Skip to content

Defer fuzzer logs to postprocess#5311

Merged
PauloVLB merged 1 commit into
masterfrom
defer-fuzzer-logs-pr2
Jun 10, 2026
Merged

Defer fuzzer logs to postprocess#5311
PauloVLB merged 1 commit into
masterfrom
defer-fuzzer-logs-pr2

Conversation

@PauloVLB

@PauloVLB PauloVLB commented Jun 3, 2026
edited
Loading

Copy link
Copy Markdown
Collaborator

This PR depends on #5310, which must be merged first.
Bug: b/487905050

Changes

Implement deferred blackbox logging and GCS bypass.

This PR:

  1. Refactors upload_testcase in testcase_manager.py by extracting fuzzer testcase file reading logic into a new helper function read_testcase_data.
  2. Intercepts fuzzer execution logs and crash testcases on untrusted bots (inside testcase_manager.py) and packages them into the FuzzerRunResult queue payload instead of writing directly to GCS.
  3. Updates fuzz_task.py to read these packaged logs from the queue on the trusted bot and upload them to GCS in postprocess.
  4. Simplifies the postprocess upload loops and adds tests.

Tests Results

All unit tests in fuzz_task_test.py and testcase_manager_test.py run and pass locally.

Evidence in dev

Full task flow

These logs show the successful execution of the trusted -> untrusted -> trusted flow of a blackbox fuzzing session in the dev environment with these changes.

The log queries used:

Note: The task_id is highlighted in green.

  1. Preprocess, which has no significant changes in this PR:
image
  1. During execution, each parallel fuzzer run enqueues its result inside the worker thread while the main process dequeues it:
image
  1. Finally, in postprocess, the trusted bot uploads the fuzzer execution data received from the worker stage:
image

The uploaded logs in GCS

To verify that logs were uploaded successfully to GCS under the correct paths, we checked the corresponding job (linux_asan_d8_dbg) and fuzzer (binaryen_wasm_fuzzer), as shown in the image below:

image

@PauloVLB PauloVLB mentioned this pull request Jun 3, 2026
Merged
@PauloVLB PauloVLB changed the title Defer fuzzer logs pr2 Defer fuzzer logs to postprocess Jun 3, 2026
@PauloVLB PauloVLB marked this pull request as ready for review June 3, 2026 19:56
@PauloVLB PauloVLB requested a review from a team as a code owner June 3, 2026 19:56
@PauloVLB PauloVLB requested a review from javanlacerda June 3, 2026 19:56
@PauloVLB PauloVLB force-pushed the defer-fuzzer-logs-pr2 branch from 93813af to 5651148 Compare June 8, 2026 17:35
javanlacerda
javanlacerda approved these changes Jun 8, 2026
View reviewed changes

@javanlacerda javanlacerda left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

PauloVLB added a commit that referenced this pull request Jun 10, 2026
@PauloVLB
Rename EngineOutput to FuzzerRunOutput in uworker_msg and fuzz_task (#…
177c531 
…5310)

This PR is related to #5311, which contains the core implementation and
full context.
Bug: b/487905050


## Changes
Renames the `EngineOutput` protobuf message to `FuzzerRunOutput` and the
`engine_outputs` field to `fuzzer_run_outputs`. This generalizes the
uworker interface to support deferred logging for both engine-based and
blackbox fuzzers.

Updates the internal helper functions and variables in `fuzz_task.py` to
compile against the new types.

This is a syntactic change that only updates the protobuf structure and
its references. It does not change any execution or upload logic.
@PauloVLB PauloVLB force-pushed the defer-fuzzer-logs-pr2 branch from 5651148 to 21eaba8 Compare June 10, 2026 13:19
@PauloVLB PauloVLB merged commit 787e77d into master Jun 10, 2026
14 checks passed
@PauloVLB PauloVLB deleted the defer-fuzzer-logs-pr2 branch June 10, 2026 13:55
IvanBM18 pushed a commit that referenced this pull request Jun 10, 2026
@PauloVLB @IvanBM18
Rename EngineOutput to FuzzerRunOutput in uworker_msg and fuzz_task (#…
b33757d 
…5310)

This PR is related to #5311, which contains the core implementation and
full context.
Bug: b/487905050


## Changes
Renames the `EngineOutput` protobuf message to `FuzzerRunOutput` and the
`engine_outputs` field to `fuzzer_run_outputs`. This generalizes the
uworker interface to support deferred logging for both engine-based and
blackbox fuzzers.

