lightningdevkit · joostjager · Mar 20, 2026 · Mar 20, 2026 · Mar 20, 2026
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -205,6 +205,21 @@ jobs:
       - name: Simulate docs.rs build
         run: ci/check-docsrs.sh
 
+  fuzz_sanity:
+    runs-on: self-hosted
+    env:
+      TOOLCHAIN: 1.75
+    steps:
+      - name: Checkout source code
+        uses: actions/checkout@v4
+      - name: Install Rust ${{ env.TOOLCHAIN }} toolchain
+        run: |
+          curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile=minimal --default-toolchain ${{ env.TOOLCHAIN }}
+      - name: Sanity check fuzz targets on Rust ${{ env.TOOLCHAIN }}
+        run: |
+          cd fuzz
+          RUSTFLAGS="--cfg=fuzzing --cfg=secp256k1_fuzz --cfg=hashes_fuzz" cargo test --quiet --color always --lib --bins -j8
+
   fuzz:
     runs-on: self-hosted
     env:
@@ -238,11 +253,6 @@ jobs:
           key: fuzz-corpus-refs/heads/main-${{ github.sha }}
           restore-keys: |
             fuzz-corpus-refs/heads/main-
-      - name: Sanity check fuzz targets on Rust ${{ env.TOOLCHAIN }}
-        run: |
-          cd fuzz
-          RUSTFLAGS="--cfg=fuzzing --cfg=secp256k1_fuzz --cfg=hashes_fuzz" cargo test --verbose --color always --lib --bins -j8
-          cargo clean
       - name: Run fuzzers
         run: cd fuzz && ./ci-fuzz.sh && cd ..
       - name: Upload honggfuzz corpus
@@ -308,7 +318,7 @@ jobs:
           TOR_PROXY="127.0.0.1:9050" RUSTFLAGS="--cfg=tor" cargo test --verbose --color always -p lightning-net-tokio
 
   notify-failure:
-    needs: [build-workspace, build-features, build-bindings, build-nostd, build-cfg-flags, build-sync, fuzz, linting, rustfmt, check_release, check_docs, benchmark, ext-test, tor-connect, coverage]
+    needs: [build-workspace, build-features, build-bindings, build-nostd, build-cfg-flags, build-sync, fuzz_sanity, fuzz, linting, rustfmt, check_release, check_docs, benchmark, ext-test, tor-connect, coverage]
     if: failure() && github.ref == 'refs/heads/main'
     runs-on: ubuntu-latest
     permissions:

diff --git a/fuzz/ci-fuzz.sh b/fuzz/ci-fuzz.sh
@@ -2,6 +2,11 @@
 set -e
 set -x
 
+log_time() {
+	echo ":::: $(date '+%Y-%m-%d %H:%M:%S') $1"
+}
+
+log_time "Verifying generated targets"
 pushd src/msg_targets
 rm msg_*.rs
 ./gen_target.sh
@@ -15,12 +20,14 @@ popd
 
 export RUSTFLAGS="--cfg=secp256k1_fuzz --cfg=hashes_fuzz"
 
+log_time "Generating write-seeds"
 mkdir -p hfuzz_workspace/full_stack_target/input
 pushd write-seeds
 RUSTFLAGS="$RUSTFLAGS --cfg=fuzzing" cargo run ../hfuzz_workspace/full_stack_target/input
 cargo clean
 popd
 
+log_time "Installing honggfuzz"
 cargo install --color always --force honggfuzz --no-default-features
 
 # Because we're fuzzing relatively few iterations, the maximum possible
@@ -29,21 +36,76 @@ sed -i 's/lto = true//' Cargo.toml
 
 export HFUZZ_BUILD_ARGS="--features honggfuzz_fuzz"
 
