Add clusterfuzzlite to fuzz in CI

.clusterfuzzlite/Dockerfile

@@ -0,0 +1,7 @@
+FROM gcr.io/oss-fuzz-base/base-builder:v1
+COPY . $SRC/PX4-Autopilot
+RUN apt-get install -y libjpeg8-dev zlib1g-dev
+RUN pip3 install --upgrade pip
+RUN python3 -m pip install -r $SRC/PX4-Autopilot/Tools/setup/requirements.txt
+WORKDIR $SRC/PX4-Autopilot
+COPY ./.clusterfuzzlite/build.sh $SRC/

.clusterfuzzlite/build.sh

@@ -0,0 +1,4 @@
+#!/usr/bin/env bash -eu
+
+PX4_FUZZ=1 make px4_sitl
+cp build/px4_sitl_default/bin/px4 $OUT/px4

.clusterfuzzlite/project.yaml

@@ -0,0 +1 @@
+language: c++

.github/workflows/cflite_pr.yml

@@ -0,0 +1,43 @@
+name: ClusterFuzzLite PR fuzzing
+on:
+  pull_request:
+    paths:
+      - '**'
+permissions: read-all
+jobs:
+  PR:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        sanitizer:
+        - address
+        - undefined
+        - memory
+    steps:
+    - name: Build Fuzzers (${{ matrix.sanitizer }})
+      id: build
+      uses: google/clusterfuzzlite/actions/build_fuzzers@v1
+      with:
+        sanitizer: ${{ matrix.sanitizer }}
+        # Optional but recommended: used to only run fuzzers that are affected
+        # by the PR.
+        # See later section on "Git repo for storage".
+        # storage-repo: https://${{ secrets.PERSONAL_ACCESS_TOKEN }}@github.com/OWNER/STORAGE-REPO-NAME.git
+        # storage-repo-branch: main   # Optional. Defaults to "main"
+        # storage-repo-branch-coverage: gh-pages  # Optional. Defaults to "gh-pages".
+    - name: Run Fuzzers (${{ matrix.sanitizer }})
+      id: run
+      uses: google/clusterfuzzlite/actions/run_fuzzers@v1
+      with:
+        github-token: ${{ secrets.GITHUB_TOKEN }}
+        fuzz-seconds: 600
+        mode: 'code-change'
+        sanitizer: ${{ matrix.sanitizer }}
+        # Optional but recommended: used to download the corpus produced by
+        # batch fuzzing.
+        # See later section on "Git repo for storage".
+        # storage-repo: https://${{ secrets.PERSONAL_ACCESS_TOKEN }}@github.com/OWNER/STORAGE-REPO-NAME.git
+        # storage-repo-branch: main   # Optional. Defaults to "main"
+        # storage-repo-branch-coverage: gh-pages  # Optional. Defaults to "gh-pages".
+

Makefile

@@ -160,8 +160,6 @@ else
 
 	# Fuzz Testing
 	ifdef PX4_FUZZ
-		export CC=clang
-		export CXX=clang++
 		CMAKE_ARGS += -DCMAKE_BUILD_TYPE=FuzzTesting
 	endif
 

cmake/px4_add_common_flags.cmake

@@ -157,14 +157,20 @@ function(px4_add_common_flags)
 	set(cxx_flags)
 	list(APPEND cxx_flags
 		-fno-exceptions
-		-fno-rtti
 		-fno-threadsafe-statics
 
 		-Wreorder
 
 		# disabled warnings
 		-Wno-overloaded-virtual # TODO: fix and remove
 	)
+
+	if(NOT CMAKE_BUILD_TYPE STREQUAL FuzzTesting)
+		list(APPEND cxx_flags
+			-fno-rtti
+		)
+	endif()
+
 	foreach(flag ${cxx_flags})
 		add_compile_options($<$<COMPILE_LANGUAGE:CXX>:${flag}>)
 	endforeach()

cmake/sanitizers.cmake

@@ -136,13 +136,14 @@ elseif (CMAKE_BUILD_TYPE STREQUAL FuzzTesting)
 
 	add_compile_options(
 		-g3
-		-fsanitize=fuzzer,address,undefined
+		-fsanitize=fuzzer
 		-DFUZZTESTING
 	)
 
-	set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fsanitize=fuzzer,address,undefined" CACHE INTERNAL "" FORCE)
-	set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} -fsanitize=fuzzer,address,undefined" CACHE INTERNAL "" FORCE)
-	set(CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} -fsanitize=fuzzer,address,undefined" CACHE INTERNAL "" FORCE)
+	set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fsanitize=fuzzer $ENV{LIB_FUZZING_ENGINE}" CACHE INTERNAL "" FORCE)
+	set(CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} -fsanitize=fuzzer $ENV{LIB_FUZZING_ENGINE}" CACHE INTERNAL "" FORCE)
+	set(CMAKE_MODULE_LINKER_FLAGS "${CMAKE_MODULE_LINKER_FLAGS} -fsanitize=fuzzer $ENV{LIB_FUZZING_ENGINE}" CACHE INTERNAL "" FORCE)
+
 
 	function(sanitizer_fail_test_on_error test_name)
 		# Not sure what to do here