Updates the internal helper functions and variables in `fuzz_task.py` to
compile against the new types.

This is a syntactic change that only updates the protobuf structure and
its references. It does not change any execution or upload logic.
IvanBM18 pushed a commit that referenced this pull request Jun 10, 2026
@PauloVLB @IvanBM18
Defer fuzzer logs to postprocess (#5311)
cfe09d3 
This PR depends on #5310, which must be merged first.
Bug: b/487905050


## Changes
Implement deferred blackbox logging and GCS bypass. 

This PR:
1. Refactors `upload_testcase` in `testcase_manager.py` by extracting
fuzzer testcase file reading logic into a new helper function
`read_testcase_data`.
2. Intercepts fuzzer execution logs and crash testcases on untrusted
bots (inside `testcase_manager.py`) and packages them into the
`FuzzerRunResult` queue payload instead of writing directly to GCS.
3. Updates `fuzz_task.py` to read these packaged logs from the queue on
the trusted bot and upload them to GCS in postprocess.
4. Simplifies the postprocess upload loops and adds tests.

### Tests Results
All unit tests in `fuzz_task_test.py` and `testcase_manager_test.py` run
and pass locally.

## Evidence in dev

### Full task flow 

These logs show the successful execution of the trusted -> untrusted ->
trusted flow of a blackbox fuzzing session in the dev environment with
these changes.

The log queries used:
 * https://cloudlogging.app.goo.gl/YL1tMBYzeWSJA1ty5
 * https://cloudlogging.app.goo.gl/MXszfcKgTQNg8KEb8

> Note: The `task_id` is highlighted in green.

1. Preprocess, which has no significant changes in this PR:

<img width="2007" height="219" alt="image"
src="https://github.com/user-attachments/assets/1e875b00-f69e-44ee-bded-9e047dda4408"
/>

2. During execution, each parallel fuzzer run enqueues its result inside
the worker thread while the main process dequeues it:

<img width="2069" height="602" alt="image"
src="https://github.com/user-attachments/assets/a26a7985-29ad-4062-9282-1d9dcc6cf602"
/>

3. Finally, in postprocess, the trusted bot uploads the fuzzer execution
data received from the worker stage:

<img width="1971" height="304" alt="image"
src="https://github.com/user-attachments/assets/1b23620b-fdf1-45ef-9dab-c10b702dea52"
/>
 

### The uploaded logs in GCS
To verify that logs were uploaded successfully to GCS under the correct
paths, we checked the corresponding job (`linux_asan_d8_dbg`) and fuzzer
(`binaryen_wasm_fuzzer`), as shown in the image below:

<img width="368" height="309" alt="image"
src="https://github.com/user-attachments/assets/93c43c31-2af9-4910-ab2d-343a205ab7f2"
/>

* Uploaded Log File Path: [GCS
Link](https://pantheon.corp.google.com/storage/browser/clusterfuzz-fuzz-logs-dev/binaryen_wasm_fuzzer/linux_asan_d8_dbg/2026-06-03?pageState=(%22StorageObjectListTable%22:(%22f%22:%22%255B%255D%22,%22s%22:%5B(%22i%22:%22displayName%22,%22s%22:%221%22)%5D))&e=-13802955&mods=logs_tg_prod&project=clusterfuzz-development&prefix=&forceOnObjectsSortingFiltering=false)
@PauloVLB PauloVLB mentioned this pull request Jun 10, 2026
Merged
PauloVLB added a commit that referenced this pull request Jun 10, 2026
@PauloVLB
Remove blackbox fuzzing debug logs (#5316)
b9081eb 
This PR only removes the logs that were intended as debugging filters
for deferring blackbox fuzzing session logs for postprocess

Related: #5311
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@javanlacerda javanlacerda javanlacerda approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@PauloVLB @javanlacerda