moving fuzzers

fuzzers/baby/baby_fuzzer/src/main.rs

@@ -24,14 +24,15 @@ use libafl_bolts::{current_nanos, nonzero, rands::StdRand, tuples::tuple_list, A
 
 /// Coverage map with explicit assignments due to the lack of instrumentation
 static mut SIGNALS: [u8; 16] = [0; 16];
+#[allow(static_mut_refs)] // only a problem in nightly
 static mut SIGNALS_PTR: *mut u8 = unsafe { SIGNALS.as_mut_ptr() };
 
 /// Assign a signal to the signals map
 fn signals_set(idx: usize) {
     unsafe { write(SIGNALS_PTR.add(idx), 1) };
 }
 
-#[allow(clippy::similar_names, clippy::manual_assert)]
+#[expect(clippy::manual_assert)]
 pub fn main() {
     // The closure that we want to fuzz
     let mut harness = |input: &BytesInput| {
@@ -61,6 +62,7 @@ pub fn main() {
     };
 
     // Create an observation channel using the signals map
+    #[allow(static_mut_refs)] // only a problem in nightly
     let observer = unsafe { StdMapObserver::from_mut_ptr("signals", SIGNALS_PTR, SIGNALS.len()) };
 
     // Feedback to rate the interestingness of an input

fuzzers/baby/baby_fuzzer_custom_executor/src/main.rs

@@ -26,7 +26,8 @@ use libafl_bolts::{current_nanos, nonzero, rands::StdRand, tuples::tuple_list, A
 /// Coverage map with explicit assignments due to the lack of instrumentation
 static mut SIGNALS: [u8; 16] = [0; 16];
 static mut SIGNALS_PTR: *mut u8 = &raw mut SIGNALS as _;
-static SIGNALS_LEN: usize = unsafe { (*&raw const (SIGNALS)).len() };
+#[allow(static_mut_refs)] // only a problem in nightly
+static SIGNALS_LEN: usize = unsafe { SIGNALS.len() };
 
 /// Assign a signal to the signals map
 fn signals_set(idx: usize) {
@@ -81,7 +82,6 @@ where
     }
 }
 
-#[allow(clippy::similar_names, clippy::manual_assert)]
 pub fn main() {
     // Create an observation channel using the signals map
     let observer = unsafe { StdMapObserver::from_mut_ptr("signals", SIGNALS_PTR, SIGNALS_LEN) };

fuzzers/baby/baby_fuzzer_minimizing/src/main.rs

@@ -7,14 +7,14 @@ use libafl_bolts::prelude::*;
 
 /// Coverage map with explicit assignments due to the lack of instrumentation
 static mut SIGNALS: [u8; 16] = [0; 16];
+#[allow(static_mut_refs)] // only a problem in nightly
 static mut SIGNALS_PTR: *mut u8 = unsafe { SIGNALS.as_mut_ptr() };
 
 /// Assign a signal to the signals map
 fn signals_set(idx: usize) {
     unsafe { write(SIGNALS_PTR.add(idx), 1) };
 }
 
-#[allow(clippy::similar_names)]
 pub fn main() -> Result<(), Error> {
     // The closure that we want to fuzz
     let mut harness = |input: &BytesInput| {
@@ -34,6 +34,7 @@ pub fn main() -> Result<(), Error> {
     };
 
     // Create an observation channel using the signals map
+    #[allow(static_mut_refs)] // only a problem in nightly
     let observer = unsafe { StdMapObserver::from_mut_ptr("signals", SIGNALS_PTR, SIGNALS.len()) };
 
     let factory = MapEqualityFactory::new(&observer);

fuzzers/baby/baby_fuzzer_swap_differential/src/main.rs

@@ -61,8 +61,7 @@ mod slicemap {
 #[cfg(not(feature = "multimap"))]
 use slicemap::{HitcountsMapObserver, EDGES};
 
