• Search by Module
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

Project: clusterfuzz (GitHub Link)

• clusterfuzz-master
  • src
    • platform_requirements.txt
    • protos
      • heartbeat.proto
      • process_state.proto
      • heartbeat_pb2_grpc.py
      • process_state_pb2.py
      • __init__.py
      • README.md
      • untrusted_runner_pb2_grpc.py
      • untrusted_runner.proto
      • untrusted_runner_pb2.py
      • process_state_pb2_grpc.py
      • heartbeat_pb2.py
      • generate.sh
    • .bazelrc
    • python
      • crash_analysis
        • BUILD.bazel
        • crash_analyzer.py
        • stack_parsing
          • stack_parser.py
          • stack_symbolizer.py
          • __init__.py
          • stack_analyzer.py
        • severity_analyzer.py
        • crash_result.py
        • __init__.py
        • crash_comparer.py
      • chrome
        • build_info.py
        • __init__.py
        • README.md
        • crash_uploader.py
      • base
        • untrusted.py
        • BUILD.bazel
        • modules.py
        • persistent_cache.py
        • tasks.py
        • dates.py
        • external_users.py
        • __init__.py
        • utils.py
        • errors.py
        • retry.py
        • memoize.py
        • json_utils.py
      • datastore
        • corpus_tagging.py
        • ndb_utils.py
        • fuzz_target_utils.py
        • locks.py
        • search_tokenizer.py
        • data_handler.py
        • data_types.py
        • __init__.py
        • ndb_init.py
      • config
        • BUILD.bazel
        • db_config.py
        • local_config.py
        • __init__.py
      • build_management
        • revisions.py
        • build_manager.py
        • __init__.py
        • source_mapper.py
      • __init__.py
      • fuzzer_utils
        • mutators.py
        • tests.py
        • __init__.py
      • tests
        • test_libs
          • appengine_test_utils.py
          • test_utils.py
          • android_helpers.py
          • untrusted_runner_helpers.py
          • reproduce_tool_fakes.py
          • mock_config.py
          • data
            • untrusted_cert.pem
            • untrusted_key.pem
          • __init__.py
          • helpers.py
        • __init__.py
        • core
          • crash_analysis
            • crash_analyzer_test.py
            • crash_comparer_test.py
            • severity_analyzer_test.py
            • stack_parsing
              • stack_symbolizer_test.py
              • stack_parser_test.py
              • stack_analyzer_test.py
              • __init__.py
              • stack_analyzer_data
                • check_failure_vs_no_closing.txt
                • check_failure_with_handle_sigill=1.txt
                • cfi_nodebug.txt
                • ubsan_null_pointer_read.txt
                • golang_panic_runtime_error_makeslice_len_out_of_range.txt
                • wtfcrash.txt
                • v8_oom.txt
                • ubsan_integer_overflow_addition.txt
                • cfi_bad_cast_indirect_fc.txt
                • golang_panic_runtime_error_invalid_memory_address.txt
                • golang_generic_panic_and_asan_abrt.txt
                • android_null_stack.txt
                • security_check_failure.txt
                • hwasan_tag_mismatch.txt
                • v8_check_windows.txt
                • hwasan_allocation_tail_overwritten.txt
                • kasan_null.txt
                • golang_fatal_error_stack_overflow.txt
                • v8_unimplemented_code.txt
                • asan_unknown_crash_read.txt
                • regress_double_unknown.txt
                • assert_glibc_with_glib.txt
                • v8_unknown_fatal_error.txt
                • asan_ill.txt
                • asan_unknown_win_write.txt
                • asan_heap_overflow_read.txt
                • assert_chromium_log.txt
                • ubsan_bad_cast_member_call.txt
                • fuchsia_reproducible_crash.txt
                • cdb_read.txt
                • ignore_win_frames.txt
                • symbolized_asan_unknown.txt
                • android_security_dcheck_failure.txt
                • missing_library_android.txt
                • kasan_uaf.txt
                • ubsan_null_pointer_reference_binding.txt
                • golang_libfuzzer_panic.txt
                • check_failure_android_media.txt
                • android_kernel.txt
                • python_unhandled_exception.txt
                • ubsan_integer_overflow_negation.txt
                • fuchsia_ignore.txt
                • v8_runtime_error.txt
                • ubsan_null_pointer_member_access.txt
                • v8_fatal_error_no_check.txt
                • asan_breakpoint.txt
                • ubsan_fpe.txt
                • ubsan_null_pointer_member_call.txt
                • android_asan_uaf.txt
                • keep_libc_if_unsymbolized.txt
                • java_fatal_exception.txt
                • check_failure_with_assert_message.txt
                • v8_check_symbolized.txt
                • kasan_syzkaller_android.txt
                • asan_stack_overflow.txt
                • asan_in_drt_string.txt
                • assert_glibc.txt
                • oom3.txt
                • libfuzzer_oom_malloc.txt
                • ignore_honggfuzz.txt
                • fuchsia_asan.txt
                • golang_panic_with_type_assertions_in_frames.txt
                • kasan_gpf.txt
                • check_failure_google.txt
                • golang_panic_runtime_error_slice_bounds_out_of_range.txt
                • ignore_abort_frames.txt
                • ignore_libc_if_symbolized.txt
                • android_asan_null_dereference_read.txt
                • browser_uaf2.txt
                • check_failure_chrome_android.txt
                • check_failure_chrome.txt
                • asan_null_dereference_unknown.txt
                • msan_uninitialized_value.txt
                • v8_unreachable_code.txt
                • check_failure_chrome_mac.txt
                • tsan_use_after_free.txt
                • asan_unknown_unknown.txt
                • ubsan_non_positive_vla_bound_value.txt
                • libfuzzer_oom.txt
                • asan_null_dereference_win_read.txt
                • lsan_single_frame_stacks.txt
                • asan_heap_overflow_write.txt
                • asan_unknown_read.txt
                • ignore_sanitizer.txt
                • ubsan_pointer_overflow.txt
                • rust_oom.txt
                • ubsan_pointer_overflow_null_nonzero_offset.txt
