From c193b20fad04e0928ecdf519fc8dfacf34083922 Mon Sep 17 00:00:00 2001
From: Kyle Zeng <zengyhkyle@gmail.com>
Date: Fri, 10 May 2024 13:20:44 -0700
Subject: [PATCH 1/2] resend alarm signal if we happen to be running __del__

---
 angrop/rop_utils.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/angrop/rop_utils.py b/angrop/rop_utils.py
index 987e5f1..9d13cb6 100644
--- a/angrop/rop_utils.py
+++ b/angrop/rop_utils.py
@@ -312,6 +312,14 @@ def step_to_unconstrained_successor(project, state, max_steps=2, allow_simproced
 def timeout(seconds_before_timeout):
     def decorate(f):
         def handler(signum, frame):# pylint:disable=unused-argument
+            # Exception during __del__ will be ignore
+            # so if we happen to hit a __del__, retry the alarm
+            # reference: https://docs.python.org/3/reference/datamodel.html#object.__del__
+            while frame.f_back:
+                if frame.f_code.co_name == '__del__':
+                    signal.setitimer(signal.ITIMER_REAL, 0.1, 0)
+                    return
+                frame = frame.f_back
             print("[angrop] Timeout")
             raise RopException("[angrop] Timeout!")
         def new_f(*args, **kwargs):

From d8f61449cf820d0c46f7783d400e025ec7241f01 Mon Sep 17 00:00:00 2001
From: Kyle Zeng <zengyhkyle@gmail.com>
Date: Fri, 10 May 2024 13:28:11 -0700
Subject: [PATCH 2/2] linting

---
 angrop/rop_chain.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/angrop/rop_chain.py b/angrop/rop_chain.py
index b4880ee..70bb40c 100644
--- a/angrop/rop_chain.py
+++ b/angrop/rop_chain.py
@@ -137,7 +137,12 @@ def _concretize_chain_values(self, constraints=None, timeout=None, preserve_next
         concretize chain values with a timeout
         """
         if self.next_pc_idx() is not None:
-            return (self + self._rop.chain_builder.shift(self._p.arch.bytes))._concretize_chain_values(constraints=constraints, timeout=timeout, preserve_next_pc=preserve_next_pc)
+            # make sure we don't leave a dangling `next_pc` value in the chain
+            # which may corrupt chain concatenation at byte-level
+            full_chain = self + self._rop.chain_builder.shift(self._p.arch.bytes)
+            return full_chain._concretize_chain_values( constraints=constraints,
+                                                        timeout=timeout,
+                                                        preserve_next_pc=preserve_next_pc)
         if timeout is None:
             timeout = self._timeout
         values = rop_utils.timeout(timeout)(self.__concretize_chain_values)(constraints=constraints)