+log_time "Building fuzz targets"
 cargo --color always hfuzz build -j8
+
+SUMMARY=""
+
+log_time "Starting fuzz runs"
 for TARGET in src/bin/*.rs; do
 	FILENAME=$(basename $TARGET)
 	FILE="${FILENAME%.*}"
-	HFUZZ_RUN_ARGS="--exit_upon_crash -v -n8 --run_time 30"
-	if [ "$FILE" = "chanmon_consistency_target" -o "$FILE" = "fs_store_target" ]; then
+	CORPUS_DIR="hfuzz_workspace/$FILE/input"
+	CORPUS_COUNT=$(find "$CORPUS_DIR" -type f 2>/dev/null | wc -l)
+	ITERATIONS=$((CORPUS_COUNT * 8 + 1000))
+	log_time "Fuzzing $FILE (corpus: $CORPUS_COUNT, iterations: $ITERATIONS)"
+	HFUZZ_RUN_ARGS="--exit_upon_crash -q -n8 -N $ITERATIONS --run_time 600"
+	if [ "$FILE" = "chanmon_consistency_target" ]; then
+		HFUZZ_RUN_ARGS="$HFUZZ_RUN_ARGS -F 64 -t 3"
+	elif [ "$FILE" = "fs_store_target" ]; then
 		HFUZZ_RUN_ARGS="$HFUZZ_RUN_ARGS -F 64"
 	fi
 	export HFUZZ_RUN_ARGS
+	FUZZ_START=$(date +%s)
 	cargo --color always hfuzz run $FILE
+	FUZZ_END=$(date +%s)
+	FUZZ_TIME=$((FUZZ_END - FUZZ_START))
+	FUZZ_CORPUS_COUNT=$(find "$CORPUS_DIR" -type f 2>/dev/null | wc -l)
 	if [ -f hfuzz_workspace/$FILE/HONGGFUZZ.REPORT.TXT ]; then
 		cat hfuzz_workspace/$FILE/HONGGFUZZ.REPORT.TXT
 		for CASE in hfuzz_workspace/$FILE/SIG*; do
 			cat $CASE | xxd -p
 		done
 		exit 1
 	fi
+	if [ "$GITHUB_REF" = "refs/heads/main" ] || true; then
+		HFUZZ_RUN_ARGS="-M -q -n8 -t 3"
+		export HFUZZ_RUN_ARGS
+		MIN_START=$(date +%s)
+		cargo --color always hfuzz run $FILE
+		MIN_END=$(date +%s)
+		MIN_TIME=$((MIN_END - MIN_START))
+		MIN_CORPUS_COUNT=$(find "$CORPUS_DIR" -type f 2>/dev/null | wc -l)
+		SUMMARY="${SUMMARY}${FILE}|${ITERATIONS}|${CORPUS_COUNT}|${FUZZ_CORPUS_COUNT}|${FUZZ_TIME}|${MIN_CORPUS_COUNT}|${MIN_TIME}\n"
+	else
+		SUMMARY="${SUMMARY}${FILE}|${ITERATIONS}|${CORPUS_COUNT}|${FUZZ_CORPUS_COUNT}|${FUZZ_TIME}\n"
+	fi
 done
+
+log_time "Done"
+
+fmt_time() {
+	local secs=$1
+	printf "%dm%ds" $((secs / 60)) $((secs % 60))
+}
+
+# Print summary table
+set +x
+echo ""
+echo "==== Fuzz Summary ===="
+if [ "$GITHUB_REF" = "refs/heads/main" ]; then
+	printf "%-40s %8s %8s %8s %8s %8s %8s\n" "Target" "Iters" "Corpus" "Fuzzed" "FTime" "Minimzd" "MTime"
+	printf "%-40s %8s %8s %8s %8s %8s %8s\n" "------" "-----" "------" "------" "-----" "-------" "-----"
+	echo -e "$SUMMARY" | while IFS='|' read -r name iters orig fuzzed ftime minimized mtime; do
+		[ -z "$name" ] && continue
+		printf "%-40s %8s %8s %8s %8s %8s %8s\n" "$name" "$iters" "$orig" "$fuzzed" "$(fmt_time "$ftime")" "$minimized" "$(fmt_time "$mtime")"
+	done
+else
+	printf "%-40s %8s %8s %8s %8s\n" "Target" "Iters" "Corpus" "Fuzzed" "FTime"
+	printf "%-40s %8s %8s %8s %8s\n" "------" "-----" "------" "------" "-----"
+	echo -e "$SUMMARY" | while IFS='|' read -r name iters orig fuzzed ftime; do
+		[ -z "$name" ] && continue
+		printf "%-40s %8s %8s %8s %8s\n" "$name" "$iters" "$orig" "$fuzzed" "$(fmt_time "$ftime")"
+	done
+fi
+echo "======================"