* update pyo3 to latest version
* add python bindings to workspace
* make pyo3 stuff dependent of workspace again
* adapt implementation for the newest version of pyo3
* WIP: IntelPT qemu systemmode
* use perf-event-open-sys instead of bindgen
* intelPT Add enable and disable tracing, add test
* Use static_assertions crate
* Fix volatiles, finish test
* Add Intel PT availability check
* Use LibAFL errors in Result
* Improve filtering
* Add KVM pt_mode check
* move static_assertions use
* Check for perf_event_open support
* Add (empty) IntelPT module
* Add IntelPTModule POC
* partial ideas to implement intel pt
* forgot smth
* trace decoding draft
* add libipt decoder
* use cpuid instead of reading /proc/cpuinfo
* investigating nondeterministic behaviour
* intel_pt module add thread creation hook
* Fully identify deps versions
Cargo docs: Although it looks like a specific version of the crate, it actually specifies a range of versions and allows SemVer compatible updates
* Move mem image to module, output to file for debug
* fixup! Use static_assertions crate
* Exclude host kernel from traces
* Bump libipt-rs
* Callback to get memory as an alterantive to image
* WIP Add bootloader fuzzer example
* Split availability check: add availability_with_qemu
* Move IntelPT to observer
* Improve test docs
* Clippy happy now
* Taplo happy now
* Add IntelPTObserver boilerplate
* Hook instead of Observer
* Clippy & Taplo
* Add psb_freq setting
* Extremely bad and dirty babyfuzzer stealing
* Use thread local cell instead of mutex
* Try a trace diff based naive feedback
* fix perf aux buffer wrap handling
* Use f64 for feedback score
* Fix clippy for cargo test
* Add config format tests
* WIP intelpt babyfuzzer with fork
* Fix not wrapped tail offset in split buffer
* Baby PT with raw traces diff working
* Cache nr_filters
* Use Lazy_lock for perf_type
* Add baby_fuzzer_intel_pt
* restore baby fuzzer
* baby_fuzzer with block decoder
* instruction decoder instead of block
* Fix after upstream merge
* OwnedRefMut instead of Cow
* Read mem directly instead of going through files
* Fix cache lifetime and tail update
* clippy
* Taplo
* Compile caps only on linux
* clippy
* Fail compilation on unsupported OSes
* Add baby_fuzzer_intel_pt to CI
* Cleanup
* Move intel pt + linux check
* fix baby pt
* rollback forkexecutor
* Remove unused dep
* Cleanup
* Lints
* Compute an edge id instead of using only block ip
* Binary only intelPT POC
* put linux specific code behind target_os=linux
* Clippy & Taplo
* fix CI
* Disable relocation
* No unwrap in decode
* No expect in decode
* Better logging, smaller aux buffer
* add IntelPTBuilder
* some lints
* Add exclude_hv config
* Per CPU tracing and inheritance
* Parametrize buffer size
* Try not to break commandExecutor API pt.1
* Try not to break commandExecutor API pt.2
* Try not to break commandExecutor API pt.3
* fix baby PT
* Support on_crash & on_timeout callbacks for libafl_qemu modules (#2620)
* support (unsafe) on_crash / on_timeout callbacks for modules
* use libc types in bindgen
* Move common code to bolts
* Cleanup
* Revert changes to backtrace_baby_fuzzers/command_executor
* Move intel_pt in one file
* Use workspace deps
* add nr_addr_filter fallback
* Cleaning
* Improve decode
* Clippy
* Improve errors and docs
* Impl from<PtError> for libafl::Error
* Merge hooks
* Docs
* Clean command executor
* fix baby PT
* fix baby PT warnings
* decoder fills the map with no vec alloc
* WIP command executor intel PT
* filter_map() instead of filter().map()
* fix docs
* fix windows?
* Baby lints
* Small cleanings
* Use personality to disable ASLR at runtime
* Fix nix dep
* Use prc-maps in babyfuzzer
* working ET_DYN elf
* Cleanup Cargo.toml
* Clean command executor
* introduce PtraceCommandConfigurator
* Fix clippy & taplo
* input via stdin
* libipt as workspace dep
* Check kernel version
* support Arg input location
* Reorder stuff
* File input
* timeout support for PtraceExec
* Lints
* Move out method not needing self form IntelPT
* unimplemented
* Lints
* Move intel_pt_baby_fuzzer
* Move intel_pt_command_executor
* Document the need for smp_rmb
* Better comment
* Readme and Makefile.toml instead of build.rs
* Move out from libafl_bolts to libafl_intelpt
* Fix hooks
* (Almost) fix intel_pt command exec
* fix intel_pt command exec debug
* Fix baby_fuzzer
* &raw over addr_of!
* cfg(target_os = "linux")
* bolts Cargo.toml leftover
* minimum wage README.md
* extract join_split_trace from decode
* extract decode_block from decode
* add 1 to `previous_block_ip` to avoid that all the recursive basic blocks map to 0
* More generic hook
* fix windows
* Update CI, fmt
* No bitbybit
* Fix docker?
* Fix Apple silicon?
* Use old libipt from crates.io
---------
Co-authored-by: Romain Malmain <romain.malmain@pm.me>
Co-authored-by: Dominik Maier <domenukk@gmail.com>
* Replace addr_of with &raw across the codebase
* fix fixes
* more fix
* undo clang fmt?
* oops
* fix?
* allocator fix
* more fix
* more more
* more docs
* more fix
* mas mas mas
* hm
* more
* fix Frida
* needed
* more error
* qemu
* compile-time edge module compilation trick
* clippy
* possible since rust 1.79
* split edge module in submodules
* Update frida to 0.14.0 (#2596)
* update frida crate to the latest version
* adapt libafl_frida to the latest version of frida
* tracers and generators private modules
* do not use star export.
* same for drcov
* forgot a file...
* first draft of generic-based edge module for ConstantLengthMapObserver.
* integration of OwnedSizedSlice.
replaced OwnedSlice in ConstMapObserver by the new OwnedSizedSlice.
* fix serde stuff
* no std
* import
* fixed qemu_cmin with new constant map abstraction.
* fix const map
* fix clippy from another pr...
* fix non-null usage
* fix ci?
* new feature stuff
* fixes
* minor fixes
* fmt
* non null
* im stupid
* fmt
* fix fuzzer
* fix fuzzers
* sized slice
* fuzzer fixes
* ptr::NonNull -> NonNull
* shorter trait length
* fmt
* add python grammar loader for Nautilus
* fmt
* fmt toml
* add python to macos CI deps
* install python
* fmt
* ci
* clippy
* fix workflow
* fmt
* fix baby nautilus
* fix nautilus sync
* fmt
* fmt
* clippy
* typo
* fix miri
* remove pyo3 from workspace to packages which need it and make it optional
* go back to AsRef<Path> for nautilus grammar loading
* replace hardcoded python flags for macos build
* typo
* taplo fmt
* revert formatting of libafl_qemu_arch
* ci
* typo
* remove expects in NautilusContext::from_file and make them Results
* remove not(miri) clause in test
* try and fix python build fir ios and android
* again
* android
* tmate
* fix android build
* document load_python_grammar
* log if python or json when loading nautilus grammar
* make nautilus optional
* add nautilus as feature to forkserver_simple_nautilus
* nonzero_lit
* nonzero
* std instead of core
* a
* l
* test
* import
* api
* api
* aaaaa
* apiapi
* api
* api
* api
* mm
* api
* non zero
* FMT
* pls
* nnnaaasdfadsfafdsa
* pls
* MM
* fix
* a
* sat add
* aa
* mistake
* unreachable
* no generic
* api change
* a
* centralize clippy definition
* fmt
* add update bindings script
* add a checked and unchecked version of memory read to qemu stuff
also, a lot of clippy thing
* update binding position
* rm old script, new one is a bit better
* update doc
* macos clippy
* adapt fuzzers
* windows clippy
* fix fuzzer
* windows clippy
* remove old allowed clippy
* remove some allowed clippy
* use default features for serde_json in gramatron
* better error handler for failed rw to memory
* change fuzzbench_qemu
* real test
* fix qemu crash hook
* update bindings
* fix fork executor, reduce trait bound overhead
* make EdgeModule depend on observer to get ptrs.
