name: build and test on: push: branches: [ main, "pr/**" ] pull_request: branches: [ main ] types: ["labeled", "opened", "synchronize", "reopened"] workflow_dispatch: merge_group: env: CARGO_TERM_COLOR: always CARGO_NET_GIT_FETCH_WITH_CLI: true MAIN_LLVM_VERSION: 18 concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: common: strategy: matrix: os: [ ubuntu-24.04, windows-latest, macOS-latest ] runs-on: ${{ matrix.os }} steps: - name: Install mimetype if: runner.os == 'Linux' run: sudo apt-get update && sudo apt-get install -y libfile-mimeinfo-perl - name: install mdbook uses: baptiste0928/cargo-install@v3 with: crate: mdbook - name: install linkcheck uses: baptiste0928/cargo-install@v3 with: crate: mdbook-linkcheck # NOTE: The current crates.io release of mdbook-linkcheck (v0.7.7) is broken # => https://github.com/Michael-F-Bryan/mdbook-linkcheck/pull/82#issuecomment-2241058491 git: https://github.com/Michael-F-Bryan/mdbook-linkcheck.git rev: 8c783c5d754d83bcd50c28fb4174854b04ece990 - uses: actions/checkout@v4 - if: runner.os == 'Linux' uses: ./.github/workflows/ubuntu-prepare - if: runner.os != 'Linux' uses: dtolnay/rust-toolchain@stable - name: Install LLVM if: runner.os == 'MacOS' run: brew install llvm@${{env.MAIN_LLVM_VERSION}} - uses: Swatinem/rust-cache@v2 with: { shared-key: "ubuntu" } if: runner.os == 'Linux' - uses: Swatinem/rust-cache@v2 if: runner.os != 'Linux' - name: Check for binary blobs if: runner.os == 'Linux' run: ./scripts/check_for_blobs.sh - name: Build libafl debug run: cargo build -p libafl - name: Test the book (Linux) # TODO: fix books test fail with updated windows-rs if: runner.os == 'Linux' run: cd docs && mdbook test -L ../target/debug/deps - name: Test the book (MacOS) if: runner.os == 'MacOS' run: cd docs && mdbook test -L ../target/debug/deps $(python3-config --ldflags | cut -d ' ' -f1) - name: Build individual libafl book examples (linux) if: runner.os == 'Linux' run: cd docs/listings/baby_fuzzer/ && just build-all - name: Run tests (Windows) if: runner.os == 'Windows' run: cargo test -- --test-threads 1 - name: Run tests (Linux) if: runner.os != 'Windows' run: cargo test -- --test-threads 1 - name: Test libafl no_std run: cd libafl && cargo test --no-default-features - name: Test libafl_bolts no_std no_alloc run: cd libafl_bolts && cargo test --no-default-features - name: Test libafl_targets no_std run: cd libafl_targets && cargo test --no-default-features ubuntu-doc-build: runs-on: ubuntu-24.04 steps: - uses: actions/checkout@v4 - uses: ./.github/workflows/ubuntu-prepare - uses: Swatinem/rust-cache@v2 # ---- doc check ---- - name: Build Docs run: cargo doc --all-features --no-deps ubuntu-doc-test: runs-on: ubuntu-24.04 steps: - uses: actions/checkout@v4 - uses: ./.github/workflows/ubuntu-prepare - uses: Swatinem/rust-cache@v2 # ---- doc check ---- - name: Test Docs run: cargo test --doc --all-features ubuntu-miri: runs-on: ubuntu-24.04 if: contains( github.event.pull_request.labels.*.name, 'pre-release') steps: - uses: actions/checkout@v4 - uses: ./.github/workflows/ubuntu-prepare with: use_nightly: 'true' - name: Add miri run: rustup +nightly component add miri - uses: Swatinem/rust-cache@v2 with: shared-key: ubuntu-miri # --- miri undefined behavior test -- - name: Run miri tests run: RUST_BACKTRACE=1 MIRIFLAGS="-Zmiri-disable-isolation" cargo miri test ubuntu: runs-on: ubuntu-24.04 steps: - name: Remove Dotnet & Haskell run: rm -rf /usr/share/dotnet && rm -rf /opt/ghc - uses: actions/checkout@v4 - uses: ./.github/workflows/ubuntu-prepare - uses: Swatinem/rust-cache@v2 with: { shared-key: "ubuntu" } # pcguard edges and pcguard hitcounts are not compatible and we need to build them seperately - name: Check pcguard edges run: cargo check --features=sancov_pcguard_edges - name: run shellcheck run: shellcheck ./scripts/*.sh # ---- build normal and examples ---- - name: Run a normal build run: cargo build --verbose # - name: Run libafl_qemu usermode tests # run: cd libafl_qemu && cargo test # - name: Run libafl_qemu systemmode tests # run: cd libafl_qemu && cargo test --no-default-features --features x86_64,systemmode - name: Build examples run: cargo build --examples --verbose ubuntu-clippy: runs-on: ubuntu-24.04 steps: - name: Remove Dotnet & Haskell run: rm -rf /usr/share/dotnet && rm -rf /opt/ghc - uses: actions/checkout@v4 - uses: ./.github/workflows/ubuntu-prepare - uses: Swatinem/rust-cache@v2 with: shared-key: "ubuntu-clippy" - name: Run clippy run: LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} ./scripts/clippy.sh # --- test embedding the libafl_libfuzzer_runtime library # Fix me plz # - name: Test Build libafl_libfuzzer with embed # run: cargo test --features=embed-runtime --manifest-path libafl_libfuzzer/Cargo.toml ubuntu-check: runs-on: ubuntu-24.04 needs: ubuntu strategy: matrix: instance_idx: [ "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "10", "11", "12", "13", "14", "15", "16", "17" ] steps: - uses: actions/checkout@v4 - uses: ./.github/workflows/ubuntu-prepare - uses: Swatinem/rust-cache@v2 with: { shared-key: "ubuntu" } # ---- build and feature check ---- # cargo-hack's --feature-powerset would be nice here but libafl has a too many knobs # Tracking: https://github.com/CensoredUsername/dynasm-rs/issues/114 # One dep of libafl_frida fails on `DOCS_RS` for stable toolchain. Therefore, we _only_ run nightly for that. # For the rest of other crates, we still use stable toolchain. - name: "Setup nightly" uses: dtolnay/rust-toolchain@nightly with: components: clippy, rustfmt - name: "But default to stable" run: rustup default stable - name: Check each feature # Skipping `python` as it has to be built with the `maturin` tool # `sancov_pcguard_edges` is tested seperatelyc run: LLVM_VERSION=18 CI_INSTANCES=18 cargo run --manifest-path ./utils/ci_splitter/Cargo.toml -- ${{ matrix.instance_idx }} ubuntu-concolic: runs-on: ubuntu-24.04 needs: ubuntu steps: - uses: dtolnay/rust-toolchain@stable - uses: actions/checkout@v4 - uses: Swatinem/rust-cache@v2 with: { shared-key: "ubuntu" } - name: Install smoke test deps run: sudo ./libafl_concolic/test/smoke_test_ubuntu_deps.sh - name: Run smoke test run: ./libafl_concolic/test/smoke_test.sh python-bindings: runs-on: ubuntu-24.04 steps: - name: Install deps run: sudo apt-get update && sudo apt-get install -y lsb-release wget software-properties-common gnupg libz3-dev - name: Install maturin run: cargo install --locked maturin - uses: actions/checkout@v4 - uses: ./.github/workflows/ubuntu-prepare - uses: Swatinem/rust-cache@v2 with: { shared-key: "ubuntu" } - name: Run a maturin build run: export LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} && cd ./bindings/pylibafl && python3 -m venv .env && . .env/bin/activate && pip install --upgrade --force-reinstall . && ./test.sh - name: Run python test run: . ./bindings/pylibafl/.env/bin/activate # && cd fuzzers/binary_only/python_qemu/ && python3 fuzzer.py 2>&1 | grep "Bye" cargo-fmt: runs-on: ubuntu-24.04 env: MAIN_LLVM_VERSION: 20 steps: - uses: actions/checkout@v4 - uses: dtolnay/rust-toolchain@nightly with: components: rustfmt - uses: Swatinem/rust-cache@v2 with: { shared-key: "ubuntu" } - name: Installing black run: python3 -m pip install black - name: Format Check run: ./scripts/fmt_all.sh check check-md-links: # fixme: use ubuntu-latest once this gets fixed https://github.com/UmbrellaDocs/action-linkspector/issues/32 runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 - name: Run linkspector uses: umbrelladocs/action-linkspector@v1 with: fail_on_error: 'true' config_file: '.github/.linkspector.yml' msrv: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: dtolnay/rust-toolchain@stable - uses: taiki-e/install-action@cargo-hack # Note: We currently only specify minimum rust versions for the default workspace members - run: cargo hack check --rust-version -p libafl -p libafl_bolts -p libafl_derive -p libafl_cc -p libafl_targets fuzzers-preflight: runs-on: ubuntu-24.04 steps: - uses: actions/checkout@v4 - name: Fuzzer in CI Check run: ./scripts/check_tested_fuzzers.sh fuzzers: name: 🚀 ${{ matrix.fuzzer }} needs: - fuzzers-preflight strategy: fail-fast: false matrix: fuzzer: # Baby - baby/baby_fuzzer_swap_differential - baby/tutorial - baby/baby_fuzzer # - baby/backtrace_baby_fuzzers - baby/baby_fuzzer_unicode - baby/baby_fuzzer_minimizing - baby/backtrace_baby_fuzzers/c_code_with_fork_executor - baby/backtrace_baby_fuzzers/c_code_with_inprocess_executor - baby/backtrace_baby_fuzzers/rust_code_with_fork_executor - baby/backtrace_baby_fuzzers/rust_code_with_inprocess_executor - baby/backtrace_baby_fuzzers/command_executor - baby/backtrace_baby_fuzzers/forkserver_executor - baby/baby_fuzzer_custom_executor # Binary-only - binary_only/fuzzbench_fork_qemu - binary_only/frida_executable_libpng # - binary_only/frida_windows_gdiplus - binary_only/frida_libpng - binary_only/fuzzbench_qemu - binary_only/intel_pt_baby_fuzzer - binary_only/intel_pt_command_executor # - binary_only/tinyinst_simple # Forkserver - forkserver/forkserver_simple - forkserver/forkserver_capture_stdout - forkserver/forkserver_libafl_cc - forkserver/fuzzbench_forkserver - forkserver/fuzzbench_forkserver_cmplog - forkserver/fuzzbench_forkserver_sand - forkserver/libafl-fuzz - forkserver/baby_fuzzer_with_forkexecutor # Full-system - full_system/nyx_launcher - full_system/nyx_libxml2_standalone - full_system/nyx_libxml2_parallel # Structure-aware - structure_aware/nautilus_sync - structure_aware/baby_fuzzer_grimoire - structure_aware/baby_fuzzer_gramatron - structure_aware/baby_fuzzer_tokens - structure_aware/baby_fuzzer_multi - structure_aware/baby_fuzzer_custom_input - structure_aware/baby_fuzzer_nautilus - structure_aware/forkserver_simple_nautilus # In-process - fuzz_anything/cargo_fuzz - inprocess/fuzzbench - inprocess/fuzzbench_text - inprocess/fuzzbench_ctx - inprocess/libfuzzer_libmozjpeg - inprocess/libfuzzer_libpng - inprocess/libfuzzer_libpng_launcher - inprocess/libfuzzer_libpng_accounting - inprocess/libfuzzer_libpng_centralized - inprocess/libfuzzer_libpng_cmin - inprocess/libfuzzer_libpng_norestart # - inprocess/libfuzzer_libpng_tcp_manager # - inprocess/libfuzzer_windows_asan - inprocess/libfuzzer_stb_image_sugar - inprocess/libfuzzer_stb_image # - structure_aware/libfuzzer_stb_image_concolic # - inprocess/sqlite_centralized_multi_machine # - inprocess/libafl_libfuzzer_windows # Fuzz Anything - fuzz_anything/push_harness - fuzz_anything/push_stage_harness - fuzz_anything/libafl_atheris - fuzz_anything/baby_no_std - fuzz_anything/baby_fuzzer_wasm runs-on: ubuntu-24.04 steps: # Get the name of the fuzzer so that we