-#[allow(clippy::similar_names)]
-#[allow(clippy::too_many_lines)]
+#[expect(clippy::too_many_lines)]
 pub fn main() {
     // The closure that we want to fuzz
     let mut first_harness = |input: &BytesInput| {
@@ -144,6 +143,7 @@ pub fn main() {
             EDGES = core::slice::from_raw_parts_mut(alloc_zeroed(layout), num_edges * 2);
         }
 
+        #[allow(static_mut_refs)] // only a problem on nightly
         let edges_ptr = unsafe { EDGES.as_mut_ptr() };
 
         // create the base maps used to observe the different executors by splitting a slice

fuzzers/baby/baby_fuzzer_unicode/src/main.rs

@@ -25,14 +25,15 @@ use libafl_bolts::{rands::StdRand, tuples::tuple_list, AsSlice};
 /// Coverage map with explicit assignments due to the lack of instrumentation
 static mut SIGNALS: [u8; 64] = [0; 64];
 static mut SIGNALS_PTR: *mut u8 = (&raw mut SIGNALS).cast();
-static mut SIGNALS_LEN: usize = unsafe { (*&raw const SIGNALS).len() };
+#[allow(static_mut_refs)] // only a problem in nightly
+static mut SIGNALS_LEN: usize = unsafe { SIGNALS.len() };
 
 /// Assign a signal to the signals map
 fn signals_set(idx: usize) {
     unsafe { write(SIGNALS_PTR.add(idx), 1) };
 }
 
-#[allow(clippy::similar_names, clippy::manual_assert)]
+#[expect(clippy::manual_assert)]
 pub fn main() {
     // The closure that we want to fuzz
     let mut harness = |input: &BytesInput| {

fuzzers/baby/backtrace_baby_fuzzers/c_code_with_fork_executor/src/main.rs

@@ -34,7 +34,6 @@ extern "C" {
 
 }
 
-#[allow(clippy::similar_names)]
 pub fn main() {
     let mut shmem_provider = StdShMemProvider::new().unwrap();
     unsafe { create_shmem_array() };

fuzzers/baby/backtrace_baby_fuzzers/c_code_with_inprocess_executor/src/main.rs

@@ -26,7 +26,6 @@ extern "C" {
 
 }
 
-#[allow(clippy::similar_names)]
 pub fn main() {
     let mut harness = |input: &BytesInput| {
         let target = input.target_bytes();

fuzzers/baby/backtrace_baby_fuzzers/command_executor/build.rs

@@ -4,7 +4,7 @@ fn main() {
     let cwd = env::current_dir().unwrap().to_string_lossy().to_string();
     let mut cmd = cc::Build::new().get_compiler().to_command();
     cmd.args(["src/test_command.c", "-o"])
-        .arg(&format!("{}/test_command", &cwd))
+        .arg(format!("{}/test_command", &cwd))
         .arg("-fsanitize=address")
         .status()
         .unwrap();

fuzzers/baby/backtrace_baby_fuzzers/command_executor/src/main.rs

@@ -32,7 +32,6 @@ use libafl_bolts::{
     AsSlice, AsSliceMut,
 };
 
-#[allow(clippy::similar_names)]
 pub fn main() {
     let mut shmem_provider = unix_shmem::UnixShMemProvider::new().unwrap();
     let mut signals = shmem_provider.new_shmem(3).unwrap();
@@ -88,6 +87,8 @@ pub fn main() {
     }
 
     impl CommandConfigurator<BytesInput> for MyExecutor {
+        #[allow(unknown_lints)] // stable doesn't even know of the lint
+        #[allow(clippy::zombie_processes)] // only a problem on nightly
         fn spawn_child(&mut self, input: &BytesInput) -> Result<Child, Error> {
             let mut command = Command::new("./test_command");
 

fuzzers/baby/backtrace_baby_fuzzers/forkserver_executor/build.rs

@@ -40,7 +40,7 @@ fn main() {
 
     Command::new(afl_gcc_path)
         .args(["src/program.c", "-o"])
-        .arg(&format!("{}/target/release/program", &cwd))
+        .arg(format!("{}/target/release/program", &cwd))
         .arg("-fsanitize=address")
         .status()
         .unwrap();

fuzzers/baby/backtrace_baby_fuzzers/forkserver_executor/src/main.rs

@@ -28,7 +28,6 @@ use libafl_bolts::{
     AsSliceMut,
 };
 
