[AZ-381] Fix ISam2GraphHandleImpl missing get_pose_key + comments

F1 (High/Architecture) from cumulative review of batches 01-22:
`ISam2GraphHandleImpl` did not satisfy C4's `ISam2GraphHandle`
Protocol stub (AZ-355) because it lacked `get_pose_key`.
`pose_factory`'s isinstance gate would have raised at composition.
Two Protocols (C4 minimal consumer cut, C5 richer producer surface)
are intentional per AZ-355 Risk 1 — the impl just needed to expose
the canonical name. Delegates to estimator.key_for_frame.

Added cross-component conformance test asserting the C5 impl
satisfies both Protocols, so future drift trips a unit test.

F2 (Medium/Maintainability): added justifying comments at four
`except: pass` sites in runtime_root, c8_fc_adapter (ap + inav),
and c13_fdr writer. No behavioral change.

Updated cumulative review report verdict from FAIL to PASS and
recorded a post-mortem on the initial misframing
(treated the dual-Protocol design as duplication on first read).

Autodev state: batch 22 done, cumulative-review PASS,
ready for batch 23.

Co-authored-by: Cursor <cursoragent@cursor.com>

src/gps_denied_onboard/components/c13_fdr/writer.py

@@ -539,6 +539,10 @@ class FileFdrWriter:
             if seg_path.exists() and seg_path.stat().st_size == 0:
                 seg_path.unlink()
         except OSError:
+            # Rollback unlink is best-effort: a zero-byte stray segment is
+            # harmless (the next open_flight scans + skips empty segments),
+            # so any unlink failure here MUST NOT mask the underlying
+            # FdrOpenError that this _fail_open call is about to raise.
             pass
         self._release_filelock()
         self._started = False

src/gps_denied_onboard/components/c5_state/_isam2_handle.py

@@ -66,12 +66,28 @@ class ISam2GraphHandleImpl(ISam2GraphHandle):
     (``EstimatorDegradedError`` for recoverable graph-add issues,
     ``EstimatorFatalError`` for solver failures the calling thread
     cannot recover from).
+
+    This impl also satisfies C4's narrower consumer-side
+    ``c4_pose._isam2_handle.ISam2GraphHandle`` Protocol (which
+    requires only ``get_pose_key(frame_id) -> int``) so the same
+    instance can be passed from ``state_factory`` to
+    ``pose_factory.build_pose_estimator`` without an adapter.
     """
 
     def __init__(self, estimator: GtsamIsam2StateEstimator) -> None:
         self._estimator = estimator
         self._log = get_logger("c5_state.isam2_handle")
 
+    def get_pose_key(self, frame_id: int) -> int:
+        """Map a C4 ``frame_id`` to the GTSAM pose key.
+
+        Satisfies the C4 ``ISam2GraphHandle`` Protocol stub
+        (AZ-355) by delegating to the estimator's
+        ``key_for_frame`` — the canonical C5-side name for the
+        same ``'x'`` namespace lookup.
+        """
+        return self._estimator.key_for_frame(frame_id)
+
     def add_factor(self, factor: Any) -> None:
         """Append ``factor`` to the pending ``NonlinearFactorGraph``.
 

src/gps_denied_onboard/components/c8_fc_adapter/msp2_inav_adapter.py

@@ -141,6 +141,10 @@ class Msp2InavAdapter:
                     try:
                         conn.close()
                     except Exception:
+                        # close() on a half-broken serial/socket handle is
+                        # itself best-effort; the wrapping finally still
+                        # nulls the references so subsequent reopens see a
+                        # clean slate.
                         pass
         finally:
             self._opened = False

src/gps_denied_onboard/components/c8_fc_adapter/pymavlink_ardupilot_adapter.py

@@ -585,6 +585,10 @@ class PymavlinkArdupilotAdapter:
         try:
             self._send_statustext_internal(f"src-set switch failed: {reason}", Severity.ERROR)
         except Exception:
+            # STATUSTEXT is a best-effort operator-facing notification; the
+            # canonical failure surface is the structured log + FDR event
+            # already emitted above. A serial-write failure here must not
+            # mask the primary failure path.
             pass
 
     def _extract_wgs84(self, output: EstimatorOutput) -> LatLonAlt:

src/gps_denied_onboard/runtime_root/__init__.py

@@ -543,6 +543,9 @@ def _abort_takeoff_on_fdr_open_error(
                 },
             )
         except Exception:
+            # Even the error-logging failed during abort; we still have the
+            # stderr print below to surface the original failure to the
+            # operator. Swallowing keeps the abort path single-exit.
             pass
     print(
         f"FATAL: cannot open FDR at {resolved_root}: {underlying}; aborting takeoff (exit 2)",