QEMU meson detects all shared lib on the system which might be used by QEMU and links them. This is not a preferred behavior as it depends on the system which it is running on and its installed packages. As long as libafl_qemu does not detect all shared libs in its build_linux.rs, one needs to add them manually (https://github.com/AFLplusplus/LibAFL/blob/main/libafl_qemu/build_linux.rs#L299-L315). By disabling all features by default, this problem can be circumvented. If a specific feature is needed and present on a system, one can still enable it using the CLI flags --enable-{feature}.

I already tested this change and it does not break the libafl fuzzer qemu_launcher.

Currently, does not seem to build for the ARM target, and probably also not aarch64, due to a copy-paste error:

../target/arm/translate.c: In function ‘op_s_rri_rot’:
../target/arm/translate.c:5543:40: error: ‘tmp2’ undeclared (first use in this function); did you mean ‘tmp1’?
 5543 |       libafl_gen_cmp(s->pc_curr, tmp1, tmp2, MO_32);
      |                                        ^~~~
      |                                        tmp1

This seems to fix the build. However, I am not sure the current code makes sense, since it seems to be a comparison with a (possibly) rotated immediate value. Not sure there need to be cmplog hooks placed on that?

Removing the wildcard for configuration flags, enabling QEMU meson flags.

Problem: ./configure --help indicated that additional flags will be passed through to meson. ./configure --disable-tmp should be handled by meson, but throws an error due to the wildcard in front of it in the configure file. Probably a merge issue as the QEMU vanilla repo does not have this wildcard.

Works:

../configure --as-shared-lib --target-list=x86_64-linux-user --disable-blobs --disable-bsd-user --disable-fdt
make -j

Doesn't works:

../configure --as-shared-lib --target-list=arm-linux-user --disable-blobs --disable-bsd-user --disable-fdt
make -j