-#[allow(clippy::similar_names)]
 pub fn main() {
     const MAP_SIZE: usize = 65536;
 

fuzzers/baby/backtrace_baby_fuzzers/rust_code_with_fork_executor/src/main.rs

@@ -22,12 +22,11 @@ use libafl_bolts::{
     nonzero,
     ownedref::OwnedRefMut,
     rands::StdRand,
-    shmem::{unix_shmem, ShMem, ShMemProvider},
+    shmem::{unix_shmem, ShMemProvider},
     tuples::tuple_list,
     AsSlice, AsSliceMut,
 };
 
-#[allow(clippy::similar_names)]
 pub fn main() {
     let mut shmem_provider = unix_shmem::UnixShMemProvider::new().unwrap();
     let mut signals = shmem_provider.new_shmem(16).unwrap();
@@ -66,6 +65,7 @@ pub fn main() {
     };
 
     // Create an observation channel using the signals map
+
     let observer = unsafe { StdMapObserver::from_mut_ptr("signals", signals_ptr, signals_len) };
     // Create a stacktrace observer
     let bt_observer = BacktraceObserver::new(

fuzzers/baby/backtrace_baby_fuzzers/rust_code_with_inprocess_executor/src/main.rs

@@ -22,14 +22,14 @@ use libafl_bolts::{nonzero, rands::StdRand, tuples::tuple_list, AsSlice};
 
 /// Coverage map with explicit assignments due to the lack of instrumentation
 static mut SIGNALS: [u8; 16] = [0; 16];
+#[allow(static_mut_refs)] // only a problem in nightly
 static mut SIGNALS_PTR: *mut u8 = unsafe { SIGNALS.as_mut_ptr() };
 
 /// Assign a signal to the signals map
 fn signals_set(idx: usize) {
     unsafe { write(SIGNALS_PTR.add(idx), 1) };
 }
 
-#[allow(clippy::similar_names)]
 pub fn main() {
     // The closure that we want to fuzz
     let mut harness = |input: &BytesInput| {
@@ -59,6 +59,7 @@ pub fn main() {
     };
 
     // Create an observation channel using the signals map
+    #[allow(static_mut_refs)] // only a problem in nightly
     let observer = unsafe { StdMapObserver::from_mut_ptr("signals", SIGNALS_PTR, SIGNALS.len()) };
     // Create a stacktrace observer to add the observers tuple
     let bt_observer = BacktraceObserver::owned(

fuzzers/baby/tutorial/src/input.rs

@@ -1,3 +1,4 @@
+#![expect(unexpected_cfgs)] // deriving NewFuzzed etc. introduces these
 use std::hash::Hash;
 
 use lain::prelude::*;

fuzzers/binary_only/frida_executable_libpng/src/fuzzer.rs

@@ -85,7 +85,7 @@ pub unsafe fn lib(main: extern "C" fn(i32, *const *const u8, *const *const u8) -
 }
 
 /// The actual fuzzer
-#[allow(clippy::too_many_lines, clippy::too_many_arguments)]
+#[expect(clippy::too_many_lines)]
 unsafe fn fuzz(
     options: &FuzzerOptions,
     mut frida_harness: &dyn Fn(&BytesInput) -> ExitKind,

fuzzers/binary_only/frida_executable_libpng/src/lib.rs

@@ -34,7 +34,6 @@ pub unsafe extern "C" fn main_hook(
 }
 
 #[no_mangle]
-#[allow(clippy::similar_names)]
 pub unsafe extern "C" fn __libc_start_main(
     main: extern "C" fn(i32, *const *const u8, *const *const u8) -> i32,
     argc: i32,

fuzzers/binary_only/frida_libpng/src/fuzzer.rs

@@ -66,7 +66,7 @@ pub fn main() {
 }
 
 /// The actual fuzzer
-#[allow(clippy::too_many_lines, clippy::too_many_arguments)]
+#[expect(clippy::too_many_lines)]
 unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> {
     log::info!("Frida fuzzer starting up.");
 

fuzzers/binary_only/frida_windows_gdiplus/src/fuzzer.rs

@@ -77,7 +77,7 @@ pub fn main() {
 }
 
 /// The actual fuzzer
-#[allow(clippy::too_many_lines, clippy::too_many_arguments)]
+#[expect(clippy::too_many_lines)]
 unsafe fn fuzz(options: &FuzzerOptions) -> Result<(), Error> {
     // 'While the stats are state, they are usually used in the broker - which is likely never restarted
     let monitor = MultiMonitor::new(|s| println!("{s}"));

fuzzers/binary_only/fuzzbench_fork_qemu/src/fuzzer.rs

@@ -243,7 +243,7 @@ fn fuzz(
     let cmplog = cmp_shmem.as_slice_mut();
 
     // Beginning of a page should be properly aligned.
-    #[allow(clippy::cast_ptr_alignment)]
+    #[expect(clippy::cast_ptr_alignment)]
     let cmplog_map_ptr = cmplog
         .as_mut_ptr()
         .cast::<libafl_qemu::modules::cmplog::CmpLogMap>();

fuzzers/binary_only/intel_pt_baby_fuzzer/src/main.rs

@@ -28,7 +28,7 @@ use proc_maps::get_process_maps;
 // Coverage map
 const MAP_SIZE: usize = 4096;
 static mut MAP: [u8; MAP_SIZE] = [0; MAP_SIZE];
-#[allow(static_mut_refs)]
+#[allow(static_mut_refs)] // only a problem in nightly
 static mut MAP_PTR: *mut u8 = unsafe { MAP.as_mut_ptr() };
 
 pub fn main() {

fuzzers/binary_only/intel_pt_command_executor/src/main.rs

@@ -25,7 +25,7 @@ use libafl_intelpt::{IntelPT, PAGE_SIZE};
 // Coverage map
 const MAP_SIZE: usize = 4096;
 static mut MAP: [u8; MAP_SIZE] = [0; MAP_SIZE];
-#[allow(static_mut_refs)]
+#[allow(static_mut_refs)] // only a problem in nightly
 static mut MAP_PTR: *mut u8 = unsafe { MAP.as_mut_ptr() };
 
 pub fn main() {

fuzzers/binary_only/qemu_cmin/src/fuzzer.rs

@@ -172,7 +172,6 @@ pub fn fuzz() -> Result<(), Error> {
 
     let mut feedback = MaxMapFeedback::new(&edges_observer);
 
-    #[allow(clippy::let_unit_value)]
     let mut objective = ();
 
     let mut state = state.unwrap_or_else(|| {

fuzzers/binary_only/qemu_coverage/src/fuzzer.rs

@@ -214,10 +214,8 @@ pub fn fuzz() {
             Err(Error::ShuttingDown)?
         }
 
-        #[allow(clippy::let_unit_value)]
         let mut feedback = ();
 
-        #[allow(clippy::let_unit_value)]
         let mut objective = ();
 
         let mut state = state.unwrap_or_else(|| {

fuzzers/binary_only/qemu_launcher/src/client.rs

@@ -27,7 +27,7 @@ use crate::{
     options::FuzzerOptions,
 };
 
-#[allow(clippy::module_name_repetitions)]
+#[expect(clippy::module_name_repetitions)]
 pub type ClientState =
     StdState<BytesInput, InMemoryOnDiskCorpus<BytesInput>, StdRand, OnDiskCorpus<BytesInput>>;
 
