Support fuzz coverage feedback for more than one target

[dergoegge]

Currently only one target is supported but it should be possible to fuzz multiple e.g. bitcoinds at the same time (just like we do in the functional tests).

If the current approach is kept, then somehow the different targets need to write to a different range in the nyx agent's tracing map. Currently there is only one target that writes to the whole map:

fuzzamoto/src/nyx-agent.c

Lines 57 to 67 in f7ca464

	key_t key = ftok("/tmp", 'T'); // 'T' for trace
	int shmid = shmget(key, agent_config.coverage_bitmap_size, IPC_CREAT | 0666);
	if (shmid == -1) {
	habort("Error: Failed to create shared memory segment for trace buffer");
	}
	// Write trace buffer shmemid to __AFL_SHM_ID env variable
	char shmid_str[16];
	memset(shmid_str, 0, sizeof(shmid_str));
	snprintf(shmid_str, sizeof(shmid_str), "%d", shmid);
	setenv("__AFL_SHM_ID", shmid_str, 1);

Alternatively, full-system coverage with intel-pt could be explored.