From a036d6c27d1b2431d992221cba7b9cedbc7597c6 Mon Sep 17 00:00:00 2001 From: ruv Date: Sat, 23 May 2026 15:19:45 -0400 Subject: [PATCH] fix(fuzz): stub c6_sync_espnow_is_valid for the fuzz-harness link path MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Iter 38 — CI guard fix. The Firmware QEMU Tests (ADR-061) Fuzz Testing Layer 6 job was failing on PR #764 with: /usr/bin/ld: csi_collector.c:229: undefined reference to `c6_sync_espnow_is_valid' clang: error: linker command failed with exit code 1 Iter 11's csi_collector.c byte 19 bit 4 wire-fix added the OR'd call to c6_sync_espnow_is_valid(), but the fuzz target only links csi_collector.c against test/stubs/esp_stubs.c — not the real c6_sync_espnow.c implementation. The fuzz harness needed a stub. Fix: append a 1-line stub to esp_stubs.c that returns false. This matches the c6_timesync.h inline-fallback pattern: under non-ESP-NOW fuzz inputs the bit-4 sync-valid flag stays 0, which is the natural fuzz semantic. GHCI run that surfaced the bug: 26338405979 — Fuzz Testing (ADR-061 Layer 6) step. Next push will exercise the fix. Co-Authored-By: claude-flow --- firmware/esp32-csi-node/test/stubs/esp_stubs.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/firmware/esp32-csi-node/test/stubs/esp_stubs.c b/firmware/esp32-csi-node/test/stubs/esp_stubs.c index 09f19cf0..e6c2b4ba 100644 --- a/firmware/esp32-csi-node/test/stubs/esp_stubs.c +++ b/firmware/esp32-csi-node/test/stubs/esp_stubs.c @@ -73,3 +73,13 @@ static mmwave_state_t s_stub_mmwave = {0}; esp_err_t mmwave_sensor_init(int tx, int rx) { (void)tx; (void)rx; return ESP_ERR_NOT_FOUND; } bool mmwave_sensor_get_state(mmwave_state_t *s) { if (s) *s = s_stub_mmwave; return false; } const char *mmwave_type_name(mmwave_type_t t) { (void)t; return "None"; } + +/* ADR-110 iter 38 — fuzz-harness stub for c6_sync_espnow_is_valid. + * Real implementation lives in main/c6_sync_espnow.c; the fuzz target + * (`fuzz_serialize`) only links csi_collector.c against esp_stubs.c, so + * iter-11's `if (c6_sync_espnow_is_valid()) flags |= (1 << 4);` needs a + * symbol here or `clang -fsanitize=fuzzer` fails with an undefined-reference + * linker error. Returning false means the bit-4 cross-node-sync-valid flag + * stays 0 in fuzz inputs, which is the natural fuzz semantic. */ +#include +bool c6_sync_espnow_is_valid(void) { return false; }