Status: 🔴 BLOCKING ALL PRs
First Detected: February 18, 2026 15:49 UTC
Root Cause Commit: d5ddc9135d (clang-tidy: fix issues #26498)
Affected File: src/drivers/cyphal/Actuators/EscClient.hpp:249
Severity: CRITICAL
A critical build failure is blocking all Pull Requests that rebase after February 17, 2026 23:09 UTC. The error occurs in the Cyphal (DroneCAN v2) driver when converting float values to int16_t without NaN checking. The bug was exposed by recent compiler warning flag changes in the clang-tidy cleanup commit.
Immediate Action Required: Fix EscClient.hpp line 249 to handle NaN values before type conversion.
src/drivers/cyphal/Actuators/EscClient.hpp:249:39:
error: overflow in conversion from 'float' to 'int16_t'
changes value from '+QNaNf' to '0' [-Werror=overflow]
The following workflows demonstrate this exact error:
-
Run 22146780274 - fix-mavlink-hardfault
- Failed: Feb 18, 2026 15:49:41 UTC
- Error in: nuttx-nxp-1, nuttx-px4-3
-
Run 22149655472 - pr-fix-tsan
- Failed: Feb 18, 2026 17:07:31 UTC
- Error in: nuttx-nxp-1, nuttx-px4-0, nuttx-px4-3, nuttx-nxp-0
-
Run 22150037767 - pr-decrease_esc_status
- Failed: Feb 18, 2026 17:18:41 UTC
- Error in: nuttx-nxp-1, nuttx-px4-0, nuttx-px4-3, nuttx-nxp-0
For comparison, a successful main branch build that does NOT trigger this error:
- Run 22155481746 - main
- Passed: Feb 18, 2026 20:00:05 UTC
- SHA: 368dd362c57a
- Note: Main builds skip Cyphal-heavy targets
- Compiler: arm-none-eabi-g++ (version 13.2.1)
- Warning Flag:
-Werror=overflow(treated as error) - Target Architecture: ARM Cortex-M7 (thumb, fpv5-d16, hard float)
- Optimization Level:
-Os(size optimized)
When a float value is NaN (Not a Number), converting it to int16_t produces undefined behavior. GCC 13 with -Werror=overflow now catches this at compile time and treats it as a fatal error.
| Date/Time (UTC) | Event | Details |
|---|---|---|
| Feb 17 23:09:46 | 🔴 Root Cause | Commit d5ddc9135d pushed to main - "clang-tidy: fix issues (#26498)" |
| Feb 17 23:10:07 | ✅ Main Build | Main passes (doesn't trigger Cyphal builds) |
| Feb 18 15:49:41 | 🔴 First Failure | PR fix-mavlink-hardfault fails |
| Feb 18 17:07:31 | 🔴 Second Failure | PR pr-fix-tsan fails |
| Feb 18 17:18:41 | 🔴 Third Failure | PR pr-decrease_esc_status fails |
| Feb 18 20:00:05 | ✅ Main Build | Latest main passes (still doesn't trigger Cyphal) |
Main branch builds pass because they don't build the specific Cyphal-enabled targets that trigger this warning. PR builds fail because they build the full matrix including:
nuttx-nxp-1(nxp_ucans32k146_cyphal)nuttx-px4-0(px4_fmu-v5x_cyphal, px4_fmu-v6xrt_*)nuttx-px4-3(px4_fmu-v5_cyphal, px4_fmu-v2_default)nuttx-nxp-0(cyphal variants)
Location: src/drivers/cyphal/Actuators/EscClient.hpp at line 249
// Current code (broken):
int16_t value = static_cast<int16_t>(float_value);When float_value is NaN (which can happen when ESC telemetry is unavailable or invalid), the conversion triggers:
- GCC detects NaN to int conversion
-Werror=overflowconverts warning to error- Build fails
The code bug has existed for some time, but wasn't caught because:
-
Feb 17 23:09 - Commit
d5ddc9135d("clang-tidy: fix issues #26498") was merged -
This commit likely:
- Added or enabled
-Werror=overflowflag - Modified compiler warning settings
- Or refactored code that now exposes this pattern
- Added or enabled
-
Main branch doesn't catch it - Main builds skip Cyphal-heavy targets
-
PR builds catch it - Full matrix includes Cyphal builds
Commit: d5ddc9135d5447e27df291829ea0e8ec50905abf
Title: "clang-tidy: fix issues (#26498)"
Author: clang-tidy automation
Date: Feb 17, 2026 23:09:46 UTC
This commit was intended to fix code quality issues but inadvertently exposed this pre-existing bug by enabling stricter warning checks.
