name: Continuous Fuzzing
on:
push:
branches: [ main, master, staging, try ]
pull_request:
branches: [ main, master ]
schedule:
- cron: '0 0 * * *'
jobs:
fuzz:
name: Fuzz ${{ matrix.target }}
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
target: [fuzz_target_1]
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: Install Rust nightly
uses: dtolnay/rust-toolchain@nightly
- name: Cache cargo bin
id: cache-cargo-bin
uses: actions/cache@v5
with:
path: ~/.cargo/bin/cargo-fuzz
key: ${{ runner.os }}-cargo-fuzz-bin
- name: Install cargo-fuzz
if: steps.cache-cargo-bin.outputs.cache-hit != 'true'
run: cargo install cargo-fuzz
- name: Cache Fuzzing Corpus
uses: actions/cache@v5
with:
path: fuzz/corpus/${{ matrix.target }}
key: ${{ runner.os }}-fuzz-corpus-${{ matrix.target }}-${{ github.run_id }}
restore-keys: |
${{ runner.os }}-fuzz-corpus-${{ matrix.target }}-
- name: Cache build artifacts
uses: actions/cache@v5
with:
path: |
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
fuzz/target/
target/
key: ${{ runner.os }}-fuzz-target-${{ matrix.target }}-${{ hashFiles('Cargo.lock', 'fuzz/Cargo.lock') }}
restore-keys: |
${{ runner.os }}-fuzz-target-${{ matrix.target }}-
- name: Run Fuzzer
run: |
cd fuzz
if [[ "${{ github.event_name }}" == "pull_request" ]]; then
# Run the fuzzer 5 times, each for 1 hour (3600 seconds) instead of 1 time for 5 hours.
# Long single fuzzer runs can hit memory limits or cause CPU starvation in shared CI runners.
for i in {1..5}; do
echo "Starting PR fuzzer iteration $i of 5..."
cargo +nightly fuzz run ${{ matrix.target }} -- -max_total_time=3600 -rss_limit_mb=16384Mb
done
else
echo "Starting standard fuzzer iteration (1 hour)..."
cargo +nightly fuzz run ${{ matrix.target }} -- -max_total_time=3600 -rss_limit_mb=16384Mb
fi
- name: Upload Crash Artifacts
if: failure()
uses: actions/upload-artifact@v7
with:
name: fuzzer-artifacts-${{ matrix.target }}
path: fuzz/artifacts/${{ matrix.target }}
if-no-files-found: ignore