name: build and test on: push: branches: [ main, "pr/**" ] pull_request: branches: [ main ] types: ["labeled", "opened", "synchronize", "reopened"] workflow_dispatch: merge_group: env: CARGO_TERM_COLOR: always CARGO_NET_GIT_FETCH_WITH_CLI: true MAIN_LLVM_VERSION: 18 concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: common: strategy: fail-fast: false matrix: os: [ ubuntu-24.04, windows-latest, macOS-latest ] runs-on: ${{ matrix.os }} steps: - name: Install mimetype if: runner.os == 'Linux' run: sudo apt-get update && sudo apt-get install -y libfile-mimeinfo-perl - name: install mdbook uses: baptiste0928/cargo-install@v3 with: crate: mdbook - name: install linkcheck uses: baptiste0928/cargo-install@v3 with: crate: mdbook-linkcheck # NOTE: The current crates.io release of mdbook-linkcheck (v0.7.7) is broken # => https://github.com/Michael-F-Bryan/mdbook-linkcheck/pull/82#issuecomment-2241058491 git: https://github.com/Michael-F-Bryan/mdbook-linkcheck.git rev: 8c783c5d754d83bcd50c28fb4174854b04ece990 - name: default nightly run: rustup default nightly - uses: actions/checkout@v4 - if: runner.os == 'Linux' uses: ./.github/workflows/ubuntu-prepare - uses: Swatinem/rust-cache@v2 with: { shared-key: "ubuntu" } if: runner.os == 'Linux' - uses: Swatinem/rust-cache@v2 if: runner.os != 'Linux' - name: Check for binary blobs if: runner.os == 'Linux' run: ./scripts/check_for_blobs.sh - name: Build libafl debug run: cargo build -p libafl - name: Test the book (Linux) # TODO: fix books test fail with updated windows-rs if: runner.os == 'Linux' run: cd docs && mdbook test -L ../target/debug/deps - name: Test the book (MacOS) if: runner.os == 'MacOS' run: cd docs && mdbook test -L ../target/debug/deps $(python3-config --ldflags | cut -d ' ' -f1) - name: Run tests run: cargo test - name: Test libafl no_std run: cd libafl && cargo test --no-default-features - name: Test libafl_bolts no_std no_alloc run: cd libafl_bolts && cargo test --no-default-features - name: Test libafl_targets no_std run: cd libafl_targets && cargo test --no-default-features ubuntu-doc-build: runs-on: ubuntu-24.04 steps: - uses: actions/checkout@v4 - uses: ./.github/workflows/ubuntu-prepare - uses: Swatinem/rust-cache@v2 # ---- doc check ---- - name: Build Docs run: RUSTFLAGS="--cfg docsrs" cargo +nightly doc --all-features --no-deps ubuntu-doc-test: runs-on: ubuntu-24.04 steps: - uses: actions/checkout@v4 - uses: ./.github/workflows/ubuntu-prepare - uses: Swatinem/rust-cache@v2 # ---- doc check ---- - name: Test Docs run: RUSTFLAGS="--cfg docsrs" cargo +nightly test --doc --all-features ubuntu-miri: runs-on: ubuntu-24.04 if: contains( github.event.pull_request.labels.*.name, 'pre-release') steps: - name: Add nightly clippy run: rustup toolchain install nightly --component miri --allow-downgrade - uses: actions/checkout@v4 - uses: ./.github/workflows/ubuntu-prepare - uses: Swatinem/rust-cache@v2 # --- miri undefined behavior test -- - name: Run miri tests run: RUST_BACKTRACE=1 MIRIFLAGS="-Zmiri-disable-isolation" cargo +nightly miri test ubuntu: runs-on: ubuntu-24.04 steps: - name: Remove Dotnet & Haskell run: rm -rf /usr/share/dotnet && rm -rf /opt/ghc - uses: actions/checkout@v4 - uses: ./.github/workflows/ubuntu-prepare - uses: Swatinem/rust-cache@v2 with: { shared-key: "ubuntu" } # pcguard edges and pcguard hitcounts are not compatible and we need to build them seperately - name: Check pcguard edges run: cargo check --features=sancov_pcguard_edges - name: run shellcheck run: shellcheck ./scripts/*.sh # ---- build normal and examples ---- - name: Run a normal build run: cargo build --verbose - name: Build examples run: cargo build --examples --verbose ubuntu-clippy: runs-on: ubuntu-24.04 steps: - name: Remove Dotnet & Haskell run: rm -rf /usr/share/dotnet && rm -rf /opt/ghc - name: Add nightly clippy run: rustup toolchain install nightly --component clippy --allow-downgrade && rustup default nightly - uses: actions/checkout@v4 - uses: ./.github/workflows/ubuntu-prepare - uses: Swatinem/rust-cache@v2 with: { shared-key: "ubuntu" } - name: Run clippy run: LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} ./scripts/clippy.sh # --- test embedding the libafl_libfuzzer_runtime library # Fix me plz # - name: Test Build libafl_libfuzzer with embed # run: cargo +nightly test --features=embed-runtime --manifest-path libafl_libfuzzer/Cargo.toml ubuntu-check: runs-on: ubuntu-24.04 needs: ubuntu strategy: matrix: instance_idx: [ "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "10", "11", "12", "13", "14", "15", "16", "17" ] steps: - uses: actions/checkout@v4 - uses: ./.github/workflows/ubuntu-prepare - uses: Swatinem/rust-cache@v2 with: { shared-key: "ubuntu" } # ---- build and feature check ---- # cargo-hack's --feature-powerset would be nice here but libafl has a too many knobs - name: Check each feature # Skipping `python` as it has to be built with the `maturin` tool # `sancov_pcguard_edges` is tested seperatelyc run: python3 ./scripts/parallellize_cargo_check.py ${{ matrix.instance_idx }} ubuntu-concolic: runs-on: ubuntu-24.04 needs: ubuntu steps: - name: Install curl run: sudo apt-get update && sudo apt-get install clang - uses: dtolnay/rust-toolchain@stable - uses: actions/checkout@v4 - uses: Swatinem/rust-cache@v2 with: { shared-key: "ubuntu" } - name: Install smoke test deps run: sudo ./libafl_concolic/test/smoke_test_ubuntu_deps.sh - name: Run smoke test run: ./libafl_concolic/test/smoke_test.sh python-bindings: runs-on: ubuntu-24.04 steps: - name: Install deps run: sudo apt-get update && sudo apt-get install -y lsb-release wget software-properties-common gnupg ninja-build python3-dev python3-pip python3-venv libz3-dev - name: Install maturin run: cargo install --locked maturin - uses: actions/checkout@v4 - uses: ./.github/workflows/ubuntu-prepare - uses: Swatinem/rust-cache@v2 with: { shared-key: "ubuntu" } - name: Run a maturin build run: export LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} && cd ./bindings/pylibafl && python3 -m venv .env && . .env/bin/activate && pip install --upgrade --force-reinstall . && ./test.sh - name: Run python test run: . ./bindings/pylibafl/.env/bin/activate # && cd ./fuzzers/binary_only/python_qemu/ && python3 fuzzer.py 2>&1 | grep "Bye" cargo-fmt: runs-on: ubuntu-24.04 env: MAIN_LLVM_VERSION: 19 steps: - uses: actions/checkout@v4 - uses: ./.github/workflows/ubuntu-prepare - name: Add rustfmt nightly shell: bash run: rustup component add --toolchain nightly-x86_64-unknown-linux-gnu rustfmt - uses: Swatinem/rust-cache@v2 with: { shared-key: "ubuntu" } - name: Installing black run: python3 -m pip install black - name: Format Check run: ./scripts/fmt_all.sh check check-md-links: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Install linkspector shell: bash run: sudo apt-get update && sudo apt-get install -y npm && npm install -g @umbrelladocs/linkspector - name: Run linkspector shell: bash run: ./scripts/check_md_links.sh # TODO: Use github action once it's fixed (https://github.com/UmbrellaDocs/action-linkspector/issues/20) # - name: Run linkspector # uses: umbrelladocs/action-linkspector@v1 # with: # fail_on_error: 'true' # config_file: '.github/.linkspector.yml' msrv: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: taiki-e/install-action@cargo-hack # Note: We currently only specify minimum rust versions for the default workspace members - run: cargo hack check --rust-version -p libafl -p libafl_bolts -p libafl_derive -p libafl_cc -p libafl_targets fuzzers-preflight: runs-on: ubuntu-24.04 steps: - uses: actions/checkout@v4 - name: Fuzzer in CI Check run: ./scripts/check_tested_fuzzers.sh fuzzers: needs: - fuzzers-preflight strategy: fail-fast: true matrix: os: [ ubuntu-24.04 ] fuzzer: # Baby - ./fuzzers/baby/baby_fuzzer_swap_differential - ./fuzzers/baby/tutorial - ./fuzzers/baby/baby_fuzzer # - ./fuzzers/baby/backtrace_baby_fuzzers - ./fuzzers/baby/baby_fuzzer_unicode - ./fuzzers/baby/baby_fuzzer_minimizing - ./fuzzers/baby/backtrace_baby_fuzzers/c_code_with_fork_executor - ./fuzzers/baby/backtrace_baby_fuzzers/c_code_with_inprocess_executor - ./fuzzers/baby/backtrace_baby_fuzzers/rust_code_with_fork_executor - ./fuzzers/baby/backtrace_baby_fuzzers/rust_code_with_inprocess_executor - ./fuzzers/baby/backtrace_baby_fuzzers/command_executor - ./fuzzers/baby/backtrace_baby_fuzzers/forkserver_executor - ./fuzzers/baby/baby_fuzzer_custom_executor # Binary-only - ./fuzzers/binary_only/fuzzbench_fork_qemu - ./fuzzers/binary_only/frida_executable_libpng - ./fuzzers/binary_only/frida_windows_gdiplus - ./fuzzers/binary_only/frida_libpng - ./fuzzers/binary_only/fuzzbench_qemu - ./fuzzers/binary_only/intel_pt_baby_fuzzer - ./fuzzers/binary_only/intel_pt_command_executor - ./fuzzers/binary_only/tinyinst_simple # Forkserver - ./fuzzers/forkserver/forkserver_simple - ./fuzzers/forkserver/forkserver_libafl_cc - ./fuzzers/forkserver/fuzzbench_forkserver - ./fuzzers/forkserver/fuzzbench_forkserver_cmplog - ./fuzzers/forkserver/libafl-fuzz - ./fuzzers/forkserver/baby_fuzzer_with_forkexecutor # Full-system - ./fuzzers/full_system/nyx_libxml2_standalone - ./fuzzers/full_system/nyx_libxml2_parallel # Structure-aware - ./fuzzers/structure_aware/nautilus_sync - ./fuzzers/structure_aware/baby_fuzzer_grimoire - ./fuzzers/structure_aware/baby_fuzzer_gramatron - ./fuzzers/structure_aware/baby_fuzzer_tokens - ./fuzzers/structure_aware/baby_fuzzer_multi - ./fuzzers/structure_aware/baby_fuzzer_custom_input - ./fuzzers/structure_aware/baby_fuzzer_nautilus - ./fuzzers/structure_aware/forkserver_simple_nautilus # In-process - ./fuzzers/fuzz_anything/cargo_fuzz # - ./fuzzers/inprocess/dynamic_analysis - ./fuzzers/inprocess/fuzzbench - ./fuzzers/inprocess/fuzzbench_text - ./fuzzers/inprocess/fuzzbench_ctx - ./fuzzers/inprocess/libfuzzer_libmozjpeg - ./fuzzers/inprocess/libfuzzer_libpng - ./fuzzers/inprocess/libfuzzer_libpng_launcher - ./fuzzers/inprocess/libfuzzer_libpng_accounting - ./fuzzers/inprocess/libfuzzer_libpng_centralized - ./fuzzers/inprocess/libfuzzer_libpng_cmin - ./fuzzers/inprocess/libfuzzer_libpng_norestart # - ./fuzzers/inprocess/libfuzzer_libpng_tcp_manager - ./fuzzers/inprocess/libfuzzer_stb_image_sugar - ./fuzzers/inprocess/libfuzzer_stb_image # - ./fuzzers/structure_aware/libfuzzer_stb_image_concolic # - ./fuzzers/inprocess/libfuzzer_windows_asan # - ./fuzzers/inprocess/sqlite_centralized_multi_machine # Fuzz Anything - ./fuzzers/fuzz_anything/push_harness - ./fuzzers/fuzz_anything/push_stage_harness - ./fuzzers/fuzz_anything/libafl_atheris - ./fuzzers/fuzz_anything/baby_no_std - ./fuzzers/fuzz_anything/baby_fuzzer_wasm runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v4 - uses: ./.github/workflows/fuzzer-tester-prepare - name: Build and run example fuzzers (Linux) if: runner.os == 'Linux' shell: bash run: RUN_ON_CI=1 LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} ./scripts/test_fuzzer.sh ${{ matrix.fuzzer }} changes: runs-on: ubuntu-24.04 permissions: pull-requests: read outputs: qemu: ${{ steps.filter.outputs.qemu }} steps: - uses: actions/checkout@v4 - uses: dorny/paths-filter@v3 id: filter with: filters: | qemu: - '.github/**' - 'libafl/**' - 'libafl_bolts/**' - 'libafl_targets/**' - 'libafl_qemu/**' - 'fuzzers/*qemu*/**' fuzzers-qemu: needs: - changes if: ${{ needs.changes.outputs.qemu == 'true' }} strategy: matrix: os: [ubuntu-24.04] fuzzer: # Binary only - ./fuzzers/binary_only/qemu_cmin - ./fuzzers/binary_only/qemu_coverage - ./fuzzers/binary_only/qemu_launcher # Full-system - ./fuzzers/full_system/qemu_baremetal # - ./fuzzers/full_system/qemu_linux_kernel #- ./fuzzers/full_system/qemu_linux_process runs-on: [ self-hosted, qemu ] container: registry.gitlab.com/qemu-project/qemu/qemu/ubuntu2204:latest steps: - uses: actions/checkout@v4 - uses: ./.github/workflows/qemu-fuzzer-tester-prepare - name: Build and run example QEMU fuzzers (Linux) if: runner.os == 'Linux' shell: bash run: RUN_ON_CI=1 LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} ./scripts/test_fuzzer.sh ${{ matrix.fuzzer }} nostd-build: runs-on: ubuntu-24.04 steps: - uses: dtolnay/rust-toolchain@nightly with: components: rust-src - name: Add targets run: rustup target add arm-linux-androideabi && rustup target add thumbv6m-none-eabi - uses: actions/checkout@v4 - uses: Swatinem/rust-cache@v2 - name: Build aarch64-unknown-none run: cd ./fuzzers/fuzz_anything/baby_no_std && cargo +nightly build -Zbuild-std=core,alloc --target aarch64-unknown-none -v --release && cd ../.. - name: run x86_64 until panic! run: cd ./fuzzers/fuzz_anything/baby_no_std && cargo +nightly run || test $? -ne 0 || exit 1 - name: no_std tests run: cd ./libafl && cargo test --no-default-features nostd-clippy: runs-on: ubuntu-24.04 steps: - uses: dtolnay/rust-toolchain@nightly with: components: clippy, rust-src - name: Add targets run: rustup target add arm-linux-androideabi && rustup target add thumbv6m-none-eabi - uses: actions/checkout@v4 - uses: Swatinem/rust-cache@v2 - name: libafl armv6m-none-eabi (32 bit no_std) clippy run: cd ./libafl && cargo clippy --target thumbv6m-none-eabi --no-default-features - name: Build no_std no_alloc bolts run: cd ./libafl_bolts && cargo +nightly build -Zbuild-std=core --target aarch64-unknown-none --no-default-features -v --release && cd ../ format-toml: runs-on: ubuntu-24.04 steps: - name: Install taplo run: curl -fsSL https://github.com/tamasfe/taplo/releases/latest/download/taplo-full-linux-x86_64.gz | gzip -d - | install -m 755 /dev/stdin /usr/local/bin/taplo - uses: actions/checkout@v4 - name: Run taplo run: taplo format --check build-docker: runs-on: ubuntu-24.04 steps: - uses: actions/checkout@v4 - name: Build docker run: docker build -t libafl . windows-frida-libpng: runs-on: windows-latest needs: - common steps: - uses: actions/checkout@v4 - uses: ./.github/workflows/windows-tester-prepare - name: Build fuzzers/binary_only/frida_libpng run: cd fuzzers/binary_only/frida_libpng/ && cargo make test windows-frida-libfuzzer-stb-image: runs-on: windows-latest needs: - common steps: - uses: actions/checkout@v4 - uses: ./.github/workflows/windows-tester-prepare - name: Build fuzzers/inprocess/libfuzzer_stb_image run: cd fuzzers/inprocess/libfuzzer_stb_image && cargo build --release windows-frida-gdiplus: runs-on: windows-latest needs: - common steps: - uses: actions/checkout@v4 - uses: ./.github/workflows/windows-tester-prepare - name: Build fuzzers/binary_only/frida_windows_gdiplus run: cd fuzzers/binary_only/frida_windows_gdiplus/ && cargo make test && cargo make test_cmplog windows-tinyinst-simple: runs-on: windows-latest needs: - common steps: - name: install cxx bridge run: cargo install cxxbridge-cmd - uses: actions/checkout@v4 - uses: ./.github/workflows/windows-tester-prepare - name: Build fuzzers/binary_only/tinyinst_simple run: cd fuzzers/binary_only/tinyinst_simple/ && cargo make test windows-clippy: runs-on: windows-latest needs: - common steps: - uses: dtolnay/rust-toolchain@stable - uses: actions/checkout@v4 - uses: ./.github/workflows/windows-tester-prepare - uses: Swatinem/rust-cache@v2 - name: Run real clippy, not the fake one shell: pwsh run: .\scripts\clippy.ps1 macos: runs-on: macOS-latest steps: - uses: dtolnay/rust-toolchain@stable - name: Add nightly clippy run: rustup toolchain install nightly --component clippy --allow-downgrade && rustup default nightly - name: Install deps run: brew install z3 gtk+3 python - name: Install cxxbridge run: cargo install cxxbridge-cmd - uses: actions/checkout@v4 - uses: Swatinem/rust-cache@v2 - name: MacOS Build run: cargo build --verbose - name: Increase map sizes run: ./scripts/shmem_limits_macos.sh - name: Run Tests run: cargo test - name: Clippy run: cargo +nightly clippy --tests --all --exclude libafl_nyx --exclude symcc_runtime --exclude runtime_test ios: runs-on: macOS-latest steps: - uses: dtolnay/rust-toolchain@stable - name: install ios run: rustup target add aarch64-apple-ios - uses: actions/checkout@v4 - uses: Swatinem/rust-cache@v2 - name: Build iOS run: PYO3_CROSS_PYTHON_VERSION=$(python3 -c "print('{}.{}'.format(__import__('sys').version_info.major, __import__('sys').version_info.minor))") cargo build --target aarch64-apple-ios && cd libafl_frida && cargo build --target aarch64-apple-ios && cd .. android: runs-on: ubuntu-24.04 steps: - name: Install curl run: sudo apt-get update && sudo apt-get install clang - uses: dtolnay/rust-toolchain@stable - uses: nttld/setup-ndk@v1 with: ndk-version: r25b - name: install android run: rustup target add aarch64-linux-android - name: install cargo ndk run: cargo install cargo-ndk - uses: actions/checkout@v4 - uses: Swatinem/rust-cache@v2 - name: Build Android run: cd libafl && PYO3_CROSS_PYTHON_VERSION=$(python3 -c "print('{}.{}'.format(__import__('sys').version_info.major, __import__('sys').version_info.minor))") cargo ndk -t arm64-v8a build --release #run: cargo build --target aarch64-linux-android # TODO: Figure out how to properly build stuff with clang #- name: Add clang path to $PATH env # if: runner.os == 'Windows' # run: echo "C:\msys64\mingw64\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 #- name: Try if clang works # run: clang -v #- name: Windows Test # run: C:\Rust\.cargo\bin\cargo.exe test --verbose