@@ -50,14 +50,14 @@ impl Client<'_> {
         Ok(args)
     }
 
-    #[allow(clippy::unused_self)] // Api should look the same as args above
+    #[expect(clippy::unused_self)] // Api should look the same as args above
     pub fn env(&self) -> Vec<(String, String)> {
         env::vars()
             .filter(|(k, _v)| k != "LD_LIBRARY_PATH")
             .collect::<Vec<(String, String)>>()
     }
 
-    #[allow(clippy::too_many_lines)]
+    #[expect(clippy::too_many_lines)]
     pub fn run<M: Monitor>(
         &self,
         state: Option<ClientState>,

fuzzers/binary_only/qemu_launcher/src/harness.rs

@@ -21,12 +21,12 @@ pub const MAX_INPUT_SIZE: usize = 1_048_576; // 1MB
 impl Harness {
     /// Change environment
     #[inline]
-    #[allow(clippy::ptr_arg)]
+    #[expect(clippy::ptr_arg)]
     pub fn edit_env(_env: &mut Vec<(String, String)>) {}
 
     /// Change arguments
     #[inline]
-    #[allow(clippy::ptr_arg)]
+    #[expect(clippy::ptr_arg)]
     pub fn edit_args(_args: &mut Vec<String>) {}
 
     /// Helper function to find the function we want to fuzz.
@@ -80,7 +80,7 @@ impl Harness {
 
     /// If we need to do extra work after forking, we can do that here.
     #[inline]
-    #[allow(clippy::unused_self)]
+    #[expect(clippy::unused_self)]
     pub fn post_fork(&self) {}
 
     pub fn run(&self, input: &BytesInput) -> ExitKind {

fuzzers/binary_only/qemu_launcher/src/instance.rs

@@ -73,7 +73,6 @@ pub struct Instance<'a, M: Monitor> {
 }
 
 impl<M: Monitor> Instance<'_, M> {
-    #[allow(clippy::similar_names)] // elf != self
     fn coverage_filter(&self, qemu: Qemu) -> Result<StdAddressFilter, Error> {
         /* Conversion is required on 32-bit targets, but not on 64-bit ones */
         if let Some(includes) = &self.options.include {
@@ -106,7 +105,7 @@ impl<M: Monitor> Instance<'_, M> {
         }
     }
 
-    #[allow(clippy::too_many_lines)]
+    #[expect(clippy::too_many_lines)]
     pub fn run<ET>(&mut self, modules: ET, state: Option<ClientState>) -> Result<(), Error>
     where
         ET: EmulatorModuleTuple<ClientState> + Debug,

fuzzers/binary_only/qemu_launcher/src/options.rs

@@ -11,7 +11,6 @@ use crate::version::Version;
 #[readonly::make]
 #[derive(Parser, Debug)]
 #[clap(author, version, about, long_about = None)]
-#[allow(clippy::module_name_repetitions)]
 #[command(
     name = format!("qemu_coverage-{}",env!("CPU_TARGET")),
     version = Version::default(),

fuzzers/forkserver/baby_fuzzer_with_forkexecutor/src/main.rs

@@ -25,10 +25,10 @@ use libafl_bolts::{
     AsSlice, AsSliceMut,
 };
 
-#[allow(clippy::similar_names)]
 pub fn main() {
     let mut shmem_provider = unix_shmem::UnixShMemProvider::new().unwrap();
     let mut signals = shmem_provider.new_shmem(16).unwrap();
+
     let signals_len = signals.as_slice().len();
     let signals_ptr = signals.as_slice_mut().as_mut_ptr();
 
@@ -64,6 +64,7 @@ pub fn main() {
     };
 
     // Create an observation channel using the signals map
+
     let observer = unsafe { StdMapObserver::from_mut_ptr("signals", signals_ptr, signals_len) };
     // Create a stacktrace observer to add the observers tuple
 

fuzzers/forkserver/forkserver_libafl_cc/src/main.rs

@@ -83,7 +83,6 @@ struct Opt {
     signal: Signal,
 }
 
-#[allow(clippy::similar_names)]
 pub fn main() {
     env_logger::init();