* Move all unnecessary std uses to core,alloc
* More
* more fix
* more
* more
* Remove libafl-fuzz grimoire
* more
* more
* more cleanup
* remove bins
* fix
* more fix
* Fix just
* Update dockerfile
* Changes to test all architectures for qemu-user fuzzers
* Update version of QEMU
* Fix qemu on aarch64
* Fix qemu on i386
---------
Co-authored-by: Your Name <you@example.com>
* Decode with callback
* WIP restore intelpt module
* Fix build_target if target_dir doesn't exist
* WIP itelpt qemu/kvm example: bootloader
* qemu config refactoring
* Fix intel_pt_command_executor target dir
* * QEMU error refactoring*
* back to one QEMU init function
* other small things
* update test
* Bump libipt
* waitpid_filtered to ignore SIGWINCH
* Fix warnings unused manifest key: *.version
* Add export_raw feature to libafl_intelpt
* derive Debug for IntelPTHook
* Clippy
* Light refactor of EmulatorModules
* qemu is now a parameter to EmulatorModule callbacks and most function hooks.
* EmulatorModules is initialized before QEMU is initialized.
* Update target program ELF offsets
* fmt
* * asan fixed size accesses working with generics
* continue to propagate qemu argument as hook first parameter
* use pre_syscall* and post_syscall* everywhere
* fix some clippy stuff
* fmt
* Add comment to KVM pt_mode check
* refactor
* Add intel_pt_export_raw feature in libafl
* fix fuzzers
* * refactor asan and asanguest modules to avoid custom init of QEMU and use the module interface instead.
* adapt qemu_launcher example to fully work with emulator, since qemu must now be initialized by emulator.
* fmt
* clippy
* fix qemu_coverage
* fmt
* forgot qemu args in launcher
* map_error instead of unwrap
* use correct args
* Update to new libafl_qemu
* adapt api
* borrow checker friendly join_split_trace
and copy trace before deocde to prevent decoding failures
* testing stuff
* Set ip_filters (also) with builder
* Move trace to file
* Store a pt_builder in module
enable the setting of filters and other pt settings
* baby_bootloader target
* Best bootloader ever
* new builder?
* use closure for qemu config from emulator builder.
* better format
* clippy + fmt
* Fix build target
Create target directory if doesn't exist
* Remove filter on speculatively exec blocks
since also committed blocks can have this flag
* Add current ip_filters getter
* Fix possibile infinite loop in trace decode
* HW breakpoint + snapshot
* add snapshot and exit at first objective
* prefer raw pointers to slice_from_raw_parts_mut
since the latter is highly unsafe and allows more potentially dangerous reordering
* Add cpu option to QEMU config
* Add cpu option and minor improvements
* fix cargo run causing recompile
* no default devices
* windows clippy fix
* Exclude intel_pt feature from CI as all systemmode feats
* Add qemu_intel_pt_bootloader to CI
* Fix NopPageFilter
* Fix qemu_config
* Restore HW breakpoints
* Lints
* return Result for hw bp set/remove
* mark join_split_trace as unsafe
* Put the qcow2 in a tmpfs ramdisk
10x exec/sec
* Post merge fixes
* Try out libipt 0.3 alpha
* Try out libipt 0.3 alpha also in hook
* Clippy
* New libipt
* Post merge fixes
* Bump libipt
* Drive cache None
* Post merge fixes
* Use SectionInfo from libipt
* No slice::from_raw_parts_mut, just use raw pointer
* Cache the decoder builder
* Update qemu-bridge
* Add qemu -append param
* Move linux specific code to a mod, less #[cfg]s
* Add qemu initrd config
* Add qemu monitor tcp
* Add not enough ip filters message
* Fix wrong must_use
* Prevent possible infinite loop in block decoding in debug mode
* Clippy
* fix CI?
* Revert, keep libipt 0.3 and hw bp
---------
Co-authored-by: Romain Malmain <romain.malmain@pm.me>
Co-authored-by: Marco Cavenati <marco@lenovo300e>
* just port for binary only / systemmode fuzzers
* introduce just libraries, with pre-initialized variables and common recipes
---------
Co-authored-by: Dongjia "toka" Zhang <tokazerkje@outlook.com>
* drop grown address
* this clippy lint literally makes 0 sense!
