[BACKPORT] failsafe: Prevent Offboard to Position without RC#26391
Merged
ttechnick merged 1 commit intoPX4:release/1.17from Jan 30, 2026
Merged
[BACKPORT] failsafe: Prevent Offboard to Position without RC#26391ttechnick merged 1 commit intoPX4:release/1.17from
ttechnick merged 1 commit intoPX4:release/1.17from
Conversation
dakejahl
approved these changes
Jan 30, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Backport
This is a Backport of this PR, which fixed a dangerous failsafe condition in
OFFBOARDmode.Solved Problem
It was possible to failsafe from Offboard mode into Position mode by setting COM_OBL_RC_ACT to Position. If the offboard signal was lost and no RC was available (allowed by COM_RCL_EXCEPT during Offboard mode), the vehicle would still switch to Position mode, creating a dangerous situation.
Solution
Include a check in the offboard failsafe logic to prevent a switch to manual modes without RC.
Changelog Entry
For release notes:
Test coverage
Failsafe State Machine Simulation
Before: