0.11.0

Highlights

• libafl_qemu update to QEMU 8
• Hexagon support in libafl_qemu
• libafl::bolts moved to its own crate, libafl_bolts: use bolts for other projects
• libafl_libfuzzer runtime with full libfuzzer compatibility: replace any libfuzzer with LibAFL
• noaslr and gdb_qemu utilities
• Updated FRIDA

What's Changed

• Post gen by @WorksButNotTested in #1282
• Allow multiple source file in libafl_cc by @tokatoka in #1296
• Update to QEMU 8 by @andreafioraldi in #1299
• Add sample fuzzer which collects DrCov coverage for various architectures by @WorksButNotTested in #1300
• Make it possible to escape from simple event restarter by @addisoncrump in #1303
• Give baby fuzzer listings unique package names by @kokkonisd in #1307
• libafl_cc: add override env vars by @s1341 in #1310
• Add TcpEventManager by @domenukk in #1302
• Trigger feedback side effects during force-loading by @Andrew-Fryer in #1317
• Add feature to build variants/configurations automatically, with libtool/cc/cxx shims by @s1341 in #1322
• Insert into corpus if feedback is_interesting on crash/timeout by @s1341 in #1327
• Extend **qemu_launcher ** to support multiple architectures by @WorksButNotTested in #1328
• Added gdb_qemu utility by @WorksButNotTested in #1331
• Added noaslr by @WorksButNotTested in #1333
• util/noaslr porting to FreeBSD (the non-lib part). by @devnexen in #1337
• AFL++ redqueen update by @tokatoka in #1291
• Hexagon support by @ifratric in #1323
• Make harness function take mut ref by @novafacing in #1338
• Algorithm to choose to serialize the observers or not by @andreafioraldi in #1227
• Arch independent helpers in libafl_qemu by @WorksButNotTested in #1355
• update ForkserverBytesCoverageSugar to use parse_afl_cmdline by @epi052 in #1343
• libnoaslr freebsd implementation proposal. by @devnexen in #1361
• noaslr disable aslr for dragonflybsd. by @devnexen in #1364
• Add RefCellValueObserver by @addisoncrump in #1363
• Launcher: Allow setting a distinct stderr redirect by @s1341 in #1329
• libnoaslr netbsd implementation proposal by @devnexen in #1366
• Make all no_mangle fns extern "C" by @domenukk in #1369
• noaslr netbsd implementation proposal by @devnexen in #1371
• read_time_counter port for the RISCV family. by @devnexen in #1378
• Extract linker args when building QEMU by @andreafioraldi in #1377
• libafl_qemu snapshot device filter by @andreafioraldi in #1386
• Named Mutators and MultiMutator API change by @domenukk in #1387
• Less unsafe type_eq in stable by @domenukk in #1392
• Move Bolts to libafl_bolts by @domenukk in #1335
• Book: Info about how to migrate to 0.11 by @domenukk in #1395
• libafl_cc sanitizer using hwasan on Linux/Android arm64 which is usua… by @devnexen in #1399
• Add serdeany_autoreg feature flag to allow disabling ctor use by @domenukk in #1398
• Make bolts work without alloc by @domenukk in #1401
• Removed unused intrinsics features by @domenukk in #1404
• Remove unused owned (for now) by @domenukk in #1405
• update documentation of PowerQueueScheduler::on_add by @lenawanel in #1409
• Remove dead code for better semantic compliance by @mark0-cn in #1411
• Add serdeany_autoreg to libafl_qemu by @d0ntrash in #1416
• Add serdeany_autoreg to libafl_frida by @domenukk in #1417
• minibsod::generate_minibsod openbsd's implementation proposal by @devnexen in #1420
• Add more libafl_qemu archs to libafl_sugar by @domenukk in #1419
• update documentation of feedbacks::map::OneOrFilledIsNovel by @lenawanel in #1423
• write_minibsod apple implementation proposal. by @devnexen in #1425
• Update frida by @domenukk in #1408
• Allow the FridaInProcessExecutor to attach Stalker on specific thread by @r4ve1 in #1256
• bolts write_minibsod netbsd implementation. by @devnexen in #1428
• Make CmpValues Clone by @novafacing in #1439
• Reset headers with a memcpy, not an assign from zeroed by @novafacing in #1443
• qemu snapshot little update proposal. by @devnexen in #1431
• Use postcard with default-features = false by @Manishearth in #1446
• qemu handy cpu page size call proposal. by @devnexen in #1433
• Add bolts::math, make functions const, cleanup by @domenukk in #1444
• Allow multiple tuneable mutational stages by @wtdcode in #1437
• Allow setting the max iterations by @wtdcode in #1436
• Document features by @domenukk in #1453
• Full libfuzzer shimming (for cargo-fuzz libfuzzer alternative and other use cases) by @addisoncrump in #981
• Create _std public methods on TunableMutationalStage by @domenukk in #1458
• Prep for publishing libafl_libfuzzer by @addisoncrump in #1457
• bolts: disable build for rust < 1.70 proposal. by @devnexen in #1460
• Add generic cmp observer metadata, rename cmp observers, fix cmplogmap reset by @novafacing in #1461
• llmp update proposal. by @devnexen in #1465
• Update FreeBSD on CI by @devnexen in #1463
• Replace binary search with stdlib by @domenukk in #1466
• Add Broker.peek_next_client_id by @domenukk in #1468
• Less pub in LLMP by @domenukk in #1470
• Bump to 0.11.0 by @andreafioraldi in #1469