                • gsignal_at_first_stack_frame.txt
                • android_asan_unknown_read.txt
                • asan_unknown_write.txt
                • libfuzzer_overwrites_const_input.txt
                • golang_panic_runtime_error_index_out_of_range_with_msan.txt
                • generic_segv.txt
                • variable_length_write.txt
                • libfuzzer_deadly_signal.txt
                • address_in_state.txt
                • ubsan_invalid_bool_value.txt
                • libfuzzer_fuzz_target_exited.txt
                • ubsan_pointer_overflow_null_zero_offset.txt
                • check_failure_chrome_android2.txt
                • v8_representation_changer_error.txt
                • v8_fatal_error_partial.txt
                • golang_panic_runtime_error_integer_divide_by_zero.txt
                • check_failure_android_media2.txt
                • ubsan_incorrect_function_pointer_type.txt
                • cobalt_check.txt
                • asan_null_dereference_win_write.txt
                • ubsan_divide_by_zero.txt
                • ignore_llvm.txt
                • check_failure_chrome_win.txt
                • assert.txt
                • security_dcheck_failure.txt
                • gdb_sigtrap_and_libfuzzer.txt
                • ignore_asan_warning.txt
                • missing_library_linux.txt
                • v8_check_eq.txt
                • assert_failure_google.txt
                • lsan_direct_leak.txt
                • lsan_indirect_leak_cycle.txt
                • check_failure_with_comparison.txt
                • msan_renderer.txt
                • tsan_data_race.txt
                • stack_filtering.txt
                • sanitizer_signal_abrt_unknown.txt
                • asan_ill_null_address.txt
                • assert_with_panic_keyword.txt
                • ubsan_ill.txt
                • golang_panic_runtime_error_index_out_of_range.txt
                • oom2.txt
                • glib_assert_failure.txt
                • v8_dcheck_symbolized.txt
                • ubsan_object_size.txt
                • asan_double_free.txt
                • cfi_bad_cast.txt
                • v8_javascript_assertion_should_pass.txt
                • asan_fpe.txt
                • ignore_vdso.txt
                • asan_uaf.txt
                • golang_generic_fatal_error_and_asan_abrt.txt
                • assert_in_drt_string.txt
                • asan_invalid_free.txt
                • asan_gsignal.txt
                • msan_browser.txt
                • gdb_sigtrap.txt
                • symbolized_asan_null_dereference.txt
                • ubsan_index_oob.txt
                • asan_null_dereference_write.txt
                • cfi_unrelated_vtable.txt
                • windows_asan_divide_by_zero.txt
                • log_fatal_google.txt
                • ubsan_unknown_logs_error.txt
                • v8_abort_without_source.txt
                • cfi_invalid_vtable.txt
                • check_failure_with_handle_sigill=0.txt
                • ubsan_null_pointer_write.txt
                • asan_bus.txt
                • asan_unknown_crash_write.txt
                • android_asan_null_dereference_write.txt
                • browser_uaf3.txt
                • golang_sigsegv_panic.txt
                • check_failure_with_msan_abrt.txt
                • unknown_module.txt
                • v8_check.txt
                • golang_panic_custom_short_message.txt
                • asan_null_dereference_read.txt
                • ubsan_bad_cast_downcast.txt
                • cdb_read_x64.txt
                • lsan_multiple_leaks.txt
                • rust_assert.txt
                • check_failure_with_string_vs_string.txt
                • kasan_oob_read.txt
                • ubsan_misaligned_address.txt
                • android_asan_unknown_write.txt
                • libfuzzer_llvm_fuzzer_test_one_input_crash.txt
                • oom.txt
                • ignore_libcplusplus.txt
                • security_dcheck_failure_with_abrt.txt
                • asan_container_overflow_read.txt
                • golang_new_crash_type_and_asan_abrt.txt
                • cdb_stack_overflow.txt
                • v8_correctness_failure.txt
                • asan_breakpoint_with_check.txt
                • asan_unknown_win_read.txt
                • oom4.txt
                • asan_assert_failure.txt
                • golang_asan_panic.txt
                • browser_uaf.txt
                • v8_abort_with_source.txt
                • check_failure_with_comparison2.txt
                • asan_stack_overflow3.txt
                • cdb_integer_overflow.txt
                • asan_stack_overflow2.txt
                • cdb_divide_by_zero.txt
                • sanitizer_signal_abrt.txt
                • ubsan_unsigned_integer_overflow.txt
                • android_kernel_no_parens.txt
                • libfuzzer_timeout.txt
            • __init__.py
          • chrome
            • crash_uploader_test.py
            • crash_uploader_data
              • crash_output_to_parse
              • android_crash_stack_output
              • expected_processed_report_bytes
            • build_info_data
              • all.csv
            • build_info_test.py
            • __init__.py
          • base
            • json_utils_test.py
            • utils_test.py
            • external_users_test.py
            • persistent_cache_test.py
            • memoize_test.py
            • untrusted_test.py
            • __init__.py
            • retry_test.py
          • datastore
            • corpus_tagging_test.py
            • data_handler_test.py
            • data_types_test.py
            • __init__.py
            • search_tokenizer_test.py
          • config
            • local_config_data
              • ambiguous
                • a
                  • b.yaml
                • a.yaml
              • bad.yaml
              • a.yaml
              • aa
                • bb
                  • cc.yaml
            • __init__.py
            • local_config_test.py
          • build_management
            • revisions_data
              • srcmap_expected_text.txt
              • clank_expected_html.txt
              • deps_v8_f00d.txt
              • chromium_deps.txt
              • deps_linux_asan_libass_9002.srcmap.json.txt
              • deps_linux_asan_libass_9001.srcmap.json.txt
              • srcmap_expected_html_3.txt
              • chromium_expected_html.txt
              • deps_linux_asan_libass_1337.srcmap.json.txt
              • srcmap_expected_html.txt
