Motor Interfacing + FSM

[adiv06]

DO NOT MERGE YET.

Implementation for motor FSM. I made the architecture so more things can be added later, but just wanted to make sure it looked right.

TODO:

• Figure out how to expand macros in CAN recv header with enums and not adding a header to embedded sharepoint can.c
• Add more faults for motor status (SWOC, Speed, etc..), also add more faults for other things like BPS
• Makefile
• Clean up macros, move things to headers, etc
• Add an equation for limiting speed from motor

[gemini-code-assist]

Summary of Changes

Hello @adiv06, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request lays the groundwork for the vehicle's motor control system by introducing a comprehensive Finite State Machine (FSM) architecture. It establishes the necessary CAN communication interfaces for both receiving driver inputs and sending commands to the motor controller. A critical aspect of this work is the integration of a robust fault handling system and a CAN watchdog, designed to ensure system stability and provide mechanisms for recovery or safe shutdown. The changes also include the setup of FreeRTOS tasks to orchestrate these components, forming a foundational embedded software structure.

Highlights

• Motor Control FSM Implementation: Introduced a Finite State Machine (FSM) in SendTritium.c to manage various motor control states (e.g., Forward, Reverse, Neutral, Regen, Cruise Control, Disabled).
• CAN Communication Integration: Defined and integrated CAN IDs for both car control inputs (pedals, gears, buttons, BPS, ignition) and motor commands, with dedicated receive entries for CAN1 and CAN2.
• Robust Fault Handling System: Implemented a FreeRTOS-based fault management framework (faults.h, faults.c) capable of detecting, handling, and potentially recovering from system faults, including a dedicated Task_FaultHandler.
• CAN Watchdog for Reliability: Added a Task_CANWatchdog to monitor the timely reception of critical CAN messages, enhancing system reliability and fault detection.
• FreeRTOS Task Orchestration: Configured main.c to initialize and manage the FSM, CAN Watchdog, and Fault Handler as FreeRTOS tasks, establishing the core embedded system architecture.
• Submodule Integration & VSCode Setup: Included Firmware/Embedded-Sharepoint as a Git submodule and provided VSCode C/C++ configuration for improved development experience.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a significant architectural change by implementing a motor control finite state machine (FSM) using FreeRTOS. The new architecture includes dedicated tasks for the FSM, fault handling, and a CAN watchdog. While this is a good direction, the code in its current state is not ready for merging. It contains several critical issues that prevent compilation, such as multiple CAN signals sharing the same ID, incorrect definitions of global variables in header files leading to linker errors, and numerous undefined variables and functions. My review focuses on these fundamental blocking issues that need to be addressed before a proper logic review can be conducted.

[gemini-code-assist]

A global variable xWDogEventGroup_handle is defined in this header file. Defining non-static global variables in headers leads to "multiple definition" linker errors if the header is included in more than one .c file. The variable should be declared as extern in the header and defined in exactly one source file (e.g., watchdog.c).

Suggested change

	EventGroupHandle_t xWDogEventGroup_handle;
	extern EventGroupHandle_t xWDogEventGroup_handle;

[gemini-code-assist]

This assertion assert(FSM_SIGNAL_COUNT != SEND_TRITIUM_IDS) will always fail and halt the program because both FSM_SIGNAL_COUNT and SEND_TRITIUM_IDS are defined as 8. Based on the comment "ensuring signal for every ID", it seems you intend to check for equality.

  assert(FSM_SIGNAL_COUNT == SEND_TRITIUM_IDS); //ensuring signal for every ID

[gemini-code-assist]

There is a dangling identifier motor_can here which will cause a compilation error. This line seems incomplete and should be removed or completed.

[gemini-code-assist]

The fsm_signal_to_can_id array is defined as static in a header file. This creates a separate instance in every translation unit that includes this header. For a constant lookup table, it's better to declare it as extern const in the header and define it once in the corresponding .c file to save memory and avoid potential issues.

extern const uint16_t fsm_signal_to_can_id[FSM_SIGNAL_COUNT];

[gemini-code-assist]

In C, when an array is passed to a function, it decays to a pointer. sizeof(inputs) will therefore give you the size of a pointer, not the number of elements in the array. This will lead to incorrect behavior in the loop. You should pass the size of the array as a separate argument to the function.

uint8_t generateCustomBitfield(BitfieldInputs_t inputs[], size_t num_inputs) {
  // Inputs are in order of most significant bit to least significant bit
  uint8_t bitfield = 0;
  for (size_t i = 0; i < num_inputs; i++) {
    bitfield |= inputs[i];
  }
  return bitfield;
}

[gemini-code-assist]

The function disableFSM() is called here, but it is defined in SendTritium.c and not declared in any header included by this file. This will cause an "implicit function declaration" warning or error during compilation. To fix this, disableFSM() and recoverFSM() (called on line 91) should be declared in SendTritium.h, and faults.c should include SendTritium.h.

[gemini-code-assist]

The include stm32xx_hal.h uses a placeholder xx. This needs to be replaced with the specific STM32 series being used (e.g., f4, h7) for the code to compile.

Suggested change

	#include "stm32xx_hal.h"
	#include "stm32f4xx_hal.h" // Example for STM32F4 series

[gemini-code-assist]

The else block for the watchdog check is empty. If not all expected CAN messages are received within the watchdog window, a fault should be triggered here. The comment indicates this is the intended purpose.

        }else{
            //one or more messages were missing, wake up a fault task
            Faults_ThrowFault(FAULT_ID_WATCHDOG_FSM);
        }

[gemini-code-assist]

There is a typo in the macro name ACCCEL_PEDAL_RESET_THRESHOLD. It should be ACCEL_PEDAL_RESET_THRESHOLD.

#define ACCEL_PEDAL_RESET_THRESHOLD 20