metasm 1.0.0 → 1.0.5

data/{lib/metasm → metasm}/gui/dasm_hex.rb

@@ -27,7 +27,7 @@ class HexWidget < DrawableWidget
 		@oldcaret_x_data = 42
 		@focus_zone = @oldfocus_zone = :hex
 		@addr_min = @dasm.sections.keys.grep(Integer).min rescue nil
-		@addr_max = @dasm.sections.map { |s, e| s + e.length }.max rescue nil
+		@addr_max = @dasm.sections.select { |s, _| s.kind_of?(Integer) }.map { |s, e| s + e.length }.max rescue nil
 		@view_addr = @dasm.prog_binding['entrypoint'] || @addr_min || 0
 		@show_address = @show_data = @show_ascii = true
 		@data_size = 1
@@ -42,12 +42,11 @@ class HexWidget < DrawableWidget
 		@relative_addr = nil	# show '+42h' in the addr column if not nil
 		@hl_curbyte = true	# draw grey bg for current byte
 
-		@default_color_association = { :ascii => :black, :data => :black,
-			  :address => :blue, :caret => :black, :background => :white,
-			  :write_pending => :darkred, :caret_mirror => :palegrey }
+		@default_color_association = ColorTheme.merge :ascii => :black, :data => :black,
+			  :write_pending => :darkred, :caret_mirror => :palegrey
 	end
 
-	def resized(w, h)
+	def resized(w=width, h=height)
 		wc = w/@font_width
 		hc = h/@font_height
 		ca = current_address
@@ -103,6 +102,7 @@ class HexWidget < DrawableWidget
 			end
 		else
 			@data_size = {1 => 2, 2 => 4, 4 => 8, 8 => 1}[@data_size]
+			resized
 		end
 		redraw
 	end
@@ -350,8 +350,8 @@ class HexWidget < DrawableWidget
 				else
 					case v = key
 					when ?0..?9; v -= ?0
-					when ?a..?f; v -= ?a-10
-					when ?A..?F; v -= ?A-10
+					when ?a..?f; v -= ?a - 10
+					when ?A..?F; v -= ?A - 10
 					else return false
 					end
 				end
@@ -392,11 +392,15 @@ class HexWidget < DrawableWidget
 
 	# pop a dialog, scans the sections for a hex pattern
 	def prompt_search_hex
-		inputbox('hex pattern to search (hex regexp, use .. for wildcard)') { |pat|
+		text = ''
+		if current_address.kind_of?(::Integer)
+			text = Expression.encode_imm(current_address, "u#{@dasm.cpu.size}".to_sym, @dasm.cpu).unpack('H*').first
+		end
+		inputbox('hex pattern to search (hex regexp, use .. for wildcard)', :text => text) { |pat|
 			pat = pat.gsub(' ', '').gsub('..', '.').gsub(/[0-9a-f][0-9a-f]/i) { |o| "\\x#{o}" }
 			pat = Regexp.new(pat, Regexp::MULTILINE, 'n')	# 'n' = force ascii-8bit
 			list = [['addr']] + @dasm.pattern_scan(pat).map { |a| [Expression[a]] }
-			listwindow("hex search #{pat}", list) { |i| focus_addr i[0] }
+			listwindow("hex search #{pat}", list) { |i| @parent_widget.focus_addr i[0] }
 		}
 	end
 
@@ -404,7 +408,7 @@ class HexWidget < DrawableWidget
 	def prompt_search_ascii
 		inputbox('data pattern to search (regexp)') { |pat|
 			list = [['addr']] + @dasm.pattern_scan(/#{pat}/).map { |a| [Expression[a]] }
-			listwindow("data search #{pat}", list) { |i| focus_addr i[0] }
+			listwindow("data search #{pat}", list) { |i| @parent_widget.focus_addr i[0] }
 		}
 	end
 
@@ -483,7 +487,7 @@ class HexWidget < DrawableWidget
 		}
 		@write_pending.clear
 	rescue
-		@parent_widget.messagebox($!, $!.class.to_s)
+		@parent_widget.messagebox($!.message.to_s, $!.class.to_s)
 	end
 
 	def get_cursor_pos
@@ -534,7 +538,7 @@ class HexWidget < DrawableWidget
 
 	def gui_update
 		@addr_min = @dasm.sections.keys.grep(Integer).min rescue nil
-		@addr_max = @dasm.sections.map { |s, e| s + e.length }.max rescue nil
+		@addr_max = @dasm.sections.select { |s, _| s.kind_of?(Integer) }.map { |s, e| s + e.length }.max rescue nil
 		@raw_data_cache.clear
 		redraw
 	end

data/{lib/metasm → metasm}/gui/dasm_listing.rb

@@ -28,10 +28,8 @@ class AsmListingWidget < DrawableWidget
 		@maxaddr = (addrs.max + @dasm.sections[addrs.max].length rescue (1 << @dasm.cpu.size))
 		@startaddr = @dasm.prog_binding['entrypoint'] || @minaddr
 
-		@default_color_association = { :comment => :darkblue, :label => :darkgreen, :text => :black,
-			  :instruction => :black, :address => :blue, :caret => :black, :raw_data => :black,
-			  :background => :white, :cursorline_bg => :paleyellow, :hl_word => :palered,
-			  :arrows_bg => :palegrey, :arrow_up => :darkblue, :arrow_dn => :darkyellow, :arrow_hl => :red }
+		@default_color_association = ColorTheme.merge :raw_data => :black, :arrows_bg => :palegrey,
+			:arrow_up => :darkblue, :arrow_dn => :darkyellow, :arrow_hl => :red
 	end
 
 	def resized(w, h)
@@ -55,11 +53,26 @@ class AsmListingWidget < DrawableWidget
 
 	def click(x, y)
 		set_caret_from_click(x - @arrow_zone_w, y)
+		@caret_x = 0 if @caret_x < 0
 	end
 
 	def rightclick(x, y)
 		click(x, y)
-		@parent_widget.clone_window(@hl_word, :listing)
+		cx = (x - @arrow_zone_w) / @font_width
+		cy = y / @font_height
+		if cx > 0
+			m = new_menu
+			cm = new_menu
+			addsubmenu(cm, 'copy _word') { clipboard_copy(@hl_word) if @hl_word }
+			addsubmenu(cm, 'copy _line') { clipboard_copy(@line_text[cy]) if @line_text[cy] }
+			addsubmenu(cm, 'copy _all')  { clipboard_copy(@line_text.join("\r\n")) }	# XXX auto \r\n vs \n
+			addsubmenu(m, '_clipboard', cm)
+			addsubmenu(m, 'clone _window') { @parent_widget.clone_window(@hl_word, :listing) }
+			if @parent_widget.respond_to?(:extend_contextmenu)
+				@parent_widget.extend_contextmenu(self, m, @line_address[@caret_y])
+			end
+			popupmenu(m, x, y)
+		end
 	end
 
 	def doubleclick(x, y)
@@ -118,19 +131,7 @@ class AsmListingWidget < DrawableWidget
 		render = lambda { |str, color|
 			# function ends when we write under the bottom of the listing
 			next if not str or y >= w_h or x >= w_w
-			if @hl_word and @hl_word != ''
-				stmp = str
-				pre_x = 0
-				while stmp =~ /^(.*?)(\b#{Regexp.escape @hl_word}\b)/
-					s1, s2 = $1, $2
-					pre_x += s1.length * @font_width
-					hl_x = s2.length * @font_width
-					draw_rectangle_color(:hl_word, x+pre_x, y, hl_x, @font_height)
-					pre_x += hl_x
-					stmp = stmp[s1.length+s2.length..-1]
-				end
-			end
-			draw_string_color(color, x, y, str)
+			draw_string_hl(color, x, y, str)
 			x += str.length * @font_width
 		}
 
@@ -275,6 +276,12 @@ class AsmListingWidget < DrawableWidget
 
 	def keypress(key)
 		case key
+		when ?u	# undef data formatting with ?d
+			addr = current_address
+			if not @dasm.decoded[addr] and @dasm.xrefs[addr].kind_of?(Xref)
+				@dasm.xrefs.delete addr
+				gui_update
+			end
 		when :left
 			if @caret_x >= 1
 				@caret_x -= 1
@@ -315,6 +322,8 @@ class AsmListingWidget < DrawableWidget
 		when :end
 			@caret_x = @line_text[@caret_y].to_s.length
 			update_caret
+		when :popupmenu
+			rightclick(@caret_x*@font_width + @arrow_zone_w+1, @caret_y*@font_height)
 		else return false
 		end
 		true
@@ -422,16 +431,18 @@ class AsmListingWidget < DrawableWidget
 					# ary
 					di.block.each_from_samefunc(@dasm) { |addr|
 						addr = @dasm.normalize addr
-						next if not addr.kind_of? ::Integer or (ndi = @dasm.di_at(addr) and ndi.next_addr == curaddr)
+						# block.list.last for delayslot
+						next if ndi = @dasm.di_at(addr) and ndi.block.list.last.next_addr == curaddr
 						arrows_addr << [addr, curaddr]
 					}
 				end
 				if di.block.list.last == di
+					# kikoo delayslot
+					rdi = di.block.list[-[4, di.block.list.length].min, 4].reverse.find { |_di| _di.opcode.props[:setip] } || di
 					di.block.each_to_samefunc(@dasm) { |addr|
 						addr = @dasm.normalize addr
-						next if not addr.kind_of? ::Integer or (di.next_addr == addr and
-								(not di.opcode.props[:saveip] or di.block.to_subfuncret))
-						arrows_addr << [curaddr, addr]
+						next if di.next_addr == addr and (not rdi.opcode.props[:saveip] or rdi.block.to_subfuncret)
+						arrows_addr << [rdi.address, addr]
 					}
 				end
 				str_c << ["#{Expression[di.address]}    ", :address]
@@ -485,11 +496,11 @@ class AsmListingWidget < DrawableWidget
 							xlen ||= xref.len || 1 if xref.len
 							comment << " #{xref.type}#{xref.len}:#{Expression[xref.origin]}" if xref.origin
 						} if @dasm.xrefs[curaddr]
-						len = xlen if xlen and xlen > 2	# db xref may point a string
+						len = xlen if xlen and xlen >= 2	# db xref may point a string
 						comment = nil if comment.empty?
 						len = (1..len).find { |l| @dasm.xrefs[curaddr+l] or s.inv_export[s.ptr+l] or s.reloc[s.ptr+l] } || len
 						str = str[0, len] if len < str.length
-						str = str.pack('C*').unpack(@dasm.cpu.endianness == :big ? 'n*' : 'v*') if len == 2
+						str = str.pack('C*').unpack(@dasm.cpu.endianness == :big ? 'n*' : 'v*') if xlen == 2
 						if (xlen == 1 or xlen == 2) and asc = str.inject('') { |asc_, c|
 								case c
 								when 0x20..0x7e, 9, 10, 13; asc_ << c
@@ -534,7 +545,7 @@ class AsmListingWidget < DrawableWidget
 						comment = []
 						@dasm.each_xref(curaddr) { |xref|
 							len = xref.len if xref.len
-							comment << " #{xref.type}#{xref.len}:#{Expression[xref.origin]} "
+							comment << " #{xref.type}#{xref.len}:#{Expression[xref.origin] if xref.origin} "
 						}
 						len = 1 if (len != 2 and len != 4 and len != 8) or len < 1
 						dat = "#{%w[x db dw x dd x x x dq][len]} ? "
@@ -578,9 +589,13 @@ class AsmListingWidget < DrawableWidget
 		prev_arrows = @arrows
 		addr_line = {}		# addr => last line (di)
 		@line_address.each_with_index { |a, l| addr_line[a] = l }
-		@arrows = arrows_addr.uniq.sort.map { |from, to|
-			[(addr_line[from] || (from < curaddr ? :up : :down) rescue :up),
-			 (addr_line[ to ] || ( to  < curaddr ? :up : :down) rescue :up)]
+		@arrows = arrows_addr.uniq.find_all { |from, to|
+			((from-curaddr)+(to-curaddr)).kind_of?(::Integer) rescue nil
+		}.sort_by { |from, to|
+			[from-curaddr, to-curaddr]
+		}.map { |from, to|
+			[(addr_line[from] || (from-curaddr < 0 ? :up : :down)),
+			 (addr_line[ to ] || (to - curaddr < 0 ? :up : :down))]
 		}
 		invalidate(0, 0, @arrow_zone_w, 100000) if prev_arrows != @arrows
 	end