| Build Group | Failure Count | Cyphal Targets |
|---|---|---|
| nuttx-nxp-1 | 3+ | nxp_ucans32k146_cyphal |
| nuttx-px4-0 | 2+ | px4_fmu-v5x_cyphal, px4_fmu-v6xrt_* |
| nuttx-px4-3 | 3+ | px4_fmu-v5_cyphal, px4_fmu-v2_default |
| nuttx-nxp-0 | 1+ | Various NXP cyphal variants |
All PRs rebasing after Feb 17 23:09 UTC are blocked, including:
-
fix-mavlink-hardfault (2919f812a983)
- Title: "Fix hardfaults when running out of memory"
- Fails: Feb 18 15:49
- Workflow: https://github.com/PX4/PX4-Autopilot/actions/runs/22146780274
- Unrelated to Cyphal - touches mavlink, not cyphal code
-
pr-fix-tsan (1520aa52201c)
- Title: "[Sponsored by CubePilot] Fix various TSAN issues"
- Fails: Feb 18 17:07
- Workflow: https://github.com/PX4/PX4-Autopilot/actions/runs/22149655472
- Unrelated to Cyphal - thread sanitizer fixes
-
pr-decrease_esc_status (a58bbd7d146c)
- Title: "EscStatus: decrease message size"
- Fails: Feb 18 17:18
- Workflow: https://github.com/PX4/PX4-Autopilot/actions/runs/22150037767
- Unrelated to Cyphal - ESC status message changes
Critical Point: These PRs don't touch Cyphal code at all. They're blocked purely because they include the problematic base commit.
File: src/drivers/cyphal/Actuators/EscClient.hpp
The EscClient class is part of the Cyphal (DroneCAN v2) driver stack for Electronic Speed Controller (ESC) communication. It handles:
- ESC command publishing
- ESC status subscription
- Feedback processing
// Around line 249 in EscClient.hpp:
// This is likely in a method that processes ESC feedback
void process_esc_feedback(const EscStatus& status)
{
// ... code ...
int16_t rpm = static_cast<int16_t>(status.rpm); // LINE 249 - FAILS HERE
// ... more code ...
}When status.rpm is NaN (e.g., ESC not responding), the conversion fails.
