Merge branch 'main' into main

Author: rmalmain

.github/workflows/build_and_test.yml

@@ -61,8 +61,12 @@ jobs:
       - name: Test the book (MacOS)
         if: runner.os == 'MacOS'
         run: cd docs && mdbook test -L ../target/debug/deps $(python3-config --ldflags | cut -d ' ' -f1)
-      - name: Run tests
-        run: cargo test
+      - name: Run tests (Windows)
+        if: runner.os == 'Windows'
+        run: cargo test -- --test-threads 1
+      - name: Run tests (Linux)
+        if: runner.os != 'Windows'
+        run: cargo test -- --test-threads 1
       - name: Test libafl no_std
         run: cd libafl && cargo test --no-default-features
       - name: Test libafl_bolts no_std no_alloc
@@ -370,58 +374,95 @@ jobs:
         shell: bash
         run: RUN_ON_CI=1 LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} ./scripts/test_fuzzer.sh ${{ matrix.fuzzer }}
 
-  # fuzzers-qemu-user:
-  #   needs:
-  #     - changes
-  #   if: ${{ needs.changes.outputs.qemu == 'true' }}
-  #   strategy:
-  #     matrix:
-  #       os: [ubuntu-24.04]
-  #       fuzzer:
-  #         Binary only
-  #         - ./fuzzers/binary_only/qemu_cmin
-  #         - ./fuzzers/binary_only/qemu_coverage
-  #         - ./fuzzers/binary_only/qemu_launcher
-  #       arch:
-  #         # unless somebody pays us for the servers.
-  #         # - aarch64
-  #         # - arm
-  #         # - i386
-  #         # - ppc
-  #         - x86_64
-  #
-  #   runs-on: [ self-hosted, qemu ]
-  #   container: registry.gitlab.com/qemu-project/qemu/qemu/ubuntu2204:latest
-  #   steps:
-  #     - uses: actions/checkout@v4
-  #     - uses: ./.github/workflows/qemu-fuzzer-tester-prepare
-  #     - name: Build and run example QEMU fuzzers (Linux)
-  #       if: runner.os == 'Linux'
-  #       shell: bash
-  #       run: ARCH=${{ matrix.arch }} RUN_ON_CI=1 LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} ./scripts/test_fuzzer.sh ${{ matrix.fuzzer }}
-  #
-  # fuzzers-qemu-system:
-  #   needs:
-  #     - changes
-  #   if: ${{ needs.changes.outputs.qemu == 'true' }}
-  #   strategy:
-  #     matrix:
-  #       os: [ubuntu-24.04]
-  #       fuzzer:
-  #         Full-system
-  #         - ./fuzzers/full_system/qemu_baremetal
-  #         - ./fuzzers/full_system/qemu_linux_kernel
-  #         - ./fuzzers/full_system/qemu_linux_process
-  #
-  #   runs-on: [ self-hosted, qemu ]
-  #   container: registry.gitlab.com/qemu-project/qemu/qemu/ubuntu2204:latest
-  #   steps:
-  #     - uses: actions/checkout@v4
-  #     - uses: ./.github/workflows/qemu-fuzzer-tester-prepare
-  #     - name: Build and run example QEMU fuzzers (Linux)
-  #       if: runner.os == 'Linux'
-  #       shell: bash
-  #       run: RUN_ON_CI=1 LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} ./scripts/test_fuzzer.sh ${{ matrix.fuzzer }}
+  fuzzers-qemu-user:
+    needs:
+      - changes
+    if: ${{ needs.changes.outputs.qemu == 'true' }}
+    strategy:
+      matrix:
+        os: [ubuntu-24.04]
+        fuzzer:
+          # Binary only
+          - ./fuzzers/binary_only/qemu_cmin
+          - ./fuzzers/binary_only/qemu_coverage
+          - ./fuzzers/binary_only/qemu_launcher
+        arch:
+          # unless somebody pays us for the servers.
+          # - aarch64
+          # - arm
+          # - i386
+          # - ppc
+          - x86_64
+
+    runs-on: [ self-hosted, qemu ]
+    container: registry.gitlab.com/qemu-project/qemu/qemu/ubuntu2204:latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: ./.github/workflows/qemu-fuzzer-tester-prepare
+      - name: Build and run example QEMU fuzzers (Linux)
+        if: runner.os == 'Linux'
+        shell: bash
+        run: ARCH=${{ matrix.arch }} RUN_ON_CI=1 LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} ./scripts/test_fuzzer.sh ${{ matrix.fuzzer }}
+
+  librasan-build:
+      runs-on: ubuntu-24.04
+      needs:
+        - changes
+      if: ${{ needs.changes.outputs.qemu == 'true' }}
+      steps:
+        - uses: actions/checkout@v4
+        - uses: ./.github/workflows/librasan-prepare
+        - name: Build
+          if: runner.os == 'Linux'
+          shell: bash
+          run: |
+            RUN_ON_CI=1 \
+            LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} \
+            just \
+              -f ./libafl_qemu/librasan/Justfile \
+              build_everything_dev \
+              build_x86_64_release
+
+  librasan-test:
+      runs-on: ubuntu-24.04
+      needs:
+        - changes
+      if: ${{ needs.changes.outputs.qemu == 'true' }}
+      steps:
+        - uses: actions/checkout@v4
+        - uses: ./.github/workflows/librasan-prepare
+        - name: Build
+          if: runner.os == 'Linux'
+          shell: bash
+          run: |
+            RUN_ON_CI=1 \
+            LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} \
+            just \
+              -f ./libafl_qemu/librasan/Justfile \
+              test_everything
+
+  fuzzers-qemu-system:
+    needs:
+      - changes
+    if: ${{ needs.changes.outputs.qemu == 'true' }}
+    strategy:
+      matrix:
+        os: [ubuntu-24.04]
+        fuzzer:
+          # Full-system
+          - ./fuzzers/full_system/qemu_baremetal
+          - ./fuzzers/full_system/qemu_linux_kernel
+          - ./fuzzers/full_system/qemu_linux_process
+
+    runs-on: [ self-hosted, qemu ]
+    container: registry.gitlab.com/qemu-project/qemu/qemu/ubuntu2204:latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: ./.github/workflows/qemu-fuzzer-tester-prepare
+      - name: Build and run example QEMU fuzzers (Linux)
+        if: runner.os == 'Linux'
+        shell: bash
+        run: RUN_ON_CI=1 LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} ./scripts/test_fuzzer.sh ${{ matrix.fuzzer }}
 