              • deps_default_2eca06e8a84ae4db820e2dcb6bd91fe8b7b71b83.txt
              • deps_v8_abcd.txt
              • deps_linux_asan_libass_9003.srcmap.json.txt
              • deps_v8_d00d.txt
              • deps_android_asan_chrome_260552.txt
              • deps_linux_asan_libass_1338.srcmap.json.txt
              • srcmap_expected_html_2.txt
              • deps_default_1d783bc2a3629b94c963debfa3feaee27092dd92.txt
              • chromium_expected_deps_revisions_dict.txt
              • deps_android_asan_chrome_260548.txt
            • build_manager_data
              • rpath_prepend_to_existing
                • app
              • rpath_new
                • app
              • rpath_libfuzzer
                • launcher.py
              • rpath_existing_msan
                • app
            • source_mapper_test.py
            • build_manager_test.py
            • __init__.py
            • revisions_test.py
          • __init__.py
          • google_cloud_utils
            • compute_engine_projects_test.py
            • blobs_test.py
            • pubsub_test.py
            • __init__.py
            • storage_test.py
            • gsutil_test.py
            • big_query_test.py
          • system
            • process_handler_test.py
            • archive_data
              • archive.tar.xz
              • broken-links.tar.xz
              • cwd-prefix.tgz
            • minijail_test.py
            • shell_test.py
            • __init__.py
            • archive_test.py
            • new_process_test.py
            • environment_test.py
          • local
            • butler
              • package_test.py
              • __init__.py
              • scripts
                • __init__.py
                • batcher_test.py
              • deploy_test.py
              • clean_indexes_test.py
              • reproduce_test.py
              • reproduce_tool
                • http_utils_test.py
                • __init__.py
                • config_test.py
            • __init__.py
          • metrics
            • fuzzer_stats_test.py
            • logs_test.py
            • crash_stats_test.py
            • profiler_test.py
            • monitor_test.py
            • __init__.py
            • fuzzer_logs_test.py
          • platforms
            • fuchsia
              • __init__.py
              • device_test.py
            • android
              • battery_test.py
              • app_test.py
              • logger_data
                • check_failure_and_asan_log.txt
                • check_failure_and_asan_log_expected.txt
              • settings_data
                • get_device_codename_output.txt
              • sanitizer_test.py
              • logger_test.py
              • __init__.py
              • settings_test.py
              • adb_test.py
              • sanitizer_data
              • device_test.py
            • __init__.py
          • fuzzing
            • coverage_uploader_test.py
            • leak_blacklist_test.py
            • leak_blacklist_data
              • indirect_before_direct_leak.txt
              • single_direct_leak.txt
              • indirect_before_direct_leak_highlighted.txt
              • multi_direct_leak_expected.txt
              • multi_direct_leak.txt
            • __init__.py
            • corpus_manager_test.py
            • fuzzer_selection_test.py
          • bot
            • tokenizer
              • __init__.py
              • antlr_tokenizer_test.py
            • init_scripts
              • init_runner_test.py
              • mac_test.py
              • __init__.py
              • windows_test.py
            • webserver
              • http_server_test.py
              • __init__.py
            • minimizer
              • base_minimizer_tester.py
              • html_minimizer_test.py
              • js_minimizer_test.py
              • chunk_minimizer_test.py
              • __init__.py
              • delta_minimizer_test.py
            • testcase_manager_test.py
            • fuzzers
              • ml
                • rnn
                  • data
                    • model
                      • rnn.data-00000-of-00001
                      • rnn.index
                    • input
                      • sample_input_05
                      • sample_input_03
                      • sample_input_02
                      • sample_input_01
                      • sample_input_04
                  • __init__.py
                  • ml_rnn_generator_test.py
                • __init__.py
              • engine_common_test.py
              • dictionary_manager_test.py
              • options_test.py
              • utils_test.py
              • mutator_plugin_test.py
              • syzkaller
                • syzkaller_fuzzer_test.py
                • test_data
                  • description
                  • crash.txt
                • __init__.py
                • .gitignore
              • dictionary_manager_data
                • log_with_recommended_dict.txt
                • expected_parsed_recommended_dictionary.txt
                • fake_gcs_recommended_dictionary.txt
                • corrected_dictionary_expected.txt
                • expected_merged_recommended_dictionary.txt
                • example_invalid_dictionary.txt
                • log_with_useless_dict.txt
                • example_corrected_dictionary.txt
                • expected_parsed_useless_dictionary.txt
                • incorrect_dictionary.txt
                • example_correct_dictionary.txt
                • simple_correct_dictionary.txt
              • data
                • seed_corpus.tar.gz
                • seed_corpus_with_subdirectories.zip
                • seed_corpus.zip
              • libFuzzer
                • libfuzzer_test_data
                  • fork_fuzz_log.txt
                  • corpus_crash_with_corpus_subset.txt
                  • go_fork_fuzz_log.txt
                  • corpus_crash.txt
                  • timeout.txt
                  • crash.txt
                  • oom_in_seed_corpus.txt
                  • log_for_dictionary_analysis.txt
                  • merge_step_1.txt
                  • startup_crash.txt
                  • oom_expected.txt
                  • corrupted_stats.txt
                  • no_crash_with_strategies.txt
                  • dictionary_analysis_output.txt
                  • merge_step_2.txt
                  • fake_fuzzer.dict
                  • no_crash.txt
                  • go_fuzz_log.txt
                  • oom.txt
                  • fake_fuzzer.options
