* Fix fuzzers in docs, add them to CI (fixes#3185)
* ignore macos for now
* Ooops wrong one
* fix?
* clp
---------
Co-authored-by: Dongjia "toka" Zhang <tokazerkje@outlook.com>
* Introduce HasAflStyleTargetArguments and restore parse_afl_cmdline for CommandExecutor
* clippy
* Fix imports
* Move envs to the shared trait
* Move to a standalone file
* Format
* Gate via std and unix
* Fix
* clippy
* move InputLocation to afl_args
* clippy
* Fix
* fmt
* Fix more
* Shall last missing
* Rename to AflTargetArgs
* Fmt
* move AflTargetArgs to libafl_bolts and adapt CMainArgsBuilder to use it
* use_stdin is no longer needed
* leaveout
* Fix again
* Renaming
* Leave out lib.rs
* Leave out fmt
---------
Co-authored-by: Dongjia "toka" Zhang <tokazerkje@outlook.com>
* clean
* test thread 1
* add some error messages
* mm
* std
* mm
* aa
* pp
* fix
* change fuzzers
* fix
---------
Co-authored-by: Your Name <you@example.com>
* make fuzzer great again
* crash handlers
* hello from windows
* fk
* gee
* m
* temporary fix
* f
* mm
* CICI
* fixer
* Fix Dockerfile
* lol
* clp
* Fuck you clippy
* This lint makes no sense, 0
* ??
* a
* fix
* this lint makes 0 sense
* mm
* clp
* a
* a
* clp
* clippy
* clp
* mm
* FMT
* p
---------
Co-authored-by: Your Name <you@example.com>
Co-authored-by: toka <toka@tokas-MacBook-Air.local>
* Completely remove Input as an associated type in multiple traits
* Unify usage of Input as generic instead
* Remove many unused bounds, in particular HasCorpus
* fix multiple generic ordering
* update and fix CONTRIBUTING.md
* update MIGRATION
* use the same generic input type for new / with_max_iterations to make typing easier in most cases.
* Restore libafl_libfuzzer test in CI
* remove UsesInput from libafl_qemu
* Insert I bound instead of ugly Corpus::Input stuff
* Uses a C generic for Commands
* adapt nyx api to new generics
* add qemu linux fuzzers to CI for building.
* Qemu config refactoring.
* QEMU error refactoring.
* Single QEMU init function.
* Light refactor of EmulatorModules.
* Qemu is now a parameter to EmulatorModule callbacks and most function hooks.
* EmulatorModules is initialized before QEMU is initialized.
* refactor asan and asanguest modules to avoid custom init of QEMU and use the module interface instead.
* asan fixed size accesses working with generics.
* use pre_syscall_* and post_syscall_* everywhere for consistency.
* adapt qemu_launcher example to fully work with Emulator, since Qemu must now be initialized by Emulator.
* start writing Emulator / EmulatorBuilder / QemuConfig doc.
* fix broken intel pt doc.
* Use expect instead of allow, remove unnecessary allows
* Remove more whitelist lint warnings
* tranisitioning more subprojects
* Re-add some necessary allows
* Re-add more required allows
* Some more windows clippy fixes
* Re-add more whitelist items for expect
* More clippy whitelist fun
* Reset changes to generated files
* Reset generated files to correct version
* Move libafl_concolic to expect instead of allow
* Move libafl_frida to expect from allow
* Move libafl_libfuzzer to expect from allow
* Remove more whitelist items for macOS
* Fix unknown clippy allow
* Remove more unnecessary allow statements
* moving fuzzers
* Remove mistakenly added subdirs
* fixing imports
* Remove more unnecessary whitelisted lints
* Fix test for /home/ubuntu/LibAFL/fuzzers/inprocess/libfuzzer_libpng_accounting
* More clippy improvements for libafl_qemu
* fmt
* Some pedantic options
* Fix more stuff
* Remove Little-CMS again
* Add note to static_mut_refs
* Reset the changed testing routine since it is unnecessary
* update pyo3 to latest version
* add python bindings to workspace
* make pyo3 stuff dependent of workspace again
* adapt implementation for the newest version of pyo3
* Replace addr_of with &raw across the codebase
* fix fixes
* more fix
* undo clang fmt?
