-
Notifications
You must be signed in to change notification settings - Fork 1.9k
.pr_agent_auto_best_practices
Pattern 1: Make headers self-contained by explicitly including the headers that define required macros/types and by adding proper header guards; do not rely on transitive includes or include order.
Example code before:
// foo_driver.h
// (no header guard)
#define FOO_REG CONCAT4(GPIO, A, _, MODER) // CONCAT4 not defined here
extern pg_registry_t fooPg; // PG_DECLARE/pg types not included
Example code after:
// foo_driver.h
#pragma once
#include "common/utils.h" // CONCAT4
#include "config/parameter_group.h" // PG_DECLARE / pg types
#define FOO_REG CONCAT4(GPIO, A, _, MODER)
PG_DECLARE(fooPg);
Relevant past accepted suggestions:
Suggestion 1:
[reliability] Headers rely on transitive CONCAT4
Headers rely on transitive CONCAT4
The new bus_spi_stm32{h7,f7}xx.h headers use CONCAT4 but do not include the header that defines it, relying on current include order/transitive includes from other headers. This is a latent build fragility: a future refactor or reuse of these headers elsewhere can cause compile failures (e.g., CONCAT4 undefined).The new SPI AF lookup table headers use CONCAT4(...) but do not include the header that defines it (common/utils.h). They currently compile only due to transitive includes (via drivers/io.h → io_def.h → common/utils.h) and therefore are fragile to include-order changes or reuse.
This is a latent build fragility / maintainability issue: it may not break today, but it can break later during refactors or if another file includes these headers without including common/utils.h first.
- src/main/drivers/bus_spi_stm32h7xx.h[32-38]
- src/main/drivers/bus_spi_stm32f7xx.h[36-42]
Suggestion 2:
[correctness] dronecan.h missing deps
dronecan.h missing deps
`dronecan.h` uses `PG_DECLARE` but doesn’t include `config/parameter_group.h` (and lacks a header guard), making builds depend on include order. `fc_tasks.c` includes `dronecan.h` before any header that defines `PG_DECLARE`, which can cause compile failures.src/main/drivers/dronecan/dronecan.h is not self-contained: it uses PG_DECLARE but does not include the header that defines it (config/parameter_group.h). This creates brittle include-order dependencies and can break compilation in files that include dronecan.h early (e.g. fc_tasks.c).
PG_DECLARE is defined in src/main/config/parameter_group.h. Some compilation units include dronecan.h before any header that brings in parameter_group.h.
- src/main/drivers/dronecan/dronecan.h[1-19]
- src/main/fc/fc_tasks.c[18-43]
- src/main/config/parameter_group.h[104-110]
Suggestion 3:
Remove duplicate macro definition
The USE_OSD macro is defined twice in the file. This duplication is unnecessary and could lead to preprocessor warnings or confusion during compilation.
src/main/target/HUMMINGBIRD_FC305/target.h [81-161]
#define USE_OSD
#define USE_MAX7456
-MAX7456_SPI_BUS BUS_SPI3
+#define MAX7456_SPI_BUS BUS_SPI3
#define MAX7456_CS_PIN PC13
-...
-#define USE_OSDPattern 2: Validate external inputs (env vars, protocol payload sizes, computed frame lengths, indices) before use; fail deterministically or return an explicit error when invalid.
Example code before:
int pr = parseInt(getenv("PR_NUMBER")); // NaN possible
uint8_t mode = buf[0]; // assumes at least 1 byte
portCfg = portConfigs[idx]; // idx might be -1
Example code after:
const char *s = getenv("PR_NUMBER");
char *end = NULL;
long pr = s ? strtol(s, &end, 10) : -1;
if (pr <= 0 || end == s || *end != '\0') return error("bad PR_NUMBER");
if (len < 1) return PROTO_ERR_TRUNCATED;
if (idx < 0 || idx >= PORT_CONFIG_COUNT) return PROTO_ERR_RANGE;
Relevant past accepted suggestions:
Suggestion 1:
[reliability] `parseInt` result not validated
`parseInt` result not validated
The PR comment step uses `parseInt(process.env.PR_NUMBER)` without checking for `NaN` or enforcing base-10 parsing, which can lead to non-deterministic behavior if the env var is missing/malformed. This violates the requirement to validate external inputs and handle invalid values deterministically.The workflow parses PR_NUMBER from an environment variable using parseInt(...) and then uses it without checking for NaN (and without specifying radix 10). If the env var is missing or malformed, this can produce non-deterministic behavior (e.g., NaN in URLs / API params) instead of a clear, deterministic failure.
