-
Notifications
You must be signed in to change notification settings - Fork 16.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AP_Arming/AP_Scripting: allow scripts for pre-arm checks #13557
Conversation
3abc9be
to
0aee90b
Compare
0aee90b
to
fab2795
Compare
12b0dcf
to
7922980
Compare
I've found and fixed a couple of issues that I had missed. I also added another example script but perhaps we don't need two example scripts and can drop one of them. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Outside of the inline comments below, I'd really like to request a name for something other then "external" for this. External tends to mean outside the flight controller/vehicle and calling anything that scripting sets up seems out of place. Because I'm poking at the name I guess I have to offer an alternative, for which I submit "auxiliary" as these are really extra arming checks coming from anywhere other then the core flight code. (I'm open to other names, I just don't like external).
libraries/AP_Arming/AP_Arming.h
Outdated
ExtAuthStates state; | ||
char* fail_msg; | ||
}; | ||
ext_auth_t ext_auth[ext_auth_count_max] = {}; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd still really like to change this, if we use a Bitmask we can support far more checks, and if we only store the most recent failure from any source then we can only allocate a single buffer, which is far more flexible, and eats less RAM.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think using a bitmask is worth the effort or additional complexity it would add. The structure is only 7 bytes per authoriser so there's very limited room for shrinking the basic structure.
I'll switch it to a single failure message buffer but we should note that this comes at the cost of not being able to display all arming errors at once from independent scripts or companion computers. I think it's very possible we could get an enhancement request to show all the failures at once
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
6 bytes total would support 32 arming checks with my proposal though... Using the proposed structure here would be 224 bytes to support that many checks. 3 checks is just not enough for arming checks as far as I can tell, I'd easily like to have more then that many for scripts.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No, I think if we switch it to a single failure message and make the AuxAuthStates class based on a uint8_t it will consume just 32 bytes for 32 authorisers..
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
While modifying this to use a single fail_msg buffer, one issue is this situation:
- authoriser 1 fails, set failure msg to "fail 1"
- authoriser 2 fails, sets failure msg to "fail 2"
- authoriser 2 passes
In this situation, authoriser 1 has failed but we've lost it's failure message. We need to tell the user that we've failed arming.. but can no longer say why
341305c
to
b9bbb3e
Compare
I think I've addressed all of @WickedShell's comments now (thanks for the review!) and I think it's in better shape now. Any further comments are very welcome! |
b9bbb3e
to
be33fbd
Compare
I think I've addressed all of WickedShell's requests so dismissing the review, thanks again for taking the time to look at this PR.
be33fbd
to
319d26a
Compare
I think I've addressed the majority of the request so dismissing this review, thanks!
I've rebased on master and re-tested and it seems to be working still. I'll merge once it passes travis. Thanks again for the review |
@rmackay9 If you just merge a PR after making changes that defeats all the checks the review process is supposed to be bringing you. The point of the previous review is there were things which has to be improved. I'm happy you addressed them, but after making changes a review should still be done again. Just instant merging after you've pushed up changes to address a review defeats the quality of the review process. Particularly since you didn't understand one of the review comments, and just merged over it anyways, without waiting for any discussion on how to properly address it. This is extremely frustrating as someone doing reviews if we can't achieve a consensus while it's in the PR stage then why bother presenting reviews and try to improve the quality of new features. |
@WickedShell, Yes, I understand your point of view but please also understand mine:
I very much appreciate the review you provided and it did catch at least one real issue but my feeling is that we were beyond catching any real bugs and were at the point of differences in style. As a side note, I think scripting is a really important feature and we should try to speed up those merges that are simply adding bindings which should be pretty safe. |
This PR makes two somewhat unrelated changes:
Below is a screen shot from a bench test where the example script was run on a CubeBlack. This example script simply disallows arming the vehicle within 60 seconds of boot
Some known issues and thoughts on this change: