* first working version
* full gui
* remove warnings
* remove errors in release
* allow missing_docs in tui
* tui_monitor flag
* working graphs
* disable tui on windows
* clippy
* clippy
* tui module only under std
* use tui from git
* fmt
* tui from crates
* documentation, warnings
* fixed docs
* docs
* no_std
* test
* windows
* nautilus docs
* more fixes
* more docs
* nits
* windows clippy
* docs, windows
* nits
* debug all the things
* derive debug for all core library components
* Docu for libafl_targets
* nits
* reordered generics
* add docs to frida, debug
* nits
* fixes
* more docu for frida, nits
* more docu
* more docu
* Sugar docs
* debug for qemu
* more debug
* import debug
* fmt
* debug
* anyap_debug feature no longer needed
* tidy up unused fn
* indicate if we left out values for struct debug
* implement Debug for sugar
* debug allthethings
* ci
* Add minibsod
* fmt'
* clippy
* nostd/mac fixes
* windows fix
* woops. Mac fixes
* Get rid of unneccesary sleep
* Fix missing unsafe
* clippy fixes
* make ucontext,siginfo not a reference
* fmt
* fix _context
* Add stubs for non-apple, non-linux, non-android; add a todo
* Fmt
* macos x64, testcase, cleanup
* no_std
* added fault address to minibsod for apple x64
* added err, hexlified values (as per mac panic)
* informing user about lack of registers
Co-authored-by: Dominik Maier <domenukk@gmail.com>
* nautilus dep
* nautilus generation
* fix mutator
* start new mutator for nautilus
* other mutators
* baby
* ci
* NautilusFeedback
* fix unparse
* ci
* ci
* ci
* ci
* nigghtly clippy
* ci
* fix
* ci
* ci
* update construct automatata
* fix
* ci
* clippy
* clippy
* nightly clippy
* more clippy
* minor clippy
Co-authored-by: Dominik Maier <domenukk@gmail.com>
* update packages related to concolic
* install z3 on CI macOS
I have no clue how this worked before...
Co-authored-by: Dominik Maier <domenukk@gmail.com>
* clippy
* clippy on windows
* clippy fixes on windows
* clippy, fmt
* fixed testcases for windows
* fixing workspace.yml
* testcase no longer fails without clang
* fix github dependencies to specific revisions
* fix qemu without python
* cleanup HookResult
* llmp docs skeleton
* llmp documentation
* more llmp docu
* llmp
* some core concepts
* start working on tutorial
* adapted rng_core to lain
* fix tutorial build
* warnings, format
* add explanation
* No need to own the types
* metadata
* writing
* fmt
* tutorial folder
* lain needs nightly
* added mdbook test to ci
* fix ci, add linkcheck
* more book
* baby
* tutorial target
* fix mdbook build
* fix mdbook test
* more book
* fixed typo
* fixed build
* spawn instances'
* 'finish' book
* added sugar crate information
Co-authored-by: Dominik Maier <domenukk@gmail.com>
* add stub runtime that links with symcc common runtime code
* implement tracing runtime to generate message file
* move ShMemCursor to libafl proper
* qualify enum imports to make clippy happy
* fix warnings
* formatting
* update symcc submodule to point to AFL++ org repo
* fix naming of ShMemCursor and remove std requirement
* ensure runtime is named correctly after compilation
* add devcontainer files for easier development
(will be removed later)
* move rust nightly install into devcontainer.json
this makes it run after the container has been built
* dev container: install recommended packages
* switch to building rust runtime from SymCC cmake
* install corrosion in dev container for cmake-cargo integration
* add smoke test for symcc-runtime integration
* update symcc submodule
* add rustfmt to devcontainer
* properly mark the end of a constraint trace
Using a special "End" message
* small tool to dump constraints from a traced process
* extend smoke test to include parsing & printing of constraints
* update symcc submodule
* first draft of expression filters for concolic
* fix type in runtime method name
* update symcc submodule
* implement extensions to serdeany map:
* remove -> Option<T>
* insert_boxed(Box<T>) (avoids allocation if value is already boxed)
* implement std::io::Seek for ShMemCursor
* implement framing for in-memory traces
this allows to efficiently get the length of trace.
this is important for efficiently copying the trace out of the shared
memory region.
* fix for serdeany map
* fuzzer that associates concolic traces with test
case
* ensure runtime can handle 0-expressions
* move metadata, observer and feedback into separate files
* convert executor to command executor and move to separate file
* refactoring and streamlining
* move panic mode configuration to cmake script
* compile cmake from source, because debians version is too old.........