                • libfuzzer_stats_test.py
                • libfuzzer_run_test.py
                • data
                  • empty
                  • analyze_dict_fuzzer.cc
                  • test_fuzzer.options
                  • crash_with_A_fuzzer.cc
                  • test_fuzzer.cc
                  • dictionaries
                    • dictionary_from_repository.dict
                    • expected_gcs_only_merged_dictionary.dict
                    • expected_merged_dictionary.dict
                    • fake_gcs_dictionary.dict
                  • aaaa
                  • fuchsia_overlong_crash
                  • fuchsia_corpus
                    • ab
                    • a
                    • abc
                  • test_fuzzer_old.options
                  • android
                    • test_fuzzer.options
                    • always_crash_fuzzer.options
                    • test_fuzzer.dict
                  • always_crash_fuzzer.options
                  • custom_mutator.c
                  • always_crash_fuzzer.cc
                  • test_fuzzer_old.dict
                  • exit_fuzzer.cc
                  • invalid.dict
                  • check_tmp.cc
                  • check_out.cc
                  • test_fuzzer.dict
                  • custom_mutator_plugin-libfuzzer_asan-test_fuzzer_old.zip
                  • crash
                  • corpus_with_some_files
                    • 42
                    • 0000
                    • 9001
                    • analyze_dict_corpus
                    • 123
                    • bb
                    • 456
                    • FFFF
                    • q1w2e3
                    • aa
                    • 1337
                  • fuchsia_crash
                • __init__.py
                • engine_test.py
                • libfuzzer_test.py
                • run_data
                  • build_dir
                    • fake1_fuzzer
                    • fake0_fuzzer.dict
                    • fake0_fuzzer
                    • invalid.filename_fuzzer
                    • fake1_fuzzer.options
                • .gitignore
              • __init__.py
              • builtin_test.py
              • honggfuzz
                • honggfuzz_engine_test.py
                • test_data
                  • empty
                  • test_fuzzer.cc
                  • always_crash_fuzzer.cc
                  • test_fuzzer.dict
                  • crash
                • __init__.py
                • .gitignore
              • afl
                • stats_data
                  • corpus_crash.txt
                  • output
                    • fuzzer_stats
                    • fuzzer_stats_invalid
                  • startup_crash.txt
                  • startup_crash2.txt
                  • unwanted_logging.txt
                  • bad_instrumentation.txt
                  • input
                    • sample.dict
                • afl_launcher_integration_test.py
                • afl_launcher_test.py
                • afl_run_test.py
                • afl_stats_test.py
                • data
                  • empty
                  • easy_crash_fuzzer.cc
                  • afl-plot
                  • afl-whatsup
                  • afl-analyze
                  • test_fuzzer.cc
                  • return_code_255
                  • aaaa
                  • merge_new_corpus
                    • idCOLON000003,nearly_empty_copy
                    • idCOLON000002,unique_cov
                    • idCOLON000000,larger_same_cov_idCOLON000001,non_initial_cov
                    • idCOLON000004,same_cov_254_ascending_and_0xa0xa
                    • idCOLON000001,non_initial_cov
                  • merge_initial_corpus
                    • nearly_empty
                    • 254_ascending_and_0xa0xa
                  • always_crash_fuzzer.cc
                  • afl-gotcpu
                  • return_code_255.cc
                  • afl-tmin
                  • assert_fail.cc
                  • afl-cmin
                  • crash
                  • corpus_with_some_files
                    • 42
                    • 9001
                    • 123
                    • bb
                    • 456
                    • aa
                    • 1337
                  • afl-showmap
                • __init__.py
                • .gitignore
              • builtin_fuzzers_test.py
              • strategy_selection_test.py
            • tasks
              • component_revision_patching_test.py
              • trials_test.py
              • corpus_pruning_task_data
                • fuchsia
                  • AA2
                  • HI!
                  • AA1
                  • H
                • quarantine
                  • B
                • build
                  • test_fuzzer.cc
                  • test_get_libfuzzer_flags.options
                  • test_fuzzer.labels
                • corpus
                  • C2
                  • A
                  • A2
                  • E
                  • C
                • shared
                  • D
              • progression_task_test.py
              • blame_task_test.py
              • commands_test.py
              • corpus_pruning_task_test.py
              • variant_task_test.py
              • component_related_test_data
                • component_revisions_398287.txt
                • component_revisions_400000.txt
                • component_revisions_399171.txt
              • fuzz_task_test.py
              • regression_task_test.py
              • update_task_test.py
              • __init__.py
              • minimize_task_test.py
              • analyze_task_test.py
              • task_creation_test.py
              • ml_train_task_test.py
              • impact_task_test.py
              • setup_test.py
            • __init__.py
            • startup
              • run_test.py
              • run_bot_test.py
              • __init__.py
            • untrusted_runner
              • remote_process_host_test.py
              • build_setup_test.py
              • file_host_test.py
              • test_data
                • test_build
                  • binary
                  • blah.zip
              • remote_process_test.py
              • file_impl_test.py
              • build_setup_host_test.py
              • __init__.py
              • environment_test.py
              • untrusted_runner_integration_test.py
        • appengine
          • libs
            • access_test.py
            • issue_management
              • issue_tracker_utils_test.py
              • monorail
                • monorail_test.py
                • __init__.py
              • issue_tracker_test.py
              • jira
                • jira_test.py
                • __init__.py
              • __init__.py
            • handler_test.py
            • filters_test.py
            • issue_filer_data
              • memory_tools_msan.txt
              • memory_tools_asan_libfuzzer.txt
              • memory_tools_tsan.txt
              • memory_tools_asan_afl.txt
              • memory_tools_msan_libfuzzer.txt
              • memory_tools_asan.txt
              • memory_tools_ubsan.txt
              • memory_tools_asan_lsan.txt
            • request_cache_test.py
            • handler_data
              • auth.yaml
            • query
              • big_query_query_test.py
              • datastore_query_test.py
              • __init__.py
            • form_test.py
            • helpers_test.py
            • __init__.py
            • csp_test.py
            • issue_filer_test.py
            • crash_access_test.py
          • javascripts
            • template.html
            • fake_test.js
          • common
            • __init__.py
            • tasks_test.py
          • handlers
            • download_test.py
            • upload_testcase_test.py
            • performance_report
              • performance_analyzer_data
                • libfuzzer
                  • issue_logs
                    • logging_oom_no_issue.txt
                    • oom_issue.txt
                    • slow_unit_issue.txt
                    • logging_crash_no_issue.txt
                    • startup_crash_issue.txt
                    • logging_recommended_dictionary_no_issue.txt
                    • corpus_subset_no_coverage_speed_issue.txt
                    • logging_sanitizer_warnings_no_issue.txt
                    • speed_issue.txt
                    • coverage_issue.txt
                    • startup_crash_no_issue.txt
                    • logging_few_runs_no_issue.txt
                    • bad_instrumentation_issue.txt
                    • leak_issue.txt
                    • logging_slow_units_no_issue.txt
                    • crash_issue.txt
                    • corpus_subset_crash_issue.txt
                    • no_issue.txt
                    • logging_issue.txt
                    • timeout_issue.txt
                  • report_logs
                    • test_fuzzer_3.txt
                    • test_fuzzer_1.txt
                    • test_fuzzer_2.txt
                  • expected_report.json
              • performance_analyzer_test.py
              • __init__.py
            • testcase_detail
              • update_from_trunk_test.py
              • delete_test.py
              • download_testcase_test.py
              • redo_test.py
              • mark_fixed_test.py
              • mark_unconfirmed_test.py
              • update_issue_test.py
              • show_test.py
              • __init__.py
              • find_similar_issues_test.py
              • mark_security_test.py
              • remove_duplicate_test.py
              • remove_issue_test.py
              • remove_group_test.py
              • create_issue_test.py
            • coverage_report_test.py
            • fuzzer_stats_test.py
            • cron
              • batch_fuzzer_jobs_test.py
              • load_bigquery_stats_test.py
              • fuzz_strategy_selection_test.py
              • fuzzer_coverage_test.py
              • sync_admins_test.py
              • manage_vms_test.py
              • fuzzer_and_job_weights_test.py
              • oss_fuzz_generate_certs_test.py
              • grouper_test.py
              • recurring_tasks_test.py
              • oss_fuzz_build_status_test.py
              • helpers
                • bot_manager_test.py
                • __init__.py
              • project_setup_test.py
              • triage_test.py
              • cleanup_test.py
              • ml_train_test.py
              • service_accounts_test.py
              • __init__.py
              • fuzz_strategy_selection_data
                • multi_armed_bandit_query.json
              • project_setup_data
                • url_results.txt
              • oss_fuzz_apply_ccs_test.py
              • group_leader_test.py
            • home_test.py
            • base_handler_test.py
            • fuzzer_stats_data
              • testFuzzer_None_by-fuzzer_2016-10-20_2016-10-22.txt
              • testFuzzer_1_fuzzer_None_by-job_2016-10-20_2016-10-21.txt
              • testFuzzer_2_fuzzer_job_by-day_2016-10-19_2016-10-21.txt
              • testFuzzer_2_fuzzer_job_by-time_2016-10-19_2016-10-21.txt
              • testFuzzer_job_by-fuzzer_2016-10-20_2016-10-21.txt
              • by_day_expected.txt
              • by_fuzzer_expected_None.txt
              • by_job_expected.txt
              • by_time_expected.txt
              • by_fuzzer_expected.txt
            • issue_redirector_test.py
            • schedule_corpus_pruning_test.py
            • __init__.py
            • testcase_list_test.py
            • jobs_test.py
            • reproduce_tool
              • testcase_info_test.py
              • __init__.py
          • server_test.py
          • __init__.py
      • google_cloud_utils
        • compute_engine.py
        • credentials.py
        • gsutil.py
        • big_query.py
        • compute_metadata.py
        • pubsub.py
        • compute_engine_projects.py
        • __init__.py
        • storage.py
        • blobs.py
      • scripts
        • build_msan_libs.py
        • other-bots
          • chromium-builder
            • run.py
            • build_helper.sh
          • chromium-tests-syncer
            • run.py
        • copy_corpus.py
      • system
        • archive.py
        • BUILD.bazel
        • shell.py
        • minijail.py
        • new_process.py
        • __init__.py
        • process_handler.py
        • environment.py
      • metrics
        • fuzzer_logs.py
        • BUILD.bazel
        • monitor.py
        • monitoring_metrics.py
        • fuzzer_stats.py
        • fuzzer_stats_schema.py
        • profiler.py
        • __init__.py
        • crash_stats.py
        • logs.py
      • platforms
        • fuchsia
          • util
            • fuzzer.py
            • host.py
            • __init__.py
            • process.py
            • device.py
          • __init__.py
          • errors.py
          • device.py
        • mac
          • __init__.py
          • gestures.py
