fix: making pre/post_exec to use correct observers in case of withObserver #18545
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build and test | |
| permissions: | |
| contents: read | |
| on: | |
| push: | |
| branches: [ main, "pr/**" ] | |
| pull_request: | |
| branches: [ main ] | |
| types: ["labeled", "opened", "synchronize", "reopened"] | |
| workflow_dispatch: | |
| merge_group: | |
| env: | |
| CARGO_TERM_COLOR: always | |
| CARGO_NET_GIT_FETCH_WITH_CLI: true | |
| MAIN_LLVM_VERSION: 18 | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| common: | |
| strategy: | |
| matrix: | |
| os: [ ubuntu-24.04, windows-latest, macOS-latest ] | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - name: Install mimetype | |
| if: runner.os == 'Linux' | |
| run: sudo apt-get update && sudo apt-get install -y libfile-mimeinfo-perl | |
| - name: install mdbook | |
| uses: baptiste0928/cargo-install@v3 | |
| with: | |
| crate: mdbook | |
| - name: install linkcheck | |
| uses: baptiste0928/cargo-install@v3 | |
| with: | |
| crate: mdbook-linkcheck | |
| # NOTE: The current crates.io release of mdbook-linkcheck (v0.7.7) is broken | |
| # => https://github.com/Michael-F-Bryan/mdbook-linkcheck/pull/82#issuecomment-2241058491 | |
| git: https://github.com/Michael-F-Bryan/mdbook-linkcheck.git | |
| rev: 8c783c5d754d83bcd50c28fb4174854b04ece990 | |
| - uses: actions/checkout@v4 | |
| - uses: extractions/setup-just@v3 | |
| - if: runner.os == 'Linux' | |
| uses: ./.github/workflows/ubuntu-prepare | |
| - if: runner.os != 'Linux' | |
| uses: dtolnay/rust-toolchain@stable | |
| - name: Install LLVM | |
| if: runner.os == 'MacOS' | |
| run: brew install llvm@${{env.MAIN_LLVM_VERSION}} | |
| - uses: Swatinem/rust-cache@v2 | |
| with: { shared-key: "ubuntu" } | |
| if: runner.os == 'Linux' | |
| - uses: Swatinem/rust-cache@v2 | |
| if: runner.os != 'Linux' | |
| - name: Check for binary blobs | |
| if: runner.os == 'Linux' | |
| run: just check-blobs | |
| - name: Build libafl debug | |
| run: just build-libafl | |
| - name: Test the book (Linux) | |
| # TODO: fix books test fail with updated windows-rs | |
| if: runner.os == 'Linux' | |
| run: cd docs && mdbook test -L ../target/debug/deps | |
| - name: Test the book (MacOS) | |
| if: runner.os == 'MacOS' | |
| run: cd docs && mdbook test -L ../target/debug/deps $(python3-config --ldflags | cut -d ' ' -f1) | |
| - name: Build individual libafl book examples (linux) | |
| if: runner.os == 'Linux' | |
| run: cd docs/listings/baby_fuzzer/ && just build-all | |
| - name: Doc | |
| if: runner.os == 'Linux' | |
| run: just doc | |
| - name: Run tests (Windows) | |
| if: runner.os == 'Windows' | |
| run: just test-serial | |
| - name: Run tests (Linux) | |
| if: runner.os != 'Windows' | |
| run: just test-serial | |
| ubuntu-doc-build: | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/workflows/ubuntu-prepare | |
| - uses: Swatinem/rust-cache@v2 | |
| # ---- doc check ---- | |
| - name: Build Docs | |
| run: just doc | |
| ubuntu-doc-test: | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/workflows/ubuntu-prepare | |
| - uses: Swatinem/rust-cache@v2 | |
| # ---- doc check ---- | |
| - name: Test Docs | |
| run: just test-docs | |
| ubuntu-miri: | |
| runs-on: ubuntu-24.04 | |
| if: contains( github.event.pull_request.labels.*.name, 'pre-release') | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/workflows/ubuntu-prepare | |
| with: | |
| use_nightly: 'true' | |
| - name: Add miri | |
| run: rustup +nightly component add miri | |
| - uses: Swatinem/rust-cache@v2 | |
| with: | |
| shared-key: ubuntu-miri | |
| # --- miri undefined behavior test -- | |
| - name: Run miri tests | |
| run: just test-miri | |
| ubuntu: | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Remove Dotnet & Haskell | |
| run: rm -rf /usr/share/dotnet && rm -rf /opt/ghc | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/workflows/ubuntu-prepare | |
| - uses: Swatinem/rust-cache@v2 | |
| with: { shared-key: "ubuntu" } | |
| # pcguard edges and pcguard hitcounts are not compatible and we need to build them seperately | |