This job runs with elevated permissions (pull-requests: write) and should validate external inputs (including env vars derived from artifacts/outputs) before use.
- .github/workflows/pr-test-builds.yml[107-110] բավ
Suggestion 2:
Add payload size validation check
Add a payload size check in the MSP_OSD_CUSTOM_POSITION handler to ensure the incoming data is at least 3 bytes before reading from the buffer.
src/main/fc/fc_msp.c [2718-2731]
case MSP_OSD_CUSTOM_POSITION: {
+ if (dataSize < 3) {
+ return MSP_RESULT_ERROR;
+ }
uint8_t item;
sbufReadU8Safe(&item, src);
if (item < OSD_ITEM_COUNT){ // item == addr
osdEraseCustomItem(item);
osdLayoutsConfigMutable()->item_pos[0][item] = sbufReadU16(src) | (1 << 13);
osdDrawCustomItem(item);
}
else{
return MSP_RESULT_ERROR;
}
break;
}Suggestion 3:
Suggestion 4:
Suggestion 5:
Pattern 3: Check return values and handle timeout conditions in hardware/IO control paths; if an operation fails (DMA disable, peripheral init, transmit, SD wait), propagate an error and avoid continuing with partially applied configuration.
Example code before:
disableDma(stream);
while (streamEnabled(stream) && --timeout) { } // may time out
reconfigureDma(stream, cfg); // proceeds anyway
computeTimings(&t); // bool ignored
initPeripheral(&t); // uses possibly invalid timings
Example code after:
disableDma(stream);
while (streamEnabled(stream) && --timeout) { }
if (streamEnabled(stream)) return ERR_TIMEOUT;
if (!computeTimings(&t)) return ERR_BAD_TIMING;
if (initPeripheral(&t) != 0) return ERR_INIT_FAILED;
Relevant past accepted suggestions:
Suggestion 1:
[correctness] `canardSTM32ComputeTimings` unchecked
`canardSTM32ComputeTimings` unchecked
`canardSTM32ComputeTimings()` returns `bool` but its result is ignored and `out_timings` is used unconditionally to configure the peripheral. If timing computation fails, CAN may be initialized with invalid/uninitialized timing values without any error propagation.CAN timing computation failure is ignored, potentially configuring hardware with invalid values.
The timing helper explicitly returns false for invalid/unsatisfied configurations; initialization should not proceed on failure.
- src/main/drivers/dronecan/libcanard/canard_stm32h7xx_driver.c[162-168]
Suggestion 2:
[correctness] `canardSTM32CAN1_Init()` return ignored
`canardSTM32CAN1_Init()` return ignored
`canardSTM32CAN1_Init()` returns a status code but `dronecanInit()` ignores it and continues initialization. This can leave DroneCAN partially initialized and failing silently at runtime.DroneCAN initialization ignores CAN peripheral init failures.
Proceeding after failed CAN init can cause confusing runtime behavior and make debugging difficult.
- src/main/drivers/dronecan/dronecan.c[404-440]
Suggestion 3:
Suggestion 4:
New proposed code:
Suggestion 5:
Suggestion 6:
Suggestion 7:
Suggestion 8:
Pattern 4: Do not commit generated artifacts or environment-specific build outputs; generate them in the build directory, ignore them in VCS, and gate any “update baseline” files behind an explicit opt-in command/flag.
