ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-10 01:01:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

concurrency and caching (#1)

Browse Source 
* use concurrency

* run here too

* allow test failure

* only push on push

* fix coresight mode build

* support but disable coresight

* woops

* no unicorn for arm

* update codeql and fix makefile

* forgot those

* disable forward cache

* fix needing buildx

Co-authored-by: Ruben ten Hove <ruben.tenhove@tno.nl>
This commit is contained in:
rhtenhove 2022-06-22 06:36:35 -04:00 committed by GitHub
parent 6e960f78d6
commit 0da7ddb738
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 88 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.dockerignore
View File

@ -1,3 +1,4 @@
/.github
.test .test
.test2 .test2
.sync_tmp .sync_tmp
@ -10,6 +11,7 @@ ld
in in
out out
core* core*
!/coresight_mode
afl-analyze afl-analyze
afl-as afl-as
afl-clang afl-clang
@ -62,4 +64,4 @@ examples/afl_network_proxy/afl-network-client
examples/afl_frida/afl-frida examples/afl_frida/afl-frida
examples/afl_frida/libtestinstr.so examples/afl_frida/libtestinstr.so
examples/afl_frida/frida-gum-example.c examples/afl_frida/frida-gum-example.c
examples/afl_frida/frida-gum.h examples/afl_frida/frida-gum.h

65
.github/workflows/build-push-test-container.yaml → .github/workflows/build-test-push-container.yaml vendored
View File

@ -1,5 +1,4 @@
name: Build, test and push container image name: Build and test container image
on: on:
push: push:
branches: branches:
@ -7,10 +6,33 @@ on:
- dev - dev
tags: tags:
- '*' - '*'
pull_request:
branch:
- stable
- dev
jobs: jobs:
build: build-amd64:
name: Build, test and push container image name: Build and test amd64
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build amd64
uses: docker/build-push-action@v3
with:
context: .
platforms: linux/amd64
load: true
tags: aflplusplus/aflplusplus:test
# cache-from: type=gha # Ensure we always build a fresh image. We just use the cache for the subsequent push job.
cache-to: type=gha,mode=max
- name: Test linux/amd64 image
run: docker run --rm --platform linux/amd64 aflplusplus/aflplusplus:test make tests
continue-on-error: true
build-arm64:
name: Build and test arm64
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3
@ -20,36 +42,47 @@ jobs:
platforms: arm64 platforms: arm64
- name: Set up Docker Buildx - name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2 uses: docker/setup-buildx-action@v2
- name: Build amd64 image - name: Build arm64
uses: docker/build-push-action@v3
with:
context: .
platforms: linux/amd64
load: true
tags: aflplusplus/aflplusplus:test
- name: Build arm64 image
uses: docker/build-push-action@v3 uses: docker/build-push-action@v3
with: with:
context: . context: .
platforms: linux/arm64 platforms: linux/arm64
load: true load: true
tags: aflplusplus/aflplusplus:test tags: aflplusplus/aflplusplus:test
- name: Test linux/amd64 image # cache-from: type=gha # Ensure we always build a fresh image. We just use the cache for the subsequent push job.
run: docker run --rm --platform linux/amd64 aflplusplus/aflplusplus:test make tests cache-to: type=gha,mode=max
- name: Test linux/arm64 image - name: Test linux/arm64 image
run: docker run --rm --platform linux/arm64 aflplusplus/aflplusplus:test make tests run: docker run --rm --platform linux/arm64 aflplusplus/aflplusplus:test make tests
continue-on-error: true
push:
needs:
- build-amd64
- build-arm64
if: ${{ github.event_name == 'push' }}
name: Push image
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
with:
platforms: arm64
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to Dockerhub - name: Login to Dockerhub
uses: docker/login-action@v2 uses: docker/login-action@v2
with: with:
username: ${{ secrets.DOCKER_USERNAME }} username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }} password: ${{ secrets.DOCKER_TOKEN }}
- name: Publish ${{ github.ref_name }} to docker.io registry - name: Publish ${{ github.ref_name }} for amd64 and arm64 to docker.io registry
uses: docker/build-push-action@v3 uses: docker/build-push-action@v3
with: with:
context: . context: .
platforms: linux/amd64,linux/arm64 platforms: linux/amd64,linux/arm64
push: true push: true
tags: aflplusplus/aflplusplus:${{ github.ref_name }} tags: aflplusplus/aflplusplus:${{ github.ref_name }}
cache-from: type=gha
# cache-to: type=gha,mode=max # No need to add to cache as we'll never use this
if: ${{ github.ref_name != 'stable' }} if: ${{ github.ref_name != 'stable' }}
- name: Publish stable and latest to docker.io registry - name: Publish stable and latest to docker.io registry
uses: docker/build-push-action@v3 uses: docker/build-push-action@v3
@ -58,4 +91,6 @@ jobs:
platforms: linux/amd64,linux/arm64 platforms: linux/amd64,linux/arm64
push: true push: true
tags: aflplusplus/aflplusplus:${{ github.ref_name }},aflplusplus/aflplusplus:latest tags: aflplusplus/aflplusplus:${{ github.ref_name }},aflplusplus/aflplusplus:latest
cache-from: type=gha
# cache-to: type=gha,mode=max # No need to add to cache as we'll never use this
if: ${{ github.ref_name == 'stable' }} if: ${{ github.ref_name == 'stable' }}

6
.github/workflows/codeql-analysis.yml vendored
View File

@ -21,12 +21,12 @@ jobs:
uses: actions/checkout@v3 uses: actions/checkout@v3
- name: Initialize CodeQL - name: Initialize CodeQL
uses: github/codeql-action/init@v1 uses: github/codeql-action/init@v2
with: with:
languages: ${{ matrix.language }} languages: ${{ matrix.language }}
- name: Autobuild - name: Autobuild
uses: github/codeql-action/autobuild@v1 uses: github/codeql-action/autobuild@v2
- name: Perform CodeQL Analysis - name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1 uses: github/codeql-action/analyze@v2

16
Dockerfile
View File

@ -33,9 +33,9 @@ ENV PATH=$PATH:/etc/cargo/bin
ARG LLVM_VERSION=14 ARG LLVM_VERSION=14
ARG GCC_VERSION=12 ARG GCC_VERSION=12
RUN mkdir -p /usr/local/share/keyrings && \ RUN mkdir -p /etc/apt/keyrings && \
echo "deb [signed-by=/usr/local/share/keyrings/llvm-snapshot.gpg.key] http://apt.llvm.org/jammy/ llvm-toolchain-jammy-${LLVM_VERSION} main" > /etc/apt/sources.list.d/llvm.list && \ echo "deb [signed-by=/etc/apt/keyrings/llvm-snapshot.gpg.key] http://apt.llvm.org/jammy/ llvm-toolchain-jammy-${LLVM_VERSION} main" > /etc/apt/sources.list.d/llvm.list && \
wget -qO /usr/local/share/keyrings/llvm-snapshot.gpg.key https://apt.llvm.org/llvm-snapshot.gpg.key wget -qO /etc/apt/keyrings/llvm-snapshot.gpg.key https://apt.llvm.org/llvm-snapshot.gpg.key
RUN apt-get update && \ RUN apt-get update && \
apt-get -y install --no-install-recommends \ apt-get -y install --no-install-recommends \
@ -45,9 +45,11 @@ RUN apt-get update && \
libclang-common-${LLVM_VERSION}-dev libclang-cpp${LLVM_VERSION} libclang-cpp${LLVM_VERSION}-dev liblld-${LLVM_VERSION} \ libclang-common-${LLVM_VERSION}-dev libclang-cpp${LLVM_VERSION} libclang-cpp${LLVM_VERSION}-dev liblld-${LLVM_VERSION} \
liblld-${LLVM_VERSION}-dev liblldb-${LLVM_VERSION} liblldb-${LLVM_VERSION}-dev libllvm${LLVM_VERSION} libomp-${LLVM_VERSION}-dev \ liblld-${LLVM_VERSION}-dev liblldb-${LLVM_VERSION} liblldb-${LLVM_VERSION}-dev libllvm${LLVM_VERSION} libomp-${LLVM_VERSION}-dev \
libomp5-${LLVM_VERSION} lld-${LLVM_VERSION} lldb-${LLVM_VERSION} llvm-${LLVM_VERSION} llvm-${LLVM_VERSION}-dev llvm-${LLVM_VERSION}-runtime llvm-${LLVM_VERSION}-tools \ libomp5-${LLVM_VERSION} lld-${LLVM_VERSION} lldb-${LLVM_VERSION} llvm-${LLVM_VERSION} llvm-${LLVM_VERSION}-dev llvm-${LLVM_VERSION}-runtime llvm-${LLVM_VERSION}-tools \
$([ "$(dpkg --print-architecture)" = "amd64" ] && echo gcc-${GCC_VERSION}-multilib gcc-multilib) && \ $([ "$(dpkg --print-architecture)" = "amd64" ] && echo gcc-${GCC_VERSION}-multilib gcc-multilib) \
$([ "$(dpkg --print-architecture)" = "arm64" ] && echo libcapstone-dev) && \
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*
# arm64 doesn't have gcc-multilib, and it's only used for -m32 support on x86 # gcc-multilib is only used for -m32 support on x86
# libcapstone-dev is used for coresight_mode on arm64
RUN update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-${GCC_VERSION} 0 && \ RUN update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-${GCC_VERSION} 0 && \
update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-${GCC_VERSION} 0 update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-${GCC_VERSION} 0
@ -66,6 +68,10 @@ COPY . .
# Until gcc v12.1 is released for ubuntu https://bugs.launchpad.net/ubuntu/+source/gcc-11/+bug/1940029 # Until gcc v12.1 is released for ubuntu https://bugs.launchpad.net/ubuntu/+source/gcc-11/+bug/1940029
ENV NO_NYX 1 ENV NO_NYX 1
# Build currently broken
ENV NO_CORESIGHT 1
ENV NO_UNICORN_ARM64 1
RUN export CC=gcc-${GCC_VERSION} && export CXX=g++-${GCC_VERSION} && make clean && \ RUN export CC=gcc-${GCC_VERSION} && export CXX=g++-${GCC_VERSION} && make clean && \
make distrib && make install && make clean make distrib && make install && make clean

