AFLplusplus · vanhauser-thc · Jun 28, 2025 · Apr 29, 2025 · Jun 3, 2025 · Jun 4, 2025
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -9,7 +9,79 @@ on:
     branches:
       - dev # No need for stable-pull-request, as that equals dev-push
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 jobs:
+  check-compiler-passes-old:
+    runs-on: ubuntu-22.04
+    strategy:
+      matrix:
+        version: [14, 15]
+    env:
+      AFL_SKIP_CPUFREQ: 1
+      AFL_I_DONT_CARE_ABOUT_MISSING_CRASHES: 1
+    steps:
+      - uses: actions/checkout@v4
+      - name: update
+        run: sudo apt-get update && sudo apt-get upgrade -y
+      - name: debug
+        run: apt-cache search plugin-dev | grep gcc-; echo; apt-cache search clang-format- | grep clang-format-
+      - name: install packages
+        run: sudo apt-get install -y -m -f build-essential git libtool libtool-bin automake flex bison libglib2.0-0 libc++-dev findutils libcmocka-dev python3-dev python3-setuptools ninja-build python3-pip gcc-12-plugin-dev
+      - name: install llvm-tools
+        run: sudo apt install -y clang-${{ matrix.version }} llvm-${{ matrix.version }}
+      - name: install clang-rt (for llvm 15)
+        # because ubuntu-22.04 already has this package
+        if: matrix.version != '15'
+        run: sudo apt install -y libclang-${{ matrix.version }}-dev
+      - name: compiler installed
+        run: gcc -v; echo; clang -v
+      - name: build afl++
+        run: export NO_NYX=1; export ASAN_BUILD=1; export LLVM_CONFIG=llvm-config-${{ matrix.version }}; make ASAN_BUILD=1 NO_NYX=1 LLVM_CONFIG=llvm-config-${{ matrix.version }} all
+      - name: Check llvm passes
+        run: make ASAN_BUILD=1 NO_NYX=1 LLVM_CONFIG=llvm-config-${{ matrix.version }} llvm-build-test || exit 1
+      - name: run tests
+        run: sudo -E ./afl-system-config; make tests
+  check-compiler-passes-new:
+    runs-on: ubuntu-24.04
+    strategy:
+      matrix:
+        version: [16, 17, 18, 19, 20]
+    env:
+      AFL_SKIP_CPUFREQ: 1
+      AFL_I_DONT_CARE_ABOUT_MISSING_CRASHES: 1
+    steps:
+      - uses: actions/checkout@v4
+      - name: update
+        run: sudo apt-get update && sudo apt-get upgrade -y
+      - name: debug
+        run: apt-cache search plugin-dev | grep gcc-; echo; apt-cache search clang-format- | grep clang-format-
+      - name: install packages
+        run: sudo apt-get install -y -m -f build-essential git libtool libtool-bin automake flex bison libglib2.0-0 libc++-dev findutils libcmocka-dev python3-dev python3-setuptools ninja-build python3-pip gcc-12-plugin-dev
+      - name: install llvm-tools (20)
+        if: matrix.version == '20'
+        run: |
+          wget https://apt.llvm.org/llvm.sh
+          chmod +x llvm.sh
+          sudo ./llvm.sh ${{ matrix.version }}
+          sudo update-alternatives --install /usr/bin/clang clang /usr/bin/clang-${{ matrix.version }} 200
+      - name: install llvm-tools
+        if: matrix.version != '20'
+        run: sudo apt install -y clang-${{ matrix.version }} llvm-${{ matrix.version }}
+      - name: install clang-rt
+        if: matrix.version != '20'
+        run: sudo apt install -y libclang-${{ matrix.version }}-dev
+      - name: compiler installed
+        run: gcc -v; echo; clang -v
+      - name: build afl++
+        run: export NO_NYX=1; export ASAN_BUILD=1; export LLVM_CONFIG=llvm-config-${{ matrix.version }}; make ASAN_BUILD=1 NO_NYX=1 LLVM_CONFIG=llvm-config-${{ matrix.version }} all
+      - name: Check llvm passes
+        run: make ASAN_BUILD=1 NO_NYX=1 LLVM_CONFIG=llvm-config-${{ matrix.version }} llvm-build-test || exit 1
+      - name: run tests
+        run: sudo -E ./afl-system-config; make tests
+
   linux:
     runs-on: "${{ matrix.os }}"
     strategy:
@@ -31,7 +103,7 @@ jobs:
       - name: install gcc plugin
         run: sudo apt-get install -y -m -f --install-suggests $(readlink /usr/bin/gcc)-plugin-dev
       - name: build afl++
-        run: export NO_NYX=1; export ASAN_BUILD=1; export LLVM_CONFIG=llvm-config-12; make ASAN_BUILD=1 NO_NYX=1 LLVM_CONFIG=llvm-config-12 distrib
+        run: export NO_NYX=1; export ASAN_BUILD=1; export LLVM_CONFIG=llvm-config-15; make ASAN_BUILD=1 NO_NYX=1 LLVM_CONFIG=llvm-config-15 distrib
       - name: run tests
         run: sudo -E ./afl-system-config; make tests
   macos:

diff --git a/.github/workflows/code-format.yml b/.github/workflows/code-format.yml
@@ -9,6 +9,10 @@ on:
     branches:
       - dev # No need for stable-pull-request, as that equals dev-push
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 jobs:
   code-format-check:
     name: Check code format

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -9,6 +9,10 @@ on:
     branches:
       - dev # No need for stable-pull-request, as that equals dev-push
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 jobs:
   analyze:
     name: Analyze

diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
@@ -10,6 +10,10 @@ on:
     branches:
       - dev # No need for stable-pull-request, as that equals dev-push
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 jobs:
   build-and-test-amd64:
     name: Test amd64 image

diff --git a/.github/workflows/rust_custom_mutator.yml b/.github/workflows/rust_custom_mutator.yml
@@ -9,6 +9,10 @@ on:
     branches:
       - dev # No need for stable-pull-request, as that equals dev-push
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 jobs:
   test:
     name: Test Rust Custom Mutator Support

diff --git a/.gitignore b/.gitignore
@@ -108,6 +108,8 @@ utils/persistent_mode/persistent_demo
 utils/persistent_mode/persistent_demo_new
 utils/persistent_mode/persistent_demo_new_compat
 utils/persistent_mode/test-instr
+utils/qemu_persistent_hook/mipsel_test
+utils/qemu_persistent_hook/test
 utils/replay_record/persistent_demo_replay
 utils/replay_record/persistent_demo_replay_compat
 utils/replay_record/persistent_demo_replay_argparse

diff --git a/Dockerfile b/Dockerfile
@@ -5,7 +5,7 @@
 # GCC 11 is used instead of 12 because genhtml for afl-cov doesn't like it.
 #
 
-FROM ubuntu:22.04 AS aflplusplus
+FROM ubuntu:24.04 AS aflplusplus
 LABEL "maintainer"="AFL++ team <afl@aflplus.plus>"
 LABEL "about"="AFLplusplus container image"
 
@@ -17,7 +17,7 @@ ENV NO_NYX=1
 
 ### Only change these if you know what you are doing:
 # Current recommended LLVM version is 16
-ENV LLVM_VERSION=16
+ENV LLVM_VERSION=19
 # GCC 12 is producing compile errors for some targets so we stay at GCC 11
 ENV GCC_VERSION=11
 
@@ -32,8 +32,8 @@ RUN apt-get update && apt-get full-upgrade -y && \
     apt-get install -y --no-install-recommends wget ca-certificates apt-utils && \
     rm -rf /var/lib/apt/lists/*
 
-RUN echo "deb [signed-by=/etc/apt/keyrings/llvm-snapshot.gpg.key] http://apt.llvm.org/jammy/ llvm-toolchain-jammy-${LLVM_VERSION} main" > /etc/apt/sources.list.d/llvm.list && \
-    wget -qO /etc/apt/keyrings/llvm-snapshot.gpg.key https://apt.llvm.org/llvm-snapshot.gpg.key
+#RUN echo "deb [signed-by=/etc/apt/keyrings/llvm-snapshot.gpg.key] http://apt.llvm.org/jammy/ llvm-toolchain-jammy-${LLVM_VERSION} main" > /etc/apt/sources.list.d/llvm.list && \
+#    wget -qO /etc/apt/keyrings/llvm-snapshot.gpg.key https://apt.llvm.org/llvm-snapshot.gpg.key
 
 RUN apt-get update && \
     apt-get -y install --no-install-recommends \
@@ -65,8 +65,8 @@ RUN update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-${GCC_VERSION} 0
     update-alternatives --install /usr/bin/clang clang /usr/bin/clang-${LLVM_VERSION} 0 && \
     update-alternatives --install /usr/bin/clang++ clang++ /usr/bin/clang++-${LLVM_VERSION} 0
 
-RUN wget -qO- https://sh.rustup.rs | CARGO_HOME=/etc/cargo sh -s -- -y -q --no-modify-path
-ENV PATH=$PATH:/etc/cargo/bin
+#RUN wget -qO- https://sh.rustup.rs | CARGO_HOME=/etc/cargo sh -s -- -y -q --no-modify-path
+#ENV PATH=$PATH:/etc/cargo/bin
 
 RUN apt clean -y
 

diff --git a/GNUmakefile b/GNUmakefile
@@ -255,17 +255,6 @@ ifeq "$(PYTHON_INCLUDE)" ""
   endif
 endif
 
-# Old Ubuntu and others dont have python/python2-config so we hardcode 2.7
-ifeq "$(PYTHON_INCLUDE)" ""
-  ifneq "$(shell command -v python2.7 2>/dev/null)" ""
-    ifneq "$(shell command -v python2.7-config 2>/dev/null)" ""
-      PYTHON_INCLUDE  := $(shell python2.7-config --includes)
-      PYTHON_LIB      := $(shell python2.7-config --ldflags)
-      PYTHON_VERSION  := $(strip $(shell python2.7 --version 2>&1))
-    endif
-  endif
-endif
-
 ifdef SOURCE_DATE_EPOCH
     BUILD_DATE ?= $(shell date -u -d "@$(SOURCE_DATE_EPOCH)" "+%Y-%m-%d" 2>/dev/null || date -u -r "$(SOURCE_DATE_EPOCH)" "+%Y-%m-%d" 2>/dev/null || date -u "+%Y-%m-%d")
 else
@@ -356,6 +345,11 @@ llvm:
 	-$(MAKE) -j$(nproc) -f GNUmakefile.llvm
 	@test -e afl-cc || { echo "[-] Compiling afl-cc failed. You seem not to have a working compiler." ; exit 1; }
 
+llvm-build-test:
+	$(MAKE) -j$(nproc) -f GNUmakefile.llvm
+	@test -e afl-cc || { echo "[-] Compiling afl-cc failed. You seem not to have a working compiler." ; exit 1; }
+
+
 .PHONY: gcc_plugin
 gcc_plugin:
 ifneq "$(SYS)" "Darwin"

diff --git a/README.md b/README.md
@@ -2,9 +2,9 @@
 
 <img align="right" src="https://raw.githubusercontent.com/AFLplusplus/Website/main/static/aflpp_bg.svg" alt="AFL++ logo" width="250" height="250">
 
-Release version: [4.32c](https://github.com/AFLplusplus/AFLplusplus/releases)
+Release version: [4.33c](https://github.com/AFLplusplus/AFLplusplus/releases)
 
-GitHub version: 4.33a
+GitHub version: 4.33c
 
 Repository:
 [https://github.com/AFLplusplus/AFLplusplus](https://github.com/AFLplusplus/AFLplusplus)

diff --git a/afl-addseeds b/afl-addseeds
@@ -1,6 +1,8 @@
 #!/bin/sh
 
-test -z "$1" -o "$1" = "-h" -o "$1" = "--help" && {
+test -z "$1" -o "$1" = "-h" -o "$1" = "-hh" -o "$1" = "--help" && {
+  echo afl-addseeds by Marc Heuse
+  echo
   echo Syntax: afl-addseeds -o afl-out-dir [-i seed_file_or_dir] seed_file_or_seed_dir seed_file_or_seed_dir ...
   echo
   echo Options:

diff --git a/afl-cmin b/afl-cmin
@@ -3,6 +3,7 @@ THISPATH=`dirname ${0}`
 
 # call afl-cmin.py if it can be executed successfully.
 if $THISPATH/afl-cmin.py --help > /dev/null 2>&1; then
+  test "$1" = "-h" -o "$1" = "-hh" && { echo afl-cmin.py; echo; }
   exec $THISPATH/afl-cmin.py "$@"
 fi
 
@@ -107,6 +108,8 @@ function getopt(argc, argv, options,    thisopt, i)
 
 function usage() {
    print \
+"afl-cmin\n" \
+"\n" \
 "afl-cmin [ options ] -- /path/to/target_app [ ... ]\n" \
 "\n" \
 "Required parameters:\n" \