libafl_libfuzzer: documentation and build script #7671
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build and test | |
| on: | |
| push: | |
| branches: [ main ] | |
| pull_request: | |
| branches: [ main ] | |
| env: | |
| CARGO_TERM_COLOR: always | |
| jobs: | |
| common: | |
| strategy: | |
| matrix: | |
| os: [ubuntu-latest, windows-latest, macOS-latest] | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - name: Install mimetype | |
| if: runner.os == 'Linux' | |
| run: sudo apt-get install libfile-mimeinfo-perl | |
| - uses: actions-rs/toolchain@v1 | |
| with: | |
| profile: minimal | |
| toolchain: nightly | |
| override: true | |
| - name: install mdbook | |
| uses: baptiste0928/cargo-install@v1.3.0 | |
| with: | |
| crate: mdbook | |
| - name: install linkcheck | |
| uses: baptiste0928/cargo-install@v1.3.0 | |
| with: | |
| crate: mdbook-linkcheck | |
| - uses: actions/checkout@v3 | |
| - uses: Swatinem/rust-cache@v2 | |
| - name: Check for binary blobs | |
| if: runner.os == 'Linux' | |
| run: ./scripts/check_for_blobs.sh | |
| - name: Build libafl debug | |
| run: cargo build -p libafl | |
| - name: Build the book | |
| run: cd docs && mdbook build | |
| - name: Test the book | |
| # TODO: fix books test fail with updated windows-rs | |
| if: runner.os != 'Windows' | |
| run: cd docs && mdbook test -L ../target/debug/deps | |
| - name: Run tests | |
| run: cargo test | |
| - name: Test libafl no_std | |
| run: cd libafl && cargo test --no-default-features | |
| - name: Test libafl_bolts no_std no_alloc | |
| run: cd libafl_bolts && cargo test --no-default-features | |
| - name: Test libafl_targets no_std | |
| run: cd libafl_targets && cargo test --no-default-features | |
| ubuntu: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Remove Dotnet & Haskell | |
| run: rm -rf /usr/share/dotnet && rm -rf /opt/ghc | |
| - uses: actions-rs/toolchain@v1 | |
| with: | |
| profile: minimal | |
| toolchain: stable | |
| - name: Remove existing clang and LLVM | |
| run: sudo apt purge llvm* clang* | |
| - name: Install and cache deps | |
| uses: awalsh128/cache-apt-pkgs-action@v1.1.0 | |
| with: | |
| packages: llvm-15 llvm-15-dev clang-15 ninja-build clang-format-13 shellcheck libgtk-3-dev gcc-arm-linux-gnueabi g++-arm-linux-gnueabi libslirp-dev libz3-dev | |
| - name: get clang version | |
| run: command -v llvm-config-15 && clang-15 -v | |
| - name: Add nightly rustfmt and clippy | |
| run: rustup toolchain install nightly --component rustfmt --component clippy --component miri --allow-downgrade | |
| - uses: actions/checkout@v3 | |
| - uses: Swatinem/rust-cache@v2 | |
| # ---- format check ---- | |
| # pcguard edges and pcguard hitcounts are not compatible and we need to build them seperately | |
| - name: Check pcguard edges | |
| run: cargo check --features=sancov_pcguard_edges | |
| - name: Format | |
| run: cargo fmt -- --check | |
| - name: Cleanup | |
| run: cargo clean | |
| - name: Run clang-format style check for C/C++ programs. | |
| run: clang-format-13 -n -Werror --style=file $(find . -type f \( -name '*.cpp' -o -iname '*.hpp' -o -name '*.cc' -o -name '*.cxx' -o -name '*.cc' -o -name '*.h' \) | grep -v '/target/' | grep -v 'libpng-1\.6\.37' | grep -v 'stb_image\.h' | grep -v 'dlmalloc\.c' | grep -v 'QEMU-Nyx') | |
| - name: run shellcheck | |
| run: shellcheck ./scripts/*.sh | |
| - name: Run clippy | |
| run: ./scripts/clippy.sh | |
| # ---- doc check ---- | |
| - name: Build Docs | |
| run: RUSTFLAGS="--cfg docsrs" cargo +nightly doc --all-features | |
| - name: Test Docs | |
| run: RUSTFLAGS="--cfg docsrs" cargo +nightly test --doc --all-features | |
| # ---- build normal and examples ---- | |
| - name: Run a normal build | |
| run: cargo build --verbose | |
| - name: Build examples | |
| run: cargo build --examples --verbose | |
| # --- miri undefined behavior test -- | |
| - name: Run miri tests | |
| run: RUST_BACKTRACE=1 MIRIFLAGS="-Zmiri-disable-isolation" cargo +nightly miri test | |
| # Clean up files to save up disk space | |
| - name: Cleanup | |
| run: cargo clean | |
| # --- test embedding the libafl_libfuzzer_runtime library | |
| # Fix me plz | |
| # - name: Test Build libafl_libfuzzer with embed | |
| # run: cargo +nightly test --features=embed-runtime --manifest-path libafl_libfuzzer/Cargo.toml | |
| ubuntu-check: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Remove Dotnet & Haskell | |
| run: rm -rf /usr/share/dotnet && rm -rf /opt/ghc | |
| - uses: actions-rs/toolchain@v1 | |
| with: | |
| profile: minimal | |
| toolchain: stable | |
| - name: Remove existing clang and LLVM | |
| run: sudo apt purge llvm* clang* | |
| - name: Install and cache deps | |
| uses: awalsh128/cache-apt-pkgs-action@v1.1.0 | |
| with: | |
| packages: llvm-15 llvm-15-dev clang-15 ninja-build clang-format-13 shellcheck libgtk-3-dev gcc-arm-linux-gnueabi g++-arm-linux-gnueabi libslirp-dev libz3-dev | |
| - name: get clang version | |
| run: command -v llvm-config-15 && clang-15 -v | |
| - name: Install cargo-hack | |
| run: curl -LsSf https://github.com/taiki-e/cargo-hack/releases/latest/download/cargo-hack-x86_64-unknown-linux-gnu.tar.gz | tar xzf - -C ~/.cargo/bin | |
| - name: Add nightly | |
| run: rustup toolchain install nightly --allow-downgrade | |
| - uses: actions/checkout@v3 | |
| - uses: Swatinem/rust-cache@v2 | |
| # ---- build and feature check ---- | |
| # cargo-hack's --feature-powerset would be nice here but libafl has a too many knobs | |
| - name: Check each feature | |
| # Skipping `python` as it has to be built with the `maturin` tool | |
| # `agpl`, `nautilus` require nightly | |
| # `sancov_pcguard_edges` is tested seperately | |
| run: cargo hack check --each-feature --clean-per-run --exclude-features=prelude,agpl,nautilus,python,sancov_pcguard_edges,arm,aarch64,i386,be,systemmode --no-dev-deps | |
| - name: Check nightly features | |
| run: cargo +nightly check --features=agpl && cargo +nightly check --features=nautilus | |
| ubuntu-concolic: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions-rs/toolchain@v1 | |
| with: | |
| profile: minimal | |
| toolchain: stable | |
| - uses: actions/checkout@v3 | |
| - uses: Swatinem/rust-cache@v2 | |
| - name: Install smoke test deps | |
| run: sudo ./libafl_concolic/test/smoke_test_ubuntu_deps.sh | |
| - name: Run smoke test | |
| run: ./libafl_concolic/test/smoke_test.sh | |
| bindings: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions-rs/toolchain@v1 | |
| with: | |
| profile: minimal | |
| toolchain: stable | |
| - name: Remove existing clang and LLVM | |
| run: sudo apt purge llvm* clang* | |
| - name: Install deps | |
| run: sudo apt-get install -y llvm-15 llvm-15-dev clang-15 ninja-build python3-dev python3-pip python3-venv libz3-dev | |
| - name: Install maturin | |
| run: python3 -m pip install maturin | |
| - uses: actions/checkout@v3 | |
| - uses: Swatinem/rust-cache@v2 | |
| - name: Run a maturin build | |
