experimental x86 support for compcov in QEMU

2025-06-13 02:28:09 +00:00 · 2019-07-19 00:55:41 +02:00
parent 5b2cb426be
commit 81dd1aea82
6 changed files with 320 additions and 10 deletions
--- a/qemu_mode/patches/afl-qemu-cpu-inl.h
+++ b/qemu_mode/patches/afl-qemu-cpu-inl.h
@ -9,7 +9,8 @@

   TCG instrumentation and block chaining support by Andrea Biondo
                                      <andrea.biondo965@gmail.com>
-   QEMU 3.1.0 port and thread-safety by Andrea Fioraldi
+
+   QEMU 3.1.0 port, TCG thread-safety and CompareCoverage by Andrea Fioraldi
                                      <andreafioraldi@gmail.com>

   Copyright 2015, 2016, 2017 Google Inc. All rights reserved.
@ -65,6 +66,8 @@ abi_ulong afl_entry_point, /* ELF entry point (_start) */
          afl_start_code,  /* .text start pointer      */
          afl_end_code;    /* .text end pointer        */

+u8 afl_enable_compcov;
+
 /* Set in the child process in forkserver mode: */

 static int forkserver_installed = 0;
@ -156,6 +159,12 @@ static void afl_setup(void) {
    afl_end_code   = (abi_ulong)-1;

  }
+  
+  if (getenv("AFL_QEMU_COMPCOV")) {
+
+fprintf(stderr, "EEe\n");  
+    afl_enable_compcov = 1;
+  }

  /* pthread_atfork() seems somewhat broken in util/rcu.c, and I'm
     not entirely sure what is the cause. This disables that