Found by oss-fuzz
clusterfuzz-testcase-crypto_fschacha20poly1305-6583678709334016.txt
FUZZ=crypto_fschacha20poly1305 perf record -g --call-graph dwarf ./src/test/fuzz/fuzz ./clusterfuzz-testcase-crypto_fschacha20poly1305-6583678709334016
...
hotspot ./perf.data
My recommendation would be to reduce the number of iterations from 10'000 to something that still covers all edge cases.
What is the timeout value in OSS-Fuzz?
Found the timeout really fast by running:
diff --git a/src/test/fuzz/crypto_chacha20poly1305.cpp b/src/test/fuzz/crypto_chacha20poly1305.cpp
index 2b39a06094..e2e6df6c77 100644
--- a/src/test/fuzz/crypto_chacha20poly1305.cpp
+++ b/src/test/fuzz/crypto_chacha20poly1305.cpp
@@ -130,7 +130,7 @@ FUZZ_TARGET(crypto_fschacha20poly1305)
// data).
InsecureRandomContext rng(provider.ConsumeIntegral<uint64_t>());
- LIMITED_WHILE(provider.ConsumeBool(), 10000)
+ LIMITED_WHILE(true, 10000)
{
// Mode:
// - Bit 0: whether to use single-plain Encrypt/Decrypt; otherwise use a split at prefix.
➜ bitcoin-core-dev git:(master) ✗ FUZZ=crypto_fschacha20poly1305 ./src/test/fuzz/fuzz -max_total_time=300 -print_final_stats=1 -timeout=5
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 932334287
INFO: Loaded 1 modules (1225171 inline 8-bit counters): 1225171 [0x105b55a70, 0x105c80c43),
INFO: Loaded 1 PC tables (1225171 PCs): 1225171 [0x105c80c48,0x106f32978),
INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 4096 bytes
INFO: A corpus is not provided, starting from an empty corpus
[#2](/bitcoin-bitcoin/2/) INITED cov: 373 ft: 373 corp: 1/1b exec/s: 2 rss: 75Mb
[#3](/bitcoin-bitcoin/3/) NEW cov: 373 ft: 621 corp: 2/2b lim: 4 exec/s: 0 rss: 76Mb L: 1/1 MS: 1 ChangeByte-
[#4](/bitcoin-bitcoin/4/) pulse cov: 373 ft: 848 corp: 2/2b lim: 4 exec/s: 0 rss: 77Mb
[#4](/bitcoin-bitcoin/4/) NEW cov: 373 ft: 848 corp: 3/3b lim: 4 exec/s: 0 rss: 77Mb L: 1/1 MS: 1 ChangeByte-
[#8](/bitcoin-bitcoin/8/) pulse cov: 373 ft: 908 corp: 3/3b lim: 4 exec/s: 0 rss: 81Mb
[#8](/bitcoin-bitcoin/8/) NEW cov: 375 ft: 908 corp: 4/5b lim: 4 exec/s: 0 rss: 81Mb L: 2/2 MS: 4 ShuffleBytes-ShuffleBytes-ShuffleBytes-InsertByte-
[#9](/bitcoin-bitcoin/9/) NEW cov: 375 ft: 911 corp: 5/7b lim: 4 exec/s: 0 rss: 82Mb L: 2/2 MS: 1 CrossOver-
[#12](/bitcoin-bitcoin/12/) NEW cov: 375 ft: 916 corp: 6/9b lim: 4 exec/s: 0 rss: 85Mb L: 2/2 MS: 3 ChangeByte-ChangeBit-CrossOver-
NEW_FUNC[1/1]: 0x1029ad75c in std::__1::vector<std::byte, std::__1::allocator<std::byte>>::shrink_to_fit() vector:1431
[#13](/bitcoin-bitcoin/13/) NEW cov: 390 ft: 934 corp: 7/12b lim: 4 exec/s: 0 rss: 86Mb L: 3/3 MS: 1 CrossOver-
[#15](/bitcoin-bitcoin/15/) NEW cov: 390 ft: 939 corp: 8/15b lim: 4 exec/s: 0 rss: 89Mb L: 3/3 MS: 2 InsertByte-ChangeBit-
[#16](/bitcoin-bitcoin/16/) pulse cov: 390 ft: 949 corp: 8/15b lim: 4 exec/s: 0 rss: 90Mb
[#16](/bitcoin-bitcoin/16/) NEW cov: 392 ft: 949 corp: 9/19b lim: 4 exec/s: 0 rss: 90Mb L: 4/4 MS: 1 CopyPart-