| - name: Check pcguard edges | |
| run: just check-sancov-edges | |
| - name: run shellcheck | |
| run: just shellcheck | |
| # ---- build normal and examples ---- | |
| - name: Run a normal build | |
| run: just build | |
| # - name: Run libafl_qemu usermode tests | |
| # run: cd crates/libafl_qemu && cargo test | |
| # - name: Run libafl_qemu systemmode tests | |
| # run: cd crates/libafl_qemu && cargo test --no-default-features --features x86_64,systemmode | |
| - name: Build examples | |
| run: just examples | |
| ubuntu-clippy: | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Remove Dotnet & Haskell | |
| run: rm -rf /usr/share/dotnet && rm -rf /opt/ghc | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/workflows/ubuntu-prepare | |
| - uses: Swatinem/rust-cache@v2 | |
| with: | |
| shared-key: "ubuntu-clippy" | |
| - name: Run clippy | |
| run: LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} ./scripts/clippy.sh | |
| # --- test embedding the libafl_libfuzzer_runtime library | |
| # Fix me plz | |
| # - name: Test Build libafl_libfuzzer with embed | |
| # run: cargo test --features=embed-runtime --manifest-path libafl_libfuzzer/Cargo.toml | |
| ubuntu-check: | |
| runs-on: ubuntu-24.04 | |
| needs: ubuntu | |
| strategy: | |
| matrix: | |
| instance_idx: [ "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "10", "11", "12", "13", "14", "15", "16", "17" ] | |
| fail-fast: false | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/workflows/ubuntu-prepare | |
| - uses: Swatinem/rust-cache@v2 | |
| with: { shared-key: "ubuntu" } | |
| # ---- build and feature check ---- | |
| # cargo-hack's --feature-powerset would be nice here but libafl has a too many knobs | |
| # Tracking: https://github.com/CensoredUsername/dynasm-rs/issues/114 | |
| # One dep of libafl_frida fails on `DOCS_RS` for stable toolchain. Therefore, we _only_ run nightly for that. | |
| # For the rest of other crates, we still use stable toolchain. | |
| - uses: extractions/setup-just@v3 | |
| - name: "Setup nightly" | |
| uses: dtolnay/rust-toolchain@nightly | |
| with: | |
| components: clippy, rustfmt | |
| - name: "But default to stable" | |
| run: rustup default stable | |
| - name: Check each feature | |
| # Skipping `python` as it has to be built with the `maturin` tool | |
| # `sancov_pcguard_edges` is tested seperatelyc | |
| run: just check-features ${{ matrix.instance_idx }} | |
| # idk why bindgen generates a corrupted file only on CI. | |
| # ubuntu-concolic: | |
| # runs-on: ubuntu-24.04 | |
| # needs: ubuntu | |
| # steps: | |
| # - uses: dtolnay/rust-toolchain@stable | |
| # - uses: actions/checkout@v4 | |
| # - uses: Swatinem/rust-cache@v2 | |
| # with: { shared-key: "ubuntu" } | |
| # - name: Install smoke test deps | |
| # run: sudo ./crates/libafl_concolic/test/smoke_test_ubuntu_deps.sh | |
| # - name: Run smoke test | |
| # run: ./crates/libafl_concolic/test/smoke_test.sh | |
| # | |
| python-bindings: | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Install deps | |
| run: sudo apt-get update && sudo apt-get install -y lsb-release wget software-properties-common gnupg libz3-dev | |
| - name: Install maturin | |
| run: cargo install --locked maturin | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/workflows/ubuntu-prepare | |
| - uses: Swatinem/rust-cache@v2 | |
| with: { shared-key: "ubuntu" } | |
| - name: Run a maturin build | |
| run: export LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} && just build-python | |
| - name: Run python test | |
| run: . ./bindings/pylibafl/.env/bin/activate # && cd fuzzers/binary_only/python_qemu/ && python3 fuzzer.py 2>&1 | grep "Bye" | |
| cargo-fmt: | |
| runs-on: ubuntu-24.04 | |
| env: | |
| MAIN_LLVM_VERSION: 21 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: extractions/setup-just@v3 | |
| - uses: dtolnay/rust-toolchain@nightly | |
| with: | |
| components: rustfmt | |
| - uses: Swatinem/rust-cache@v2 | |
| with: { shared-key: "ubuntu" } | |
| - uses: extractions/setup-just@v3 | |
| - name: Installing black | |