data/{lib/metasm → metasm}/gui/dasm_main.rb

@@ -15,6 +15,16 @@ require 'metasm/gui/cstruct'
 
 module Metasm
 module Gui
+class DrawableWidget
+	ColorTheme = { :comment => :darkblue, :label => :darkgreen, :text => :black,
+			:instruction => :black, :address => :blue, :caret => :black, :background => :white,
+			:cursorline_bg => :paleyellow, :hl_word_bg => :palered, :hl_word => :black,
+			:red_bg => 'f88', :green_bg => '8f8', :blue_bg => '88f',
+			:cyan_bg => '8ff', :magenta_bg => 'f8f', :yellow_bg => 'ff8',
+			:orange_bg => 'fc8'
+	}
+end
+
 # the main disassembler widget: this is a container for all the lower-level widgets that actually render the dasm state
 class DisasmWidget < ContainerChoiceWidget
 	attr_accessor :entrypoints, :gui_update_counter_max
@@ -50,6 +60,10 @@ class DisasmWidget < ContainerChoiceWidget
 		addview :cstruct,   CStructWidget.new(@dasm, self)
 
 		view(:listing).grab_focus
+
+		if ENV['METASM_DASM_PLUGINS']
+			ENV['METASM_DASM_PLUGINS'].split(',').each { |p| @dasm.load_plugin p }
+		end
 	end
 
 	attr_reader :dasm
@@ -64,6 +78,7 @@ class DisasmWidget < ContainerChoiceWidget
 
 	# start an idle callback that will run one round of @dasm.disassemble_mainiter
 	def start_disassemble_bg
+		return if @dasm.addrs_todo.empty? and @entrypoints.all? { |ep| @dasm.decoded[ep] }
 		gui_update_counter = 0
 		run = false
 		Gui.idle_add {
@@ -84,6 +99,10 @@ class DisasmWidget < ContainerChoiceWidget
 		}
 	end
 
+	def wait_disassemble_bg
+		Gui.main_iter until @entrypoints.empty? and @dasm.addrs_todo.empty?
+	end
+
 	def terminate
 		@clones.delete self
 	end
@@ -95,7 +114,7 @@ class DisasmWidget < ContainerChoiceWidget
 
 	# returns the object under the cursor in current view (@dasm.decoded[curaddr])
 	def curobj
-		@dasm.decoded[curaddr]
+		curview.respond_to?(:curobj) ? curview.curobj : @dasm.decoded[curaddr]
 	end
 
 	# returns the address of the label under the cursor or the address of the line of the cursor
@@ -107,6 +126,17 @@ class DisasmWidget < ContainerChoiceWidget
 		@dasm.prog_binding[hl] || curview.current_address
 	end
 
+	# returns the ExpressionString if the currently hilighted word is a :stackvar
+	def pointed_localvar(obj=curobj, hl=curview.hl_word)
+		return if not obj.kind_of?(Renderable)
+		localvar = nil
+		obj.each_expr { |e|
+			next unless e.kind_of?(ExpressionString)
+			localvar = e if e.type == :stackvar and e.str == hl
+		}
+		localvar
+	end
+
 	# parse an address and change it to a canonical address form
 	# supported formats: label names, or string with numerical value, incl hex (0x42 and 42h)
 	# if the string is full decimal, a check against mapped space is done to find if it is
@@ -138,17 +168,17 @@ class DisasmWidget < ContainerChoiceWidget
 	end
 
 	# display the specified address
-	# the display first searches in the current view (graph, listing, etc),
-	# if it cannot display the address all other views are tried in order
+	# the display first searches in the current view
+	# if it cannot display the address, the listing, graph and decompile views are tried (in that order)
 	# the current focus address is saved in @pos_history (see focus_addr_back/redo)
-	# a messagebox is popped if no view can display the address unless quiet is true
+	# if quiet is false, a messagebox is popped if no view can display the address
 	def focus_addr(addr, viewidx=nil, quiet=false, *a)
 		viewidx ||= curview_index || :listing
 		return if not addr
-		return if viewidx == curview_index and addr == curaddr
+		return if viewidx == curview_index and addr == curaddr and a.empty?
 		oldpos = [curview_index, (curview.get_cursor_pos if curview)]
 		views = [viewidx, oldpos[0]]
-		views += [:listing, :graph] & view_indexes
+		views += [:listing, :graph, :decompile] & view_indexes
 		if views.compact.uniq.find { |i|
 			o_p = view(i).get_cursor_pos
 			if (view(i).focus_addr(addr, *a) rescue nil)
@@ -157,11 +187,13 @@ class DisasmWidget < ContainerChoiceWidget
 				true
 			else
 				view(i).set_cursor_pos o_p
+				a.clear
 				false
 			end
 		}
 			@pos_history << oldpos if oldpos[0]	# ignore start focus_addr
 			@pos_history_redo.clear
+			session_append "@session_focus_addr = #{addr.inspect} ; @pos_history = #{@pos_history.inspect}"
 			true
 		else
 			messagebox "Invalid address #{addr}" if not quiet
@@ -198,7 +230,7 @@ class DisasmWidget < ContainerChoiceWidget
 
 	# ask the current view to update itself
 	def do_gui_update
-		curview.gui_update	# invalidate all views ?
+		curview.gui_update if curview	# invalidate all views ?
 	end
 