* oops
* fix?
* allocator fix
* more fix
* more more
* more docs
* more fix
* mas mas mas
* hm
* more
* fix Frida
* needed
* more error
* qemu
* libafl_qemu: Add RISCV support
Adds the following targets (as features):
- riscv32
- riscv64
Added `RISCVCPU` and `CPURISCVState` to the bindings allow list.
Added riscv.rs to the arch module, with all necessary functions and
registers implemented and mapped.
The registers are the same as the ones found in qemus gdbstub xml found
after a build.
Additionally we added all syscall numbers for riscv 64 bit (already
supported by the `syscall_numbers` crate) and also added the missing
ones for riscv 32 bit. We compared both lists and their differences /
equalities with a simple python script and generated a list of the
missing ones, to be complete.
We might PR those to the `syscall_numbers` crate later on.
---------
Co-authored-by: Romain Malmain <romain.malmain@pm.me>
* add python grammar loader for Nautilus
* fmt
* fmt toml
* add python to macos CI deps
* install python
* fmt
* ci
* clippy
* fix workflow
* fmt
* fix baby nautilus
* fix nautilus sync
* fmt
* fmt
* clippy
* typo
* fix miri
* remove pyo3 from workspace to packages which need it and make it optional
* go back to AsRef<Path> for nautilus grammar loading
* replace hardcoded python flags for macos build
* typo
* taplo fmt
* revert formatting of libafl_qemu_arch
* ci
* typo
* remove expects in NautilusContext::from_file and make them Results
* remove not(miri) clause in test
* try and fix python build fir ios and android
* again
* android
* tmate
* fix android build
* document load_python_grammar
* log if python or json when loading nautilus grammar
* make nautilus optional
* add nautilus as feature to forkserver_simple_nautilus
* nonzero_lit
* nonzero
* std instead of core
* a
* l
* test
* import
* api
* api
* aaaaa
* apiapi
* api
* api
* api
* mm
* api
* non zero
* FMT
* pls
* nnnaaasdfadsfafdsa
* pls
* MM
* fix
* a
* sat add
* aa
* mistake
* unreachable
* no generic
* api change
* a
* centralize clippy definition
* fmt
* add update bindings script
* add a checked and unchecked version of memory read to qemu stuff
also, a lot of clippy thing
* update binding position
* rm old script, new one is a bit better
* update doc
* macos clippy
* adapt fuzzers
* windows clippy
* fix fuzzer
* windows clippy
* remove old allowed clippy
* remove some allowed clippy
* use default features for serde_json in gramatron
* better error handler for failed rw to memory
* change fuzzbench_qemu
* real test
* fix qemu crash hook
* update bindings
* fix fork executor, reduce trait bound overhead
* make EdgeModule depend on observer to get ptrs.
* do not make EdgeCoverageModule::new public
* map observer as builder call
* adapt examples with new edge coverage module builder.
* TMP: everyone is a variable length map observer
* reuse profile path script
* fix absolute paths
* remove some dependencies to make pipeline faster
* compile-time builder initialization check
---------
Co-authored-by: Romain Malmain <romain.malmain@pm.me>
* versioning unification: use x.y.z format everywhere
* do not compile low-level logs (< info level) by default in fuzzers
* update dependencies to the latest versions
* add members to workspace.