   nostd-build:
     runs-on: ubuntu-24.04
@@ -552,8 +593,6 @@ jobs:
         run: cargo build --verbose
       - name: Increase map sizes
         run: ./scripts/shmem_limits_macos.sh
-      - name: Run Tests
-        run: cargo test
       - name: Clippy
         run: cargo +nightly clippy --tests --all --exclude libafl_nyx --exclude symcc_runtime --exclude runtime_test
 

.github/workflows/librasan-prepare/action.yml

@@ -0,0 +1,73 @@
+name: Setup QEMU librasan environment
+description: Sets up the QEMU librasan environment
+runs:
+  using: composite
+  steps:
+    - name: Enable i386
+      shell: bash
+      run: sudo dpkg --add-architecture i386
+    - name: Install QEMU deps
+      shell: bash
+      run: |
+        sudo apt-get update && \
+        DEBIAN_FRONTEND=noninteractive \
+          sudo apt-get install -y \
+          build-essential \
+          clang-18 \
+          clang++-18 \
+          cmake \
+          curl \
+          g++-aarch64-linux-gnu \
+          g++-arm-linux-gnueabi \
+          g++-i686-linux-gnu \
+          g++-mipsel-linux-gnu \
+          g++-powerpc-linux-gnu \
+          gcc-aarch64-linux-gnu \
+          gcc-arm-linux-gnueabi \
+          gcc-i686-linux-gnu \
+          gcc-mipsel-linux-gnu \
+          gcc-powerpc-linux-gnu \
+          gdb \
+          gdb-multiarch \
+          git \
+          gnupg \
+          libc6-dev:i386 \
+          libclang-dev \
+          libgcc-13-dev:i386 \
+          libglib2.0-dev \
+          lsb-release \
+          ninja-build \
+          python3 \
+          python3-pip \
+          python3-venv \
+          qemu-user \
+          software-properties-common \
+          wget
+    - uses: dtolnay/rust-toolchain@nightly
+    - name: install just
+      uses: extractions/setup-just@v2
+      with:
+        just-version: 1.39.0
+    - name: Install cargo-binstall
+      shell: bash
+      run: |
+        curl -L --proto '=https' --tlsv1.2 -sSf \
+          https://raw.githubusercontent.com/cargo-bins/cargo-binstall/main/install-from-binstall-release.sh | \
+            bash
+    - name: Install nextest
+      shell: bash
+      run: |
+        cargo binstall --no-confirm cargo-nextest
+    - name: Install Rust Targets
+      shell: bash
+      run: |
+        rustup target add armv7-unknown-linux-gnueabi && \
+        rustup target add aarch64-unknown-linux-gnu && \
+        rustup target add i686-unknown-linux-gnu && \
+        rustup target add powerpc-unknown-linux-gnu
+    - uses: actions/checkout@v4
+      with:
+        submodules: true
+        fetch-depth: 0
+    - uses: Swatinem/rust-cache@v2
+      with: { shared-key: "${{ runner.os }}-shared-fuzzer-cache" }

