From 7b229e4c3810c65fc3c5620a42fc3f934d7f1b59 Mon Sep 17 00:00:00 2001
From: Benoit Blanchon <github@benoitblanchon.fr>
Date: Wed, 6 Jun 2018 11:19:36 +0200
Subject: [PATCH] Added fuzzing to travis

---
 .travis.yml            |  6 ++++++
 fuzzing/fuzz.sh        |  9 ---------
 scripts/travis/fuzz.sh | 20 ++++++++++++++++++++
 3 files changed, 26 insertions(+), 9 deletions(-)
 delete mode 100755 fuzzing/fuzz.sh
 create mode 100755 scripts/travis/fuzz.sh

diff --git a/.travis.yml b/.travis.yml
index 12ce2e9a..13ddd354 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -114,6 +114,12 @@ matrix:
     - env: SCRIPT=arduino VERSION=1.8.2 BOARD=arduino:avr:uno
     - env: SCRIPT=platformio BOARD=uno
     - env: SCRIPT=platformio BOARD=esp01
+    - compiler: clang
+      addons:
+        apt:
+          sources: ['ubuntu-toolchain-r-test','llvm-toolchain-trusty-6.0']
+          packages: ['clang-6.0','llvm-6.0']
+      env: SCRIPT=fuzz CLANG=6.0
 cache:
   directories:
     - "~/.platformio"
diff --git a/fuzzing/fuzz.sh b/fuzzing/fuzz.sh
deleted file mode 100755
index e9f28c39..00000000
--- a/fuzzing/fuzz.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/bash
-# This script mimics an invocation from https://github.com/google/oss-fuzz
-
-cd $(dirname $0)
-export CXX='clang++'
-export CXXFLAGS='-fsanitize-coverage=trace-pc-guard -fsanitize=address'
-export LIB_FUZZING_ENGINE=-lFuzzer
-make OUT=.
-./json_fuzzer my_corpus seed_corpus -max_len=1024 -timeout=10
diff --git a/scripts/travis/fuzz.sh b/scripts/travis/fuzz.sh
new file mode 100755
index 00000000..5c5fb6d8
--- /dev/null
+++ b/scripts/travis/fuzz.sh
@@ -0,0 +1,20 @@
+#!/bin/bash -eux
+
+ROOT_DIR=$(dirname $0)/../../
+INCLUDE_DIR=$ROOT_DIR/src/
+FUZZING_DIR=$ROOT_DIR/fuzzing/
+JSON_CORPUS_DIR=$FUZZING_DIR/my_corpus
+JSON_SEED_CORPUS_DIR=$FUZZING_DIR/seed_corpus
+
+CXX="clang++-$CLANG"
+CXXFLAGS="-g -fprofile-instr-generate -fcoverage-mapping -fsanitize=address,fuzzer"
+
+$CXX $CXXFLAGS -o json_fuzzer -I$INCLUDE_DIR $FUZZING_DIR/fuzzer.cpp
+
+export ASAN_OPTIONS="detect_leaks=0"
+export LLVM_PROFILE_FILE="json_fuzzer.profraw"
+./json_fuzzer "$JSON_CORPUS_DIR" "$JSON_SEED_CORPUS_DIR" -max_total_time=60
+
+llvm-profdata-$CLANG merge -sparse json_fuzzer.profraw -o json_fuzzer.profdata
+
+llvm-cov-$CLANG report ./json_fuzzer -instr-profile=json_fuzzer.profdata