ClusterFuzz is a distributed fuzzing infrastructure (go/clusterfuzz) that automatically executes libFuzzer tests on scale.
The integration between libFuzzer and ClusterFuzz consists of:
gn refsfacility, builds fuzzers with multiple sanitizers and uploads binaries to a special GCS bucket. Build bot recipe is defined in chromium_libfuzzer.py.
ClusterFuzz uses two corpus types with libFuzzer:
Seed (or static) corpus: files manually uploaded by developers. ClusterFuzz uses these files for fuzzing but doesn't delete/overwrite them.
General (or working) corpus: files generated by fuzzers themselves. These corpus files are frequently modified during fuzzing sessions and can be deleted during corpus minimization.
A fuzzer has two input corpus directories, seed and general, but its output goes into general corpus directory. Seed corpus is read-only.