Example code before:
# CMakeLists.txt
add_custom_command(TARGET fw POST_BUILD
COMMAND python gen_pg_sizes.py > ${CMAKE_SOURCE_DIR}/cmake/pg_struct_sizes.db)
# repo contains:
# build/CMakeFiles/.../DependInfo.cmake
# dsdlc_generated/*.c
Example code after:
# CMakeLists.txt
add_custom_command(TARGET fw POST_BUILD
COMMAND python gen_pg_sizes.py > ${CMAKE_BINARY_DIR}/pg_struct_sizes.db
COMMENT "Wrote updated sizes to build output; run --update-db to apply")
# .gitignore
CMakeFiles/
dsdlc_generated/
*.cmake
Relevant past accepted suggestions:
Suggestion 1:
[correctness] `dsdlc_generated` code committed
`dsdlc_generated` code committed
This PR adds `dsdlc_generated` DroneCAN DSDL outputs directly to the repo, which are generated artifacts and can make builds non-reproducible and the repo noisy. These files should be generated into the build directory (or updated via an explicit opt-in step) and excluded from normal source tracking.The PR commits DSDL-generated DroneCAN sources/headers under dsdlc_generated, which are generated artifacts.
Generated artifacts should be produced as part of the build (or via an explicit opt-in update command) and not be committed as normal source to keep the repository clean and reproducible.
- src/main/drivers/dronecan/dsdlc_generated/src/uavcan.equipment.air_data.Sideslip.c[1-8]
- cmake/main.cmake[2-12]
Suggestion 2:
Remove generated build file from repository
Remove the generated CMake build file from the repository. It contains user-specific absolute paths that will cause build failures for other developers and should be added to .gitignore.
-# Consider dependencies only in project.
-set(CMAKE_DEPENDS_IN_PROJECT_ONLY OFF)
+# This file should be removed from the repository.
-# The set of languages for which implicit dependencies are needed:
-set(CMAKE_DEPENDS_LANGUAGES
- "ASM"
- )
-# The set of files for implicit dependencies of each language:
-set(CMAKE_DEPENDS_CHECK_ASM
- "/Users/ahmed/Desktop/Projects/INAV-RPiOSD/inav/lib/main/CMSIS/DSP/Source/TransformFunctions/arm_bitreversal2.S" "/Users/ahmed/Desktop/Projects/INAV-RPiOSD/inav/src/src/main/target/AXISFLYINGF7PRO/CMakeFiles/AXISFLYINGF7PRO_for_bl.elf.dir/__/__/__/__/lib/main/CMSIS/DSP/Source/TransformFunctions/arm_bitreversal2.S.obj"
- "/Users/ahmed/Desktop/Projects/INAV-RPiOSD/inav/src/main/startup/startup_stm32f722xx.s" "/Users/ahmed/Desktop/Projects/INAV-RPiOSD/inav/src/src/main/target/AXISFLYINGF7PRO/CMakeFiles/AXISFLYINGF7PRO_for_bl.elf.dir/__/__/startup/startup_stm32f722xx.s.obj"
- )
-set(CMAKE_ASM_COMPILER_ID "GNU")
-
-# Preprocessor definitions for this target.
-set(CMAKE_TARGET_DEFINITIONS_ASM
-...
-
-# The include file search paths:
-set(CMAKE_ASM_TARGET_INCLUDE_PATH
- "main/target/AXISFLYINGF7PRO"
- "/Users/ahmed/Desktop/Projects/INAV-RPiOSD/inav/lib/main/STM32F7/Drivers/STM32F7xx_HAL_Driver/Inc"
- "/Users/ahmed/Desktop/Projects/INAV-RPiOSD/inav/lib/main/STM32F7/Drivers/CMSIS/Device/ST/STM32F7xx/Include"
-...
-Suggestion 3:
Remove generated file from version control
Remove the generated Makefile.cmake file from version control. This file is environment-specific and should be ignored by adding the CMakeFiles directory to .gitignore.
src/CMakeFiles/Makefile.cmake [1-9]
-# CMAKE generated file: DO NOT EDIT!
