lightningdevkit · joostjager · Mar 19, 2026 · Mar 19, 2026 · Mar 19, 2026 · Mar 19, 2026
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -205,6 +205,21 @@ jobs:
       - name: Simulate docs.rs build
         run: ci/check-docsrs.sh
 
+  fuzz_sanity:
+    runs-on: self-hosted
+    env:
+      TOOLCHAIN: 1.75
+    steps:
+      - name: Checkout source code
+        uses: actions/checkout@v4
+      - name: Install Rust ${{ env.TOOLCHAIN }} toolchain
+        run: |
+          curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --profile=minimal --default-toolchain ${{ env.TOOLCHAIN }}
+      - name: Sanity check fuzz targets on Rust ${{ env.TOOLCHAIN }}
+        run: |
+          cd fuzz
+          RUSTFLAGS="--cfg=fuzzing --cfg=secp256k1_fuzz --cfg=hashes_fuzz" cargo test --quiet --color always --lib --bins -j8
+
   fuzz:
     runs-on: self-hosted
     env:
@@ -238,11 +253,6 @@ jobs:
           key: fuzz-corpus-refs/heads/main-${{ github.sha }}
           restore-keys: |
             fuzz-corpus-refs/heads/main-
-      - name: Sanity check fuzz targets on Rust ${{ env.TOOLCHAIN }}
-        run: |
-          cd fuzz
-          RUSTFLAGS="--cfg=fuzzing --cfg=secp256k1_fuzz --cfg=hashes_fuzz" cargo test --verbose --color always --lib --bins -j8
-          cargo clean
       - name: Run fuzzers
         run: cd fuzz && ./ci-fuzz.sh && cd ..
       - name: Upload honggfuzz corpus
@@ -308,7 +318,7 @@ jobs:
           TOR_PROXY="127.0.0.1:9050" RUSTFLAGS="--cfg=tor" cargo test --verbose --color always -p lightning-net-tokio
 
   notify-failure:
-    needs: [build-workspace, build-features, build-bindings, build-nostd, build-cfg-flags, build-sync, fuzz, linting, rustfmt, check_release, check_docs, benchmark, ext-test, tor-connect, coverage]
+    needs: [build-workspace, build-features, build-bindings, build-nostd, build-cfg-flags, build-sync, fuzz_sanity, fuzz, linting, rustfmt, check_release, check_docs, benchmark, ext-test, tor-connect, coverage]
     if: failure() && github.ref == 'refs/heads/main'
     runs-on: ubuntu-latest
     permissions:

diff --git a/fuzz/ci-fuzz.sh b/fuzz/ci-fuzz.sh
@@ -2,6 +2,11 @@
 set -e
 set -x
 
+log_time() {
+	echo ":::: $(date '+%Y-%m-%d %H:%M:%S') $1"
+}
+
+log_time "Verifying generated targets"
 pushd src/msg_targets
 rm msg_*.rs
 ./gen_target.sh
@@ -15,12 +20,14 @@ popd
 
 export RUSTFLAGS="--cfg=secp256k1_fuzz --cfg=hashes_fuzz"
 
+log_time "Generating write-seeds"
 mkdir -p hfuzz_workspace/full_stack_target/input
 pushd write-seeds
 RUSTFLAGS="$RUSTFLAGS --cfg=fuzzing" cargo run ../hfuzz_workspace/full_stack_target/input
 cargo clean
 popd
 
+log_time "Installing honggfuzz"
 cargo install --color always --force honggfuzz --no-default-features
 
 # Because we're fuzzing relatively few iterations, the maximum possible
@@ -29,16 +36,28 @@ sed -i 's/lto = true//' Cargo.toml
 
 export HFUZZ_BUILD_ARGS="--features honggfuzz_fuzz"
 
+log_time "Building fuzz targets"
 cargo --color always hfuzz build -j8
+
+log_time "Starting fuzz runs"
 for TARGET in src/bin/*.rs; do
 	FILENAME=$(basename $TARGET)
 	FILE="${FILENAME%.*}"
-	HFUZZ_RUN_ARGS="--exit_upon_crash -v -n8 --run_time 30"
-	if [ "$FILE" = "chanmon_consistency_target" -o "$FILE" = "fs_store_target" ]; then
+	CORPUS_DIR="hfuzz_workspace/$FILE/input"
+	CORPUS_COUNT=$(find "$CORPUS_DIR" -type f 2>/dev/null | wc -l)
+	ITERATIONS=$((CORPUS_COUNT * 8 + 1000))
+	log_time "Fuzzing $FILE (corpus: $CORPUS_COUNT, iterations: $ITERATIONS)"
+	HFUZZ_RUN_ARGS="--exit_upon_crash -q -n8 -N $ITERATIONS --run_time 600"
+	if [ "$FILE" = "chanmon_consistency_target" ]; then
+		HFUZZ_RUN_ARGS="$HFUZZ_RUN_ARGS -F 64 -t 3"
+	elif [ "$FILE" = "fs_store_target" ]; then
 		HFUZZ_RUN_ARGS="$HFUZZ_RUN_ARGS -F 64"
 	fi
 	export HFUZZ_RUN_ARGS
 	cargo --color always hfuzz run $FILE
+	NEW_CORPUS_COUNT=$(find "$CORPUS_DIR" -type f 2>/dev/null | wc -l)
+	DELTA=$((NEW_CORPUS_COUNT - CORPUS_COUNT))
+	log_time "Finished $FILE (corpus: $NEW_CORPUS_COUNT, delta: +$DELTA)"
 	if [ -f hfuzz_workspace/$FILE/HONGGFUZZ.REPORT.TXT ]; then
 		cat hfuzz_workspace/$FILE/HONGGFUZZ.REPORT.TXT
 		for CASE in hfuzz_workspace/$FILE/SIG*; do
@@ -47,3 +66,19 @@ for TARGET in src/bin/*.rs; do
 		exit 1
 	fi
 done
+
+log_time "Starting corpus minimization"
+for TARGET in src/bin/*.rs; do
+	FILENAME=$(basename $TARGET)
+	FILE="${FILENAME%.*}"
+	log_time "Minimizing $FILE"
+	HFUZZ_RUN_ARGS="-M -q -n8"
+	export HFUZZ_RUN_ARGS
+	cargo --color always hfuzz run $FILE
+	CORPUS_DIR="hfuzz_workspace/$FILE/input"
+	CORPUS_COUNT=$(find "$CORPUS_DIR" -type f 2>/dev/null | wc -l)
+	log_time "Finished minimizing $FILE (corpus: $CORPUS_COUNT)"
+done
+log_time "Corpus minimization complete"
+
+log_time "Done"