can use it as the key for a cache # of the built artefacts. The key cannot have any special characters. - name: Get fuzzer name id: fuzzer_name run: | fname=$(basename "${{ matrix.fuzzer }}") echo "fuzzer_name=$fname" >> $GITHUB_OUTPUT - name: Checkout uses: actions/checkout@v4 - name: Prepare uses: ./.github/workflows/fuzzer-tester-prepare with: fuzzer-name: ${{ matrix.fuzzer }} - name: Configure Cache uses: Swatinem/rust-cache@v2 with: # We will have these guys all share a cache (since they should share # and awful lot of their dependencies). That way we won't use up # as much space. shared-key: fuzzers-x86_64 # We want to include the commit hash to ensure the cache is replaced # on each new commit. key: ${{ github.sha }} # We will only save the cache for one of the builds. Though we could # just omit this filter and the jobs race to push to the cache, since # they would all share the same key (combining the `shared-key` and # `key`) our build would generate a load of warnings. Why this # particular fuzzer? No real reason, but we had to choose one. save-if: ${{ matrix.fuzzer == 'binary_only/frida_libpng' }} cache-all-crates: true # The code is built in the fuzzers own directory, not in the target # directory in the root of the workspace workspaces: | fuzzers/${{ matrix.fuzzer }} - name: Test if: runner.os == 'Linux' shell: bash run: | RUN_ON_CI=1 \ LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} \ cargo \ run \ --manifest-path ./utils/ci_runner/Cargo.toml \ -- \ fuzzers/${{ matrix.fuzzer }} # This job checks whether any changes have been made to the QEMU code to avoid # rebuilding and testing the QEMU related fuzzers unnecessarily as they are # more expensive to build qemu-changes: runs-on: ubuntu-24.04 permissions: pull-requests: read outputs: qemu: ${{ steps.filter.outputs.qemu }} steps: - name: Checkout uses: actions/checkout@v4 - name: Filter uses: dorny/paths-filter@v3 id: filter with: filters: | qemu: - '.github/**' - 'libafl/**' - 'libafl_bolts/**' - 'libafl_targets/**' - 'libafl_qemu/**' - 'fuzzers/**/*qemu*/**' fuzzer-unicorn: name: 🚀 full_system/unicorn runs-on: ubuntu-24.04 needs: - fuzzers-preflight strategy: fail-fast: false matrix: os: [ ubuntu-24.04 ] fuzzer: - fuzzers/full_system/unicorn steps: - uses: actions/checkout@v4 - uses: ./.github/workflows/fuzzer-tester-prepare - name: "Install dependencies" if: runner.os == 'Linux' shell: bash run: sudo apt-get update && sudo apt-get install gcc gcc-arm-linux-gnueabihf gcc-aarch64-linux-gnu gcc-riscv64-linux-gnu - name: Build and run example fuzzers (Linux) if: runner.os == 'Linux' shell: bash run: RUN_ON_CI=1 LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} cargo run --manifest-path ./utils/ci_runner/Cargo.toml -- ${{ matrix.fuzzer }} # Job to build and test the QEMU fuzzers qemu: name: 🤖 ${{ matrix.fuzzer }} needs: - fuzzers-preflight # Check that all the fuzzers listed for testing or explicitly ignored - qemu-changes # Only build if the QEMU code has changed if: ${{ needs.qemu-changes.outputs.qemu == 'true' }} strategy: matrix: fuzzer: - binary_only/qemu_cmin - binary_only/qemu_tmin - binary_only/qemu_coverage - binary_only/qemu_launcher - full_system/qemu_baremetal # - full_system/qemu_linux_kernel # - full_system/qemu_linux_process runs-on: ubuntu-24.04 container: registry.gitlab.com/qemu-project/qemu/qemu/ubuntu2204:latest steps: # Get the name of the fuzzer so that we can use it as the key for a cache # of the built artefacts. The key cannot have any special characters. - name: Get fuzzer name id: fuzzer_name