-# Generated by "Unix Makefiles" Generator, CMake Version 4.1
+# This file should be removed from the pull request and repository.
-# The generator used is:
-set(CMAKE_DEPENDS_GENERATOR "Unix Makefiles")
-
-# The top level Makefile was generated from the following files:
-set(CMAKE_MAKEFILE_DEPENDS
- "CMakeCache.txt"
-...
-Suggestion 4:
Pattern 5: Avoid arithmetic/units pitfalls in control and telemetry code: guard against division-by-zero, ensure floating-point division where required, and keep calculations in consistent units until final conversion/normalization.
Example code before:
int airspeed = getAirspeed();
int scale = 36 / 100; // integer division -> 0
float tpa = (airspeed - ref) / ref; // ref might be 0
int deg = (cd + 18000) / 100; // mixes normalization and conversion repeatedly
Example code after:
const float scale = 36.0f / 100.0f;
if (ref <= 0) return fallback();
const float tpa = (airspeed - ref) / ref;
int32_t headingCd = cd + 18000;
while (headingCd < 0) headingCd += 36000;
while (headingCd >= 36000) headingCd -= 36000;
const int32_t headingDeg = headingCd / 100;
Relevant past accepted suggestions:
Suggestion 1:
Normalize angles in one unit
Keep all math in centidegrees until final conversion and normalize once; avoid redundant casts and flips that can introduce off-by-one errors.
src/main/programming/logic_condition.c [787-816]
-case LOGIC_CONDITION_OPERAND_FLIGHT_RELATIVE_WIND_OFFSET: // deg
+case LOGIC_CONDITION_OPERAND_FLIGHT_RELATIVE_WIND_OFFSET: // deg, signed [-180,180], 0 = headwind, left negative
#ifdef USE_WIND_ESTIMATOR
{
if (isEstimatedWindSpeedValid()) {
- uint16_t windAngle;
- getEstimatedHorizontalWindSpeed(&windAngle);
- gvSet(3, DECIDEGREES_TO_DEGREES(attitude.values.yaw));
- int32_t relativeWindHeading = windAngle + 18000 - DECIDEGREES_TO_CENTIDEGREES(attitude.values.yaw);
-
- relativeWindHeading = (CENTIDEGREES_TO_DEGREES((int)relativeWindHeading));
- while (relativeWindHeading < 0) {
- relativeWindHeading += 360;
- }
- while (relativeWindHeading >= 360) {
- relativeWindHeading -= 360;
- }
-
- relativeWindHeading = -relativeWindHeading;
- if (relativeWindHeading <= -180) {
- relativeWindHeading = 180 + (relativeWindHeading + 180);
- }
-
- return relativeWindHeading;
- } else
+ uint16_t windAngleCd;
+ getEstimatedHorizontalWindSpeed(&windAngleCd); // [0,36000)
+ // Convert wind vector angle (towards) to heading-from
+ int32_t windHeadingCd = (int32_t)windAngleCd + 18000; // centidegrees
+ // Normalize to [0,36000)
+ while (windHeadingCd < 0) windHeadingCd += 36000;
+ while (windHeadingCd >= 36000) windHeadingCd -= 36000;
+ // Aircraft yaw is in decidegrees; convert to centidegrees
+ int32_t yawCd = DECIDEGREES_TO_CENTIDEGREES(attitude.values.yaw);
+ // Relative offset: wind heading relative to aircraft nose (right positive)
+ int32_t relCd = windHeadingCd - yawCd; // centidegrees
+ // Normalize to (-18000, 18000]
+ while (relCd <= -18000) relCd += 36000;
+ while (relCd > 18000) relCd -= 36000;
+ // Convert to degrees with sign convention: left negative
+ int32_t relDeg = CENTIDEGREES_TO_DEGREES(relCd);
+ return relDeg;
+ } else {
return 0;
+ }
}
#else
- return 0;
+ return 0;
#endif
- break;
+ break;Suggestion 2:
Prevent division by zero during normalization
Add a check to ensure vCoGlocal has a non-zero magnitude before normalization to prevent a potential division-by-zero error.
