaw rate yet)
* could do something like this
* this is better and less prone to bugs
* match simple op limiting, debugging
* set checksum for messages in tests
* clean up
* fix that
* one m/s fudge
* fix sign of yaw rate
* interpolate detects size
* forgot OP flips the curvature sign. it matches yaw on can
* all my debugging crap
* make replay work for ford
* fix panda blocking messages (array is fixed size so size-1 is 0 rate at high speed)
* uncomment safety test limits
* revert
* round for zero blocked msgs
* fix limits
* meas safety checks that down rate is >=, not <
* test pass
* lots of comments and draft what one meas torque check would look like
* fix that
* add curvature meas
* add debugging stuff
* Revert "add debugging stuff"
This reverts commit 449783fc62.
* messy but at least one test passes now
* draft
* add max_steer
* some safety clean up
* and that
* start with a test that works
* another test that works (sort of, we need more strict panda safety without false positives)
* no max curvature check (not safety related), allow any rate limits
* add new function
* also need to consider max val here, since OP will send up to that
* and now use the function
* lower to 10
* compilation fixes
* clean up (no rate limiting)
* remove that too
* curvature diff test
* more clean up
* debug
* ?
* better names
* more official
* use _curvature_meas_msg_array here
* bit faster
* no i don't
* revert that
* why not just use angle_meas?
* bb ll
* bb deb
* clean up debug vals
* more
* revert replay drive debugging changes
* Update board/safety.h
* rm line
* only need to round the final thing
* not needed, under 10 ms
* make a class variable
* fix a misra?
* another misra?
better
* ?
* 12.1
* need to explicitly convert
* add one to not false trigger the violation (float rounding)
* not really needed
* rm line
* cmt
* use clamp
* rename
* in struct
* comment
* use max_limit_check
* draft clean up
* Revert "draft clean up"
This reverts commit d1a0e8acd1.
* make a global
make a global
* this is fine
* allow inactive accel values at all times
* cleaner
* unnecessary, done by default
* better comments
* move test to common class
* fix
* flip
* comment
* append 0 and INACTIVE_ACCEL to test accels + check acc_07 sends if inactive only
* cleanup
* fix that
* copy testing convention of VW and Honda
---------
Co-authored-by: Shane Smiskol <shane@smiskol.com>
* adeeb
Co-authored-by: Adeeb Shihadeh <adeebshihadeh@gmail.com>
* check checksum
* think pylint won't like this
* complete test
* do this
* no need
---------
Co-authored-by: Adeeb Shihadeh <adeebshihadeh@gmail.com>
Maxime Desroches
Adeeb Shihadeh
Aryan
Ruben Medina
Shane Smiskol
Jason Wen
Justin Newberry
Justin Newberry
Jason Young