Reject BPF program if uninitialized stack or registers are accessed during interpret path

[Alan-Jowett]

This pull request includes changes to improve the ubpf library. The most important changes include adding a new libfuzzer based fuzzer, modifying the LLVMFuzzerTestOneInput function to compare the results of the interpreter and JIT compiler, adding a bash script to split the fuzzer input into a program and memory, and adding bounds checking for memory accesses.

Improvements to fuzzing:

• libfuzzer/README.md: Added instructions for building and running a new libfuzzer based fuzzer.
• libfuzzer/libfuzz_harness.cc: Modified the LLVMFuzzerTestOneInput function to compare the results of the interpreter and JIT compiler, and to ensure the program length is a multiple of sizeof(ebpf_inst). [1] [2]
• libfuzzer/split.sh: Added a bash script to split the fuzzer input into a program and memory, and to disassemble the program.

Improvements to disassembler:

• ubpf/disassembler.py: Modified the disassemble_one function to append " local" to the opcode name if the source register is 1. [1] [2]

Improvements to JIT compiler:

• vm/ubpf_jit_x86_64.c: Added code to truncate the target register to 32 bits for ALU32 instructions.
• vm/ubpf_jit_x86_64.h: Added the emit_truncate_u32 function to emit instructions to truncate a register to 32 bits.

Improvements to VM:

• vm/ubpf_vm.c: Added bounds checking for memory accesses, and added checks to ensure registers are initialized before they are read. Also fixed a bug in the EBPF_OP_JEQ32_REG instruction. [1] [2] [3] [4] [5] [6] [7] [8] [9]

[coveralls]

coverage: 81.261% (-0.9%) from 82.171% when pulling f295857513206fb2df44de2165fabbbec7274cc3 on Alan-Jowett:ub_check into 6789eee65a2cf5590641987f3c6ac2bcd4a37f8b on iovisor:main.