src/main/flight/imu.c [472-482]
-if (vectorNormSquared(&vHeadingEF) > 0.01f) {
+if (vectorNormSquared(&vHeadingEF) > 0.01f && vectorNormSquared(&vCoGlocal) > 0.01f) {
// Normalize to unit vector
vectorNormalize(&vHeadingEF, &vHeadingEF);
vectorNormalize(&vCoGlocal, &vCoGlocal);
// error is cross product between reference heading and estimated heading (calculated in EF)
vectorCrossProduct(&vCoGErr, &vCoGlocal, &vHeadingEF);
// Rotate error back into body frame
quaternionRotateVector(&vCoGErr, &vCoGErr, &orientation);
}Suggestion 3:
Prevent division-by-zero in TPA calculation
Add a check to prevent division-by-zero when referenceAirspeed is zero in the tpaThrottle calculation, falling back to the standard throttle value if necessary.
src/main/flight/pid.c [501-502]
const float referenceAirspeed = pidProfile()->fixedWingReferenceAirspeed; // in cm/s
-tpaThrottle = currentControlRateProfile->throttle.pa_breakpoint + (uint16_t)((airspeed - referenceAirspeed) / referenceAirspeed * (currentControlRateProfile->throttle.pa_breakpoint - getThrottleIdleValue()));
+if (referenceAirspeed > 0) {
+ tpaThrottle = currentControlRateProfile->throttle.pa_breakpoint + (uint16_t)((airspeed - referenceAirspeed) / referenceAirspeed * (currentControlRateProfile->throttle.pa_breakpoint - getThrottleIdleValue()));
+} else {
+ // Fallback to regular throttle if reference airspeed is not configured
+ tpaThrottle = rcCommand[THROTTLE];
+}Suggestion 4:
Suggestion 5:
[Auto-generated best practices - 2026-06-03]
INAV Version Release Notes
9.1.0 Release Notes
9.0.0 Release Notes
8.0.0 Release Notes
7.1.0 Release Notes
7.0.0 Release Notes
6.0.0 Release Notes
5.1 Release notes
5.0.0 Release Notes
4.1.0 Release Notes
4.0.0 Release Notes
3.0.0 Release Notes
2.6.0 Release Notes
2.5.1 Release notes
2.5.0 Release Notes
2.4.0 Release Notes
2.3.0 Release Notes
2.2.1 Release Notes
2.2.0 Release Notes
2.1.0 Release Notes
2.0.0 Release Notes
1.9.1 Release notes
1.9.0 Release notes
1.8.0 Release notes
1.7.3 Release notes
Older Release Notes
QUICK START GUIDES
Getting started with iNav
Fixed Wing Guide
Howto: CC3D flight controller, minimOSD , telemetry and GPS for fixed wing
Howto: CC3D flight controller, minimOSD, GPS and LTM telemetry for fixed wing
INAV for BetaFlight users
launch mode
Multirotor guide
YouTube video guides
DevDocs Getting Started.md
DevDocs INAV_Fixed_Wing_Setup_Guide.pdf
DevDocs Safety.md
Connecting to INAV
Bluetooth setup to configure your flight controller
DevDocs Wireless Connections (BLE, TCP and UDP).md\
Flashing and Upgrading
Boards, Targets and PWM allocations
Upgrading from an older version of INAV to the current version
DevDocs Installation.md
DevDocs USB Flashing.md
Setup Tab
Live 3D Graphic & Pre-Arming Checks
Calibration Tab
Accelerometer, Compass, & Optic Flow Calibration
Alignment Tool Tab
Adjust mount angle of FC & Compass
Ports Tab
Map Devices to UART Serial Ports
Receiver Tab
Set protocol and channel mapping
Mixer Tab
Set aircraft type and how its controlled
