v1.1: Sandbox configuration

This release is about sandboxing. I have spent some time this past few weeks fuzzing and tinkering with sandbox safety. I have also removed a bunch of code that was not used a lot, reducing attack surface. Some effort has been made to use pointers less. For example, an execute segment is now required at all times, passed only by reference. Instead of a null-check, the default execute segment is an empty segment. I've also added more modes to the fuzzer in an attempt to fuzz APIs I consider part of (or potentially part of) a safe sandboxing configuration. More fuzzing is needed, of course, but I'm happy with the progress.

The C API has been getting some improvements too. There is now enough API to make function calls into the guest programs.

What's Changed

• The C API has expanded to cover VM function calls
• Added SECURITY.md which documents a safe sandbox configuration
• Added a Nelua example program
• 32- and 64-bit can be individually disabled in CMake in order to reduce build times
• A new tiny templated ELF header has replaced the old long version
• Added a benchmark against Luau

PRs

• Pass instruction counters in registers to simulate() by @fwsGonzo in #110
• Use templates for ELF parsing, and remove the large C header by @fwsGonzo in #111
• Use registers for counters when entering and leaving binary translation by @fwsGonzo in #114
• Make instantiation of 32- and 64-bit ISAs a CMake option by @fwsGonzo in #115
• Pass PC as register to simulate() and next_exec_seg() by @fwsGonzo in #116
• Make reordering bytecodes easier by @fwsGonzo in #120
• Reorganize members, add alignment hints, move atomics to Memory by @fwsGonzo in #121
• Add C API functions related to VM calls by @fwsGonzo in #123
• Simplify memory helper functions, removing memview and foreach by @fwsGonzo in #124

Full Changelog: v1.0...v1.1