| run: python3 -m pip install black | |
| - name: Format Check | |
| run: just check-fmt | |
| check-md-links: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Run linkspector | |
| uses: umbrelladocs/action-linkspector@v1 | |
| with: | |
| fail_on_error: 'true' | |
| config_file: '.github/.linkspector.yml' | |
| msrv: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: extractions/setup-just@v3 | |
| - uses: dtolnay/rust-toolchain@stable | |
| - uses: taiki-e/install-action@cargo-hack | |
| # Note: We currently only specify minimum rust versions for the default workspace members | |
| - run: just msrv | |
| fuzzers-preflight: | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: extractions/setup-just@v3 | |
| - name: Fuzzer in CI Check | |
| run: just fuzzers-preflight | |
| fuzzers: | |
| name: 🚀 ${{ matrix.fuzzer }} | |
| needs: | |
| - fuzzers-preflight | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| fuzzer: | |
| # Baby | |
| - baby/baby_fuzzer_swap_differential | |
| - baby/tutorial | |
| - baby/baby_fuzzer | |
| # - baby/backtrace_baby_fuzzers | |
| - baby/baby_fuzzer_unicode | |
| - baby/baby_fuzzer_minimizing | |
| - baby/backtrace_baby_fuzzers/c_code_with_fork_executor | |
| - baby/backtrace_baby_fuzzers/c_code_with_inprocess_executor | |
| - baby/backtrace_baby_fuzzers/rust_code_with_fork_executor | |
| - baby/backtrace_baby_fuzzers/rust_code_with_inprocess_executor | |
| - baby/backtrace_baby_fuzzers/command_executor | |
| - baby/backtrace_baby_fuzzers/forkserver_executor | |
| - baby/baby_fuzzer_custom_executor | |
| # Binary-only | |
| - binary_only/fuzzbench_fork_qemu | |
| - binary_only/frida_executable_libpng | |
| # - binary_only/frida_windows_gdiplus | |
| - binary_only/frida_crash_repro | |
| - binary_only/frida_libpng | |
| - binary_only/fuzzbench_qemu | |
| - binary_only/intel_pt_baby_fuzzer | |
| - binary_only/intel_pt_command_executor | |
| - binary_only/tinyinst_simple | |
| # Forkserver | |
| - forkserver/forkserver_simple | |
| - forkserver/forkserver_capture_stdout | |
| - forkserver/forkserver_libafl_cc | |
| - forkserver/fuzzbench_forkserver | |
| - forkserver/fuzzbench_forkserver_cmplog | |
| - forkserver/fuzzbench_forkserver_sand | |
| - forkserver/libafl-fuzz | |
| - forkserver/baby_fuzzer_with_forkexecutor | |
| # Full-system | |
| - full_system/nyx_launcher | |
| - full_system/nyx_libxml2_standalone | |
| - full_system/nyx_libxml2_parallel | |
| # Structure-aware | |
| - structure_aware/nautilus_sync | |
| - structure_aware/baby_fuzzer_grimoire | |
| - structure_aware/baby_fuzzer_gramatron | |
| - structure_aware/baby_fuzzer_tokens | |
| - structure_aware/baby_fuzzer_multi | |
| - structure_aware/baby_fuzzer_custom_input | |
| - structure_aware/baby_fuzzer_nautilus | |
| - structure_aware/forkserver_simple_nautilus | |
| # In-process | |
| - fuzz_anything/cargo_fuzz | |
| - inprocess/fuzzbench | |
| - inprocess/fuzzbench_text | |
| - inprocess/fuzzbench_ctx | |
| - inprocess/libfuzzer_libmozjpeg | |
| - inprocess/libfuzzer_libpng | |
| - inprocess/libfuzzer_libpng_launcher | |
| - inprocess/libfuzzer_libpng_accounting | |
| - inprocess/libfuzzer_libpng_centralized | |
| - inprocess/libfuzzer_libpng_cmin | |
| - inprocess/libfuzzer_libpng_norestart | |
| # - inprocess/libfuzzer_libpng_tcp_manager | |
| # - inprocess/libfuzzer_windows_asan | |
| - inprocess/libfuzzer_stb_image_sugar | |
| - inprocess/libfuzzer_stb_image | |
| - structure_aware/libfuzzer_stb_image_concolic | |
| # - inprocess/sqlite_centralized_multi_machine | |
| # - inprocess/libafl_libfuzzer_windows | |
| # Fuzz Anything | |
| - fuzz_anything/push_harness | |
| - fuzz_anything/push_stage_harness | |
| - fuzz_anything/libafl_atheris | |
| - fuzz_anything/baby_no_std | |
| - fuzz_anything/baby_fuzzer_wasm | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| # Get the name of the fuzzer so that we can use it as the key for a cache | |
| # of the built artefacts. The key cannot have any special characters. | |
| - name: Get fuzzer name | |
| id: fuzzer_name | |
| run: | | |
| fname=$(basename "${{ matrix.fuzzer }}") | |
| echo "fuzzer_name=$fname" >> $GITHUB_OUTPUT | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Prepare | |
| uses: ./.github/workflows/fuzzer-tester-prepare | |
| with: | |
| fuzzer-name: ${{ matrix.fuzzer }} | |
| - name: Configure Cache | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| # We will have these guys all share a cache (since they should share | |
| # and awful lot of their dependencies). That way we won't use up | |
| # as much space. | |
| shared-key: fuzzers-x86_64 | |
| # We want to include the commit hash to ensure the cache is replaced | |
| # on each new commit. | |
| key: ${{ github.sha }} | |
| # We will only save the cache for one of the builds. Though we could | |
| # just omit this filter and the jobs race to push to the cache, since | |
| # they would all share the same key (combining the `shared-key` and | |
| # `key`) our build would generate a load of warnings. Why this | |
| # particular fuzzer? No real reason, but we had to choose one. | |
| save-if: ${{ matrix.fuzzer == 'binary_only/frida_libpng' }} | |
| cache-all-crates: true | |
| # The code is built in the fuzzers own directory, not in the target | |
| # directory in the root of the workspace | |
| workspaces: | | |
| fuzzers/${{ matrix.fuzzer }} | |
| - name: Test | |
| if: runner.os == 'Linux' | |
| shell: bash | |
| run: | | |
| LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} \ | |
| just test-fuzzer fuzzers/${{ matrix.fuzzer }} | |
| # This job checks whether any changes have been made to the QEMU code to avoid | |
| # rebuilding and testing the QEMU related fuzzers unnecessarily as they are | |
| # more expensive to build | |
| qemu-changes: | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| pull-requests: read | |
| outputs: | |
| qemu: ${{ steps.filter.outputs.qemu }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Filter | |
| uses: dorny/paths-filter@v3 | |
| id: filter | |
| with: | |
| filters: | | |
| qemu: | |
| - '.github/**' | |
| - 'libafl/**' | |
| - 'libafl_bolts/**' | |
| - 'libafl_targets/**' | |
| - 'libafl_qemu/**' | |
| - 'fuzzers/**/*qemu*/**' | |
| fuzzer-unicorn: | |
| name: 🚀 full_system/unicorn | |
| runs-on: ubuntu-24.04 | |
| needs: | |
| - fuzzers-preflight | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ ubuntu-24.04 ] | |
| fuzzer: | |
| - fuzzers/full_system/unicorn | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/workflows/fuzzer-tester-prepare | |
| - name: "Install dependencies" | |
| if: runner.os == 'Linux' | |
| shell: bash | |
| run: sudo apt-get update && sudo apt-get install gcc gcc-arm-linux-gnueabihf gcc-aarch64-linux-gnu gcc-riscv64-linux-gnu | |
| - name: Build and run example fuzzers (Linux) | |
| if: runner.os == 'Linux' | |
| shell: bash | |
| run: LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} just test-fuzzer ${{ matrix.fuzzer }} | |
| # Job to build and test the QEMU fuzzers | |
| qemu-user: | |
| name: 🤖 ${{ matrix.fuzzer }} | |
| needs: | |
| - fuzzers-preflight # Check that all the fuzzers listed for testing or explicitly ignored | |
| - qemu-changes # Only build if the QEMU code has changed | |
| if: ${{ needs.qemu-changes.outputs.qemu == 'true' }} | |
| strategy: | |
| matrix: | |
| fuzzer: | |
| - binary_only/qemu_cmin | |
| - binary_only/qemu_tmin | |
| - binary_only/qemu_coverage | |
| - binary_only/qemu_launcher | |
| # - full_system/qemu_linux_kernel | |
| # - full_system/qemu_linux_process | |
| runs-on: ubuntu-24.04 | |
| # container: registry.gitlab.com/qemu-project/qemu/qemu/ubuntu2204:latest | |
| steps: | |
| # Get the name of the fuzzer so that we can use it as the key for a cache | |
| # of the built artefacts. The key cannot have any special characters. | |
| - name: Get fuzzer name | |
| id: fuzzer_name | |
| run: | | |
| fname=$(basename "${{ matrix.fuzzer }}") | |
| echo "fuzzer_name=$fname" >> $GITHUB_OUTPUT | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Prepare | |
| uses: ./.github/workflows/qemu-fuzzer-tester-prepare | |