.github/workflows/ubuntu-prepare/action.yml

@@ -7,6 +7,10 @@ runs:
       shell: bash
       run: sudo apt-get update && sudo apt-get install -y curl lsb-release wget software-properties-common gnupg ninja-build shellcheck pax-utils nasm libsqlite3-dev libc6-dev libgtk-3-dev gcc g++ gcc-arm-none-eabi gcc-arm-linux-gnueabi g++-arm-linux-gnueabi libslirp-dev libz3-dev build-essential cmake
     - uses: dtolnay/rust-toolchain@stable
+    - name: install just
+      uses: extractions/setup-just@v2
+      with:
+        just-version: 1.39.0
     - name: Add stable clippy
       shell: bash
       run: rustup toolchain install stable --component clippy --allow-downgrade

.gitignore

@@ -1,9 +1,14 @@
 target
 target-bin
 out
-Cargo.lock
 vendor
 
+# cargo lockfiles except from binaries
+**/Cargo.lock
+# !fuzzers/**/Cargo.lock
+# !utils/**/Cargo.lock
+
+
 .DS_Store
 .env
 .vscode
@@ -88,3 +93,6 @@ rustc-ice-*
 
 # log
 log
+
+# Coredumps
+*.core

Cargo.toml

@@ -42,7 +42,7 @@ exclude = [
   "libafl_libfuzzer_runtime",
   "utils/noaslr",
   "utils/gdb_qemu",
-  "utils/libafl_fmt",
+  "utils/libafl_repo_tools",
   "utils/desyscall",
   "utils/multi_machine_generator",
   "scripts",
@@ -51,35 +51,35 @@ exclude = [
 ]
 
 [workspace.package]
-version = "0.15.1"
+version = "0.15.2"
 license = "MIT OR Apache-2.0"
 
 [workspace.dependencies]
 # Internal deps
-libafl = { path = "./libafl", version = "0.15.1", default-features = false }
-libafl_bolts = { path = "./libafl_bolts", version = "0.15.1", default-features = false }
-libafl_cc = { path = "./libafl_cc", version = "0.15.1", default-features = false }
-symcc_runtime = { path = "./libafl_concolic/symcc_runtime", version = "0.15.1", default-features = false }
-symcc_libafl = { path = "./libafl_concolic/symcc_libafl", version = "0.15.1", default-features = false }
-libafl_derive = { path = "./libafl_derive", version = "0.15.1", default-features = false }
-libafl_frida = { path = "./libafl_frida", version = "0.15.1", default-features = false }
-libafl_intelpt = { path = "./libafl_intelpt", version = "0.15.1", default-features = false }
-libafl_libfuzzer = { path = "./libafl_libfuzzer", version = "0.15.1", default-features = false }
-libafl_nyx = { path = "./libafl_nyx", version = "0.15.1", default-features = false }
-libafl_targets = { path = "./libafl_targets", version = "0.15.1", default-features = false }
-libafl_tinyinst = { path = "./libafl_tinyinst", version = "0.15.1", default-features = false }
-libafl_qemu = { path = "./libafl_qemu", version = "0.15.1", default-features = false }
-libafl_qemu_build = { path = "./libafl_qemu/libafl_qemu_build", version = "0.15.1", default-features = false }
-libafl_qemu_sys = { path = "./libafl_qemu/libafl_qemu_sys", version = "0.15.1", default-features = false }
-libafl_sugar = { path = "./libafl_sugar", version = "0.15.1", default-features = false }
-dump_constraints = { path = "./libafl_concolic/test/dump_constraints", version = "0.15.1", default-features = false }
-runtime_test = { path = "./libafl_concolic/test/runtime_test", version = "0.15.1", default-features = false }
-build_and_test_fuzzers = { path = "./utils/build_and_test_fuzzers", version = "0.15.1", default-features = false }
-deexit = { path = "./utils/deexit", version = "0.15.1", default-features = false }
-drcov_utils = { path = "./utils/drcov_utils", version = "0.15.1", default-features = false }
-construct_automata = { path = "./utils/gramatron/construct_automata", version = "0.15.1", default-features = false }
-libafl_benches = { path = "./utils/libafl_benches", version = "0.15.1", default-features = false }
-libafl_jumper = { path = "./utils/libafl_jumper", version = "0.15.1", default-features = false }
+libafl = { path = "./libafl", version = "0.15.2", default-features = false }
+libafl_bolts = { path = "./libafl_bolts", version = "0.15.2", default-features = false }
+libafl_cc = { path = "./libafl_cc", version = "0.15.2", default-features = false }
+symcc_runtime = { path = "./libafl_concolic/symcc_runtime", version = "0.15.2", default-features = false }
+symcc_libafl = { path = "./libafl_concolic/symcc_libafl", version = "0.15.2", default-features = false }
+libafl_derive = { path = "./libafl_derive", version = "0.15.2", default-features = false }
+libafl_frida = { path = "./libafl_frida", version = "0.15.2", default-features = false }
+libafl_intelpt = { path = "./libafl_intelpt", version = "0.15.2", default-features = false }
+libafl_libfuzzer = { path = "./libafl_libfuzzer", version = "0.15.2", default-features = false }
+libafl_nyx = { path = "./libafl_nyx", version = "0.15.2", default-features = false }
+libafl_targets = { path = "./libafl_targets", version = "0.15.2", default-features = false }
+libafl_tinyinst = { path = "./libafl_tinyinst", version = "0.15.2", default-features = false }
+libafl_qemu = { path = "./libafl_qemu", version = "0.15.2", default-features = false }
+libafl_qemu_build = { path = "./libafl_qemu/libafl_qemu_build", version = "0.15.2", default-features = false }
+libafl_qemu_sys = { path = "./libafl_qemu/libafl_qemu_sys", version = "0.15.2", default-features = false }
+libafl_sugar = { path = "./libafl_sugar", version = "0.15.2", default-features = false }
+dump_constraints = { path = "./libafl_concolic/test/dump_constraints", version = "0.15.2", default-features = false }
+runtime_test = { path = "./libafl_concolic/test/runtime_test", version = "0.15.2", default-features = false }
+build_and_test_fuzzers = { path = "./utils/build_and_test_fuzzers", version = "0.15.2", default-features = false }
+deexit = { path = "./utils/deexit", version = "0.15.2", default-features = false }
+drcov_utils = { path = "./utils/drcov_utils", version = "0.15.2", default-features = false }
+construct_automata = { path = "./utils/gramatron/construct_automata", version = "0.15.2", default-features = false }
+libafl_benches = { path = "./utils/libafl_benches", version = "0.15.2", default-features = false }
+libafl_jumper = { path = "./utils/libafl_jumper", version = "0.15.2", default-features = false }
 