26
GNUmakefile
View File

@ -623,15 +623,23 @@ endif
$(MAKE) -C frida_mode $(MAKE) -C frida_mode
ifneq "$(SYS)" "Darwin" ifneq "$(SYS)" "Darwin"
ifeq "$(ARCH)" "aarch64" ifeq "$(ARCH)" "aarch64"
ifndef NO_CORESIGHT
$(MAKE) -C coresight_mode $(MAKE) -C coresight_mode
endif
endif endif
ifeq "$(SYS)" "Linux" ifeq "$(SYS)" "Linux"
ifndef NO_NYX ifndef NO_NYX
cd nyx_mode && ./build_nyx_support.sh cd nyx_mode && ./build_nyx_support.sh
endif endif
endif endif
cd qemu_mode && sh ./build_qemu_support.sh cd qemu_mode && sh ./build_qemu_support.sh
ifeq "$(ARCH)" "aarch64"
ifndef NO_UNICORN_ARM64
cd unicorn_mode && unset CFLAGS && sh ./build_unicorn_support.sh cd unicorn_mode && unset CFLAGS && sh ./build_unicorn_support.sh
endif
else
cd unicorn_mode && unset CFLAGS && sh ./build_unicorn_support.sh
endif
endif endif
.PHONY: binary-only .PHONY: binary-only
@ -645,15 +653,23 @@ binary-only: test_shm test_python ready $(PROGS)
$(MAKE) -C frida_mode $(MAKE) -C frida_mode
ifneq "$(SYS)" "Darwin" ifneq "$(SYS)" "Darwin"
ifeq "$(ARCH)" "aarch64" ifeq "$(ARCH)" "aarch64"
ifndef NO_CORESIGHT
$(MAKE) -C coresight_mode $(MAKE) -C coresight_mode
endif
endif endif
ifeq "$(SYS)" "Linux" ifeq "$(SYS)" "Linux"
ifndef NO_NYX ifndef NO_NYX
-cd nyx_mode && ./build_nyx_support.sh cd nyx_mode && ./build_nyx_support.sh
endif endif
endif endif
-cd qemu_mode && sh ./build_qemu_support.sh cd qemu_mode && sh ./build_qemu_support.sh
-cd unicorn_mode && unset CFLAGS && sh ./build_unicorn_support.sh ifeq "$(ARCH)" "aarch64"
ifndef NO_UNICORN_ARM64
cd unicorn_mode && unset CFLAGS && sh ./build_unicorn_support.sh
endif
else
cd unicorn_mode && unset CFLAGS && sh ./build_unicorn_support.sh
endif
endif endif
.PHONY: source-only .PHONY: source-only