* do not make EdgeCoverageModule::new public
* map observer as builder call
* adapt examples with new edge coverage module builder.
* TMP: everyone is a variable length map observer
* reuse profile path script
* fix absolute paths
* remove some dependencies to make pipeline faster
* compile-time builder initialization check
---------
Co-authored-by: Romain Malmain <romain.malmain@pm.me>
* versioning unification: use x.y.z format everywhere
* do not compile low-level logs (< info level) by default in fuzzers
* update dependencies to the latest versions
* add members to workspace.
* use workspace for common dependencies
* add vscode native support
---------
Co-authored-by: Toka <tokazerkje@outlook.com>
* Rand below should take a NonZero parameter
* More
* more
* More
* fix build
* bit of clippy
* more clippy
* more clippy
* More clippy
* More more
* more nonzero
* fix multipart
* Cleanup, more unsafe
* fix
* fix unicode
* clippy, fmt
* more
* More safer and more better
* MaxStackPow
* fix merge fails
* make random_slize_size faster
* fix
* more
* fix
* Mark unsafe functions unsafe, as Ferris inteded
* More
* more safety?
* more fix
* actually safe
* More cleanup
* More fix
* more unsafe
* fix imports
* more unsafe
* fixes
* bring back the memories
* wip
* this shit is crazy
* from windows
* fmt
* fuck
* fmt
* aa
* reduce generics for generator
* do stuff for mutators, too
* aa
* a
* fmt
* idk
* getting things compiling
* fix merge
* idk
* fuzzers
* nire
* more
* a
* frida win
* cmin
* mm
* qemu?
* del ubuntu dep
---------
Co-authored-by: Your Name <you@example.com>
* linux kernel (x509_cert) and process fuzzing example
* rework filters
* update to latest qemu
* working for process and kernel fuzzing
* new i2s mutator for binary only fuzzers
* refactoring modules with new filtering interface
* add state as parameter of harness
* hide unused global in usermode
* Script for stub bindings generation
* do not try to check whether it is worth generating the bindings, always
generate when the env variable is on.
* add taplo to fmt_all.sh
* Moved fuzzers (again) in a target-centric way.
* fix rust 2024 warnings.
* new libafl_qemu harness structure.
* rename qemu_systemmode into qemu_baremetal
* fix qemu baremetal makefile
* fix formatter
---------
Co-authored-by: Toka <tokazerkje@outlook.com>
* Better documentation headers (clippy)
* more doc
* more fixes
* Even more
* more
* even more
* concrete
* fmt
* even more more
* tiny typo
* more
* more
* More
* more
* more docs?
* more docs
* bolts: Support dump_registers on Windows/x86
* bolts: Support dump_registers on Windows/aarch64
* bolts: Fix sig_ign() on Windows/x86
* bolts: Fix format of dump_registers under Windows
* bolts: Add test for dump_register under Windows
* add markdown link check in ci
* fix broken links when possible.
configuration file for md checker.
* accept code 200...
* more fixes
* more fixes
* more fixes
* Add a custom typed builder for Emulator
* Unify qemu_init for usermode and systemmode
* Remove env from qemu init args (it is unused in QEMU in practice)
* expose thread hooks to systemmode
* rename qemu_config to config
* Replace ExitHandler by EmulatorDriver
* Reorder generics alphabetically for Qemu{,Fork}Executor
* Moved snapshot manager to Emulator to continue centralizing mains objects in the same structure
* Reimplementation of CommandManager working with enums instead of tables
* Macro has been adapted to do this work automatically
* Moved snapshot stuff to dedicated module
* Removed many Rc<RefCell<...>>, now useless with the removal of vtables
* Builder given by Emulator via `Emulator::builder`. Reduced trait bound overhead
