Merge branch 'main' into unix_mmap

Author: domenukk

.github/workflows/build_and_test.yml

@@ -187,19 +187,20 @@ jobs:
         # `sancov_pcguard_edges` is tested seperatelyc
         run: LLVM_VERSION=18 CI_INSTANCES=18 cargo run --manifest-path ./utils/ci_splitter/Cargo.toml -- ${{ matrix.instance_idx }}
 
-  ubuntu-concolic:
-    runs-on: ubuntu-24.04
-    needs: ubuntu
-    steps:
-      - uses: dtolnay/rust-toolchain@stable
-      - uses: actions/checkout@v4
-      - uses: Swatinem/rust-cache@v2
-        with: { shared-key: "ubuntu" }
-      - name: Install smoke test deps
-        run: sudo ./crates/libafl_concolic/test/smoke_test_ubuntu_deps.sh
-      - name: Run smoke test
-        run: ./crates/libafl_concolic/test/smoke_test.sh
-
+#  idk why bindgen generates a corrupted file only on CI.
+#  ubuntu-concolic:
+#    runs-on: ubuntu-24.04
+#    needs: ubuntu
+#    steps:
+#      - uses: dtolnay/rust-toolchain@stable
+#      - uses: actions/checkout@v4
+#      - uses: Swatinem/rust-cache@v2
+#        with: { shared-key: "ubuntu" }
+#      - name: Install smoke test deps
+#        run: sudo ./crates/libafl_concolic/test/smoke_test_ubuntu_deps.sh
+#      - name: Run smoke test
+#        run: ./crates/libafl_concolic/test/smoke_test.sh
+#
   python-bindings:
     runs-on: ubuntu-24.04
     steps:
@@ -289,7 +290,7 @@ jobs:
           - binary_only/fuzzbench_qemu
           - binary_only/intel_pt_baby_fuzzer
           - binary_only/intel_pt_command_executor
-          # - binary_only/tinyinst_simple
+          - binary_only/tinyinst_simple
 
           # Forkserver
           - forkserver/forkserver_simple
@@ -456,7 +457,7 @@ jobs:
             # - full_system/qemu_linux_kernel
             # - full_system/qemu_linux_process
     runs-on: ubuntu-24.04
-    container: registry.gitlab.com/qemu-project/qemu/qemu/ubuntu2204:latest
+    # container: registry.gitlab.com/qemu-project/qemu/qemu/ubuntu2204:latest
     steps:
         # Get the name of the fuzzer so that we can use it as the key for a cache
         # of the built artefacts. The key cannot have any special characters.
@@ -508,10 +509,10 @@ jobs:
       matrix:
         fuzzer:
             - full_system/qemu_baremetal
-            # - full_system/qemu_linux_kernel
+            - full_system/qemu_linux_kernel
             # - full_system/qemu_linux_process
     runs-on: ubuntu-24.04
-    container: registry.gitlab.com/qemu-project/qemu/qemu/ubuntu2204:latest
+    # container: registry.gitlab.com/qemu-project/qemu/qemu/ubuntu2204:latest
     steps:
         # Get the name of the fuzzer so that we can use it as the key for a cache
         # of the built artefacts. The key cannot have any special characters.
@@ -563,7 +564,7 @@ jobs:
         fuzzer:
             - full_system/qemu_baremetal
     runs-on: ubuntu-24.04
-    container: registry.gitlab.com/qemu-project/qemu/qemu/ubuntu2204:latest
+    # container: registry.gitlab.com/qemu-project/qemu/qemu/ubuntu2204:latest
     steps:
         # Get the name of the fuzzer so that we can use it as the key for a cache
         # of the built artefacts. The key cannot have any special characters.
@@ -897,7 +898,7 @@ jobs:
       - name: Increase map sizes
         run: ./scripts/shmem_limits_macos.sh
       - name: Clippy
-        run: cargo clippy --tests --all --exclude libafl_nyx --exclude symcc_runtime --exclude runtime_test
+        run: cargo clippy --tests --all --exclude libafl_nyx --exclude symcc_runtime --exclude runtime_test --exclude libvharness_sys --exclude libafl_qemu_sys --exclude libafl_qemu --exclude libafl_qemu_build
 