* use workspace for common dependencies
* add vscode native support
---------
Co-authored-by: Toka <tokazerkje@outlook.com>
* Rand below should take a NonZero parameter
* More
* more
* More
* fix build
* bit of clippy
* more clippy
* more clippy
* More clippy
* More more
* more nonzero
* fix multipart
* Cleanup, more unsafe
* fix
* fix unicode
* clippy, fmt
* more
* More safer and more better
* MaxStackPow
* fix merge fails
* make random_slize_size faster
* fix
* more
* fix
* linux kernel (x509_cert) and process fuzzing example
* rework filters
* update to latest qemu
* working for process and kernel fuzzing
* new i2s mutator for binary only fuzzers
* refactoring modules with new filtering interface
* add state as parameter of harness
* hide unused global in usermode
* Script for stub bindings generation
* do not try to check whether it is worth generating the bindings, always
generate when the env variable is on.
* add taplo to fmt_all.sh
* Moved fuzzers (again) in a target-centric way.
* fix rust 2024 warnings.
* new libafl_qemu harness structure.
* rename qemu_systemmode into qemu_baremetal
* fix qemu baremetal makefile
* fix formatter
---------
Co-authored-by: Toka <tokazerkje@outlook.com>
* introducing MappingMutator
* extending mapping mutators
* adding example fuzzer
* making crossover mutators more flexible.
* moving example fuzzer
* fixing dependency paths
* formatting
* fixing no std error
* fixing broken docs link
* fixing import paths
* fixing imports
* more format fixing
* adding new example fuzzer to CI
* fixing further imports
* fixing formatting
* formatting fixes
* improving docs for the example fuzzer
* adding documentation and tests to mapping mutators
* make extraction function for mapped crossover mutators more general
* adding MutVecFunctionMappingMutator
* Introducing WrapsReference
* code cleanup for mapping mutators
* adding tests and docs to mapping mutators
* reformatting comments
* fixing merging of mutators in example fuzzer
* formatting
* formatting v2
* cleanup according to PR comments
* adding type constraint to MappedInput helper functions to remove the need to specify types
* matching functions passed to mapped_havoc_mutations
* removing unnecessary constraints
* mapping mutators now contain the name of their inner mutator
---------
Co-authored-by: Dominik Maier <domenukk@gmail.com>
* Add a custom typed builder for Emulator
* Unify qemu_init for usermode and systemmode
* Remove env from qemu init args (it is unused in QEMU in practice)
* expose thread hooks to systemmode
* rename qemu_config to config
* Replace ExitHandler by EmulatorDriver
* Reorder generics alphabetically for Qemu{,Fork}Executor
* Moved snapshot manager to Emulator to continue centralizing mains objects in the same structure
* Reimplementation of CommandManager working with enums instead of tables
* Macro has been adapted to do this work automatically
* Moved snapshot stuff to dedicated module
* Removed many Rc<RefCell<...>>, now useless with the removal of vtables
* Builder given by Emulator via `Emulator::builder`. Reduced trait bound overhead
* Remove stateless qemu executor
* All harnesses take a reference to an emulator as parameter now
* harness takes an emulator as first parameter, and input as second parameter (opposite of previous definition)
* bump libafl qemu dependencies to the latest version
* Helper is now called Module.
* Emulator now contains hooks state.
* Emulator is managed by QemuExecutor.
* QEMU hooks have been completely refactored on the rust side.
* Generics cleanup.
* aa
* why??????????????
* ppp
* aa
* aa
* abcde
* fixer
* ppp
* aa
* fix from windows
* sugar
* ff
* ??
* a
* to log::error
* exclude
* exclude libafl_qemu clippy on windows
* pp
* aa
---------
Co-authored-by: Your Name <you@example.com>
* Make every builder ::builder()
* Fix no_std
* More
* Fix clippy, stuff
* More fun
* Make NopShMem do something
* Alloc
* more fmt
* Remove UB in tinyinst executor builder
* Make builder order not matter for tinyinst
* More better
* fix
* docs
* fmt
* more fmt
* clippy
* fix fixes
* tiny thing
* more betterg
* more more
* more builder
* more builder
* more nyx
* undo breaking clippy
* clip
