From 289af2b5862a3fccf62920edb05b0ba2376f3d2e Mon Sep 17 00:00:00 2001 From: toka Date: Thu, 20 Nov 2025 16:33:35 +0100 Subject: [PATCH 01/13] build libafl_nyx in target --- crates/libafl_nyx/build.rs | 9 +++++++-- crates/libafl_nyx/build_nyx_support.sh | 12 ++++++++++-- 2 files changed, 17 insertions(+), 4 deletions(-) diff --git a/crates/libafl_nyx/build.rs b/crates/libafl_nyx/build.rs index 17620531225..2b3b8c56938 100644 --- a/crates/libafl_nyx/build.rs +++ b/crates/libafl_nyx/build.rs @@ -1,10 +1,15 @@ -use std::process::Command; - +use std::{env, path::PathBuf, process::Command}; fn main() { if cfg!(target_os = "linux") && cfg!(target_arch = "x86_64") && !cfg!(doc) { + let target_dir = PathBuf::from(env::var("OUT_DIR").unwrap()) + .ancestors() + .nth(3) + .unwrap() + .to_path_buf(); println!("cargo:rerun-if-changed=build.rs"); // let output = Command::new("./build_nyx_support.sh").output().expect("can't run ./build_nyx_support.sh"); let status = Command::new("./build_nyx_support.sh") + .arg(target_dir) .status() .expect("can't run ./build_nyx_support.sh"); if status.success() { diff --git a/crates/libafl_nyx/build_nyx_support.sh b/crates/libafl_nyx/build_nyx_support.sh index 4ef525e49c9..17016cc7e43 100755 --- a/crates/libafl_nyx/build_nyx_support.sh +++ b/crates/libafl_nyx/build_nyx_support.sh @@ -1,7 +1,16 @@ #!/bin/bash +if [ -z "$1" ]; then + echo "Usage: $0 " + exit 1 +fi + SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) +TARGET_DIR="$1" +mkdir -p "$TARGET_DIR" +cd "$TARGET_DIR" || exit 1 + echo "=================================================" echo " Nyx build script" echo "=================================================" @@ -44,8 +53,7 @@ echo "[*] Checking QEMU-Nyx ..." if [ ! -f "QEMU-Nyx/x86_64-softmmu/qemu-system-x86_64" ]; then cd QEMU-Nyx/ || return # We need to copy our custom `Makefile.libxdc` after `git submodule update`, otherwise we get a git error. - sed -i "s,git submodule update libxdc$,git submodule update libxdc \&\& cp ../Makefile.libxdc ./libxdc/Makefile || exit 1," compile_qemu_nyx.sh - ./compile_qemu_nyx.sh lto || exit 1 + sed -i "s,git submodule update libxdc$,git submodule update libxdc \&\& cp "$SCRIPT_DIR"/Makefile.libxdc ./libxdc/Makefile || exit 1," compile_qemu_nyx.sh cd .. fi From 8c519940accf0a8ffe948a806de9b5607c9894c2 Mon Sep 17 00:00:00 2001 From: "Dongjia \"toka\" Zhang" Date: Thu, 20 Nov 2025 16:44:23 +0100 Subject: [PATCH 02/13] Update crates/libafl_nyx/build_nyx_support.sh Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- crates/libafl_nyx/build_nyx_support.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/crates/libafl_nyx/build_nyx_support.sh b/crates/libafl_nyx/build_nyx_support.sh index 17016cc7e43..5ffda74af14 100755 --- a/crates/libafl_nyx/build_nyx_support.sh +++ b/crates/libafl_nyx/build_nyx_support.sh @@ -54,6 +54,7 @@ if [ ! -f "QEMU-Nyx/x86_64-softmmu/qemu-system-x86_64" ]; then cd QEMU-Nyx/ || return # We need to copy our custom `Makefile.libxdc` after `git submodule update`, otherwise we get a git error. sed -i "s,git submodule update libxdc$,git submodule update libxdc \&\& cp "$SCRIPT_DIR"/Makefile.libxdc ./libxdc/Makefile || exit 1," compile_qemu_nyx.sh + ./compile_qemu_nyx.sh lto cd .. fi From c332ae8307c3c4268f5a14ed620a96059a39dfef Mon Sep 17 00:00:00 2001 From: "Dongjia \"toka\" Zhang" Date: Thu, 20 Nov 2025 16:44:32 +0100 Subject: [PATCH 03/13] Update crates/libafl_nyx/build_nyx_support.sh Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- crates/libafl_nyx/build_nyx_support.