MCPcopy
hub / github.com/google/clusterfuzz

github.com/google/clusterfuzz @v2.33.11 sqlite

repository ↗ · DeepWiki ↗ · release v2.33.11 ↗
9,674 symbols 31,621 edges 751 files 7,755 documented · 80%
README

ClusterFuzz

OpenSSF Scorecard

ClusterFuzz is a scalable fuzzing infrastructure that finds security and stability issues in software.

Google uses ClusterFuzz to fuzz all Google products and as the fuzzing backend for OSS-Fuzz.

ClusterFuzz provides many features which help seamlessly integrate fuzzing into a software project's development process: - Highly scalable. Can run on any size cluster (e.g. OSS-Fuzz instance runs on 100,000 VMs). - Accurate deduplication of crashes. - Fully automatic bug filing, triage and closing for various issue trackers (e.g. Monorail, Jira). - Supports multiple coverage guided fuzzing engines (libFuzzer, AFL, AFL++ and Honggfuzz) for optimal results (with ensemble fuzzing and fuzzing strategies). - Support for blackbox fuzzing. - Testcase minimization. - Regression finding through bisection. - Statistics for analyzing fuzzer performance, and crash rates. - Easy to use web interface for management and viewing crashes. - Support for various authentication providers using Firebase.

Overview

Documentation

You can find detailed documentation here.

Trophies

As of February 2023, ClusterFuzz has found ~27,000 bugs in Google (e.g. Chrome). Additionally, ClusterFuzz has helped identify and fix over 8,900 vulnerabilities and 28,000 bugs across 850 projects integrated with OSS-Fuzz.

Getting Help

You can file an issue to ask questions, request features, or ask for help.

Staying Up to Date

We will use clusterfuzz-announce(#)googlegroups.com to make announcements about ClusterFuzz.

ClusterFuzzLite

For a more lightweight version of ClusterFuzz that runs on CI/CD systems, check out ClusterFuzzLite.

Core symbols most depended-on inside this repo

put
called by 942
src/clusterfuzz/_internal/base/memoize.py
write
called by 860
src/clusterfuzz/_internal/crash_analysis/stack_parsing/stack_symbolizer.py
append
called by 506
src/clusterfuzz/_internal/issue_management/monorail/issue.py
error
called by 459
butler.py
id
called by 447
src/clusterfuzz/_internal/issue_management/issue_tracker.py
set_value
called by 338
src/clusterfuzz/environment/__init__.py
query
called by 299
src/clusterfuzz/_internal/google_cloud_utils/big_query.py
exists
called by 249
src/clusterfuzz/_internal/build_management/build_manager.py

Shape

Method 5,465
Function 2,718
Class 1,273
Route 213
Struct 5

Languages

Python100%
Go1%
TypeScript1%

Modules by API surface

src/clusterfuzz/_internal/tests/core/crash_analysis/stack_parsing/stack_analyzer_test.py276 symbols
src/clusterfuzz/_internal/tests/appengine/handlers/cron/cleanup_test.py160 symbols
src/clusterfuzz/_internal/google_cloud_utils/storage.py141 symbols
src/clusterfuzz/_internal/tests/core/bot/tasks/utasks/fuzz_task_test.py113 symbols
src/clusterfuzz/_internal/tests/core/base/utils_test.py108 symbols
src/clusterfuzz/_internal/tests/core/build_management/build_manager_test.py105 symbols
src/clusterfuzz/_internal/bot/tasks/utasks/fuzz_task.py103 symbols
src/clusterfuzz/_internal/metrics/fuzzer_stats.py97 symbols
src/clusterfuzz/_internal/system/environment.py96 symbols
src/clusterfuzz/_internal/datastore/data_types.py95 symbols
src/clusterfuzz/_internal/build_management/build_manager.py87 symbols
src/clusterfuzz/_internal/tests/core/datastore/data_handler_test.py86 symbols

Dependencies from manifests, versioned

docker
google
google-auth

For agents

$ claude mcp add clusterfuzz \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact