Hi all,
I tested the short failsafe feature, but found that it is currently not working as expected. It appears that others have encountered the same issue - short failsafe triggered immediately without FS_SHORT_TIMEOUT:
https://discuss.ardupilot.org/t/fs-short-timeout-not-changing-rc-failsafe-timeout/119625
https://discuss.ardupilot.org/t/fs-short-timeout-does-not-work/54331
https://discuss.ardupilot.org/t/fs-short-actn-not-working/90635/2 (maybe)
After checking the code: Arduplane/system.cpp
Plane::check_short_failsafe() function is set up as below to trigger short failsafe
…
if(failsafe.rc_failsafe) {
failsafe_short_on_event(FAILSAFE_SHORT, ModeReason::RADIO_FAILSAFE);
}
…
It didn’t actually use FS_SHORT_TIMEOUT parameter when people lose rc signal. I tried to fix it as below:
…
if (failsafe.rc_failsafe &&
(tnow - rc_last_seen_ms) > g.fs_timeout_short*1000) {
failsafe_short_on_event(FAILSAFE_SHORT, ModeReason::RADIO_FAILSAFE);
}
…
(Refer to more details from this pull request)
I’ve tested this in SITL and confirmed that the failsafe now behaves as intended.
Hope this works for everyone, or at least we all finally figure out what happened with short failsafe.
By the way, I was also thinking that since the short failsafe hasn’t been updated for years… Would we consider having GCS lose trigger FS_SHORT_TIMEOUT? Mission planner does mention GCS lose could trigger short failsafe. However, we only designed Long Failsafe for it. If some people consider using pure GCS or GCS&joystick for control, I see no difference from RC usage. Then, a short failsafe for GCS reconnection sounds reasonable.