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crates/libafl_nyx/build_nyx_support.sh b/crates/libafl_nyx/build_nyx_support.sh index 5ffda74af14..9e60960ffca 100755 --- a/crates/libafl_nyx/build_nyx_support.sh +++ b/crates/libafl_nyx/build_nyx_support.sh @@ -53,7 +53,7 @@ echo "[*] Checking QEMU-Nyx ..." if [ ! -f "QEMU-Nyx/x86_64-softmmu/qemu-system-x86_64" ]; then cd QEMU-Nyx/ || return # We need to copy our custom `Makefile.libxdc` after `git submodule update`, otherwise we get a git error. - sed -i "s,git submodule update libxdc$,git submodule update libxdc \&\& cp "$SCRIPT_DIR"/Makefile.libxdc ./libxdc/Makefile || exit 1," compile_qemu_nyx.sh + sed -i "s,git submodule update libxdc$,git submodule update libxdc \&\& cp \"\$SCRIPT_DIR\"/Makefile.libxdc ./libxdc/Makefile || exit 1," compile_qemu_nyx.sh ./compile_qemu_nyx.sh lto cd .. fi From 02c23310347110cf23082c72887d4c183bc02c15 Mon Sep 17 00:00:00 2001 From: "Dongjia \"toka\" Zhang" Date: Thu, 20 Nov 2025 16:44:39 +0100 Subject: [PATCH 04/13] Update crates/libafl_nyx/build.rs Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- crates/libafl_nyx/build.rs | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/crates/libafl_nyx/build.rs b/crates/libafl_nyx/build.rs index 2b3b8c56938..0e46ee30618 100644 --- a/crates/libafl_nyx/build.rs +++ b/crates/libafl_nyx/build.rs @@ -1,11 +1,19 @@ use std::{env, path::PathBuf, process::Command}; fn main() { if cfg!(target_os = "linux") && cfg!(target_arch = "x86_64") && !cfg!(doc) { - let target_dir = PathBuf::from(env::var("OUT_DIR").unwrap()) - .ancestors() - .nth(3) - .unwrap() - .to_path_buf(); + // Use CARGO_TARGET_DIR if available, otherwise fall back to OUT_DIR's parent directories + let target_dir = if let Ok(target_dir) = env::var("CARGO_TARGET_DIR") { + PathBuf::from(target_dir) + } else { + // OUT_DIR is usually $TARGET/{debug|release}/build/$PKG-$HASH/out + // We want $TARGET/{debug|release} + let out_dir = PathBuf::from(env::var("OUT_DIR").unwrap()); + out_dir + .ancestors() + .nth(3) // This is still a fallback, but at least we try CARGO_TARGET_DIR first + .map(|p| p.to_path_buf()) + .expect("Failed to determine target directory from OUT_DIR") + }; println!("cargo:rerun-if-changed=build.rs"); // let output = Command::new("./build_nyx_support.sh").output().expect("can't run ./build_nyx_support.sh"); let status = Command::new("./build_nyx_support.sh") From cf140e44d705c2e77693be3f6736a4c887a899b8 Mon Sep 17 00:00:00 2001 From: toka Date: Thu, 20 Nov 2025 18:42:02 +0100 Subject: [PATCH 05/13] fix fuzzer --- crates/libafl_nyx/build_nyx_support.sh | 1 + fuzzers/full_system/nyx_libxml2_parallel/setup_libxml2.sh | 2 +- fuzzers/full_system/nyx_libxml2_standalone/setup_libxml2.sh | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/crates/libafl_nyx/build_nyx_support.sh b/crates/libafl_nyx/build_nyx_support.sh index 17016cc7e43..eacb67fed09 100755 --- a/crates/libafl_nyx/build_nyx_support.sh +++ b/crates/libafl_nyx/build_nyx_support.sh @@ -54,6 +54,7 @@ if [ ! -f "QEMU-Nyx/x86_64-softmmu/qemu-system-x86_64" ]; then