* i hate you rust
* mm
* don't use drop! add comments for why alignment is not necessary
* Remove uneeded Executor trait from handlers functions + set inproc_qemu_crash_handler to pub
* Add some documentation for QemuHooks
---------
Co-authored-by: celian <cglenaz>
* make it safe
* aa
* forgot to put it back
* stateful
* comment
* lol
* aa
* aa
* aa
* win
* lol
* lol
* a
* a
* i hate rust
---------
Co-authored-by: Your Name <you@example.com>
* Make sure EM and Z remain consistent in InProcessExecutor
* first make them compile
* a
* hah
* fix intel pt
* decouple fuzzer from em
* lol
* 3
* fix tcp
* fix
* fix
* fix
* fixer
* std
* fixer
* plz
* plzplzplz
* plzplzplzplz
* mm
* more
* symbol
* a
* a
* mm
* mmm
* mmmm
* mmmmm
* ff
---------
Co-authored-by: Toka <tokazerkje@outlook.com>
* fix drcov path parsing
* refactoring of drcov tool
* add the possibility to sort addresses in drcov tools
* more aggressive clippy. it now catches more warnings as errors than before
* reduce the number of unfixable warnings displayed.
* Completely remove Input as an associated type in multiple traits
* Unify usage of Input as generic instead
* Remove many unused bounds, in particular HasCorpus
* fix multiple generic ordering
* update and fix CONTRIBUTING.md
* update MIGRATION
* use the same generic input type for new / with_max_iterations to make typing easier in most cases.
* Restore libafl_libfuzzer test in CI
* the first step of the last step
* wip
* 99% done
* 99.9% done
* 99.99
* Hello from windows
* aaa
* 99.999
* aa
* 1
* 2
* 3
* 4
* 5
* plz
* plzplzplz
---------
Co-authored-by: Your Name <you@example.com>
* remove UsesInput from libafl_qemu
* Insert I bound instead of ugly Corpus::Input stuff
* Uses a C generic for Commands
* adapt nyx api to new generics
* add qemu linux fuzzers to CI for building.
* more nyx hypercalls implemented, among them:
- panic hypercall
- range filtering hypercall
* fixed some nyx hypercalls behavior.
* added generic read / write to qemu memory
* port linux kernel example to also have nyx API, add better filtering as well.
* make nyx api structs volatile to avoid optimization issues
* Introduce a method create a Vec in place, using a closure.
* use new vec_init function in relevant places.
* removed unused unsafe keywork
* add more allocated memory r/w callbacks
* add more safety notes
* move emulator hooks to separate struct
* update QEMU version
* first step
* wip
* lol
* making progress, slowly
* add
* a bit more
* progress
* 80%done
* 90% done
* done from linux
* Hello from windows
* 1
* 2
* 3
* 4
* 5
* 6
* 7
* Hello from windows
* 9
* 10
* 11
* 11
* 12
* 13
* aa
* fixer
* a
* oops
---------
Co-authored-by: Your Name <you@example.com>
* added change_brk function for correctly handling SYS_brk
* we need to update h.brk with the new brk_val
* map back pages if brk shrunk below the snapshotted value
* fmt and clippy
* use GuestAddr instead of u64
---------
Co-authored-by: Romain Malmain <romain.malmain@pm.me>
* Nyx hypercall API support
* fix linux kernel fuzzer
* hash_me -> hash_64_fast
* fix multiple bug in kernel harness
* do not check libmozjpeg's C files format.
* Qemu config refactoring.
* QEMU error refactoring.
* Single QEMU init function.
* Light refactor of EmulatorModules.
* Qemu is now a parameter to EmulatorModule callbacks and most function hooks.
* EmulatorModules is initialized before QEMU is initialized.
* refactor asan and asanguest modules to avoid custom init of QEMU and use the module interface instead.
* asan fixed size accesses working with generics.
* use pre_syscall_* and post_syscall_* everywhere for consistency.
* adapt qemu_launcher example to fully work with Emulator, since Qemu must now be initialized by Emulator.
* start writing Emulator / EmulatorBuilder / QemuConfig doc.
* fix broken intel pt doc.