 	# redraw the window
@@ -212,13 +244,14 @@ class DisasmWidget < ContainerChoiceWidget
 		yield
 		focus_addr curaddr if addr
 	end
-	
+
 	# calls listwindow with the same argument, but also creates a new bg_color_callback
 	# that will color lines whose address is to be found in list[0] in green
 	# the callback is put only for the duration of the listwindow, and is not reentrant.
 	def list_bghilight(title, list, a={}, &b)
 		prev_colorcb = bg_color_callback
-		hash = list[1..-1].inject({}) { |h, l| h.update Expression[l[0] || :unknown].reduce => true }
+		addr_idx = a.delete(:bghilight_index) || 0
+		hash = list[1..-1].inject({}) { |h, l| h.update Expression[l[addr_idx] || :unknown].reduce => true }
 		@bg_color_callback = lambda { |addr| hash[addr] ? '0f0' : prev_colorcb ? prev_colorcb[addr] : nil }
 		redraw
 		popupend = lambda { @bg_color_callback = prev_colorcb ; redraw }
@@ -234,18 +267,24 @@ class DisasmWidget < ContainerChoiceWidget
 		inputbox("new comment for #{Expression[addr]}", :text => cmt) { |c|
 			c = c.split("\n")
 			c = nil if c == []
-			if di = @dasm.di_at(addr)
-				di.comment = c
-			else
-				@dasm.comment[addr] = c
-			end
+			do_add_comment(addr, c)
+			session_append "do_add_comment(#{addr.inspect}, #{c.inspect})"
 			gui_update
 		}
 	end
 
+	def do_add_comment(addr, c)
+		if di = @dasm.di_at(addr)
+			di.comment = c
+		else
+			@dasm.comment[addr] = c
+		end
+	end
+
 	# disassemble from this point
 	# if points to a call, make it return
 	def disassemble(addr)
+		session_append "disassemble(#{addr.inspect}) ; wait_disassemble_bg"
 		if di = @dasm.di_at(addr) and di.opcode.props[:saveip]
 			di.block.each_to_normal { |t|
 				t = @dasm.normalize t
@@ -253,9 +292,9 @@ class DisasmWidget < ContainerChoiceWidget
 				@dasm.function[t] ||= @dasm.function[:default] ? @dasm.function[:default].dup : DecodedFunction.new
 			}
 			di.block.add_to_subfuncret(di.next_addr)
-			@dasm.addrs_todo << [di.next_addr, addr, true]
+			@dasm.addrs_todo << { :addr => di.next_addr, :from => addr, :from_subfuncret => true }
 		elsif addr
-			@dasm.addrs_todo << [addr]
+			@entrypoints << addr
 		end
 		start_disassemble_bg
 	end
@@ -263,20 +302,23 @@ class DisasmWidget < ContainerChoiceWidget
 	# disassemble fast from this point (don't dasm subfunctions, don't backtrace)
 	def disassemble_fast(addr)
 		@dasm.disassemble_fast(addr)
+		session_append "dasm.disassemble_fast(#{addr.inspect})"
 		gui_update
 	end
 
 	# disassemble fast & deep from this point (don't backtrace, but still dasm subfuncs)
 	def disassemble_fast_deep(addr)
 		@dasm.disassemble_fast_deep(addr)
+		session_append "dasm.disassemble_fast_deep(#{addr.inspect})"
 		gui_update
 	end
 
 	# (re)decompile
 	def decompile(addr)
+		session_append "decompile(#{addr.inspect})"
 		if @dasm.c_parser and var = @dasm.c_parser.toplevel.symbol[addr] and (var.type.kind_of? C::Function or @dasm.di_at(addr))
 			@dasm.decompiler.redecompile(addr)
-			view(:decompile).curaddr = nil
+			view(:decompile).curfuncaddr = nil
 		end
 		focus_addr(addr, :decompile)
 	end
@@ -284,6 +326,7 @@ class DisasmWidget < ContainerChoiceWidget
 	# change the format of displayed data under addr (byte, word, dword, qword)
 	# currently this is done using a fake empty xref
 	def toggle_data(addr)
+		session_append "toggle_data(#{addr.inspect})"
 		return if @dasm.decoded[addr] or not @dasm.get_section_at(addr)
 		@dasm.add_xref(addr, Xref.new(nil, nil, 1)) if not @dasm.xrefs[addr]
 		@dasm.each_xref(addr) { |x|
@@ -328,15 +371,31 @@ class DisasmWidget < ContainerChoiceWidget
 		listwindow("list of strings", list) { |i| focus_addr i[0] }
 	end
 
-	def list_xrefs(addr)
+	def list_xrefs(addr=nil)
 		list = [['address', 'type', 'instr']]
-		@dasm.each_xref(addr) { |xr|
-			next if not xr.origin
-			list << [Expression[xr.origin], "#{xr.type}#{xr.len}"]
-			if di = @dasm.di_at(xr.origin)
-				list.last << di.instruction
+		if not addr and pointed_localvar
+			addr = curview.hl_word
+			faddr = @dasm.find_function_start(curaddr)
+			func = @dasm.function[faddr]
+			if func and func.localvars_xrefs
+				stoff = func.localvars.index(addr)
+				func.localvars_xrefs[stoff].to_a.each { |a|
+					list << [Expression[a], '?']
+					if di = @dasm.di_at(a)
+						list.last << di.instruction
+					end
+				}
 			end
-		}
+		else
+			addr ||= pointed_addr
+			@dasm.each_xref(addr) { |xr|
+				next if not xr.origin
+				list << [Expression[xr.origin], "#{xr.type}#{xr.len}"]
+				if di = @dasm.di_at(xr.origin)
+					list.last << di.instruction
+				end
+			}
+		end
 		if list.length == 1
 			messagebox "no xref to #{Expression[addr]}" if addr
 		else
@@ -351,8 +410,7 @@ class DisasmWidget < ContainerChoiceWidget
 		}
 	end
 