| run: LLVM_CONFIG_PATH=llvm-config-15 cd ./bindings/pylibafl && python3 -m venv .env && . .env/bin/activate && pip install --upgrade --force-reinstall . && ./test.sh | |
| - name: Run python test | |
| run: . ./bindings/pylibafl/.env/bin/activate && cd ./fuzzers/baby_fuzzer && python3 baby_fuzzer.py 2>&1 | grep "Bye" | |
| fuzzers: | |
| strategy: | |
| matrix: | |
| os: [ubuntu-latest, macos-latest] | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions-rs/toolchain@v1 | |
| with: | |
| profile: minimal | |
| toolchain: stable | |
| - name: Remove Dotnet (macOS) | |
| if: runner.os == 'macOS' | |
| run: rm -rf /usr/local/bin/dotnet | |
| - name: Free Disk Space (Ubuntu) | |
| if: runner.os == 'Linux' | |
| uses: jlumbroso/free-disk-space@main | |
| with: | |
| # this might remove tools that are actually needed, | |
| # if set to "true" but frees about 6 GB | |
| tool-cache: false | |
| # all of these default to true, but feel free to set to | |
| # "false" if necessary for your workflow | |
| android: true | |
| dotnet: true | |
| haskell: true | |
| large-packages: false | |
| docker-images: true | |
| swap-storage: true | |
| - name: Add nightly rustfmt and clippy | |
| run: rustup toolchain install nightly --component rustfmt --component clippy --allow-downgrade | |
| - name: Add no_std toolchain | |
| run: rustup toolchain install nightly-x86_64-unknown-linux-gnu ; rustup component add rust-src --toolchain nightly-x86_64-unknown-linux-gnu | |
| - name: Add wasm target | |
| run: rustup target add wasm32-unknown-unknown | |
| - name: Install cxxbridge | |
| if: runner.os == 'macOS' | |
| run: cargo install cxxbridge-cmd | |
| - name: Install python (macOS) | |
| # Removing macOS things already installed in CI against failed linking | |
| if: runner.os == 'macOS' | |
| run: rm /usr/local/bin/2to3* /usr/local/bin/idle3* /usr/local/bin/pydoc3* /usr/local/bin/python3*; brew install --force-bottle --overwrite python | |
| - name: Remove obsolete llvm (macOS) | |
| if: runner.os == 'macOS' | |
| run: brew remove --force llvm clang | |
| - name: Remove obsolete llvm (Linux) | |
| if: runner.os == 'Linux' | |
| run: sudo apt purge llvm* clang* | |
| - uses: lyricwulf/abc@v1 | |
| with: | |
| linux: llvm-15 llvm-15-dev clang-15 nasm ninja-build gcc-arm-linux-gnueabi g++-arm-linux-gnueabi gcc-aarch64-linux-gnu g++-aarch64-linux-gnu gcc-mipsel-linux-gnu g++-mipsel-linux-gnu gcc-powerpc-linux-gnu g++-powerpc-linux-gnu libc6-dev-i386-cross libc6-dev libc6-dev-i386 lib32gcc-11-dev lib32stdc++-11-dev libgtk-3-dev pax-utils libz3-dev | |
| # update bash for macos to support `declare -A` command` | |
| macos: llvm@15 libpng nasm coreutils z3 bash wget | |
| - name: Set clang version | |
| if: runner.os == 'Linux' | |
| run: sudo update-alternatives --install /usr/bin/clang clang /usr/bin/clang-15 100 | |
| - name: Set clang++ version | |
| if: runner.os == 'Linux' | |
| run: sudo update-alternatives --install /usr/bin/clang++ clang++ /usr/bin/clang++-15 100 | |
| - name: pip install | |
| run: python3 -m pip install msgpack jinja2 find_libpython | |
| # Note that nproc needs to have coreutils installed on macOS, so the order of CI commands matters. | |
| - name: enable mult-thread for `make` | |
| run: export MAKEFLAGS="-j$(expr $(nproc) \+ 1)" | |
| - name: install cargo-make | |
| uses: baptiste0928/cargo-install@v1.3.0 | |
| with: | |
| crate: cargo-make | |
| - name: install wasm-pack | |
| uses: baptiste0928/cargo-install@v1.3.0 | |
| with: | |
| crate: wasm-pack | |
| - name: install chrome | |
| uses: browser-actions/setup-chrome@v1 | |
| with: | |
| chrome-version: stable | |
| - uses: actions/checkout@v3 | |
| with: | |
| submodules: true # recursively checkout submodules | |
| fetch-depth: 0 # to diff with origin/main | |
| - uses: Swatinem/rust-cache@v2 | |
| - name: Symlink Headers | |
| if: runner.os == 'Linux' | |
| # We can't install gcc-multilib which would usually do this for us due to collisions with other packages | |
| run: sudo ln -s /usr/include/asm-generic /usr/include/asm | |
| - name: Build and run example fuzzers (Linux) | |
| if: runner.os == 'Linux' | |
| run: RUN_ON_CI=1 ./scripts/test_all_fuzzers.sh | |
| - name: Build and run example fuzzers (macOS) | |
| if: runner.os == 'macOS' # use bash v4 | |
| run: /usr/local/bin/bash -c 'RUN_ON_CI=1 ./scripts/test_all_fuzzers.sh' | |
| executions-check: | |
| strategy: | |
| matrix: | |
| os: [ubuntu-latest, macos-latest] | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions-rs/toolchain@v1 | |
| with: | |
| profile: minimal | |
| toolchain: stable | |
| - name: Fix python (macOS) | |
| if: runner.os == 'macOS' | |
| run: rm /usr/local/bin/2to3* /usr/local/bin/idle3* /usr/local/bin/pydoc3* /usr/local/bin/python3* | |
| - name: Remove obsolete llvm (macOS) | |
| if: runner.os == 'macOS' | |
| run: brew remove --force llvm clang | |
| - name: Remove obsolete llvm (Linux) | |
| if: runner.os == 'Linux' | |
| run: sudo apt purge llvm* clang* | |
| - uses: lyricwulf/abc@v1 | |
| with: | |
| linux: llvm-15 llvm-15-dev clang-15 | |
| macos: python@3.11 llvm@15 bash coreutils | |
| - uses: actions/checkout@v3 | |
| with: | |
| submodules: true # recursively checkout submodules | |
| fetch-depth: 0 | |
| - uses: Swatinem/rust-cache@v2 | |
| - name: Build and run libfuzzer_libpng (Linux) | |
| if: runner.os == 'Linux' | |
| run: ./scripts/executions-check.sh | |
| - name: Build and run libfuzzer_libpng (macOS) | |
| if: runner.os == 'macOS' | |
| run: /usr/local/bin/bash -c './scripts/executions-check.sh' | |
| nostd-build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions-rs/toolchain@v1 | |
| with: | |
| profile: minimal | |
| toolchain: nightly | |
| override: true | |
| components: rustfmt, clippy, rust-src | |
| - uses: actions/checkout@v3 | |
| - uses: Swatinem/rust-cache@v2 | |
| - name: Add targets | |
| run: rustup target add arm-linux-androideabi && rustup target add thumbv6m-none-eabi | |
| - name: Build aarch64-unknown-none | |
| run: cd ./fuzzers/baby_no_std && cargo +nightly build -Zbuild-std=core,alloc --target aarch64-unknown-none -v --release && cd ../.. | |
| - name: run x86_64 until panic! | |
| run: cd ./fuzzers/baby_no_std && cargo +nightly run || test $? -ne 0 || exit 1 | |
| - name: no_std tests | |
| run: cd ./libafl && cargo test --no-default-features | |
| - name: libafl armv6m-none-eabi (32 bit no_std) clippy | |
| run: cd ./libafl && cargo clippy --target thumbv6m-none-eabi --no-default-features | |
| - name: Build no_std no_alloc bolts | |
| run: cd ./libafl_bolts && cargo +nightly build -Zbuild-std=core --target aarch64-unknown-none --no-default-features -v --release && cd ../ | |
| build-docker: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Build docker | |
| run: docker build -t libafl . | |
| windows: | |
| runs-on: windows-latest | |
| steps: | |
| - uses: actions-rs/toolchain@v1 | |
| with: | |
| profile: minimal | |
| toolchain: stable | |
| - uses: actions/checkout@v3 | |
| - uses: Swatinem/rust-cache@v2 | |
