* Fix watchpoint leak in ARM
* Builds fuzz targets with sanitizer support
* Builds fuzz targets with directory driver
* Adds script to dowlonad public corpus
* Adds CIfuzz
To checks Pull Requests with fuzzing
* Use static library for fuzz targets
* Less verbose logs for fuzz driver directory
* fix finding python path which only has python3.
* fix#1246, arm host issue.
* skip assembler tests on non-x86 host.
* update macro of dummy value.
* fix MSVC macro.
* update dummy array value macro.
* restore to original qemu code.
* Handle the cpu context save in a more pythonic way, so the context can be serialized and reuse in an other process using the same emulator architecture and modes
* Fix type error ; mistakes a size_t uint64_t ; breaks in 32bit...
* Fix the UAF situation when deleting a hook while being in a hook callback. Added an attribute 'to_delete' to hooks, and a list hooks_to_del to delay the free of the hooks
* Minor fixes ; forgot return type of clear_deleted_hooks ; do not declare variable in for predicate
This change removes the check for stop requests from the hook loop
macro.
Requests to stop emulation (uc_emu_stop) should only affect whether
the emulation stops. This isn't the case at present for the invocation
of hooks. If emulation is requested to be stopped (which is indicated
by `uc->stop_request`), the hooks will skip all execution. This means
that when the emulation stop is requested, some expected operations
may not occur before the emulation exits - leaving the system in an
inconsistent or broken state.
This is particularly obvious in the case where a CPU interrupt is
required, and a hook has been registered for such cases. The expected
operation is that the hook be called, and no CPU exception be raised
(because the hook has handled it). However, because of the short-cut
in the case where the `uc_emu_stop` function has been called out of
band (eg on another thread), this hook would not be called. In such
cases the execution would terminate with an error that an 'unhandled
CPU exception' occurred, and the hook would never have been called.
This probably affects other parts of the system, such as hooks which
handle remapping of memory on demand (UC_HOOK_MEM_READ_UNMAPPED and
friends) where the remap would not happen and instead an error about
the unmapped memory would be raised.
In all cases, it makes sense that execution continue normally until
the outer loop which controls the execution determines that the
emulation should stop. This will mean that for any given sequence of
events all the emulation operations are completed deterministically
regardless of when the stop request was received.