   ubuntu-cross-android-arm64:
     runs-on: ubuntu-24.04

.github/workflows/fuzzer-tester-prepare/action.yml

@@ -23,6 +23,10 @@ runs:
       if: ${{ inputs.fuzzer-name == 'fuzz_anything/baby_no_std' }}
       shell: bash
       run: rustup component add rust-src --toolchain nightly-x86_64-unknown-linux-gnu
+    - name: Add toolchain
+      if: ${{ inputs.fuzzer-name == 'binary_only/tinyinst_simple' }}
+      shell: bash
+      run: cargo install cxxbridge-cmd
     - name: Add nyx deps
       if: ${{ inputs.fuzzer-name == 'full_system/nyx_launcher' || inputs.fuzzer-name == 'full_system/nyx_libxml2_standalone' || inputs.fuzzer-name == 'full_system/nyx_libxml2_parallel' }}
       shell: bash

.github/workflows/qemu-fuzzer-tester-prepare/action.yml

@@ -6,16 +6,13 @@ runs:
     - name: Install QEMU deps
       shell: bash
       run: |
-        apt-get update 
-        apt-get install -y qemu-utils sudo python3-msgpack python3-jinja2 curl python3-dev gcc-arm-none-eabi \
-          gcc-arm-linux-gnueabi g++-arm-linux-gnueabi
+        sudo apt-get update 
+        sudo apt-get install -y qemu-utils sudo python3-msgpack python3-jinja2 curl python3-dev gcc-arm-none-eabi \
+          gcc-arm-linux-gnueabi g++-arm-linux-gnueabi cmake
     - name: Remove old rust
       shell: bash
       run: sudo apt purge -y 'rust*' 'cargo*'
     - uses: dtolnay/rust-toolchain@stable
-      env:
-        RUSTUP_HOME: /usr/local/rustup
-        CARGO_HOME: /usr/local/cargo
     - name: enable mult-thread for `make`
       shell: bash
       run: export MAKEFLAGS="-j$(expr $(nproc) \+ 1)"

CITATION.cff

@@ -0,0 +1,41 @@
+cff-version: 1.2.0
+message: Please cite the following works when using this software.
+type: software
+authors:
+  - family-names: Fioraldi
+    given-names: Andrea
+  - family-names: Maier
+    given-names: Dominik Christian
+  - family-names: Zhang
+    given-names: Dongjia
+  - family-names: Balzarotti
+    given-names: Davide
+doi: 10.1145/3548606.3560602
+identifiers:
+  - type: doi
+    value: 10.1145/3548606.3560602
+  - type: url
+    value: http://dx.doi.org/10.1145/3548606.3560602
+title: LibAFL
+url: http://dx.doi.org/10.1145/3548606.3560602
+preferred-citation:
+  type: article
+  authors:
+  - family-names: Fioraldi
+    given-names: Andrea
+    orcid: https://orcid.org/0000-0002-0976-4395
+  - family-names: Maier
+    given-names: Dominik Christian
+    orcid: https://orcid.org/0000-0002-5588-5008
+  - family-names: Zhang
+    given-names: Dongjia
+    orcid: https://orcid.org/0000-0001-7468-743X
+  - family-names: Balzarotti
+    given-names: Davide
+    orcid: https://orcid.org/0000-0001-5957-6213
+  title: "LibAFL: A Framework to Build Modular and Reusable Fuzzers"
+  year: 2022
+  doi: 10.1145/3548606.3560602
+  url: https://doi.org/10.1145/3548606.3560602
+  publisher: "Association for Computing Machinery"
+  pages: 1051–1065

CONTRIBUTING.md

@@ -29,6 +29,13 @@ Some of the parts in this list may be hard, don't be afraid to open a PR if you
 Some of these checks can be performed automatically during commit using [pre-commit](https://pre-commit.com/).
 Once the package is installed, simply run `pre-commit install` to enable the hooks, the checks will run automatically before the commit becomes effective.
 
+### Adding dependencies
+
+Avoid adding additional crates dependencies if it can be avoided in general.
+Check if the dependency to add is not already present in the root `Cargo.toml` file or in other crates.
+If it is the case, use the dependency using `workspace = true` when adding the dependency.
+As a rule of thumb, if a given dependency is used more than once, it should be added in the root `Cargo.toml` file.
+
 ## LibAFL Code Rules
 
 Before making your pull requests, try to see if your code follows these rules.