cd QEMU-Nyx/ || return # We need to copy our custom `Makefile.libxdc` after `git submodule update`, otherwise we get a git error. sed -i "s,git submodule update libxdc$,git submodule update libxdc \&\& cp "$SCRIPT_DIR"/Makefile.libxdc ./libxdc/Makefile || exit 1," compile_qemu_nyx.sh + ./compile_qemu_nyx.sh lto || exit 1 cd .. fi diff --git a/fuzzers/full_system/nyx_libxml2_parallel/setup_libxml2.sh b/fuzzers/full_system/nyx_libxml2_parallel/setup_libxml2.sh index 85e0080e8b5..507c675b5a6 100755 --- a/fuzzers/full_system/nyx_libxml2_parallel/setup_libxml2.sh +++ b/fuzzers/full_system/nyx_libxml2_parallel/setup_libxml2.sh @@ -26,7 +26,7 @@ cd ./libxml2/ || exit ./autogen.sh --enable-shared=no || exit make -j || exit cd - || exit -python3 "../../../crates/libafl_nyx/packer/packer/nyx_packer.py" \ +python3 "./target/release/packer/packer/nyx_packer.py" \ ./libxml2/xmllint \ /tmp/nyx_libxml2 \ afl \ diff --git a/fuzzers/full_system/nyx_libxml2_standalone/setup_libxml2.sh b/fuzzers/full_system/nyx_libxml2_standalone/setup_libxml2.sh index 85e0080e8b5..507c675b5a6 100755 --- a/fuzzers/full_system/nyx_libxml2_standalone/setup_libxml2.sh +++ b/fuzzers/full_system/nyx_libxml2_standalone/setup_libxml2.sh @@ -26,7 +26,7 @@ cd ./libxml2/ || exit ./autogen.sh --enable-shared=no || exit make -j || exit cd - || exit -python3 "../../../crates/libafl_nyx/packer/packer/nyx_packer.py" \ +python3 "./target/release/packer/packer/nyx_packer.py" \ ./libxml2/xmllint \ /tmp/nyx_libxml2 \ afl \ From cf7f0cbc034f74f1f963f0572fb427a0742503d8 Mon Sep 17 00:00:00 2001 From: toka Date: Thu, 20 Nov 2025 18:42:50 +0100 Subject: [PATCH 06/13] fix --- crates/libafl_nyx/build.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crates/libafl_nyx/build.rs b/crates/libafl_nyx/build.rs index 0e46ee30618..1aa25de0f6e 100644 --- a/crates/libafl_nyx/build.rs +++ b/crates/libafl_nyx/build.rs @@ -11,7 +11,7 @@ fn main() { out_dir .ancestors() .nth(3) // This is still a fallback, but at least we try CARGO_TARGET_DIR first - .map(|p| p.to_path_buf()) + .map(std::path::Path::to_path_buf) .expect("Failed to determine target directory from OUT_DIR") }; println!("cargo:rerun-if-changed=build.rs"); From a8a9987703a197458f3141926b4b474d39f999e2 Mon Sep 17 00:00:00 2001 From: toka Date: Thu, 27 Nov 2025 17:04:58 +0100 Subject: [PATCH 07/13] tmate debug --- .github/workflows/build_and_test.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build_and_test.yml b/.github/workflows/build_and_test.yml index 4706f23a808..5558cde32b7 100644 --- a/.github/workflows/build_and_test.yml +++ b/.github/workflows/build_and_test.yml @@ -382,6 +382,8 @@ jobs: # directory in the root of the workspace workspaces: | fuzzers/${{ matrix.fuzzer }} + - name: Setup tmate session + uses: mxschmitt/action-tmate@v3 - name: Test if: runner.os == 'Linux' shell: bash From 700ac33f5f54596f6ed0c38016abf4d3ff5e1b04 Mon Sep 17 00:00:00 2001 From: toka Date: Thu, 27 Nov 2025 17:17:18 +0100 Subject: [PATCH 08/13] fix packer path --- .github/workflows/build_and_test.yml | 2 -- fuzzers/full_system/nyx_libxml2_parallel/setup_libxml2.sh | 4 ++-- fuzzers/full_system/nyx_libxml2_standalone/setup_libxml2.sh | 4 ++-- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build_and_test.yml b/.github/workflows/build_and_test.yml index 