| - name: Windows Build | |
| run: cargo build --verbose | |
| - name: Run clippy | |
| uses: actions-rs/cargo@v1 | |
| with: | |
| command: clippy | |
| - name: Build docs | |
| run: cargo doc | |
| - name: Set LIBCLANG_PATH | |
| run: echo "LIBCLANG_PATH=$((gcm clang).source -replace "clang.exe")" >> $env:GITHUB_ENV | |
| - name: install cargo-make | |
| run: cargo install --force cargo-make | |
| - uses: ilammy/msvc-dev-cmd@v1 | |
| - name: install cxx bridge | |
| run: cargo install cxxbridge-cmd | |
| - name: Build fuzzers/frida_libpng | |
| run: cd fuzzers/frida_libpng/ && cargo make test | |
| - name: Build fuzzers/frida_gdiplus | |
| run: cd fuzzers/frida_gdiplus/ && cargo make test | |
| - name: Build fuzzers/tinyinst_simple | |
| run: cd fuzzers/tinyinst_simple/ && cargo make test | |
| macos: | |
| runs-on: macOS-latest | |
| steps: | |
| - uses: actions-rs/toolchain@v1 | |
| with: | |
| profile: minimal | |
| toolchain: stable | |
| - name: Add nightly rustfmt and clippy | |
| run: rustup toolchain install nightly --component rustfmt --component clippy --allow-downgrade | |
| - name: Install deps | |
| run: brew install z3 gtk+3 | |
| - name: Install cxxbridge | |
| run: cargo install cxxbridge-cmd | |
| - uses: actions/checkout@v3 | |
| - uses: Swatinem/rust-cache@v2 | |
| - name: MacOS Build | |
| run: cargo build --verbose | |
| - name: Run clippy | |
| run: ./scripts/clippy.sh | |
| - name: Increase map sizes | |
| run: ./scripts/shmem_limits_macos.sh | |
| - name: Run Tests | |
| run: cargo test | |
| other_targets: | |
| runs-on: macOS-latest | |
| steps: | |
| - uses: actions-rs/toolchain@v1 | |
| with: | |
| profile: minimal | |
| toolchain: stable | |
| - uses: nttld/setup-ndk@v1 | |
| with: | |
| ndk-version: r25b | |
| - name: install ios | |
| run: rustup target add aarch64-apple-ios | |
| - name: install android | |
| run: rustup target add aarch64-linux-android | |
| - name: install cargo ndk | |
| run: cargo install cargo-ndk | |
| - uses: actions/checkout@v3 | |
| - uses: Swatinem/rust-cache@v2 | |
| - name: Build iOS | |
| run: cargo build --target aarch64-apple-ios && cd libafl_frida && cargo build --target aarch64-apple-ios && cd .. | |
| - name: Build Android | |
| run: cargo ndk -t arm64-v8a build --release | |
| #run: cargo build --target aarch64-linux-android | |
| # TODO: Figure out how to properly build stuff with clang | |
| #- name: Add clang path to $PATH env | |
| # if: runner.os == 'Windows' | |
| # run: echo "C:\msys64\mingw64\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 | |
| #- name: Try if clang works | |
| # run: clang -v | |
| #- name: Windows Test | |
| # run: C:\Rust\.cargo\bin\cargo.exe test --verbose | |
| freebsd: | |
| runs-on: macos-12 | |
| name: Simple build in FreeBSD | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Test in FreeBSD | |
| id: test | |
| uses: vmactions/freebsd-vm@v0 | |
| with: | |
| usesh: true | |
| sync: rsync | |
| copyback: false | |
| mem: 2048 | |
| release: 13.2 | |
| prepare: | | |
| pkg install -y curl bash sudo llvm16 | |
| curl https://sh.rustup.rs -sSf | sh -s -- -y | |
| run: | | |
| freebsd-version | |
| . "$HOME/.cargo/env" | |
| rustup toolchain install nightly | |
| export LLVM_CONFIG=/usr/local/bin/llvm-config16 | |
| pwd | |
| ls -lah | |
| echo "local/bin" | |
| ls -lah /usr/local/bin/ | |
| which llvm-config | |
| chmod +x ./scripts/clippy.sh | |
| bash ./scripts/shmem_limits_fbsd.sh | |
| bash ./scripts/clippy.sh | |
| cargo test |