-	def prompt_backtrace
-		addr = curaddr
+	def prompt_backtrace(addr=curaddr)
 		inputbox('expression to backtrace', :text => curview.hl_word) { |e|
 			expr = IndExpression.parse_string(e)
 			bd = {}
@@ -366,29 +424,132 @@ class DisasmWidget < ContainerChoiceWidget
 
 			log = []
 			dasm.backtrace(expr, addr, :log => log)
-			list = [['address', 'type', 'old value', 'value']]
+			list = [['order', 'address', 'type', 'old value', 'value']]
+			order = 0
 			log.each { |t, *a|
-				list << [Expression[a[-1]], t]
+				order += 1
+				list << [('%03d' % order), Expression[a[-1]], t] rescue next
 				case t
 				when :start
 					list.last << a[0]
 				when :up
+					order -= 1
 					list.pop
 				when :di
+					list.last[-1] = "di #{@dasm.di_at(a[-1]).instruction rescue nil}"
 					list.last << a[1] << a[0]
 				when :func
 					list.last << a[1] << a[0]
 				when :found
 					list.pop
-					a[0].each { |e_| list << [nil, :found, Expression[e_]] }
+					a[0].each { |e_| list << [('%03d' % (order += 1)), nil, :found, Expression[e_]] }
 				else
 					list.last << a[0] << a[1..-1].inspect
 				end
 			}
-			list_bghilight("backtrace #{expr} from #{Expression[addr]}", list) { |i|
-				a = i[0].empty? ? i[2] : i[0]
+			list_bghilight("backtrace #{expr} from #{Expression[addr]}", list, :bghilight_index => 1) { |i|
+				a = i[1].empty? ? i[3] : i[1]
 				focus_addr(a, nil, true)
- 			}
+			}
+		}
+	end
+
+	# prompt the contant to use in place of some numeric value
+	def prompt_constant(di=curobj)
+		return if not di.kind_of?(DecodedInstruction)
+		di.each_expr { |e|
+			next unless e.kind_of?(Expression)
+			if (e.lexpr.kind_of?(Integer) or e.lexpr.kind_of?(ExpressionString)) and
+					(!curview.hl_word or curview.hl_word == Expression[e.lexpr].to_s)
+				v = Expression[e.lexpr].reduce
+				lst = []
+				dasm.c_constants.each { |cn, cv, fm| lst << [cn, fm] if v == cv }
+				if not lst.empty?
+					default = Expression[v].to_s
+					lst << [default]
+					listwindow("constant for #{Expression[v]}", [['name', 'enum']] + lst) { |a|
+						if a[0] == default
+							e.lexpr = v
+						else
+							e.lexpr = ExpressionString.new(v, a[0], :constant)
+						end
+						session_append "if di = dasm.di_at(#{di.address.inspect}) ; di.each_expr { |e| e.lexpr = #{e.lexpr.inspect} if e.kind_of?(Expression) and e.lexpr and Expression[e.lexpr].reduce == #{v.inspect} } ; end"
+						gui_update
+					}
+				end
+			end
+			if (e.rexpr.kind_of? Integer or e.rexpr.kind_of?(ExpressionString)) and
+					(!curview.hl_word or curview.hl_word == Expression[e.rexpr].to_s)
+				v = Expression[e.rexpr].reduce
+				lst = []
+				dasm.c_constants.each { |cn, cv, fm| lst << [cn, fm] if v == cv }
+				if not lst.empty?
+					default = Expression[v].to_s
+					lst << [default]
+					listwindow("constant for #{Expression[v]}", [['name', 'enum']] + lst) { |a|
+						if a[0] == default
+							e.rexpr = v
+						else
+							e.rexpr = ExpressionString.new(v, a[0], :constant)
+						end
+						session_append "if di = dasm.di_at(#{di.address.inspect}) ; di.each_expr { |e| e.rexpr = #{e.rexpr.inspect} if e.kind_of?(Expression) and e.rexpr and Expression[e.rexpr].reduce == #{v.inspect} } ; end"
+						gui_update
+					}
+				end
+			end
+		}
+	end
+
+	# prompts for a structure name, autocompletes to known structures, and/or display a listwindow with
+	# possible completions, yields the target structure name
+	def prompt_c_struct(prompt, opts={})
+		inputbox(prompt, opts) { |st_name|
+			stars = ''
+			if opts[:allow_stars]
+				stars = st_name[/\**$/]
+				st_name[stars] = ''
+			end
+
+			# TODO propose typedef struct {} moo; too
+			sh = @dasm.c_parser.toplevel.struct
+			if sh[st_name].kind_of?(C::Union)
+				stn_list = [st_name]
+			else
+				stn_list = sh.keys.grep(String).find_all { |k| sh[k].kind_of?(C::Union) }
+			end
+
+			if name = stn_list.find { |n| n == st_name } || stn_list.find { |n| n.downcase == st_name.downcase }
+				# single match
+				yield(name+stars)
+			else
+				# try autocomplete
+				list = [['name']]
+				list += stn_list.sort.grep(/#{st_name}/i).map { |stn| [stn+stars] }
+				if list.length == 2
+					# single autocompletion
+					yield(list[1][0])
+				else
+					listwindow(prompt, list) { |ans|
+						yield(ans[0])
+					}
+				end
+			end
+		}
+	end
+
+	# prompt the struct to use for offset in a given instr
+	def prompt_struct_ptr(reg=curview.hl_word, addr=curaddr)
+		return if not reg or not @dasm.cpu.register_symbols.find { |rs| rs.to_s == reg.to_s }
+		reg = reg.to_sym
+
+		di = @dasm.di_at(addr)
+		return if not di.kind_of?(DecodedInstruction)
+
+		prompt_c_struct("struct pointed by #{reg}", :allow_stars => true) { |st|
+			# TODO store that info for the decompiler ?
+			@dasm.trace_update_reg_structptr(addr, reg, st)
+			session_append "dasm.trace_update_reg_structptr(#{addr.inspect}, #{reg.inspect}, #{st.inspect})"
+			gui_update
 		}
 	end
 
@@ -397,11 +558,14 @@ class DisasmWidget < ContainerChoiceWidget
 	def focus_addr_autocomplete(v, show_alt=true)
 		if not focus_addr(v, nil, true)
 			labels = @dasm.prog_binding.map { |k, vv|
- 				[k, Expression[@dasm.normalize(vv)]] if k.downcase.include? v.downcase
+				[k, Expression[@dasm.normalize(vv)]] if k.downcase.include? v.downcase
 			}.compact
 			case labels.length
-			when 0; focus_addr(v)
-			when 1; focus_addr(labels[0][0])
+			when 0
+				ve = @dasm.normalize(Expression.parse(v))
+				focus_addr(v) if not focus_addr(ve, nil, true)
+			when 1
+				focus_addr(labels[0][0])
 			else
 				if labels.all? { |k, vv| vv == labels[0][1] }
 					focus_addr(labels[0][0])
@@ -422,7 +586,10 @@ class DisasmWidget < ContainerChoiceWidget
 
 	# run arbitrary ruby
 	def prompt_run_ruby
-		inputbox('ruby code to eval()') { |c| messagebox eval(c).inspect[0, 512], 'eval' }
+		inputbox('ruby code to eval()') { |c|
+			messagebox eval(c).inspect[0, 512], 'eval'
+			session_append "#eval #{c.inspect}"
+		}
 	end
 
 	# run ruby plugin
@@ -454,25 +621,41 @@ class DisasmWidget < ContainerChoiceWidget
 		end
 	end
 
-	# prompts for a new name for addr
-	def rename_label(addr)
-		old = addr
-		if @dasm.prog_binding[old] or old = @dasm.get_label_at(addr)
+	# prompts for a new name for what is under the cursor (or the current address)
+	def rename(what=nil)
+		if not what and localvar = pointed_localvar
+			addr = curaddr
+			str = localvar.str.dup
+			inputbox("new name for #{localvar}", :text => localvar.to_s) { |v|
+				if v =~ /^[a-z_][a-z0-9_]*$/i
+					localvar.str.replace v
+					session_append "pointed_localvar(dasm.decoded[#{addr.inspect}], #{str.inspect}).str.replace(#{v.inspect})"
+					gui_update
+				else messagebox("invalid local var name #{v.inspect}")
+				end
+			}
+			return
+		end
+
+		what ||= pointed_addr
+		if @dasm.prog_binding[what] or old = @dasm.get_label_at(what)
+			old ||= what
 			inputbox("new name for #{old}", :text => old) { |v|
 				if v == ''
-					@dasm.del_label_at(addr)
+					@dasm.del_label_at(what)
+					session_append "dasm.del_label_at(#{what.inspect})"
 				else
 					@dasm.rename_label(old, v)
+					session_append "dasm.rename_label(#{old.inspect}, #{v.inspect})"
 				end
 				gui_update
 			}
 		else
-			inputbox("label name for #{Expression[addr]}", :text => Expression[addr]) { |v|
+			inputbox("label name for #{Expression[what]}", :text => Expression[what]) { |v|
 				next if v == ''
-				@dasm.set_label_at(addr, v)
-				if di = @dasm.di_at(addr)
-					@dasm.split_block(di.block, di.address)
-				end
+				@dasm.set_label_at(what, v)
+				@dasm.split_block(what)
+				session_append "dasm.set_label_at(#{what.inspect}, #{v.inspect}) ; dasm.split_block(#{what.inspect})"
 				gui_update
 			}
 		end
@@ -489,7 +672,7 @@ class DisasmWidget < ContainerChoiceWidget
 			true
 		elsif @dasm_pause.empty?
 			@dasm_pause = @dasm.addrs_todo.dup
-			@dasm.addrs_todo.replace @dasm_pause.find_all { |a, *b| @dasm.decoded[@dasm.normalize(a)] }
+			@dasm.addrs_todo.replace @dasm_pause.find_all { |a| @dasm.decoded[@dasm.normalize(a[:addr])] }
 			@dasm_pause -= @dasm.addrs_todo
 			puts "dasm paused (#{@dasm_pause.length})"
 		else
@@ -504,12 +687,34 @@ class DisasmWidget < ContainerChoiceWidget
 	# toggles <41h> vs <'A'> display
 	def toggle_expr_char(o)
 		@dasm.toggle_expr_char(o)
+		session_append "dasm.toggle_expr_char(dasm.decoded[#{curaddr.inspect}])"
+		gui_update
+	end
+
+	# toggle <10h> vs <16> display
+	def toggle_expr_dec(o)
+		@dasm.toggle_expr_dec(o)
+		session_append "dasm.toggle_expr_dec(dasm.decoded[#{curaddr.inspect}])"
 		gui_update
 	end
 
 	# toggle <401000h> vs <'sub_fancyname'> in the current instr display
 	def toggle_expr_offset(o)
 		@dasm.toggle_expr_offset(o)
+		session_append "dasm.toggle_expr_offset(dasm.decoded[#{curaddr.inspect}])"
+		gui_update
+	end
+
+	# toggle constant/localvar names with raw value
+	def toggle_expr_str(o)
+		@dasm.toggle_expr_str(o)
+		session_append "dasm.toggle_expr_str(dasm.decoded[#{curaddr.inspect}])"
+		gui_update
+	end
+
+	def name_local_vars(a)
+		@dasm.name_local_vars(a)
+		session_append "dasm.name_local_vars(#{a.inspect})"
 		gui_update
 	end
 
@@ -524,6 +729,7 @@ class DisasmWidget < ContainerChoiceWidget
 		list = []
 		@dasm.each_function_block(addr, incl_subfuncs) { |b| list << b }
 		list.each { |b| @dasm.undefine_from(b) }
+		session_append "undefine_function(#{addr.inspect}, #{incl_subfuncs.inspect})"
 		gui_update
 	end
 
@@ -549,28 +755,33 @@ class DisasmWidget < ContainerChoiceWidget
 		when ?/; inputbox('search word') { |w|
 				next unless curview.respond_to? :hl_word
 				next if w == ''
-				curview.hl_word = w 
+				curview.hl_word = w
+				curview.hl_word_re = /(.*)(#{w})/
 				curview.redraw
 			}
-		when ?b; prompt_backtrace
-		when ?c; disassemble(curview.current_address)
-		when ?C; disassemble_fast(curview.current_address)
-		when ?d; toggle_data(curview.current_address)
+		when ?b; prompt_backtrace(curaddr)
+		when ?c; disassemble(curaddr)
+		when ?C; disassemble_fast(curaddr)
+		when ?d; curobj.kind_of?(DecodedInstruction) ? toggle_expr_dec(curobj) : toggle_data(curaddr)
 		when ?f; list_functions
 		when ?g; prompt_goto
+		when ?k; toggle_expr_str(curobj)
+		when ?K; name_local_vars(curaddr)
 		when ?l; list_labels
-		when ?n; rename_label(pointed_addr)
+		when ?m; prompt_constant(curobj)
+		when ?n; rename
 		when ?o; toggle_expr_offset(curobj)
 		when ?p; playpause_dasm
 		when ?r; toggle_expr_char(curobj)
+		when ?t; prompt_struct_ptr
 		when ?v; $VERBOSE = ! $VERBOSE ; puts "#{'not ' if not $VERBOSE}verbose"	# toggle verbose flag
-		when ?x; list_xrefs(pointed_addr)
-		when ?;; add_comment(curview.current_address)
+		when ?x; list_xrefs
+		when ?;; add_comment(curaddr)
 
 		when ?\ ; toggle_view(:listing)
 		when :tab; toggle_view(:decompile)
 		when ?j; curview.keypress(:down)
-		when ?k; curview.keypress(:up)
+		#when ?k; curview.keypress(:up)
 		else
 			p key if $DEBUG
 			return @parent_widget ? @parent_widget.keypress(key) : false
@@ -578,6 +789,48 @@ class DisasmWidget < ContainerChoiceWidget
 		true
 	end
 
+	attr_accessor :session_file
+	def save_session(filename)
+		@session_file = filename
+	end
+
+	def replay_session(filename)
+		i = 0
+		File.readlines(filename).each { |l|
+			instance_eval l
+			i += 1
+		}
+		focus_addr(@session_focus_addr) if @session_focus_addr
+		puts "Session replay finished"
+	rescue ::Exception
+		puts "Session replay: error on line #{i}: #{$!.class} #{$!}"
+	end
+
+	# append one line to the session file
+	# converts addresses to hex, deletes consecutive set_focus lines
+	def session_append(str)
+		return if not session_file
+
+		# convert decimal addrs to hex
+		str = str.sub(/(\(|\[|= )(\d\d\d\d\d\d+)/) { $1 + ('0x%x' % $2.to_i) }
+
+		@session_lastsz_setfocus ||= nil	# prevent warning
+		if str =~ /^@session_focus_addr = / and @session_lastsz_setfocus
+			# overwrite previous set_focus
+			File.truncate(session_file, @session_lastsz_setfocus) if File.size(session_file) == @session_lastsz
+			is_setfocus = true
+		end
+
+		File.open(session_file, 'a') { |fd| fd.puts str }
+
+		@session_lastsz = File.size(session_file)
+		@session_lastsz_setfocus = @session_lastsz if not is_setfocus
+
+	rescue
+		@session_file = nil
+		puts "Failed to save session, disabling (#{$!.class} #{$!})"
+	end
+
 	# creates a new dasm window with the same disassembler object, focus it on addr#win
 	def clone_window(*focus)
 		return if not popup = DasmWindow.new
@@ -594,11 +847,27 @@ class DisasmWidget < ContainerChoiceWidget
 	def dragdropfile(f)
 		case f
 		when /\.(c|h|cpp)$/; @dasm.parse_c_file(f)
-		when /\.map$/; @dasm.load_map(f)
+		when /\.map$/; @dasm.load_map(f) ; gui_update
 		when /\.rb$/; @dasm.load_plugin(f)
 		else messagebox("unsupported file extension #{f}")
 		end
 	end
+
+	def spawn_emudbg
+		edbg = EmuDebugger.new(@dasm)
+		edbg.pc = curaddr
+		DbgWindow.new(edbg)
+	end
+
+	def extend_contextmenu(tg, menu, addr=nil)
+		if @parent_widget.respond_to?(:extend_contextmenu)
+			@parent_widget.extend_contextmenu(tg, menu, addr)
+		end
+	end
+
+	def inspect
+		"<DisasmWidget @%x @dasm=#{dasm.inspect}>" % object_id
+	end
 end
 
 # this widget is loaded in an empty DasmWindow to handle shortcuts (open file, etc)
@@ -634,17 +903,20 @@ end
 
 class DasmWindow < Window
 	attr_accessor :dasm_widget, :menu
-	def initialize_window(title = 'metasm disassembler', dasm=nil, *ep)
+	def initialize_window(*args)
+		dasm = args.grep(Disassembler).first
+		args -= [dasm]
+		title = args.find { |a| dasm ? !dasm.get_section_at(a) : a.kind_of?(::String) } || 'metasm disassembler'
+		ep = args - [title]
 		self.title = title
 		@dasm_widget = nil
 		if dasm
-			ep = ep.first if ep.length == 1 and ep.first.kind_of? Array
 			display(dasm, ep)
 		else
 			self.widget = NoDasmWidget.new(self)
 		end
 	end
-	
+
 	def widget=(w)
 		super(w || NoDasmWidget.new(self))
 	end
@@ -658,10 +930,11 @@ class DasmWindow < Window
 	# returns the widget
 	def display(dasm, ep=[])
 		@dasm_widget.terminate if @dasm_widget
-		ep = [ep] if not ep.kind_of? Array
+		ep = [ep] if not ep.kind_of?(Array)
+		ep0 = ep.first
 		@dasm_widget = DisasmWidget.new(dasm, ep)
 		self.widget = @dasm_widget
-		@dasm_widget.focus_addr(ep.first) if ep.first
+		@dasm_widget.focus_addr(ep0) if ep0
 		@dasm_widget
 	end
 