5558cde32b7..4706f23a808 100644 --- a/.github/workflows/build_and_test.yml +++ b/.github/workflows/build_and_test.yml @@ -382,8 +382,6 @@ jobs: # directory in the root of the workspace workspaces: | fuzzers/${{ matrix.fuzzer }} - - name: Setup tmate session - uses: mxschmitt/action-tmate@v3 - name: Test if: runner.os == 'Linux' shell: bash diff --git a/fuzzers/full_system/nyx_libxml2_parallel/setup_libxml2.sh b/fuzzers/full_system/nyx_libxml2_parallel/setup_libxml2.sh index 507c675b5a6..880eb94f7e0 100755 --- a/fuzzers/full_system/nyx_libxml2_parallel/setup_libxml2.sh +++ b/fuzzers/full_system/nyx_libxml2_parallel/setup_libxml2.sh @@ -26,7 +26,7 @@ cd ./libxml2/ || exit ./autogen.sh --enable-shared=no || exit make -j || exit cd - || exit -python3 "./target/release/packer/packer/nyx_packer.py" \ +python3 "./target/debug/packer/packer/nyx_packer.py" \ ./libxml2/xmllint \ /tmp/nyx_libxml2 \ afl \ @@ -36,4 +36,4 @@ python3 "./target/release/packer/packer/nyx_packer.py" \ --fast_reload_mode \ --purge || exit -python3 ../../../crates/libafl_nyx/packer/packer/nyx_config_gen.py /tmp/nyx_libxml2/ Kernel || exit +python3 ./target/debug/packer/packer/nyx_config_gen.py /tmp/nyx_libxml2/ Kernel || exit diff --git a/fuzzers/full_system/nyx_libxml2_standalone/setup_libxml2.sh b/fuzzers/full_system/nyx_libxml2_standalone/setup_libxml2.sh index 507c675b5a6..880eb94f7e0 100755 --- a/fuzzers/full_system/nyx_libxml2_standalone/setup_libxml2.sh +++ b/fuzzers/full_system/nyx_libxml2_standalone/setup_libxml2.sh @@ -26,7 +26,7 @@ cd ./libxml2/ || exit ./autogen.sh --enable-shared=no || exit make -j || exit cd - || exit -python3 "./target/release/packer/packer/nyx_packer.py" \ +python3 "./target/debug/packer/packer/nyx_packer.py" \ ./libxml2/xmllint \ /tmp/nyx_libxml2 \ afl \ @@ -36,4 +36,4 @@ python3 "./target/release/packer/packer/nyx_packer.py" \ --fast_reload_mode \ --purge || exit -python3 ../../../crates/libafl_nyx/packer/packer/nyx_config_gen.py /tmp/nyx_libxml2/ Kernel || exit +python3 ./target/debug/packer/packer/nyx_config_gen.py /tmp/nyx_libxml2/ Kernel || exit From e39c22bba12cabc6ee72ac51754d44b92bcf154c Mon Sep 17 00:00:00 2001 From: toka Date: Thu, 27 Nov 2025 17:25:12 +0100 Subject: [PATCH 09/13] fmt --- crates/ll_mp/src/lib.rs | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/crates/ll_mp/src/lib.rs b/crates/ll_mp/src/lib.rs index fb8898d6c18..59064a29d3c 100644 --- a/crates/ll_mp/src/lib.rs +++ b/crates/ll_mp/src/lib.rs @@ -511,10 +511,10 @@ fn msg_offset_from_env(env_name: &str) -> Result, Error> { /// Will set `SO_REUSEPORT` on unix. #[cfg(feature = "std")] fn tcp_bind(port: u16) -> Result { - let listener = TcpListener::bind((_LLMP_BIND_ADDR, port)) - .map_err(|err| { let err_msg = format!("Failed to bind to port {port}: {err}"); - Error::os_error(err, err_msg) - })?; + let listener = TcpListener::bind((_LLMP_BIND_ADDR, port)).map_err(|err| { + let err_msg = format!