Rename EngineOutput to FuzzerRunOutput in uworker_msg and fuzz_task#5310
Merged
Conversation
PauloVLB
force-pushed
the
defer-fuzzer-logs-pr1
branch
from
d14ddb0 to
7f3fcba
Compare
javanlacerda
approved these changes
Jun 8, 2026
javanlacerda
left a comment
javanlacerda
left a comment
Collaborator
There was a problem hiding this comment.
LGTM. That's a great improvement, thanks!
PauloVLB
added a commit
that referenced
this pull request
Jun 10, 2026
This PR depends on #5310, which must be merged first. Bug: b/487905050 ## Changes Implement deferred blackbox logging and GCS bypass. This PR: 1. Refactors `upload_testcase` in `testcase_manager.py` by extracting fuzzer testcase file reading logic into a new helper function `read_testcase_data`. 2. Intercepts fuzzer execution logs and crash testcases on untrusted bots (inside `testcase_manager.py`) and packages them into the `FuzzerRunResult` queue payload instead of writing directly to GCS. 3. Updates `fuzz_task.py` to read these packaged logs from the queue on the trusted bot and upload them to GCS in postprocess. 4. Simplifies the postprocess upload loops and adds tests. ### Tests Results All unit tests in `fuzz_task_test.py` and `testcase_manager_test.py` run and pass locally. ## Evidence in dev ### Full task flow These logs show the successful execution of the trusted -> untrusted -> trusted flow of a blackbox fuzzing session in the dev environment with these changes. The log queries used: * https://cloudlogging.app.goo.gl/YL1tMBYzeWSJA1ty5 * https://cloudlogging.app.goo.gl/MXszfcKgTQNg8KEb8 > Note: The `task_id` is highlighted in green. 1. Preprocess, which has no significant changes in this PR: <img width="2007" height="219" alt="image" src="https://github.com/user-attachments/assets/1e875b00-f69e-44ee-bded-9e047dda4408" /> 2. During execution, each parallel fuzzer run enqueues its result inside the worker thread while the main process dequeues it: <img width="2069" height="602" alt="image" src="https://github.com/user-attachments/assets/a26a7985-29ad-4062-9282-1d9dcc6cf602" /> 3. Finally, in postprocess, the trusted bot uploads the fuzzer execution data received from the worker stage: <img width="1971" height="304" alt="image" src="https://github.com/user-attachments/assets/1b23620b-fdf1-45ef-9dab-c10b702dea52" /> ### The uploaded logs in GCS To verify that logs were uploaded successfully to GCS under the correct paths, we checked the corresponding job (`linux_asan_d8_dbg`) and fuzzer (`binaryen_wasm_fuzzer`), as shown in the image below: <img width="368" height="309" alt="image" src="https://github.com/user-attachments/assets/93c43c31-2af9-4910-ab2d-343a205ab7f2" /> * Uploaded Log File Path: [GCS Link](https://pantheon.corp.google.com/storage/browser/clusterfuzz-fuzz-logs-dev/binaryen_wasm_fuzzer/linux_asan_d8_dbg/2026-06-03?pageState=(%22StorageObjectListTable%22:(%22f%22:%22%255B%255D%22,%22s%22:%5B(%22i%22:%22displayName%22,%22s%22:%221%22)%5D))&e=-13802955&mods=logs_tg_prod&project=clusterfuzz-development&prefix=&forceOnObjectsSortingFiltering=false)
IvanBM18
pushed a commit
that referenced
this pull request
Jun 10, 2026
…5310) This PR is related to #5311, which contains the core implementation and full context. Bug: b/487905050 ## Changes Renames the `EngineOutput` protobuf message to `FuzzerRunOutput` and the `engine_outputs` field to `fuzzer_run_outputs`. This generalizes the uworker interface to support deferred logging for both engine-based and blackbox fuzzers. Updates the internal helper functions and variables in `fuzz_task.py` to compile against the new types. This is a syntactic change that only updates the protobuf structure and its references. It does not change any execution or upload logic.
IvanBM18
pushed a commit
that referenced
this pull request
Jun 10, 2026
This PR depends on #5310, which must be merged first. Bug: b/487905050 ## Changes Implement deferred blackbox logging and GCS bypass. This PR: 1. Refactors `upload_testcase` in `testcase_manager.py` by extracting fuzzer testcase file reading logic into a new helper function `read_testcase_data`. 2. Intercepts fuzzer execution logs and crash testcases on untrusted bots (inside `testcase_manager.py`) and packages them into the `FuzzerRunResult` queue payload instead of writing directly to GCS. 3. Updates `fuzz_task.py` to read these packaged logs from the queue on the trusted bot and upload them to GCS in postprocess. 4. Simplifies the postprocess upload loops and adds tests. ### Tests Results All unit tests in `fuzz_task_test.py` and `testcase_manager_test.py` run and pass locally. ## Evidence in dev ### Full task flow These logs show the successful execution of the trusted -> untrusted -> trusted flow of a blackbox fuzzing session in the dev environment with these changes. The log queries used: * https://cloudlogging.app.goo.gl/YL1tMBYzeWSJA1ty5 * https://cloudlogging.app.goo.gl/MXszfcKgTQNg8KEb8 > Note: The `task_id` is highlighted in green. 1. Preprocess, which has no significant changes in this PR: <img width="2007" height="219" alt="image" src="https://github.com/user-attachments/assets/1e875b00-f69e-44ee-bded-9e047dda4408" /> 2. During execution, each parallel fuzzer run enqueues its result inside the worker thread while the main process dequeues it: <img width="2069" height="602" alt="image" src="https://github.com/user-attachments/assets/a26a7985-29ad-4062-9282-1d9dcc6cf602" /> 3. Finally, in postprocess, the trusted bot uploads the fuzzer execution data received from the worker stage: <img width="1971" height="304" alt="image" src="https://github.com/user-attachments/assets/1b23620b-fdf1-45ef-9dab-c10b702dea52" /> ### The uploaded logs in GCS To verify that logs were uploaded successfully to GCS under the correct paths, we checked the corresponding job (`linux_asan_d8_dbg`) and fuzzer (`binaryen_wasm_fuzzer`), as shown in the image below: <img width="368" height="309" alt="image" src="https://github.com/user-attachments/assets/93c43c31-2af9-4910-ab2d-343a205ab7f2" /> * Uploaded Log File Path: [GCS Link](https://pantheon.corp.google.com/storage/browser/clusterfuzz-fuzz-logs-dev/binaryen_wasm_fuzzer/linux_asan_d8_dbg/2026-06-03?pageState=(%22StorageObjectListTable%22:(%22f%22:%22%255B%255D%22,%22s%22:%5B(%22i%22:%22displayName%22,%22s%22:%221%22)%5D))&e=-13802955&mods=logs_tg_prod&project=clusterfuzz-development&prefix=&forceOnObjectsSortingFiltering=false)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR is related to #5311, which contains the core implementation and full context.
Bug: b/487905050
Changes
Renames the
EngineOutputprotobuf message toFuzzerRunOutputand theengine_outputsfield tofuzzer_run_outputs. This generalizes the uworker interface to support deferred logging for both engine-based and blackbox fuzzers.Updates the internal helper functions and variables in
fuzz_task.pyto compile against the new types.This is a syntactic change that only updates the protobuf structure and its references. It does not change any execution or upload logic.