        • android
          • app.py
          • wifi.py
          • sanitizer.py
          • adb.py
          • ui.py
          • battery.py
          • constants.py
          • logger.py
          • flash.py
          • __init__.py
          • settings.py
          • gestures.py
          • fetch_artifact.py
          • device.py
        • windows
          • __init__.py
          • gestures.py
        • linux
          • __init__.py
          • gestures.py
        • __init__.py
        • chromeos
          • __init__.py
      • fuzzing
        • fuzzer_selection.py
        • corpus_manager.py
        • gesture_handler.py
        • leak_blacklist.py
        • coverage_uploader.py
        • __init__.py
        • strategy.py
      • bot
        • tokenizer
          • antlr_tokenizer.py
          • __init__.py
          • grammars
            • HTMLLexer.tokens
            • JavaScriptLexer.g4
            • JavaScriptLexer.py
            • HTMLLexer.interp
            • JavaScriptLexer.tokens
            • JavaScriptLexer.interp
            • __init__.py
            • README.md
            • HTMLLexer.py
            • JavaScriptBaseLexer.py
            • HTMLLexer.g4
        • testcase_manager.py
        • init_scripts
          • linux.py
          • mac.py
          • windows.py
          • chromeos.py
          • android.py
          • __init__.py
          • fuchsia.py
          • init_runner.py
        • webserver
          • http_server.py
          • __init__.py
        • minimizer
          • run.py
          • js_minimizer.py
          • chunk_minimizer.py
          • minimizer.py
          • basic_minimizers.py
          • delta_minimizer.py
          • html_minimizer.py
          • __init__.py
          • utils.py
          • errors.py
        • fuzzers
          • init.py
          • ml
            • rnn
              • generator.py
              • generate.py
              • constants.py
              • train.py
              • __init__.py
              • README.md
              • utils.py
            • __init__.py
          • engine.py
          • dictionary_manager.py
          • mutator_plugin.py
          • libfuzzer.py
          • options.py
          • builtin.py
          • syzkaller
            • engine.py
            • config.py
            • constants.py
            • __init__.py
            • runner.py
          • libFuzzer
            • engine.py
            • peach
              • pits.py
              • __init__.py
            • fuzzer.py
            • stats.py
            • constants.py
            • __init__.py
          • engine_common.py
          • __init__.py
          • utils.py
          • bin
            • mac
            • linux
          • honggfuzz
            • engine.py
            • __init__.py
          • afl
            • launcher.py
            • fuzzer.py
            • stats.py
            • constants.py
            • strategies.py
            • __init__.py
          • strategy_selection.py
          • builtin_fuzzers.py
        • tasks
          • unpack_task.py
          • update_task.py
          • regression_task.py
          • blame_task.py
          • fuzz_task.py
          • symbolize_task.py
          • ml_train_task.py
          • minimize_task.py
          • variant_task.py
          • analyze_task.py
          • upload_reports_task.py
          • corpus_pruning_task.py
          • setup.py
          • progression_task.py
          • commands.py
          • trials.py
          • __init__.py
          • impact_task.py
          • task_creation.py
        • __init__.py
        • startup
          • run.py
          • run_heartbeat.py
          • heartbeat.py
          • run_bot.py
          • __init__.py
        • untrusted_runner
          • build_setup_host.py
          • untrusted.py
          • file_impl.py
          • corpus_manager.py
          • config.py
          • tasks_host.py
          • file_host.py
          • remote_process.py
          • file_utils.py
          • host.py
          • __init__.py
          • remote_process_host.py
          • symbolize_host.py
          • symbolize.py
          • build_setup.py
          • tasks_impl.py
          • protobuf_utils.py
          • environment.py
    • __init__.py
    • local
      • butler
        • package.py
        • run.py
        • integration_tests.py
        • lint.py
        • deploy.py
        • bootstrap.py
        • py_unittest.py
        • appengine.py
        • reproduce.py
        • guard.py
        • constants.py
        • run_bot.py
        • run_server.py
        • js_unittest.py
        • remote.py
        • common.py
        • __init__.py
        • create_config.py
        • scripts
          • batcher.py
          • attribute_builder.py
          • migration
            • README.md
          • build_attributes.py
          • setup.py
          • __init__.py
        • reproduce_tool
          • prompts.py
          • config.py
          • http_utils.py
          • android.py
          • __init__.py
          • errors.py
        • format.py
        • clean_indexes.py
      • remote
        • handlers
          • linux.py
          • mac.py
          • posix.py
          • windows.py
          • __init__.py
          • android_chrome_lab.py
        • windows.remmina
        • __init__.py
        • utils.py
        • extract_zip.ps1
      • __init__.py
    • requirements.txt
    • appengine
      • resources
        • favicon
          • browserconfig.xml
          • favicon.ico
          • manifest.json
      • libs
        • handler.py
        • form.py
        • issue_management
          • monorail
            • issue.py
            • credential_storage.py
            • issue_tracker_manager.py
            • comment.py
            • __init__.py
          • jira
            • issue_tracker_manager.py
            • __init__.py
          • issue_filer.py
          • issue_tracker_policy.py
          • issue_tracker.py
          • __init__.py
          • issue_tracker_utils.py
        • mail.py
        • access.py
        • query
          • __init__.py
          • datastore_query.py
          • big_query_query.py
          • base.py
        • gcs.py
        • filters.py
        • crash_access.py
        • __init__.py
        • auth.py
        • csp.py
        • crash_stats.py
        • request_cache.py
        • helpers.py
      • server.py
      • handlers
        • coverage_report.py
        • performance_report
          • show.py
          • constants.py
          • __init__.py
          • performance_analyzer.py
