name: build and test on: push: branches: [ main ] pull_request: branches: [ main ] env: CARGO_TERM_COLOR: always jobs: common: strategy: matrix: os: [ubuntu-latest, windows-latest, macOS-latest] runs-on: ${{ matrix.os }} steps: - name: Install mimetype if: runner.os == 'Linux' run: sudo apt-get install libfile-mimeinfo-perl - uses: actions-rs/toolchain@v1 with: profile: minimal toolchain: nightly override: true - name: install mdbook uses: baptiste0928/cargo-install@v1.3.0 with: crate: mdbook - name: install linkcheck uses: baptiste0928/cargo-install@v1.3.0 with: crate: mdbook-linkcheck - uses: actions/checkout@v3 - uses: Swatinem/rust-cache@v2 - name: Check for binary blobs if: runner.os == 'Linux' run: ./scripts/check_for_blobs.sh - name: Build libafl debug run: cargo build -p libafl - name: Build the book run: cd docs && mdbook build - name: Test the book # TODO: fix books test fail with updated windows-rs if: runner.os != 'Windows' run: cd docs && mdbook test -L ../target/debug/deps - name: Run tests run: cargo test - name: Test libafl no_std run: cd libafl && cargo test --no-default-features - name: Test libafl_bolts no_std no_alloc run: cd libafl_bolts && cargo test --no-default-features - name: Test libafl_targets no_std run: cd libafl_targets && cargo test --no-default-features ubuntu: runs-on: ubuntu-22.04 steps: - name: Remove Dotnet & Haskell run: rm -rf /usr/share/dotnet && rm -rf /opt/ghc - uses: actions-rs/toolchain@v1 with: profile: minimal toolchain: stable - name: Install and cache deps uses: awalsh128/cache-apt-pkgs-action@v1.1.0 with: packages: llvm llvm-dev clang ninja-build clang-format-13 shellcheck libgtk-3-dev gcc-arm-linux-gnueabi g++-arm-linux-gnueabi libslirp-dev libz3-dev - name: get clang version run: command -v llvm-config && clang -v - name: Add nightly rustfmt and clippy run: rustup toolchain install nightly --component rustfmt --component clippy --component miri --allow-downgrade - uses: actions/checkout@v3 - uses: Swatinem/rust-cache@v2 # ---- format check ---- # pcguard edges and pcguard hitcounts are not compatible and we need to build them seperately - name: Check pcguard edges run: cargo check --features=sancov_pcguard_edges - name: Format run: cargo fmt -- --check - name: Cleanup run: cargo clean - name: Run clang-format style check for C/C++ programs. run: clang-format-13 -n -Werror --style=file $(find . -type f \( -name '*.cpp' -o -iname '*.hpp' -o -name '*.cc' -o -name '*.cxx' -o -name '*.cc' -o -name '*.h' \) | grep -v '/target/' | grep -v 'libpng-1\.6\.37' | grep -v 'stb_image\.h' | grep -v 'dlmalloc\.c' | grep -v 'QEMU-Nyx') - name: run shellcheck run: shellcheck ./scripts/*.sh - name: Run clippy run: ./scripts/clippy.sh # ---- doc check ---- - name: Build Docs run: cargo +nightly doc --all-features - name: Test Docs run: cargo +nightly test --doc --all-features # ---- build normal and examples ---- - name: Run a normal build run: cargo build --verbose - name: Build examples run: cargo build --examples --verbose # --- miri undefined behavior test -- - name: Run miri tests run: RUST_BACKTRACE=1 MIRIFLAGS="-Zmiri-disable-isolation" cargo +nightly miri test ubuntu-check: runs-on: ubuntu-22.04 steps: - name: Remove Dotnet & Haskell run: rm -rf /usr/share/dotnet && rm -rf /opt/ghc - uses: actions-rs/toolchain@v1 with: profile: minimal toolchain: stable - name: Install and cache deps uses: awalsh128/cache-apt-pkgs-action@v1.1.0 with: packages: llvm llvm-dev clang ninja-build clang-format-13 shellcheck libgtk-3-dev gcc-arm-linux-gnueabi g++-arm-linux-gnueabi libslirp-dev libz3-dev - name: get clang version run: command -v llvm-config && clang -v - name: Install cargo-hack run: curl -LsSf https://github.com/taiki-e/cargo-hack/releases/latest/download/cargo-hack-x86_64-unknown-linux-gnu.tar.gz | tar xzf - -C ~/.cargo/bin - name: Add nightly run: rustup toolchain install nightly --allow-downgrade - uses: actions/checkout@v3 - uses: Swatinem/rust-cache@v2 # ---- build and feature check ---- # cargo-hack's --feature-powerset would be nice here but libafl has a too many knobs - name: Check each feature # Skipping `python` as it has to be built with the `maturin` tool # `agpl`, `nautilus` require nightly # `sancov_pcguard_edges` is tested seperately run: cargo hack check --each-feature --clean-per-run --exclude-features=prelude,agpl,nautilus,python,sancov_pcguard_edges,arm,aarch64,i386,be,systemmode --no-dev-deps - name: Check nightly features run: cargo +nightly check --features=agpl && cargo +nightly check --features=nautilus ubuntu-concolic: runs-on: ubuntu-latest steps: - uses: actions-rs/toolchain@v1 with: profile: minimal toolchain: stable - uses: actions/checkout@v3 - uses: Swatinem/rust-cache@v2 - name: Install smoke test deps run: sudo ./libafl_concolic/test/smoke_test_ubuntu_deps.sh - name: Run smoke test run: ./libafl_concolic/test/smoke_test.sh bindings: runs-on: ubuntu-latest steps: - uses: actions-rs/toolchain@v1 with: profile: minimal toolchain: stable - name: Install deps run: sudo apt-get install -y llvm llvm-dev clang ninja-build python3-dev python3-pip python3-venv libz3-dev - name: Install maturin run: python3 -m pip install maturin - uses: actions/checkout@v3 - uses: Swatinem/rust-cache@v2 - name: Run a maturin build run: cd ./bindings/pylibafl && python3 -m venv .env && . .env/bin/activate && pip install --upgrade --force-reinstall . && ./test.sh - name: Run python test run: . ./bindings/pylibafl/.env/bin/activate && cd ./fuzzers/baby_fuzzer && python3 baby_fuzzer.py 2>&1 | grep "Bye" fuzzers: strategy: matrix: os: [ubuntu-latest, macos-latest] runs-on: ${{ matrix.os }} steps: - uses: actions-rs/toolchain@v1 with: profile: minimal toolchain: stable - name: Remove Dotnet (macOS) if: runner.os == 'macOS' run: rm -rf /usr/local/bin/dotnet - name: Remove Dotnet & Haskell (Linux) if: runner.os == 'Linux' run: rm -rf /usr/share/dotnet && rm -rf /opt/ghc - name: Add nightly rustfmt and clippy run: rustup toolchain install nightly --component rustfmt --component clippy --allow-downgrade - name: Add no_std toolchain run: rustup toolchain install nightly-x86_64-unknown-linux-gnu ; rustup component add rust-src --toolchain nightly-x86_64-unknown-linux-gnu - name: Add wasm target run: rustup target add wasm32-unknown-unknown - name: Install cxxbridge if: runner.os == 'macOS' run: cargo install cxxbridge-cmd - name: Install python (macOS) # Removing macOS things already installed in CI against failed linking if: runner.os == 'macOS' run: rm /usr/local/bin/2to3* /usr/local/bin/idle3* /usr/local/bin/pydoc3* /usr/local/bin/python3*; brew install --force-bottle --overwrite python - uses: lyricwulf/abc@v1 with: # todo: remove afl++-clang when nyx support samcov_pcguard linux: llvm llvm-dev clang nasm ninja-build gcc-arm-linux-gnueabi g++-arm-linux-gnueabi gcc-aarch64-linux-gnu g++-aarch64-linux-gnu gcc-mipsel-linux-gnu g++-mipsel-linux-gnu gcc-powerpc-linux-gnu g++-powerpc-linux-gnu libc6-dev-i386-cross libc6-dev libc6-dev-i386 lib32gcc-11-dev lib32stdc++-11-dev libgtk-3-dev afl++-clang pax-utils libz3-dev # update bash for macos to support `declare -A` command` macos: llvm libpng nasm coreutils z3 bash wget - name: pip install run: python3 -m pip install msgpack jinja2 find_libpython # Note that nproc needs to have coreutils installed on macOS, so the order of CI commands matters. - name: enable mult-thread for `make` run: export MAKEFLAGS="-j$(expr $(nproc) \+ 1)" - name: install cargo-make uses: baptiste0928/cargo-install@v1.3.0 with: crate: cargo-make - name: install wasm-pack uses: baptiste0928/cargo-install@v1.3.0 with: crate: wasm-pack - name: install chrome uses: browser-actions/setup-chrome@v1 with: chrome-version: stable - uses: actions/checkout@v3 with: submodules: true # recursively checkout submodules fetch-depth: 0 # to diff with origin/main - uses: Swatinem/rust-cache@v2 - name: Symlink Headers if: runner.os == 'Linux' # We can't install gcc-multilib which would usually do this for us due to collisions with other packages run: sudo ln -s /usr/include/asm-generic /usr/include/asm - name: Build and run example fuzzers (Linux) if: runner.os == 'Linux' run: RUN_ON_CI=1 ./scripts/test_all_fuzzers.sh - name: Build and run example fuzzers (macOS) if: runner.os == 'macOS' # use bash v4 run: /usr/local/bin/bash -c 'RUN_ON_CI=1 ./scripts/test_all_fuzzers.sh' executions-check: strategy: matrix: os: [ubuntu-latest, macos-latest] runs-on: ${{ matrix.os }} steps: - uses: actions-rs/toolchain@v1 with: profile: minimal toolchain: stable - name: Fix python (macOS) if: runner.os == 'macOS' run: rm /usr/local/bin/2to3* /usr/local/bin/idle3* /usr/local/bin/pydoc3* /usr/local/bin/python3* - uses: lyricwulf/abc@v1 with: linux: llvm llvm-dev clang macos: python@3.11 llvm bash coreutils - uses: actions/checkout@v3 with: submodules: true # recursively checkout submodules fetch-depth: 0 - uses: Swatinem/rust-cache@v2 - name: Build and run libfuzzer_libpng (Linux) if: runner.os == 'Linux' run: ./scripts/executions-check.sh - name: Build and run libfuzzer_libpng (macOS) if: runner.os == 'macOS' run: /usr/local/bin/bash -c './scripts/executions-check.sh' nostd-build: runs-on: ubuntu-latest steps: - uses: actions-rs/toolchain@v1 with: profile: minimal toolchain: nightly override: true components: rustfmt, clippy, rust-src - uses: actions/checkout@v3 - uses: Swatinem/rust-cache@v2 - name: Add targets run: rustup target add arm-linux-androideabi && rustup target add thumbv6m-none-eabi - name: Build aarch64-unknown-none run: cd ./fuzzers/baby_no_std && cargo +nightly build -Zbuild-std=core,alloc --target aarch64-unknown-none -v --release && cd ../.. - name: run x86_64 until panic! run: cd ./fuzzers/baby_no_std && cargo +nightly run || test $? -ne 0 || exit 1 - name: no_std tests run: cd ./libafl && cargo test --no-default-features - name: libafl armv6m-none-eabi (32 bit no_std) clippy run: cd ./libafl && cargo clippy --target thumbv6m-none-eabi --no-default-features - name: Build