run: | fname=$(basename "${{ matrix.fuzzer }}") echo "fuzzer_name=$fname" >> $GITHUB_OUTPUT - name: Checkout uses: actions/checkout@v4 - name: Prepare uses: ./.github/workflows/qemu-fuzzer-tester-prepare - name: Configure Cache uses: Swatinem/rust-cache@v2 with: # We will have each of these fuzzers have it's own cache since these # are some of the heaviest fuzzers to build. shared-key: qemu-${{ steps.fuzzer_name.outputs.fuzzer_name }}-x86_64 # We want to include the commit hash to ensure the cache is replaced # on each new commit. key: ${{ github.sha }} cache-all-crates: true # The code is built in the fuzzers own directory, not in the target # directory in the root of the workspace workspaces: | fuzzers/${{ matrix.fuzzer }} - name: Test shell: bash run: | unset RUSTC && \ ARCH=x86_64 \ RUN_ON_CI=1 \ LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} \ cargo \ run \ --manifest-path ./utils/ci_runner/Cargo.toml \ -- \ fuzzers/${{ matrix.fuzzer }} utils: name: 🔧 ${{ matrix.util }} strategy: matrix: util: - gdb_qemu runs-on: ubuntu-24.04 steps: - uses: actions/checkout@v4 - uses: ./.github/workflows/ubuntu-prepare - name: Install deps run: sudo apt-get update && sudo apt-get install -y g++-powerpc-linux-gnu gcc-powerpc-linux-gnu gdb-multiarch - name: Add rust targets shell: bash run: rustup target add --toolchain stable-x86_64-unknown-linux-gnu powerpc-unknown-linux-gnu - name: Build and run utils (Linux) if: runner.os == 'Linux' shell: bash run: just -d utils/${{ matrix.util }} --justfile utils/${{ matrix.util }}/Justfile test # Build and test librasan. The setup is common, so we use a matrix build and # use the task name at the end to select which target to build librasan: name: 🔧 librasan - ${{ matrix.task }} strategy: matrix: task: - build - test # If one task fails, then don't abandon the other fail-fast: false # Only build this if the QEMU code changes for now. Though agnostic, nobody # else has integrated librasan with other fuzzers for now. needs: - qemu-changes if: ${{ needs.qemu-changes.outputs.qemu == 'true' }} runs-on: ubuntu-24.04 steps: - name: Checkout uses: actions/checkout@v4 with: submodules: true fetch-depth: 0 - name: Prepare uses: ./.github/workflows/librasan-prepare - name: Configure Cache uses: Swatinem/rust-cache@v2 with: # Use the task name to build the cache key. We will have a separate # cache for each since they are both expensive to build and one builds # for many different architectures. shared-key: librasan-${{ matrix.task }} # We want to include the commit hash to ensure the cache is replaced # on each new commit. key: ${{ github.sha }} cache-all-crates: true # Again the artefacts aren't built in the target root directory. workspaces: | libafl_qemu/librasan # Run only for the build task - name: Build if: ${{ matrix.task == 'build' }} shell: bash run: | RUN_ON_CI=1 \ RUSTC_BOOTSTRAP=1 \ LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} \ just \ -f ./libafl_qemu/librasan/Justfile \ build_everything_dev \ build_x86_64_release # Run only for the test task - name: Test if: ${{ matrix.task == 'test' }} shell: bash run: | RUN_ON_CI=1 \ RUSTC_BOOTSTRAP=1 \ LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} \ just \ -f ./libafl_qemu/librasan/Justfile \ test_everything nostd-build: runs-on: ubuntu-24.04 steps: - uses: dtolnay/rust-toolchain@nightly with: components: rust-src - name: Add targets run: rustup target add arm-linux-androideabi && rustup target add thumbv6m-none-eabi - uses: actions/checkout@v4 - uses: Swatinem/rust-cache@v2 with: shared-key: no-std - name: Build aarch64-unknown-none run: cd fuzzers/fuzz_anything/baby_no_std && cargo build -Zbuild-std=core,alloc --target aarch64-unknown-none -v --release && cd ../.. - name: run x86_64 until panic! run: cd fuzzers/fuzz_anything/baby_no_std && cargo run || test $? -ne 0 || exit 1 - name: no_std tests run: cd ./libafl && cargo test --no-default-features nostd-clippy: runs-on: ubuntu-24.04 steps: - uses: dtolnay/rust-toolchain@stable with: components: clippy, rust-src - name: Add targets run: rustup target add arm-linux-androideabi && rustup target add thumbv6m-none-eabi - uses: actions/checkout@v4 - uses: Swatinem/rust-cache@v2 with: shared-key: no-std-clippy - name: libafl armv6m-none-eabi (32 bit no_std) clippy run: cd ./libafl && cargo clippy --target thumbv6m-none-eabi --no-default-features - name: libafl_bolts armv6m-none-eabi (32 bit no_std) clippy run: cd ./libafl_bolts && cargo clippy --target thumbv6m-none-eabi --no-default-features format-toml: runs-on: ubuntu-24.04 steps: - name: Install taplo run: curl -fsSL https://github.com/tamasfe/taplo/releases/latest/download/taplo-full-linux-x86_64.gz | gzip -d - | install -m 755 /dev/stdin /usr/local/bin/taplo - uses: actions/checkout@v4 - name: Run taplo run: taplo format --check build-docker: runs-on: ubuntu-24.04 permissions: packages: write contents: read outputs: image: ghcr.io/aflplusplus/libafl:latest steps: - name: Checkout repo uses: actions/checkout@v3 - name: Check Dockerfile for changes uses: dorny/paths-filter@v3 id: filter with: filters: | changed: - 'Dockerfile' - '.github/workflows/build_and_test.yml' - name: Restore Docker build cache if: steps.filter.outputs.changed == 'true' uses: actions/cache@v4 with: path: /tmp/.buildx-cache # We want to be able to update the cache if the Dockerfile is changed, # but still be able to use previous versions if available. key: ${{ runner.os }}-buildx-${{ github.ref }}-${{ hashFiles('Dockerfile') }} restore-keys: | ${{ runner.os }}-buildx-${{ github.ref }}- ${{ runner.os }}-buildx- - name: Set up Docker Buildx if: steps.filter.outputs.changed == 'true' uses: docker/setup-buildx-action@v3 with: driver: docker-container - name: Log in to GitHub Container Registry if: steps.filter.outputs.changed == 'true' && github.ref == 'refs/heads/main' uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build Docker image if: steps.filter.outputs.changed == 'true' uses: docker/build-push-action@v5 with: context: . file: ./Dockerfile push: ${{ github.ref == 'refs/heads/main' }} load: ${{ github.ref != 'refs/heads/main' }} tags: ghcr.io/aflplusplus/libafl:latest cache-from: | type=registry,ref=ghcr.io/aflplusplus/libafl:cache type=local,src=/tmp/.buildx-cache cache-to: | ${{ github.ref == 'refs/heads/main' && 'type=registry,ref=ghcr.io/aflplusplus/libafl:cache,mode=max' || 'type=local,dest=/tmp/.buildx-cache' }} - name: Save Docker build cache if: steps.filter.outputs.changed == 'true' uses: actions/cache@v4 with: path: /tmp/.buildx-cache # We want to be able to update the cache if the Dockerfile is changed, # but still be able to use previous versions if available. key: ${{ runner.os }}-buildx-${{ github.ref }}-${{ hashFiles('Dockerfile') }} restore-keys: | ${{ runner.os }}-buildx-${{ github.ref }}- ${{ runner.os }}-buildx- # The windows fuzzers require the same setup, so we will use a matrix build windows: name: 🚙 ${{ matrix.fuzzer }} strategy: matrix: fuzzer: - binary_only/frida_libpng - inprocess/libafl_libfuzzer_windows - inprocess/libfuzzer_stb_image - binary_only/frida_windows_gdiplus - binary_only/tinyinst_simple # - inprocess/libfuzzer_windows_asan fail-fast: false runs-on: windows-latest needs: - fuzzers-preflight - common steps: # Get the name of the fuzzer so that we can use it as the key for a cache # of the built artefacts. The key cannot have any special characters. - name: Get fuzzer name id: fuzzer_name shell: pwsh run: | $fname = Split-Path -Leaf "${{ matrix.fuzzer }}" "fuzzer_name=$fname" | Out-File -FilePath $env:GITHUB_OUTPUT -Append - name: Checkout uses: actions/checkout@v4 - name: Prepare uses: ./.github/workflows/windows-tester-prepare - name: install cxx bridge run: cargo install cxxbridge-cmd - name: Configure Cache uses: Swatinem/rust-cache@v2 with: # There aren't too many of these fuzzers, so lets just give them a # separate cache each for now. shared-key: fuzzers-windows-${{ steps.fuzzer_name.outputs.fuzzer_name }}-x86_64 # We want to include the commit hash to ensure the cache is replaced # on each new commit. key: ${{ github.sha }} cache-all-crates: true # The code is built in the fuzzers own directory, not in the target # directory in the root of the workspace workspaces: | fuzzers/${{ matrix.fuzzer }} - name: Test run: cd fuzzers/${{ matrix.fuzzer }} && just test windows-clippy: runs-on: windows-latest needs: - common steps: - uses: dtolnay/rust-toolchain@stable - uses: actions/checkout@v4 - uses: ./.github/workflows/windows-tester-prepare - uses: Swatinem/rust-cache@v2 with: shared-key: windows-clippy - name: Run real clippy, not the fake one shell: pwsh run: .\scripts\clippy.ps1 macos: runs-on: macOS-latest steps: - uses: dtolnay/rust-toolchain@stable with: components: clippy - name: Install deps run: brew install z3 gtk+3 python llvm@${{env.MAIN_LLVM_VERSION}} - name: Install cxxbridge run: cargo install cxxbridge-cmd - uses: actions/checkout@v4 - uses: Swatinem/rust-cache@v2 - name: MacOS Build run: cargo build --verbose - name: Increase map sizes run: ./scripts/shmem_limits_macos.sh - name: Clippy run: cargo clippy --tests --all --exclude libafl_nyx --exclude symcc_runtime --exclude runtime_test ubuntu-cross-android-arm64: runs-on: ubuntu-24.04 steps: - uses: dtolnay/rust-toolchain@stable - uses: nttld/setup-ndk@v1 with: ndk-version: r25b - name: install android run: rustup target add aarch64-linux-android - name: install cargo ndk run: cargo install cargo-ndk - uses: actions/checkout@v4 - uses: Swatinem/rust-cache@v2 - name: Build Android run: cd libafl && PYO3_CROSS_PYTHON_VERSION=$(python3 -c "print('{}.{}'.format(__import__('sys').version_info.major, __import__('sys').version_info.minor))") cargo ndk -t arm64-v8a build --release ubuntu-cross-android-x86_64: runs-on: ubuntu-24.04 steps: - uses: actions/checkout@v4 - uses: ./.github/workflows/ubuntu-prepare - uses: Swatinem/rust-cache@v2 - uses: nttld/setup-ndk@v1 id: setup-ndk with: ndk-version: r27c add-to-path: false - name: cargo-ndk run: cargo install cargo-ndk - name: cargo android targets run: | rustup target add x86_64-linux-android - name: Build Android env: ANDROID_NDK_HOME: ${{ steps.setup-ndk.outputs.ndk-path }} ANDROID_NDK_ROOT: ${{ steps.setup-ndk.outputs.ndk-path }} run: cargo ndk -t x86_64 build #run: cargo build --target aarch64-linux-android # TODO: Figure out how to properly build stuff with clang #- name: Add clang path to $PATH env # if: runner.os == 'Windows' # run: echo "C:\msys64\mingw64\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 #- name: Try if clang works # run: clang -v #- name: Windows Test # run: C:\Rust\.cargo\bin\cargo.exe test --verbose