[#17](/bitcoin-bitcoin/17/) NEW cov: 392 ft: 950 corp: 10/21b lim: 4 exec/s: 0 rss: 91Mb L: 2/4 MS: 1 InsertByte-
ALARM: working on the last Unit for 5 seconds
and the timeout value is 5 (use -timeout=N to change)
MS: 2 ShuffleBytes-InsertByte-; base unit: fe0cbc86d858d84b2bfd33eb7a8c2987231df1a6
0xa,0xb9,0xa,0x7a,
\012\271\012z
artifact_prefix='./'; Test unit written to ./timeout-b0b9b4efc0088bf1964f6b868a74323f58e4a853
Base64: CrkKeg==
==87101== ERROR: libFuzzer: timeout after 5 seconds
[#0](/bitcoin-bitcoin/0/) 0x10868ce84 in __sanitizer_print_stack_trace+0x28 (libclang_rt.asan_osx_dynamic.dylib:arm64+0x5ce84)
[#1](/bitcoin-bitcoin/1/) 0x104f4fc9c in fuzzer::PrintStackTrace() FuzzerUtil.cpp:210
[#2](/bitcoin-bitcoin/2/) 0x104f35c98 in fuzzer::Fuzzer::AlarmCallback() FuzzerLoop.cpp:304
[#3](/bitcoin-bitcoin/3/) 0x1870d9a20 in _sigtramp+0x34 (libsystem_platform.dylib:arm64+0x3a20)
[#4](/bitcoin-bitcoin/4/) 0xe02d000104d0fbf4 (<unknown module>)
[#5](/bitcoin-bitcoin/5/) 0x104d0ae8c in (anonymous namespace)::ComputeTag(ChaCha20&, Span<std::byte const>, Span<std::byte const>, Span<std::byte>) chacha20poly1305.cpp:64
[#6](/bitcoin-bitcoin/6/) 0x104d0b140 in AEADChaCha20Poly1305::Decrypt(Span<std::byte const>, Span<std::byte const>, std::__1::pair<unsigned int, unsigned long long>, Span<std::byte>, Span<std::byte>) chacha20poly1305.cpp:90
[#7](/bitcoin-bitcoin/7/) 0x104d0ba7c in FSChaCha20Poly1305::Decrypt(Span<std::byte const>, Span<std::byte const>, Span<std::byte>, Span<std::byte>) chacha20poly1305.cpp:132
[#8](/bitcoin-bitcoin/8/) 0x102c30b4c in crypto_fschacha20poly1305_fuzz_target(std::__1::span<unsigned char const, 18446744073709551615ul>) crypto_chacha20poly1305.cpp:170
[#9](/bitcoin-bitcoin/9/) 0x103252214 in LLVMFuzzerTestOneInput fuzz.cpp:209
[#10](/bitcoin-bitcoin/10/) 0x104f37140 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) FuzzerLoop.cpp:614
[#11](/bitcoin-bitcoin/11/) 0x104f36a44 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) FuzzerLoop.cpp:516
[#12](/bitcoin-bitcoin/12/) 0x104f37e94 in fuzzer::Fuzzer::MutateAndTestOne() FuzzerLoop.cpp:760
[#13](/bitcoin-bitcoin/13/) 0x104f38bf4 in fuzzer::Fuzzer::Loop(std::__1::vector<fuzzer::SizedFile, std::__1::allocator<fuzzer::SizedFile>>&) FuzzerLoop.cpp:905
[#14](/bitcoin-bitcoin/14/) 0x104f29228 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) FuzzerDriver.cpp:914
[#15](/bitcoin-bitcoin/15/) 0x104f50584 in main FuzzerMain.cpp:20
[#16](/bitcoin-bitcoin/16/) 0x186d290dc (<unknown module>)
[#17](/bitcoin-bitcoin/17/) 0xe537fffffffffffc (<unknown module>)
SUMMARY: libFuzzer: timeout
stat::number_of_executed_units: 19
stat::average_exec_per_sec: 0
stat::new_units_added: 9
stat::slowest_unit_time_sec: 0
stat::peak_rss_mb: 93
Found the timeout really fast by running:
The fuzz input should also be in the attachment in the pull request description, which also allows to reproduce it.