Outputs Tab
Set ESC Protocol and Servo Parameters
Modes Tab
Assign flight modes to transmitter switches
Standard Modes
Navigation Modes
Return to Home
Fixed Wing Autolaunch
Auto Launch
Configuration Tab
No wiki page currently
Failsafe Tab
Set expected behavior of aircraft upon failsafe
PID Tuning
Navigation PID tuning (FW)
Navigation PID tuning (MC)
EZ-Tune
PID Attenuation and scaling
Tune INAV PID-FF controller for fixedwing
DevDocs Autotune - fixedwing.md
DevDocs INAV PID Controller.md
DevDocs INAV_Wing_Tuning_Masterclass.pdf
DevDocs PID tuning.md
DevDocs Profiles.md
Rangefinder & Optic Flow
Optic Flow and Rangefinder Setup
Setup and usage for terrain following & GPS-free position hold
OSD and VTx
DevDocs Betaflight 4.3 compatible OSD.md
OSD custom messages
OSD Hud and ESP32 radars
DevDocs OSD.md
DevDocs VTx.md
LED Strip
DevDocs LedStrip.md
Programming
DevDocs Programming Framework.md
Adjustments
DevDocs Inflight Adjustments.md
Mission Control
iNavFlight Missions
DevDocs Safehomes.md
MultiWii Serial Protocol
MSP V2
MSP Messages reference guide
MSP Navigation Messages
INAV MSP frames changelog
Telemetry
INAV Remote Management, Control and Telemetry
MAVlink Control and Telemetry
Lightweight Telemetry (LTM)
Tethered Logging
Log when FC is connected via USB
Blackbox
DevDocs Blackbox.md
INAV blackbox variables
DevDocs USB_Mass_Storage_(MSC)_mode.md
CLI
iNav CLI variables
DevDocs Cli.md
DevDocs Settings.md
VTOL
DevDocs MixerProfile.md
DevDocs VTOL.md
TROUBLESHOOTING
"Something" is disabled Reasons
Blinkenlights
Sensor auto detect and hardware failure detection
Pixel OSD FAQs
TROUBLESHOOTING
Why do I have limited servo throw in my airplane
ADTL TOPICS, FEATURES, DEV INFO
AAT Automatic Antenna Tracker
Building custom firmware
Default values for different type of aircrafts
Source Enums
Features safe to add and remove to fit your needs.
Developer info
Making a new Virtualbox to make your own INAV[OrangeRX LRS RX and OMNIBUS F4](OrangeRX-LRS-RX-and-OMNIBUS-F4)
Rate Dynamics
Target and Sensor support
Ublox 3.01 firmware and Galileo
DevDocs Controls
DevDocs 1wire.md
DevDocs ADSB.md
DevDocs Battery.md
DevDocs Buzzer.md
DevDocs Channel forwarding.md
DevDocs Display.md
DevDocs Fixed Wing Landing.md
DevDocs GPS_fix_estimation.md
DevDocs LED pin PWM.md
DevDocs Lights.md
DevDocs OSD Joystick.md
DevDocs Servo Gimbal.md
DevDocs Temperature sensors.md
OLD LEGACY INFO
Supported boards
DevDocs Boards.md
Legacy Mixers
Legacy target ChebuzzF3
Legacy target Colibri RACE
Legacy target Motolab
Legacy target Omnibus F3
Legacy target Paris Air Hero 32
Legacy target Paris Air Hero 32 F3
Legacy target Sparky
Legacy target SPRacingF3
Legacy target SPRacingF3EVO
Legacy target SPRacingF3EVO_1SS
DevDocs Configuration.md
Request form new PRESET
DevDocs Introduction.md
Welcome to INAV, useful links and products
UAV Interconnect Bus
DevDocs Rangefinder.md
DevDocs Rssi.md
DevDocs Runcam device.md
DevDocs Serial.md
DevDocs Telemetry.md
DevDocs Rx.md
DevDocs Spektrum bind.md
DevDocs INAV_Autolaunch.pdf