        • revisions_info.py
        • testcase_detail
          • redo.py
          • show.py
          • mark_security.py
          • mark_fixed.py
          • find_similar_issues.py
          • update_from_trunk.py
          • remove_duplicate.py
          • remove_group.py
          • testcase_variants.py
          • __init__.py
          • create_issue.py
          • crash_stats.py
          • delete.py
          • download_testcase.py
          • remove_issue.py
          • update_issue.py
          • mark_unconfirmed.py
        • upload_testcase.py
        • testcase_list.py
        • corpora.py
        • issue_redirector.py
        • download.py
        • fuzzer_stats.py
        • cron
          • corpus_backup.py
          • project_setup.py
          • fuzzer_and_job_weights.py
          • load_bigquery_stats.py
          • cleanup.py
          • group_leader.py
          • build_crash_stats.py
          • helpers
            • __init__.py
            • bot_manager.py
          • triage.py
          • manage_vms.py
          • service_accounts.py
          • ml_train.py
          • predator_pull.py
          • sync_admins.py
          • schedule_corpus_pruning.py
          • backup.py
          • batch_fuzzer_jobs.py
          • oss_fuzz_apply_ccs.py
          • recurring_tasks.py
          • __init__.py
          • grouper.py
          • fuzz_strategy_selection.py
          • oss_fuzz_generate_certs.py
          • fuzzer_coverage.py
          • oss_fuzz_build_status.py
        • domain_verifier.py
        • fuzzers.py
        • base_handler.py
        • report_csp_failure.py
        • bots.py
        • home.py
        • __init__.py
        • viewer.py
        • configuration.py
        • commit_range.py
        • login.py
        • crash_stats.py
        • jobs.py
        • help_redirector.py
        • reproduce_tool
          • get_config.py
          • testcase_info.py
          • __init__.py
        • gcs_redirector.py
      • private
        • javascripts
          • error.js
          • test-helpers.js
        • templates
          • upload.html
          • message.html
          • fuzzer-stats.html
          • error.html
          • revisions-info.html
          • commit_range.html
          • jobs.html
          • viewer.html
          • oss-fuzz-home.html
          • test.html
          • testcase-list.html
          • configuration.html
          • layout.html
          • layout-with-toolbar.html
          • corpora.html
          • testcase-detail.html
          • fuzzers.html
          • bots.html
          • performance-report.html
          • error-403.html
          • login.html
          • crash-stats.html
        • components
          • upload-testcase
            • upload-form.html
            • upload-testcase.html
          • configuration
            • configuration.html
          • crash-stats
            • search-control-panel.html
            • date-time-picker.html
            • crash-stats.html
          • testcase-detail
            • collapsable-revisions.html
            • crash-stacktrace.html
            • test
              • collapsable-revisions.html
              • crash-stacktrace.html
              • find-similar-issues-panel.html
              • update-issue-dialog.html
              • create-issue-dialog.html
              • redo-dialog.html
              • delete-dialog.html
              • suspected-cls.html
              • refresh-button.html
            • find-similar-issues-panel.html
            • testcase-variants.html
            • update-issue-dialog.html
            • create-issue-dialog.html
            • redo-dialog.html
            • delete-dialog.html
            • testcase-detail.html
            • suspected-cls.html
            • refresh-button.html
            • crash-stats.html
          • common
            • ajax-dialog
              • ajax-dialog.html
              • test
                • ajax-dialog.html
            • page-title
              • page-title.html
            • impact-button
              • impact-button.html
            • paginated-list
              • query.js
              • paginated-list.html
              • test
                • paginated-list.html
                • query.html
                • storage.html
                • pagination-control-panel.html
              • storage.js
              • pagination-control-panel.html
            • confirm-dialog
              • confirm-dialog.html
              • test
                • confirm-dialog.html
            • if-else
              • test
                • if-else.html
              • if-else.html
            • date-time-picker-style
              • date-time-picker-style.html
            • render-either
              • test
                • render-either.html
              • render-either.html
          • commit-range-list
            • search-control-panel.html
            • commit-range-list.html
          • performance-report
            • performance-report.html
          • fuzzers-page
            • edit-form.html
            • fuzzers-page.html
            • delete-dialog.html
          • oss-fuzz-home
            • oss-fuzz-home.html
          • testcase-list
            • search-control-panel.html
            • test
              • search-control-panel.html
              • testcase-list.html
            • testcase-list.html
          • jobs
            • delete-job-dialog.html
            • jobs.html
          • revisions-info
            • revisions-info.html
          • crash-stats-chart
            • crash-stats-header.html
            • crash-stats-chart.html
          • corpora-page
            • corpora-page.html
          • bots
            • bots-list.html
          • technology
            • technology.css
            • technology.html
          • fuzzer-stats
            • fuzzer-stats.html
            • date-picker.html
            • stats-results.html
            • settings-panel.html
        • test.html
        • stylesheets
          • main.css
          • error.css
      • .gcloudignore
      • __init__.py
      • main.py
      • index.yaml
      • requirements.txt
  • resources
    • platform
      • mac
      • android
        • third_party
          • asan_device_setup.sh
        • wifi_util.apk
        • user_account_setup.apk
      • windows
      • linux
        • peach
          • pits
            • JPEG2000.xml
            • PDF.xml
            • PCAP.xml
            • MP4.xml
            • ASF.xml
            • ELF.xml
            • README.md
            • JPEG.xml
