#!/usr/bin/env bash
# Run libFuzzer targets via cargo-fuzz (LLVM coverage + mutation).
# Usage:
#   ./scripts/fuzz-libfuzzer.sh              # all targets, 60s each, sanitizer none (stable-friendly)
#   FUZZ_TIME=300 ./scripts/fuzz-libfuzzer.sh session_decrypt
#   SANITIZER=address ./scripts/fuzz-libfuzzer.sh   # needs nightly rustc (rustup)

set -euo pipefail

export PATH="${HOME}/.cargo/bin:${PATH}"

ROOT="$(cd "$(dirname "$0")/.." && pwd)"
cd "$ROOT"

if ! command -v cargo-fuzz >/dev/null 2>&1; then
  echo "Install cargo-fuzz: cargo install cargo-fuzz" >&2
  exit 1
fi

FUZZ_TIME="${FUZZ_TIME:-60}"
SANITIZER="${SANITIZER:-none}"

TARGETS=(
  handshake_respond
  handshake_initiator_complete
  session_decrypt
  replay_sequence
  crypto_deserialize
  bbs_verify_presentation
)

run_one() {
  local name="$1"
  echo "=== cargo-fuzz: $name (max_total_time=${FUZZ_TIME}s, sanitizer=${SANITIZER}) ==="
  cargo fuzz run -s "$SANITIZER" "$name" -- -max_total_time="$FUZZ_TIME" -print_final_stats=1
}

if [[ $# -gt 0 ]]; then
  for name in "$@"; do
    run_one "$name"
  done
else
  for name in "${TARGETS[@]}"; do
    run_one "$name"
  done
fi