Andrea Fioraldi

I forgot to put sancov in the list when I wrote it on Discord, push this updated list: ``` { "__afl_area_ptr"; "__afl_manual_init"; "__afl_persistent_loop"; "__afl_auto_init"; "__afl_area_initial"; "__afl_prev_loc"; "__sanitizer_cov_trace_pc_guard"; "__sanitizer_cov_trace_pc_guard_init"; }; ```

Some build systems seem to require to have afl-llvm-rt also when compiling, in fact they were failing with the old afl. Agree that -E is a special case, problably as...

This is hard to achieve with a decent speed. Instead continuing with this, I'm rewriting AFL in frida so that it is injected in the process. Check out my frida-fuzzer...

You are linking this one and libfuzzer together in the same binary, remove -fsanitize=fuzzer

> @andreafioraldi ? I'll look at it on monday

This is a QEMU bug, not related to qemuafl, it is now fixed https://gitlab.com/qemu-project/qemu/-/issues/866 IMO we should simply cherry-pick the commits and backport to qemuafl. Please in case of bugs...

Inlined TCG is not thread safe, that's why the map update is in the helper

> Does QEMU serialize the execution of helpers between threads? no, but the helper is native code and so we can use the TLS for prev loc