| - name: Configure Cache | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| # We will have each of these fuzzers have it's own cache since these | |
| # are some of the heaviest fuzzers to build. | |
| shared-key: qemu-${{ steps.fuzzer_name.outputs.fuzzer_name }}-x86_64 | |
| # We want to include the commit hash to ensure the cache is replaced | |
| # on each new commit. | |
| key: ${{ github.sha }} | |
| cache-all-crates: true | |
| # The code is built in the fuzzers own directory, not in the target | |
| # directory in the root of the workspace | |
| workspaces: | | |
| fuzzers/${{ matrix.fuzzer }} | |
| - name: Test | |
| shell: bash | |
| run: | | |
| unset RUSTC && \ | |
| ARCH=x86_64 \ | |
| LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} \ | |
| just test-fuzzer fuzzers/${{ matrix.fuzzer }} | |
| # Job to build and test the QEMU fuzzers | |
| qemu-system: | |
| name: 🤖 ${{ matrix.fuzzer }} | |
| needs: | |
| - fuzzers-preflight # Check that all the fuzzers listed for testing or explicitly ignored | |
| - qemu-changes # Only build if the QEMU code has changed | |
| if: ${{ needs.qemu-changes.outputs.qemu == 'true' }} | |
| strategy: | |
| matrix: | |
| fuzzer: | |
| - full_system/qemu_baremetal | |
| - full_system/qemu_linux_kernel | |
| # - full_system/qemu_linux_process | |
| runs-on: ubuntu-24.04 | |
| # container: registry.gitlab.com/qemu-project/qemu/qemu/ubuntu2204:latest | |
| steps: | |
| # Get the name of the fuzzer so that we can use it as the key for a cache | |
| # of the built artefacts. The key cannot have any special characters. | |
| - name: Get fuzzer name | |
| id: fuzzer_name | |
| run: | | |
| fname=$(basename "${{ matrix.fuzzer }}") | |
| echo "fuzzer_name=$fname" >> $GITHUB_OUTPUT | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Prepare | |
| uses: ./.github/workflows/qemu-fuzzer-tester-prepare | |
| - name: Configure Cache | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| # We will have each of these fuzzers have it's own cache since these | |
| # are some of the heaviest fuzzers to build. | |
| shared-key: qemu-${{ steps.fuzzer_name.outputs.fuzzer_name }}-arm | |
| # We want to include the commit hash to ensure the cache is replaced | |
| # on each new commit. | |
| key: ${{ github.sha }} | |
| cache-all-crates: true | |
| # The code is built in the fuzzers own directory, not in the target | |
| # directory in the root of the workspace | |
| workspaces: | | |
| fuzzers/${{ matrix.fuzzer }} | |
| - name: Test | |
| shell: bash | |
| run: | | |
| unset RUSTC && \ | |
| ARCH=arm \ | |
| LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} \ | |
| just test-fuzzer fuzzers/${{ matrix.fuzzer }} | |
| # Job to build and test the QEMU fuzzers | |
| qemu-system-i386: | |
| name: 🤖 ${{ matrix.fuzzer }} (i386) | |
| needs: | |
| - fuzzers-preflight # Check that all the fuzzers listed for testing or explicitly ignored | |
| - qemu-changes # Only build if the QEMU code has changed | |
| if: ${{ needs.qemu-changes.outputs.qemu == 'true' }} | |
| strategy: | |
| matrix: | |
| fuzzer: | |
| - full_system/qemu_baremetal | |
| runs-on: ubuntu-24.04 | |
| # container: registry.gitlab.com/qemu-project/qemu/qemu/ubuntu2204:latest | |
| steps: | |
| # Get the name of the fuzzer so that we can use it as the key for a cache | |
| # of the built artefacts. The key cannot have any special characters. | |
| - name: Get fuzzer name | |
| id: fuzzer_name | |
| run: | | |
| fname=$(basename "${{ matrix.fuzzer }}") | |
| echo "fuzzer_name=$fname" >> $GITHUB_OUTPUT | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Prepare | |
| uses: ./.github/workflows/qemu-fuzzer-tester-prepare | |
| - name: Configure Cache | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| # We will have each of these fuzzers have it's own cache since these | |
| # are some of the heaviest fuzzers to build. | |
| shared-key: qemu-${{ steps.fuzzer_name.outputs.fuzzer_name }}-i386 | |
| # We want to include the commit hash to ensure the cache is replaced | |
| # on each new commit. | |
| key: ${{ github.sha }} | |
| cache-all-crates: true | |
