fuzz: improve iteration strategy, logging, and corpus minimization

Replace the fixed 30s run_time with iteration counts scaled to 8x
corpus size (plus a 1000 baseline) with a 10-minute hard cap. This
ensures small targets finish quickly while large ones get adequate
fuzzing time.

Additional changes:
- Use -q (quiet) to suppress per-iteration status output
- Log corpus size before/after fuzzing with delta
- Increase per-input timeout to 3s for chanmon_consistency_target
- On main, run corpus minimization after each target and report
  the minimized corpus size

AI tools were used in preparing this commit.

Author: joostjager

fuzz/ci-fuzz.sh

@@ -33,17 +33,34 @@ cargo --color always hfuzz build -j8
 for TARGET in src/bin/*.rs; do
 	FILENAME=$(basename $TARGET)
 	FILE="${FILENAME%.*}"
-	HFUZZ_RUN_ARGS="--exit_upon_crash -v -n8 --run_time 30"
-	if [ "$FILE" = "chanmon_consistency_target" -o "$FILE" = "fs_store_target" ]; then
+	CORPUS_DIR="hfuzz_workspace/$FILE/input"
+	CORPUS_COUNT=$(find "$CORPUS_DIR" -type f 2>/dev/null | wc -l)
+	ITERATIONS=$((CORPUS_COUNT * 8 + 1000))
+	HFUZZ_RUN_ARGS="--exit_upon_crash -q -n8 -N $ITERATIONS --run_time 600"
+	if [ "$FILE" = "chanmon_consistency_target" ]; then
+		HFUZZ_RUN_ARGS="$HFUZZ_RUN_ARGS -F 64 -t 3"
+	elif [ "$FILE" = "fs_store_target" ]; then
 		HFUZZ_RUN_ARGS="$HFUZZ_RUN_ARGS -F 64"
 	fi
 	export HFUZZ_RUN_ARGS
 	cargo --color always hfuzz run $FILE
+	FUZZ_CORPUS_COUNT=$(find "$CORPUS_DIR" -type f 2>/dev/null | wc -l)
+	FUZZ_DELTA=$((FUZZ_CORPUS_COUNT - CORPUS_COUNT))
 	if [ -f hfuzz_workspace/$FILE/HONGGFUZZ.REPORT.TXT ]; then
 		cat hfuzz_workspace/$FILE/HONGGFUZZ.REPORT.TXT
 		for CASE in hfuzz_workspace/$FILE/SIG*; do
 			cat $CASE | xxd -p
 		done
 		exit 1
 	fi
+	if [ "$GITHUB_REF" = "refs/heads/main" ]; then
+		HFUZZ_RUN_ARGS="-M -q -n8 -t 3"
+		export HFUZZ_RUN_ARGS
+		cargo --color always hfuzz run $FILE
+		MIN_CORPUS_COUNT=$(find "$CORPUS_DIR" -type f 2>/dev/null | wc -l)
+		MIN_DELTA=$((MIN_CORPUS_COUNT - FUZZ_CORPUS_COUNT))
+		echo "$FILE: original=$CORPUS_COUNT, after fuzz=$FUZZ_CORPUS_COUNT [+$FUZZ_DELTA], after minimize=$MIN_CORPUS_COUNT [$MIN_DELTA]"
+	else
+		echo "$FILE: original=$CORPUS_COUNT, after fuzz=$FUZZ_CORPUS_COUNT [+$FUZZ_DELTA]"
+	fi
 done