From c801fd36d37e9739b2213a4134f3fa65af40964c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Beat=20K=C3=BCng?= <beat-kueng@gmx.net>
Date: Tue, 17 Jun 2025 16:19:59 +0200
Subject: [PATCH] ci: add fuzzing workflow

This will run all fuzzing tests for 15 minutes once a day.
---
 .github/workflows/fuzzing.yml | 38 +++++++++++++++++++++++++++++++++++
 Tools/ci/run_fuzz_tests.sh    | 19 ++++++++++++++++++
 2 files changed, 57 insertions(+)
 create mode 100644 .github/workflows/fuzzing.yml
 create mode 100755 Tools/ci/run_fuzz_tests.sh

diff --git a/.github/workflows/fuzzing.yml b/.github/workflows/fuzzing.yml
new file mode 100644
index 0000000000..f8af6a6ab2
--- /dev/null
+++ b/.github/workflows/fuzzing.yml
@@ -0,0 +1,38 @@
+name: Fuzzing
+on:
+  schedule:
+    - cron: '0 6 * * *'  # UTC 6am every day.
+
+permissions:
+  contents: read
+
+env:
+  RUNS_IN_DOCKER: true
+
+jobs:
+  Fuzzing:
+    runs-on: ubuntu-latest
+    container:
+      image: px4io/px4-dev:v1.16.0-rc1-258-g0369abd556
+    steps:
+      - name: Install Dependencies
+        run: |
+          apt update && apt install -y clang
+
+      - name: Fix git in Container
+        run: |
+          git config --global --add safe.directory $(realpath .)
+
+      - uses: actions/checkout@v4
+
+      - name: Build and Run Fuzz Tests
+        run: |
+          # Only build the tests
+          export CC=clang
+          export CXX=clang++
+          make tests TESTFILTER=__no_tests__
+
+          # Run the fuzz tests
+          for fuzz_binary in build/px4_sitl_test/*fuzz*; do
+            ./Tools/ci/run_fuzz_tests.sh $fuzz_binary 15m
+          done
diff --git a/Tools/ci/run_fuzz_tests.sh b/Tools/ci/run_fuzz_tests.sh
new file mode 100755
index 0000000000..4aa4a9d3b6
--- /dev/null
+++ b/Tools/ci/run_fuzz_tests.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+# This script runs the fuzz tests from a given binary for a certain amount of time
+set -e
+
+if [[ "$1" == "--help" || "$1" == "-h" || -z "$1" ]]; then
+  echo "Usage: $0 <binary> [<duration>]"
+  echo "duration can be for example 5m or 5h"
+  exit 0
+fi
+
+binary="$1"
+duration="$2"
+[[ -z "$duration" ]] && duration="1m"
+
+# Iterate over all available fuzz tests in the binary
+for t in $("$binary" --fuzz=__non_existent__ 2>&1 | sed '1,/^Valid tests:$/d' | tr -d ' '); do
+  echo "Running $t"
+  "$binary" --fuzz="$t" --fuzz_for="$duration"
+done