| # The code is built in the fuzzers own directory, not in the target | |
| # directory in the root of the workspace | |
| workspaces: | | |
| fuzzers/${{ matrix.fuzzer }} | |
| - name: "Install dependencies" | |
| if: runner.os == 'Linux' | |
| shell: bash | |
| run: sudo apt update && sudo apt -y install gcc-i686-linux-gnu g++-i686-linux-gnu && rustup target add i686-unknown-linux-gnu | |
| - name: Test | |
| shell: bash | |
| run: | | |
| unset RUSTC && cd fuzzers/${{ matrix.fuzzer }} && ARCH=i386 LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} just build-multiarch | |
| utils: | |
| name: 🔧 ${{ matrix.util }} | |
| strategy: | |
| matrix: | |
| util: | |
| - gdb_qemu | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/workflows/ubuntu-prepare | |
| - name: Install deps | |
| run: sudo apt-get update && sudo apt-get install -y g++-powerpc-linux-gnu gcc-powerpc-linux-gnu gdb-multiarch | |
| - name: Add rust targets | |
| shell: bash | |
| run: rustup target add --toolchain stable-x86_64-unknown-linux-gnu powerpc-unknown-linux-gnu | |
| - name: Build and run utils (Linux) | |
| if: runner.os == 'Linux' | |
| shell: bash | |
| run: just -d utils/${{ matrix.util }} --justfile utils/${{ matrix.util }}/Justfile test | |
| libafl_asan: | |
| name: 🔧 libafl_asan | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| fetch-depth: 0 | |
| - name: Prepare | |
| uses: ./.github/workflows/asan-prepare | |
| - name: Configure Cache | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| # Use the task name to build the cache key. We will have a separate | |
| # cache for each since they are both expensive to build and one builds | |
| # for many different architectures. | |
| shared-key: libafl_asan | |
| # We want to include the commit hash to ensure the cache is replaced | |
| # on each new commit. | |
| key: ${{ github.sha }} | |
| cache-all-crates: true | |
| # Again the artefacts aren't built in the target root directory. | |
| workspaces: | | |
| libafl_asan | |
| - name: Test | |
| shell: bash | |
| run: | | |
| RUN_ON_CI=1 \ | |
| RUSTC_BOOTSTRAP=1 \ | |
| LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} \ | |
| just \ | |
| -f ./crates/libafl_asan/Justfile \ | |
| test_everything | |
| libafl_qemu_asan: | |
| name: 🔧 libafl_qemu_asan | |
| needs: | |
| - qemu-changes | |
| if: ${{ needs.qemu-changes.outputs.qemu == 'true' }} | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| fetch-depth: 0 | |
| - name: Prepare | |
| uses: ./.github/workflows/asan-prepare | |
| - name: Configure Cache | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| # Use the task name to build the cache key. We will have a separate | |
| # cache for each since they are both expensive to build and one builds | |
| # for many different architectures. | |
| shared-key: libafl_qemu_asan | |
| # We want to include the commit hash to ensure the cache is replaced | |
| # on each new commit. | |
| key: ${{ github.sha }} | |
| cache-all-crates: true | |
| # Again the artefacts aren't built in the target root directory. | |
| workspaces: | | |
| libafl_qemu/libafl_qemu_asan | |
| - name: Build | |
| shell: bash | |
| run: | | |
| RUN_ON_CI=1 \ | |
| RUSTC_BOOTSTRAP=1 \ | |
| LLVM_CONFIG=llvm-config-${{env.MAIN_LLVM_VERSION}} \ | |
| just \ | |
| -f ./crates/libafl_qemu/libafl_qemu_asan/Justfile \ | |
| build_everything_dev \ | |
| build_x86_64_release | |
| nostd-build: | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: dtolnay/rust-toolchain@nightly | |
| with: | |
| components: rust-src | |
| - name: Add targets | |
| run: rustup target add arm-linux-androideabi && rustup target add thumbv6m-none-eabi | |
| - uses: actions/checkout@v4 | |
| - uses: extractions/setup-just@v3 | |
| - uses: Swatinem/rust-cache@v2 | |
| with: | |
| shared-key: no-std | |
| - name: Test no-std | |
| run: just test-no-std | |
| - name: Build aarch64-unknown-none | |
| run: just build-aarch64-unknown-none | |
| x86-i686-build: | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: dtolnay/rust-toolchain@nightly | |
| with: | |
| components: rust-src | |
