oss-fuzz/docs/clusterfuzz.md

1.8 KiB

ClusterFuzz

ClusterFuzz is the distributed fuzzing infrastructure behind OSS-Fuzz. It was initially built for fuzzing Chrome at scale.

Web interface

ClusterFuzz provides a web interface to view statistics about your fuzz targets, as well as current crashes.

Note: Access is restricted to project developers who we auto CC on new bug reports.

Testcase reports

ClusterFuzz will automatically de-duplicate and file reproducible crashes into our bug tracker. We provide a crash report page that gives you the stack trace, a link to the crashing testcase, and regression ranges where the bug was most likely introduced.

report

Fuzzer stats

You can view statistics about your fuzz targets (e.g. speed, coverage information, memory usage) on our fuzzer statistics dashboard.

stats

Coverage reports

We provide coverage reports, where we highlight the parts of source code that are being reached by your fuzz target. Make sure to look at the uncovered code marked in red and add appropriate fuzz targets to cover those usecases.

coverage_1 coverage_2

Performance analyzer

You can view performance issues that your fuzz target is running into (e.g. leaks, timeouts, etc) by clicking on Performance link on our fuzzer statistics dashboard. Make sure to fix all cited issues, so as to keep your fuzz target running efficiently and finding new bugs.

performance_analyzer

Crash stats

You can view statistics of crashes over time on our crash statistics dashboard.

crash_stats