Windows Support for LibAFL-LibFuzzer

[novafacing]

Description

Support for Windows with LibAFL-LibFuzzer. This is a draft with a couple issues still persisting.

• No maps available when running fuzzer

Checklist

• I have run ./scripts/precommit.sh and addressed all comments

[domenukk]

don't think we need tui_monitor on non-win

[novafacing]

I have to put in a few libs anyway to get this to work so I'll just revert this part of the changes and make tui_monitor work.

[domenukk]

Don't fully get the tui monitor thing - it's just not working on Win yet?

[novafacing]

This is in MVP working state now with some updates still needed:

• It runs for a moment then panics at mutations.rs:1164 ("Corpus may not be empty!"). Unsure why.
• Revert changes to cargo.toml and add import libs for required libraries
• Fix argparsing so -help=1 works (maybe separate PR)

Howto test:

.\build.ps1 dev
cd test
# Write a test.cpp
cl /c /EHsc /std:c++17 /MDd /fsanitize=fuzzer-no-link test.cpp #(if you don't have fuzzer-no-link on Windows, use /fsanitize-coverage=inline-8bit-counters /fsanitize-coverage=edge /fsanitize-coverage=trace-cmp /fsanitize-coverage=trace-div` instead).
link test.obj ..\target\debug\afl_libfuzzer_runtime.lib /OUT:fuzzer.exe

[domenukk]

FWIW the fork feature should not do anything on windows

[novafacing]

This seems to be 100% working now! Just need to do a style pass.

[tokatoka]

Nice 💯
Can you create a CI job?
Just like this guy
https://github.com/AFLplusplus/LibAFL/blob/main/.github/workflows/build_and_test.yml#L515

[novafacing]

Ok, adding a CI workflow today or maybe tomorrow (I have actual work to do but it should be relatively quick).

[domenukk]

Nice 💯 Can you create a CI job? Just like this guy https://github.com/AFLplusplus/LibAFL/blob/main/.github/workflows/build_and_test.yml#L515

Please do a justfile entry that is easy to run locally

[domenukk]

We need to land #3099

[tokatoka]

do you have any update?

[novafacing]

Not yet, sorry :) I've been super busy with some other stuff. Still on my radar, I'll finish it up when I have a chance.

[domenukk]

Status? We're going to do a new release soon

[domenukk]

I think fork as default is good for perf on non-windows, it's a nop on win

[novafacing]

I have it set below that on non-windows to keep things explicit and because tui_monitor needs to be default on non-win anyway, but I can change it if wanted.

[tokatoka]

@novafacing any update?

[novafacing]

Ok, added. Let's see if I can one-shot the test working :)

[novafacing]

Ok, looks like test is passing so this is ready for a real look :)

[domenukk]

LibAFL_Libfuzzer doesn't support Llmp?

[novafacing]

I guess it doesn't right now but no reason we couldn't add it. Could use llmp+multiprocessing on windows where we can't fork

[domenukk]

This will go out of date at some time but I don't have a good solution either

[novafacing]

Yeah unfortunately using e.g. clap is blocked on clap-rs/clap#1210 and I don't know of another good arg parsing library that supports this arg format

[domenukk]

Maybe call that guy from a justfile?

[novafacing]

Good idea, I'll add a justfile for libafl_libfuzzer and libafl_libfuzzer_runtime.

[domenukk]

Looks pretty good, awesome!

[novafacing]

Ok! I think we're good