Setting up a Google Cloud Project
NOTE: Most users of FuzzBench should simply add a fuzzer and use the FuzzBench service. This page isn’t needed for using the FuzzBench service. This page explains how to set up a Google Cloud project for running an experiment for the first time. We don’t recommend running experiments on your own for most users. Validating results from the FuzzBench service is a good reason to run an experiment on your own.
Currently, FuzzBench requires Google Cloud to run experiments (though this may change, see FAQ).
The rest of this page will assume all commands are run from the root of FuzzBench.
Create the Project
Enable billing when prompted on the Google Cloud website.
$PROJECT_NAMEin the environment:
For the rest of this page, replace
$PROJECT_NAME with the name of the project you created.
Set your default project using gcloud:
gcloud config set project $PROJECT_NAME
Set up the database
Create a PostgreSQL (we use PostgreSQL 11) instance using Google Cloud SQL. This will take a few minutes. We recommend using “us-central1” as the region and “us-central1-a” as the zone. Certain links provided in this page assume “us-central1”. Note that the region you choose should be the region you use later for running experiments.
For the rest of this page, we will use
$POSTGRES_PASSWORDto refer to the region of the PostgreSQL instance you created, its name, and its password. Set them in your environment:
export PROJECT_REGION=<your-postgres-region> export PROJECT_ZONE=<your-postgres-zone> export POSTGRES_INSTANCE=<your-postgres-instance-name> export POSTGRES_PASSWORD=<your-postgres-password>
wget https://dl.google.com/cloudsql/cloud_sql_proxy.linux.amd64 -O cloud_sql_proxy
- Connect to your postgres instance using cloud_sql_proxy:
- (optional, but recommended) Connect to your instance to ensure you have all of the details right:
psql "host=127.0.0.1 sslmode=disable user=postgres"
$POSTGRES_PASSWORD when prompted.
- Initialize the postgres database:
PYTHONPATH=. alembic upgrade head
If this command fails, double check you set
POSTGRES_PASSWORD correctly. At this point you can kill the
Google Cloud Storage buckets
- Set up Google Cloud Storage Buckets by running the commands below:
# Bucket for storing experiment artifacts such as corpora, coverage binaries, # crashes etc. gsutil mb gs://$DATA_BUCKET_NAME # Bucket for storing HTML reports. gsutil mb gs://$REPORT_BUCKET_NAME
You can pick any (globally unique) names you’d like for
- Make the report bucket public so it can be viewed from your browser:
gsutil iam ch allUsers:objectViewer gs://$REPORT_BUCKET_NAME
Dispatcher image and container registry setup
- Build the dispatcher image:
docker build -f docker/dispatcher-image/Dockerfile \ -t gcr.io/$PROJECT_NAME/dispatcher-image docker/dispatcher-image/
FuzzBench uses an instance running this image to manage most of the experiment.
Enable Google Container Registry API to use the container registry.
dispatcher-imageto the docker registry:
docker push gcr.io/$PROJECT_NAME/dispatcher-image
Enable required APIs
Enable the IAM API so that FuzzBench can authenticate to Google Cloud APIs and services.
Enable the error reporting API so that FuzzBench can report errors to the Google Cloud error reporting dashboard
Enable Cloud Build API so that FuzzBench can build docker images using Google Cloud Build, a platform optimized for doing so.
Enable Cloud SQL Admin API so that FuzzBench can connect to the database.
Enable Secret Manager API so that FuzzBench can store service account keys.
Go to the networking page for the network you want to run your experiment in. This is the networking page for the default network in “us-central1”. It is best if you use
Click the edit icon. Turn “Private Google access” to “On”. Press “Save”.
This allows the trial runner instances to use Google Cloud APIs since they do not have external IP addresses.
Request CPU quota increase
FuzzBench uses a 96 core Google Compute Engine instance for measuring trials and single core instances for each trial in your experiment.
Go to the quotas page for the region you will use for experiments. This is the quotas page for the “us-central1” region.
Select the “Compute Engine API” “CPUs” quota, fill out contact details and request a quota increase. We recommend requesting a quota limit of “1000” as will probably be approved and is large enough for running experiments in a reasonable amount of time.
Wait until you receive an email confirming the quota increase.
Run an experiment
- Follow the guide on running an experiment