* use separate stage for tracing
* fix dockerfile
* move runtime into the workspace
using prior work on compilation flags from cmake
* actually make use of selective symbolication filter
* update to support latest symcc changes
* implement hitmap for concolic runtime
* clippy
* implement selective symbolization and coverage map for dump_constraints tool
* use concolic runtime coverage for concolic fuzzer feedback
* actually kill process on timeout
* be extra careful after killing process
* increase command executor busy wait to 5ms
* implement concolic tracing stage
* address naming issue
* implement floating point expression filter for runtime
* rename expression filters to be less verbose
* implement expression pruning
* implement ConcolicMutationalStage
* refactor command executor and remove busy loop
* implement generic command executor
* remove debug prints
* refactor + documentation
* refactor
* add stub runtime that links with symcc common runtime code
* implement tracing runtime to generate message file
* move ShMemCursor to libafl proper
* qualify enum imports to make clippy happy
* fix warnings
* formatting
* update symcc submodule to point to AFL++ org repo
* fix naming of ShMemCursor and remove std requirement
* ensure runtime is named correctly after compilation
* add devcontainer files for easier development
(will be removed later)
* move rust nightly install into devcontainer.json
this makes it run after the container has been built
* dev container: install recommended packages
* switch to building rust runtime from SymCC cmake
* install corrosion in dev container for cmake-cargo integration
* add smoke test for symcc-runtime integration
* update symcc submodule
* add rustfmt to devcontainer
* properly mark the end of a constraint trace
Using a special "End" message
* small tool to dump constraints from a traced process
* extend smoke test to include parsing & printing of constraints
* update symcc submodule
* first draft of expression filters for concolic
* fix type in runtime method name
* update symcc submodule
* implement extensions to serdeany map:
* remove -> Option<T>
* insert_boxed(Box<T>) (avoids allocation if value is already boxed)
* implement std::io::Seek for ShMemCursor
* implement framing for in-memory traces
this allows to efficiently get the length of trace.
this is important for efficiently copying the trace out of the shared
memory region.
* fix for serdeany map
* fuzzer that associates concolic traces with test
case
* ensure runtime can handle 0-expressions
* move metadata, observer and feedback into separate files
* convert executor to command executor and move to separate file
* refactoring and streamlining
* move panic mode configuration to cmake script
* compile cmake from source, because debians version is too old.........
* use separate stage for tracing
* fix dockerfile
* move runtime into the workspace
using prior work on compilation flags from cmake
* actually make use of selective symbolication filter
* update to support latest symcc changes
* implement hitmap for concolic runtime
* clippy
* implement selective symbolization and coverage map for dump_constraints tool
* use concolic runtime coverage for concolic fuzzer feedback
* actually kill process on timeout
* be extra careful after killing process
* increase command executor busy wait to 5ms
* implement concolic tracing stage
* address naming issue
* implement floating point expression filter for runtime
* rename expression filters to be less verbose
* implement expression pruning
* implement ConcolicMutationalStage
* refactor command executor and remove busy loop
* implement generic command executor
* remove debug prints
* refactor + documentation
* refactor
* fixed build, clippy
* no_std
* implement WithObservers executor as discussed
* add symqemu as a submodule
* fix symqemu submodule URL to be relative
* update the concolic runtime to match the new interface
* update the trace file header regularly to save constraints in case the program crashes
* add build dependencies for symqemu
* handle full mesage buffer properly
* better policy for updating trace header
* less aggregiously inefficient GC information serialization
* move concolic runtime hitmap count to filter
this is in preparation for the new runtime interface
* very WIP new runtime interface
* use more convenient types in rust runtime
* EmptyRuntime -> NopRuntime
* hide cpp_runtime and formatting
* implement tracing runtime using new runtime interface
* implement filters with new runtime interface
* use a local checkout for symcc_runtime
* make test runtime tracing
* use test_runtime in smoke test
* fix formatting
* make the clippy overlord happy?
* disable symcc build on everything but linux
* make more of symcc_runtime linux only
* fix linking symcc_runtime with C++ stdlib
* will clippy ever be happy?
* formatting
* don't export symcc runtime when compiling tests
* clippy...
* "don't export symcc runtime when compiling tests" for runtime crate as well
* clippy
* move command executor to LibAFL
* move concolic crate into LibAFL
* move concolic{metada,observer} into LibAFL
* move ConcolicFeedback into LibAFL
* move ConolicStage into LibAFL
* fix bug in symcc part of concolic runtime
* stb_image fuzzer with concolic as example fuzzer
* clean up basic_concolic_fuzzer
* clean up and document concolic example fuzzer
* formatting
* clippy
* remove basic_concolic_fuzzer (it is now part of the examples)
* remove the runtime crate in favor of symcc_runtime
* re-architect concolic smoke test and remove git submodules
* remove old submodule directories
* make coverage filter public
* focker docker build
* clippy
* clippy fixes
* fix ubuntu as well
* remove .gitmodules
* move concolic mutational stage into libafl behind feature flag
* script to install dependencies for concolic smoke test
* fix bug
* clippy
* add github action to run smoke test
* fix action
* ensure smoke test is run in correct directory
* remove devcontainer files
* address feedback
* clippy
* more clippy
* address more feedback
Co-authored-by: Dominik Maier <domenukk@gmail.com>
* builds on no_std
* fixed std build
* nightly fmt on CI
* nightly fmt on CI (again)
* fmt
* no_std build on unix
* more mem
* added no_std from #212 to gh workflow
* more ci, less nightly
* clippy
* more toolchains?
* docu
* y u no build
* more ci?
* next try
* fixed dockr
* more dockerfile fixes
* ondisk corpus fixed
* panic:?
* ubunutu
Co-authored-by: Andrea Fioraldi <andreafioraldi@gmail.com>
* Bump minimal xxhash_rust version to 0.8.2
Note that 0.8.1 bug doesn't affect current usage, but still do it just in case
* Do not use const xxh3 not in cosnt context
* ci: check every feature with cargo-hack
* fix introspection on no_std
* ci: the dev branch is not a thing anymore
* ci: run tests with --all-features