 # External deps
 ahash = { version = "0.8.11", default-features = false }     # The hash function already used in hashbrown
@@ -96,20 +96,22 @@ cmake = "0.1.51"
 document-features = "0.2.10"
 fastbloom = { version = "0.9.0", default-features = false }
 hashbrown = { version = "0.14.5", default-features = false } # A faster hashmap, nostd compatible
+just = "1.40.0"
 libc = "0.2.159" # For (*nix) libc
 libipt = "0.3.0"
 log = "0.4.22"
 meminterval = "0.4.1"
 mimalloc = { version = "0.1.43", default-features = false }
 nix = { version = "0.29.0", default-features = false }
+num-derive = { version = "0.4.2", default-features = false }
 num_enum = { version = "0.7.3", default-features = false }
 num-traits = { version = "0.2.19", default-features = false }
 paste = "1.0.15"
 postcard = { version = "1.0.10", features = [
   "alloc",
 ], default-features = false } # no_std compatible serde serialization format
-pyo3 = "0.23.2"
-pyo3-build-config = "0.23.2"
+pyo3 = "0.24.0"
+pyo3-build-config = "0.24.0"
 rangemap = "1.5.1"
 regex = "1.10.6"
 rustversion = "1.0.17"
@@ -121,11 +123,11 @@ static_assertions = "1.1.0"
 strum = "0.27.0"
 strum_macros = "0.27.0"
 toml = "0.8.19" # For parsing the injections toml file
-typed-builder = "0.20.0" # Implement the builder pattern at compiletime
+typed-builder = "0.21.0" # Implement the builder pattern at compiletime
 typeid = "1.0.0" # Safe type_eq that doesn't rely on std specialization
 unicorn-engine = "2.0.1" # Used in libafl_unicorn
 uuid = { version = "1.10.0", features = ["serde", "v4"] }
-which = "6.0.3"
+which = "7.0.2"
 windows = "0.59.0"
 z3 = "0.12.1"
 fs2 = "0.4.3" # Used by OnDisk Corpus for file locking
@@ -171,6 +173,7 @@ similar_names = "allow"
 too_many_lines = "allow"
 comparison_chain = "allow"             # This lint makes **ZERO** sense
 unnecessary_debug_formatting = "allow" # :thumbsdown: :thumbsdown: :thumbsdown: :thumbsdown: :thumbsdown: :thumbsdown: 
+struct_field_names = "allow"           # ????
 
 [workspace.lints.rustdoc]
 # Deny