| - name: add x86 i686 target | |
| run: rustup target add i686-unknown-linux-gnu | |
| - name: Install x86 build dependencies / multilib | |
| run: sudo apt update && sudo apt -y install gcc-multilib g++-multilib | |
| - uses: actions/checkout@v4 | |
| - uses: extractions/setup-just@v3 | |
| - uses: Swatinem/rust-cache@v2 | |
| with: | |
| shared-key: x86-i686 | |
| - name: test | |
| run: just check-i686 | |
| nostd-clippy: | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: dtolnay/rust-toolchain@stable | |
| with: | |
| components: clippy, rust-src | |
| - name: Add targets | |
| run: rustup target add arm-linux-androideabi && rustup target add thumbv6m-none-eabi | |
| - uses: actions/checkout@v4 | |
| - uses: extractions/setup-just@v3 | |
| - uses: Swatinem/rust-cache@v2 | |
| with: | |
| shared-key: no-std-clippy | |
| - name: Clippy thumbv6m-none-eabi | |
| run: just clippy-thumbv6m-none-eabi | |
| format-toml: | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Install taplo | |
| run: curl -fsSL https://github.com/tamasfe/taplo/releases/download/0.10.0/taplo-linux-x86_64.gz | gzip -d - | install -m 755 /dev/stdin /usr/local/bin/taplo | |
| - uses: actions/checkout@v4 | |
| - uses: extractions/setup-just@v3 | |
| - name: Run taplo | |
| run: just check-toml | |
| build-docker: | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| packages: write | |
| contents: read | |
| outputs: | |
| image: ghcr.io/aflplusplus/libafl:latest | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@v3 | |
| - name: Check Dockerfile for changes | |
| uses: dorny/paths-filter@v3 | |
| id: filter | |
| with: | |
| filters: | | |
| changed: | |
| - 'Dockerfile' | |
| - '.github/workflows/build_and_test.yml' | |
| - name: Restore Docker build cache | |
| if: steps.filter.outputs.changed == 'true' | |
| uses: actions/cache@v4 | |
| with: | |
| path: /tmp/.buildx-cache | |
| # We want to be able to update the cache if the Dockerfile is changed, | |
| # but still be able to use previous versions if available. | |
| key: ${{ runner.os }}-buildx-${{ github.ref }}-${{ hashFiles('Dockerfile') }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx-${{ github.ref }}- | |
| ${{ runner.os }}-buildx- | |
| - name: Set up Docker Buildx | |
| if: steps.filter.outputs.changed == 'true' | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| driver: docker-container | |
| - name: Log in to GitHub Container Registry | |
| if: steps.filter.outputs.changed == 'true' && github.ref == 'refs/heads/main' | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build Docker image | |
| if: steps.filter.outputs.changed == 'true' | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ./Dockerfile | |
| push: ${{ github.ref == 'refs/heads/main' }} | |
| load: ${{ github.ref != 'refs/heads/main' }} | |
| tags: | |
| ghcr.io/aflplusplus/libafl:latest | |
| cache-from: | | |
| type=registry,ref=ghcr.io/aflplusplus/libafl:cache | |
| type=local,src=/tmp/.buildx-cache | |
| cache-to: | | |
| ${{ github.ref == 'refs/heads/main' && 'type=registry,ref=ghcr.io/aflplusplus/libafl:cache,mode=max' || 'type=local,dest=/tmp/.buildx-cache' }} | |
| - name: Save Docker build cache | |
| if: steps.filter.outputs.changed == 'true' | |
| uses: actions/cache@v4 | |
| with: | |
| path: /tmp/.buildx-cache | |
| # We want to be able to update the cache if the Dockerfile is changed, | |
| # but still be able to use previous versions if available. | |
| key: ${{ runner.os }}-buildx-${{ github.ref }}-${{ hashFiles('Dockerfile') }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx-${{ github.ref }}- | |
| ${{ runner.os }}-buildx- | |
| # The windows fuzzers require the same setup, so we will use a matrix build | |
| windows: | |
| name: 🚙 ${{ matrix.fuzzer }} | |
| strategy: | |
| matrix: | |
| fuzzer: | |
| - binary_only/frida_libpng | |
| - inprocess/libafl_libfuzzer_windows | |
| - inprocess/libfuzzer_stb_image | |
| - binary_only/frida_windows_gdiplus | |
| - binary_only/tinyinst_simple | |
| # - inprocess/libfuzzer_windows_asan | |
| fail-fast: false | |