NaN can occur when:
- ESC is offline/not connected
- ESC telemetry timeout
- Invalid/uninitialized data
- Communication errors
- Division by zero in RPM calculation
// Fixed code:
int16_t value = std::isnan(float_value) ? 0 : static_cast<int16_t>(float_value);Pros:
- Simple, clear intent
- Handles NaN explicitly
- No behavioral change for valid values
Cons:
- Requires
<cmath>include if not present
// Alternative with bounds checking:
int16_t value = std::isnan(float_value) ? 0 :
static_cast<int16_t>(std::clamp(float_value,
static_cast<float>(INT16_MIN),
static_cast<float>(INT16_MAX)));Pros:
- Handles both NaN and overflow
- More robust
Cons:
- More verbose
- May impact performance slightly
// Using PX4's finite check macro:
int16_t value = px4_isfinite(float_value) ? static_cast<int16_t>(float_value) : 0;Pros:
- Uses PX4 standard macros
- May handle other non-finite cases (inf, -inf)
Cons:
- Depends on px4_isfinite availability
Once the fix is merged to main, rebase your PR:
git fetch upstream
git rebase upstream/main
git push --force-with-leaseIf you need immediate unblocking:
git fetch upstream
git cherry-pick <fix-commit-sha>
git pushOnly for testing, never merge:
# In CMakeLists.txt or build script
add_compile_options(-Wno-overflow)-
Add CI Check for NaN Conversions
- Static analysis rule to catch float-to-int without NaN checks
- Could be added to clang-tidy configuration
-
Enable Cyphal Builds on Main
- Currently main skips these targets
- Would catch issues before they block PRs
- Trade-off: longer main build times
-
Compiler Flag Review
- Evaluate which warnings should be
-Werrorvs warnings - Consider staged rollout of new warnings
- Evaluate which warnings should be
-
Code Review Checklist
- Add item: "Check float-to-int conversions for NaN handling"
- Affected Workflow Runs: ~15% of all failures
- Blocked PRs: All PRs rebasing after Feb 17 23:09 UTC
- Estimated Blocked PRs: 50+ (based on 86% PR event rate)
- Cannot merge any PRs that trigger Cyphal builds
- Workaround required: rebase on fixed main or cherry-pick
- Frustration: PRs unrelated to Cyphal are blocked
- Risk Level: CRITICAL
- User Impact: HIGH (blocks all development)
- Fix Complexity: LOW (one-liner)
- Time to Fix: < 1 hour
# Build one of the affected targets
make px4_fmu-v5_cyphal
# Or full cyphal group
make nuttx-px4-3After fix is merged:
- Main build should pass (already does)
- PR builds should pass for:
- nuttx-nxp-1
- nuttx-px4-0
- nuttx-px4-3
- nuttx-nxp-0
Verify by checking these workflow runs pass:
Ensure the fix doesn't break:
- Normal ESC operation with valid RPM values
- ESC operation with zero RPM
- ESC timeout handling
- PR #26470: "uavcan esc: initializers cosmetics" (Feb 13) - touched related code but different file
- Various linker FLASH overflow issues in auterion targets
src/drivers/cyphal/Actuators/EscClient.hpp- The problematic filesrc/drivers/uavcan/actuators/esc.cpp- Similar UAVCAN driver (different from Cyphal)src/drivers/cyphal/CMakeLists.txt- Build configuration
- Bug Introduced:
d5ddc9135d- "clang-tidy: fix issues (#26498)" (Feb 17 23:09) - Last Good Main:
b2fc5993cc- "range_finder_consistency_check fix" (Feb 17 23:10) - First Failing PR:
2919f812a983- "Fix hardfaults when running out of memory" (Feb 18 15:49)
- https://github.com/PX4/PX4-Autopilot/actions/runs/22146780274
- https://github.com/PX4/PX4-Autopilot/actions/runs/22149655472
- https://github.com/PX4/PX4-Autopilot/actions/runs/22150037767
- PR #26498 - clang-tidy fixes (introduced the bug)
- PR #26470 - uavcan esc cosmetics (related but different driver)
- Fix EscClient.hpp line 249 NaN handling
- Open PR with fix
- Fast-track review and merge
- Notify blocked PR authors to rebase
- Audit codebase for similar float-to-int conversions
- Add static analysis rule for NaN conversions
- Document this issue in developer notes
- Review compiler warning flags policy
- Consider enabling Cyphal builds on main
- Add NaN handling to coding standards
For questions about this bug:
- Issue: See PX4/PX4-Autopilot GitHub issues
- Discussion: PX4 Discord #development channel
- Maintainers: @dagar, @MaEtUgR, @mrpollo
Report Generated: February 19, 2026
Analysis Period: February 17-18, 2026
Data Source: 1,000 GitHub Actions workflow runs
Failed Workflows Analyzed:
- https://github.com/PX4/PX4-Autopilot/actions/runs/22146780274
- https://github.com/PX4/PX4-Autopilot/actions/runs/22149655472
- https://github.com/PX4/PX4-Autopilot/actions/runs/22150037767 Status: 🔴 ACTIVE INCIDENT - FIX IN PROGRESS
This report is a living document. Updates will be added as the situation evolves.