no_std no_alloc bolts run: cd ./libafl_bolts && cargo +nightly build -Zbuild-std=core --target aarch64-unknown-none --no-default-features -v --release && cd ../ build-docker: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - name: Build docker run: docker build -t libafl . windows: runs-on: windows-latest steps: - uses: actions-rs/toolchain@v1 with: profile: minimal toolchain: stable - uses: actions/checkout@v3 - uses: Swatinem/rust-cache@v2 - name: Windows Build run: cargo build --verbose - name: Run clippy uses: actions-rs/cargo@v1 with: command: clippy - name: Build docs run: cargo doc - name: Set LIBCLANG_PATH run: echo "LIBCLANG_PATH=$((gcm clang).source -replace "clang.exe")" >> $env:GITHUB_ENV - name: install cargo-make run: cargo install --force cargo-make - uses: ilammy/msvc-dev-cmd@v1 - name: install cxx bridge run: cargo install cxxbridge-cmd - name: Build fuzzers/frida_libpng run: cd fuzzers/frida_libpng/ && cargo make test - name: Build fuzzers/frida_gdiplus run: cd fuzzers/frida_gdiplus/ && cargo make test - name: Build fuzzers/tinyinst_simple run: cd fuzzers/tinyinst_simple/ && cargo make test macos: runs-on: macOS-latest steps: - uses: actions-rs/toolchain@v1 with: profile: minimal toolchain: stable - name: Add nightly rustfmt and clippy run: rustup toolchain install nightly --component rustfmt --component clippy --allow-downgrade - name: Install deps run: brew install z3 gtk+3 - name: Install cxxbridge run: cargo install cxxbridge-cmd - uses: actions/checkout@v3 - uses: Swatinem/rust-cache@v2 - name: MacOS Build run: cargo build --verbose - name: Run clippy run: ./scripts/clippy.sh - name: Increase map sizes run: ./scripts/shmem_limits_macos.sh - name: Run Tests run: cargo test other_targets: runs-on: macOS-latest steps: - uses: actions-rs/toolchain@v1 with: profile: minimal toolchain: stable - uses: nttld/setup-ndk@v1 with: ndk-version: r25b - name: install ios run: rustup target add aarch64-apple-ios - name: install android run: rustup target add aarch64-linux-android - name: install cargo ndk run: cargo install cargo-ndk - uses: actions/checkout@v3 - uses: Swatinem/rust-cache@v2 - name: Build iOS run: cargo build --target aarch64-apple-ios && cd libafl_frida && cargo build --target aarch64-apple-ios && cd .. - name: Build Android run: cargo ndk -t arm64-v8a build --release #run: cargo build --target aarch64-linux-android # TODO: Figure out how to properly build stuff with clang #- name: Add clang path to $PATH env # if: runner.os == 'Windows' # run: echo "C:\msys64\mingw64\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 #- name: Try if clang works # run: clang -v #- name: Windows Test # run: C:\Rust\.cargo\bin\cargo.exe test --verbose freebsd: runs-on: macos-12 name: Simple build in FreeBSD steps: - uses: actions/checkout@v3 - name: Test in FreeBSD id: test uses: vmactions/freebsd-vm@v0 with: usesh: true sync: rsync copyback: false mem: 2048 release: 13.2 prepare: | pkg install -y curl bash sudo llvm16 curl https://sh.rustup.rs -sSf | sh -s -- -y run: | freebsd-version . "$HOME/.cargo/env" rustup toolchain install nightly export LLVM_CONFIG=/usr/local/bin/llvm-config16 pwd ls -lah echo "local/bin" ls -lah /usr/local/bin/ which llvm-config chmod +x ./scripts/clippy.sh bash ./scripts/shmem_limits_fbsd.sh bash ./scripts/clippy.sh cargo test