Fixes

• Ignore UTF-8 errors by @WorksButNotTested in #1403
• Fix for CommandExecutor when using InputLocation::StdIn (issue #1306) by @DanBlackwell in #1308
• Fix AnyMap for TypeIds with 128 bit by @domenukk in #1311
• Fixes offset math in Frida Offset Checks by @WilliamParks in #1314
• Fixed Forkserver shmem input length, made it configurable by @domenukk in #1342
• Fix build/clippy errors and update CASR by @addisoncrump in #1375
• fix(libafl): update Z3 dependency by @saruman9 in #1372
• fix riscv(32) tick reading albeit it passes with gcc it does not with… by @devnexen in #1381
• Fix generic hooks bug in libafl_qemu by @andreafioraldi in #1382
• Fix UB in frida fuzzers by @Mrmaxmeier in #1385
• ControlFlowGraph::calculate_difference_all_edges build warning fix. by @devnexen in #1390
• fix bolts build, intrinsics is an internal feature. by @devnexen in #1402
• bolts fix musl build. by @devnexen in #1421
• minibsod, fix clippy warning on generate_minibsod function's complexity by @devnexen in #1424
• Fix LLMP p2p + restart bug with CentralizedEventManager by @andreafioraldi in #1389
• bolts: fix freebsd clippy warnings by @devnexen in #1442
• Fix probabilities in TuneableScheduledMutator. by @mvanotti in #1440
• bolts fix netbsd/openbsd clippy by @devnexen in #1459
• qemu: Fix cpu page size function for full-system by @andreafioraldi in #1452
• Fix forward_id stats for the centralized manager by @andreafioraldi in #1454
• Fix libafl_cc by @tokatoka in #1295
• fix some docs and use slice::fill instead of manual implementation by @lenawanel in #1467
• fix CI QemuCmpLogHelper error. by @lenawanel in #1429
• Fixes for frida, qemu_sugar by @domenukk in #1427

New Contributors

• @DanBlackwell made their first contribution in #1308
• @Andrew-Fryer made their first contribution in #1317
• @ifratric made their first contribution in #1323
• @saruman9 made their first contribution in #1372
• @lenawanel made their first contribution in #1409
• @mark0-cn made their first contribution in #1411
• @d0ntrash made their first contribution in #1416
• @r4ve1 made their first contribution in #1256
• @mvanotti made their first contribution in #1440
• @Manishearth made their first contribution in #1446

Full Changelog: 0.10.1...0.11.0