| runs-on: windows-latest | |
| needs: | |
| - fuzzers-preflight | |
| - common | |
| steps: | |
| # Get the name of the fuzzer so that we can use it as the key for a cache | |
| # of the built artefacts. The key cannot have any special characters. | |
| - name: Get fuzzer name | |
| id: fuzzer_name | |
| shell: pwsh | |
| run: | | |
| $fname = Split-Path -Leaf "${{ matrix.fuzzer }}" | |
| "fuzzer_name=$fname" | Out-File -FilePath $env:GITHUB_OUTPUT -Append | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Prepare | |
| uses: ./.github/workflows/windows-tester-prepare | |
| - name: install cxx bridge | |
| # Needs to match version in tinyinst-rs | |
| run: cargo install cxxbridge-cmd@=1.0.190 | |
| - name: Configure Cache | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| # There aren't too many of these fuzzers, so lets just give them a | |
| # separate cache each for now. | |
| shared-key: fuzzers-windows-${{ steps.fuzzer_name.outputs.fuzzer_name }}-x86_64 | |
| # We want to include the commit hash to ensure the cache is replaced | |
| # on each new commit. | |
| key: ${{ github.sha }} | |
| cache-all-crates: true | |
| # The code is built in the fuzzers own directory, not in the target | |
| # directory in the root of the workspace | |
| workspaces: | | |
| fuzzers/${{ matrix.fuzzer }} | |
| - name: Test | |
| run: cd fuzzers/${{ matrix.fuzzer }} && just test | |
| windows-clippy: | |
| runs-on: windows-latest | |
| needs: | |
| - common | |
| steps: | |
| - uses: dtolnay/rust-toolchain@stable | |
| - name: Setup Z3 | |
| id: z3 | |
| uses: cda-tum/setup-z3@v1 | |
| with: | |
| add_to_library_path: true | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/workflows/windows-tester-prepare | |
| - uses: Swatinem/rust-cache@v2 | |
| with: | |
| shared-key: windows-clippy | |
| - name: Run real clippy, not the fake one | |
| shell: pwsh | |
| run: .\scripts\clippy.ps1 | |
| macos: | |
| runs-on: macOS-latest | |
| steps: | |
| - uses: dtolnay/rust-toolchain@stable | |
| with: | |
| components: clippy | |
| - name: Install deps | |
| run: brew install z3 gtk+3 python llvm@${{env.MAIN_LLVM_VERSION}} | |
| - name: Install cxxbridge | |
| # Needs to match version in tinyinst-rs | |
| run: cargo install cxxbridge-cmd@=1.0.190 | |
| - uses: actions/checkout@v4 | |
| - uses: extractions/setup-just@v3 | |
| - uses: Swatinem/rust-cache@v2 | |
| - name: MacOS Build | |
| run: just build | |
| - name: Increase map sizes | |
| run: just increase-mem-limits | |
| - name: Clippy | |
| run: just clippy | |
| ubuntu-cross-android-arm64: | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: dtolnay/rust-toolchain@stable | |
| - uses: nttld/setup-ndk@v1 | |
| with: | |
| ndk-version: r25b | |
| - name: install android | |
| run: rustup target add aarch64-linux-android | |
| - name: install cargo ndk | |
| run: cargo install cargo-ndk | |
| - uses: actions/checkout@v4 | |
| - uses: extractions/setup-just@v3 | |
| - uses: Swatinem/rust-cache@v2 | |
| - name: Build Android | |
| run: just build-android | |
| ubuntu-cross-android-x86_64: | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/workflows/ubuntu-prepare | |
| - uses: Swatinem/rust-cache@v2 | |
| - uses: nttld/setup-ndk@v1 | |
| id: setup-ndk | |
| with: | |
| ndk-version: r27c | |
| add-to-path: false | |
| - name: cargo-ndk | |
| run: cargo install cargo-ndk | |
| - name: cargo android targets | |
| run: | | |
| rustup target add x86_64-linux-android | |
| - name: Build Android | |
| env: | |
| ANDROID_NDK_HOME: ${{ steps.setup-ndk.outputs.ndk-path }} | |
| ANDROID_NDK_ROOT: ${{ steps.setup-ndk.outputs.ndk-path }} | |
| run: just build-android-x86_64 | |
| #run: cargo build --target aarch64-linux-android | |
| # TODO: Figure out how to properly build stuff with clang | |
| #- name: Add clang path to $PATH env | |
| # if: runner.os == 'Windows' | |
| # run: echo "C:\msys64\mingw64\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 | |
| #- name: Try if clang works | |
| # run: clang -v | |
| #- name: Windows Test | |
| # run: C:\Rust\.cargo\bin\cargo.exe test --verbose |