            • MP3.xml
        • radamsa
          • README.md
          • mutator.patch
        • chrpath
    • firefox
      • fuzzPriv-extension.zip
  • .coveragerc
  • bower.json
  • butler.py
  • LICENSE
  • Pipfile
  • CONTRIBUTING.md
  • CHANGELOG.md
  • .pylintrc
  • docker
    • high-end
      • Dockerfile
    • fuchsia
      • start.sh
      • Dockerfile
    • build_on_container_builder.sh
    • base
      • start_clusterfuzz.sh
      • setup_clusterfuzz.sh
      • setup_mock_metadata.sh
      • setup_nfs.sh
      • clusterfuzz-fluentd.conf
      • setup_common.sh
      • start.sh
      • Dockerfile
      • .gitignore
    • ml-with-gpu
      • Dockerfile
    • oss-fuzz
      • host-high-end
        • Dockerfile
      • base
        • start.sh
        • Dockerfile
      • host
        • start_host.py
        • Dockerfile
      • worker
        • Dockerfile
    • chromium
      • high-end
        • Dockerfile
      • builder
        • setup_gerrit.sh
        • setup_depot_tools.sh
        • start.sh
        • Dockerfile
      • base
        • setup_x.sh
        • start.sh
        • Dockerfile
        • setup.sh
      • ml-with-gpu
        • Dockerfile
      • tests-syncer
        • setup_gerrit.sh
        • setup_depot_tools.sh
        • start.sh
        • Dockerfile
      • python-profiler
        • Dockerfile
    • README.md
    • cloudbuild.yaml
    • ci
      • setup
      • deploy
      • Dockerfile
    • build.sh
  • .style.yapf
  • .bowerrc
  • Pipfile.lock
  • configs
    • test
      • pubsub
        • queues.yaml
        • queue.jinja
      • monitoring
        • alerts.yaml
        • regions.yaml
        • dashboard.yaml
      • redis
        • instance.yaml
        • memorystore-instance.jinja
      • gce
        • windows-init.ps1
        • clusters.yaml
        • linux-init.yaml
        • linux-init-ml-with-gpu.yaml
        • android-init.bash
      • issue_trackers
        • config.yaml
      • bigquery
        • datasets.yaml
        • engine_stats.jinja
      • project.yaml
      • suppressions
        • tsan_suppressions.txt
        • ubsan_ignores.txt
        • lsan_suppressions.txt
        • ubsan_suppressions.txt
      • gae
        • config.yaml
        • auth.yaml
        • cors.json
        • prod3
          • cron.yaml
          • app.yaml
          • cron-service.yaml
        • staging3
          • staging.yaml
      • bot
        • init
          • mac.bash
          • linux.bash
          • fuchsia.bash
          • README.md
          • android.bash
          • android_kernel.bash
          • windows.ps1
          • chromeos.bash
        • setup
          • mac.bash
          • linux.bash
          • README.md
          • android.bash
  • .travis.yml
  • README.md
  • cloudbuild.yaml
  • local
    • run_docker.bash
    • run_metadata.bash
    • install_deps.bash
    • emulators
      • gcs.go
      • metadata.go
    • Brewfile
    • install_deps_linux.bash
    • install_deps_macos.bash
    • run_ci.sh
    • README.md
    • tests
      • run_js_tests
      • run_all_tests
      • run_tests
      • run_afl_tests
      • run_untrusted_test
      • run_reproduce_tool_tests
      • travis_build.bash
    • bin
    • polymer_bundler.py
    • blobs_cors.json
  • reproduce.sh
  • .gitignore
  • docs
    • production-setup
      • build_pipeline.md
      • setting_up_bots.md
      • production_setup.md
      • clusterfuzz.md
      • setting_up_a_fuzzing_job.md
    • _config.yml
    • Gemfile
    • images
    • clusterfuzz
      • architecture.md
    • getting-started
      • prerequisites.md
      • local_instance.md
      • getting_started.md
    • index.md
    • favicon.ico
    • Gemfile.lock
    • contributing-code
      • source_code.md
      • staging_changes.md
      • contributing_code.md
      • running_unit_tests.md
    • 404.html
    • reference
      • coverage_guided_vs_blackbox.md
      • glossary.md
      • FAQ.md
      • reference.md
      • job_definition.md
    • README.md
    • setting-up-fuzzing
      • build_afl.bash
      • libfuzzer_and_afl.md
      • blackbox_fuzzing.md
      • heartbleed
        • server.key
        • server.pem
        • handshake-fuzzer.cc
      • setting_up_fuzzing.md
      • heartbleed_example.md
    • using-clusterfuzz
      • ui-overview
        • ui_overview.md
      • advanced-features
        • access_control.md
        • advanced_features.md
        • code_coverage.md
      • using_clusterfuzz.md
      • workflows
        • workflows.md
        • fixing-a-bug.md
        • uploading-a-testcase.md
        • triaging-new-crashes.md
        • analyzing-fuzzer-performance.md
    • .gitignore
    • assets
      • js
        • search-data.json
  • bot
    • tmp
      • README.md
    • env.yaml
    • inputs
      • mutator-plugins
        • README.md
      • images
        • README.md
      • user-profile-dirs
        • README.md
      • data-bundles
        • README.md
      • crash-stacks
        • README.md
      • fuzzers
        • README.md
      • fuzzer-testcases-disk
        • README.md
      • fuzzer-common-data-bundles
        • README.md
      • fuzzer-testcases
        • README.md
      • symbols
        • README.md
    • build-urls
      • README.md
    • cache
      • README.md
    • builds
      • README.md
    • logs
      • README.md

ClusterFuzz

ClusterFuzz is a scalable fuzzing infrastructure that finds security and stability issues in software.

Google uses ClusterFuzz to fuzz the Chrome Browser and as the fuzzing backend for OSS-Fuzz.

ClusterFuzz provides many features which help seamlessly integrate fuzzing into a software project's development process:

• Highly scalable. Google's internal instance runs on over 25,000 machines.
• Accurate deduplication of crashes.
• Fully automatic bug filing and closing for issue trackers (Monorail only for now).
• Testcase minimization.
• Regression finding through bisection.
• Statistics for analyzing fuzzer performance, and crash rates.
• Easy to use web interface for management and viewing crashes.
• Firebase authentication.
• Support for coverage guided fuzzing (e.g. libFuzzer and AFL) and blackbox fuzzing.

Overview

Documentation

You can find detailed documentation here.

Trophies

As of January 2019, ClusterFuzz has found ~16,000 bugs in Chrome and ~11,000 bugs in over 160 open source projects integrated with OSS-Fuzz.

Getting Help

You can file an issue to ask questions, request features, or ask for help.

Staying Up to Date

We will use clusterfuzz-announce(#)googlegroups.com to make announcements about ClusterFuzz.