("Failed to bind to port {port}: {err}"); + Error::os_error(err, err_msg) + })?; #[cfg(unix)] #[cfg(not(any(target_os = "solaris", target_os = "illumos")))] From 364c632e8b1ae52ebbe9d9dcd3cc5878cf2cf036 Mon Sep 17 00:00:00 2001 From: toka Date: Thu, 27 Nov 2025 17:30:37 +0100 Subject: [PATCH 10/13] why didn't ci run???? --- crates/libafl_nyx/build.rs | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/crates/libafl_nyx/build.rs b/crates/libafl_nyx/build.rs index 1aa25de0f6e..7bc001f81ee 100644 --- a/crates/libafl_nyx/build.rs +++ b/crates/libafl_nyx/build.rs @@ -5,17 +5,14 @@ fn main() { let target_dir = if let Ok(target_dir) = env::var("CARGO_TARGET_DIR") { PathBuf::from(target_dir) } else { - // OUT_DIR is usually $TARGET/{debug|release}/build/$PKG-$HASH/out - // We want $TARGET/{debug|release} let out_dir = PathBuf::from(env::var("OUT_DIR").unwrap()); out_dir .ancestors() - .nth(3) // This is still a fallback, but at least we try CARGO_TARGET_DIR first + .nth(3) .map(std::path::Path::to_path_buf) .expect("Failed to determine target directory from OUT_DIR") }; println!("cargo:rerun-if-changed=build.rs"); - // let output = Command::new("./build_nyx_support.sh").output().expect("can't run ./build_nyx_support.sh"); let status = Command::new("./build_nyx_support.sh") .arg(target_dir) .status() From 8a38e62f01cb8083f4a2efc85d23b842f650ff39 Mon Sep 17 00:00:00 2001 From: toka Date: Thu, 27 Nov 2025 17:41:18 +0100 Subject: [PATCH 11/13] tmate again.. --- .github/workflows/build_and_test.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build_and_test.yml b/.github/workflows/build_and_test.yml index 4706f23a808..5558cde32b7 100644 --- a/.github/workflows/build_and_test.yml +++ b/.github/workflows/build_and_test.yml @@ -382,6 +382,8 @@ jobs: # directory in the root of the workspace workspaces: | fuzzers/${{ matrix.fuzzer }} + - name: Setup tmate session + uses: mxschmitt/action-tmate@v3 - name: Test if: runner.os == 'Linux' shell: bash From 416ec7839faea74d1a10197e7b628de1792d7522 Mon Sep 17 00:00:00 2001 From: toka Date: Thu, 27 Nov 2025 18:37:55 +0100 Subject: [PATCH 12/13] AI is dumbgit add crates/libafl_nyx/! --- crates/libafl_nyx/build_nyx_support.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crates/libafl_nyx/build_nyx_support.sh b/crates/libafl_nyx/build_nyx_support.sh index 9e60960ffca..e073ba65304 100755 --- a/crates/libafl_nyx/build_nyx_support.sh +++ b/crates/libafl_nyx/build_nyx_support.sh @@ -53,7 +53,7 @@ echo "[*] Checking QEMU-Nyx ..." if [ ! -f "QEMU-Nyx/x86_64-softmmu/qemu-system-x86_64" ]; then cd QEMU-Nyx/ || return # We need to copy our custom `Makefile.libxdc` after `git submodule update`, otherwise we get a git error. - sed -i "s,git submodule update libxdc$,git submodule update libxdc \&\& cp \"\$SCRIPT_DIR\"/Makefile.libxdc ./libxdc/Makefile || exit 1," compile_qemu_nyx.sh + sed -i "s,git submodule update libxdc$,git submodule update libxdc \&\& cp $SCRIPT_DIR/Makefile.libxdc ./libxdc/Makefile || exit 1," compile_qemu_nyx.sh ./compile_qemu_nyx.sh lto cd .. fi From 4b5db5b8ea78908151fbfe7fbca849ff9fd682a9 Mon Sep 17 00:00:00 2001 From: toka Date: Thu, 27 Nov 2025 18:39:44 +0100 Subject: [PATCH 13/13] disable tmate --- .github/workflows/build_and_test.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/build_and_test.yml b/.github/workflows/build_and_test.yml index 5558cde32b7..4706f23a808 100644 --- a/.github/workflows/build_and_test.yml +++ b/.github/workflows/build_and_test.yml @@ -382,8 +382,6 @@ jobs: # directory in the root of the workspace workspaces: | fuzzers/${{ matrix.fuzzer }} - - name: Setup tmate session - uses: mxschmitt/action-tmate@v3 - name: Test if: runner.os == 'Linux' shell: bash