@@ -673,8 +946,11 @@ class DasmWindow < Window
 	def loadfile(path, cpu='Ia32', exefmt=nil)
 		if exefmt
 			exefmt = Metasm.const_get(exefmt) if exefmt.kind_of? String
+			if exefmt.kind_of?(::Class) and exefmt.name.split('::').last == 'Shellcode'
+				exefmt = Shellcode.withcpu(cpu)
+			end
 		else
-			exefmt = AutoExe.orshellcode { cpu = Metasm.const_get(cpu) if cpu.kind_of? String ; cpu.new }
+			exefmt = AutoExe.orshellcode { cpu = Metasm.const_get(cpu) if cpu.kind_of? String ; cpu = cpu.new if cpu.kind_of?(::Class) ; cpu }
 		end
 
 		exe = exefmt.decode_file(path) { |type, str|
@@ -687,15 +963,18 @@ class DasmWindow < Window
 				ret
 			end
 		}
-		(@dasm_widget ? DasmWindow.new : self).display(exe.disassembler)
+		tg_win = self
+		tg_win = DasmWindow.new if @dasm_widget
+		tg_win.display(exe.disassembler)
+		tg_win.title = "#{File.basename(path)} - metasm disassembler"
 		exe
 	end
 
-	def promptopen(caption='chose target binary')
-		openfile(caption) { |exename| loadfile(exename) ; yield self if block_given? }
+	def promptopen(caption='choose target binary', &b)
+		openfile(caption) { |exename| loadfile(exename) ; b.call(self) if b }
 	end
 
-	def promptdebug(caption='chose target')
+	def promptdebug(caption='choose target', &b)
 		l = nil
 		i = inputbox(caption) { |name|
 			i = nil ; l.destroy if l and not l.destroyed?
@@ -711,7 +990,7 @@ class DasmWindow < Window
 			end
 			DbgWindow.new(target)
 			destroy if not @dasm_widget
-			yield self if block_given?
+			b.call(self) if b
 		}
 
 		# build process list in bg (exe name resolution takes a few seconds)
@@ -741,7 +1020,7 @@ class DasmWindow < Window
 			@dasm_widget.dasm.save_file @savefile
 			return
 		end
-		openfile('chose save file') { |file|
+		savefile('choose save file') { |file|
 			@savefile = file
 			@dasm_widget.dasm.save_file(file)
 		}
@@ -784,12 +1063,13 @@ class DasmWindow < Window
 
 		importmenu = new_menu
 		addsubmenu(importmenu, 'Load _map') {
-			openfile('chose map file') { |file|
+			openfile('choose map file') { |file|
 				@dasm_widget.dasm.load_map(File.read(file)) if @dasm_widget
+				@dasm_widget.gui_update if @dasm_widget
 			} if @dasm_widget
 		}
 		addsubmenu(importmenu, 'Load _C') {
-			openfile('chose C file') { |file|
+			openfile('choose C file') { |file|
 				@dasm_widget.dasm.parse_c(File.read(file)) if @dasm_widget
 			} if @dasm_widget
 		}
@@ -797,21 +1077,21 @@ class DasmWindow < Window
 
 		exportmenu = new_menu
 		addsubmenu(exportmenu, 'Save _map') {
-			savefile('chose map file') { |file|
+			savefile('choose map file') { |file|
 				File.open(file, 'w') { |fd|
 					fd.puts @dasm_widget.dasm.save_map
 				} if @dasm_widget
 			} if @dasm_widget
 		}
 		addsubmenu(exportmenu, 'Save _asm') {
-			savefile('chose asm file') { |file|
+			savefile('choose asm file') { |file|
 				File.open(file, 'w') { |fd|
 					fd.puts @dasm_widget.dasm
 				} if @dasm_widget
 			} if @dasm_widget
 		}
 		addsubmenu(exportmenu, 'Save _C') {
-			savefile('chose C file') { |file|
+			savefile('choose C file') { |file|
 				File.open(file, 'w') { |fd|
 					fd.puts @dasm_widget.dasm.c_parser
 				} if @dasm_widget
@@ -838,17 +1118,19 @@ class DasmWindow < Window
 		addsubmenu(actions, '_Backtrace', 'b') { @dasm_widget.prompt_backtrace }
 		addsubmenu(actions, 'List functions', 'f') { @dasm_widget.list_functions }
 		addsubmenu(actions, 'List labels', 'l') { @dasm_widget.list_labels }
-		addsubmenu(actions, 'List xrefs', 'x') { @dasm_widget.list_xrefs(@dasm_widget.pointed_addr) }
+		addsubmenu(actions, 'List xrefs', 'x') { @dasm_widget.list_xrefs }
+		addsubmenu(actions, 'Find local vars', 'K') { @dasm_widget.name_local_vars(@dasm_widget.curview.current_address) }
 		addsubmenu(actions, 'Rebase') { @dasm_widget.rebase }
-		addsubmenu(actions, 'Rename label', 'n') { @dasm_widget.rename_label(@dasm_widget.pointed_addr) }
+		addsubmenu(actions, 'Rename label', 'n') { @dasm_widget.rename }
 		addsubmenu(actions, 'Decompile', '<tab>') { @dasm_widget.decompile(@dasm_widget.curview.current_address) }
 		addsubmenu(actions, 'Decompile finali_ze') { @dasm_widget.dasm.decompiler.finalize ; @dasm_widget.gui_update }
-		addsubmenu(actions, 'Comment', ';') { @dasm_widget.decompile(@dasm_widget.curview.current_address) }
+		addsubmenu(actions, 'Comment', ';') { @dasm_widget.add_comment(@dasm_widget.curview.current_address) }
 		addsubmenu(actions, '_Undefine') { @dasm_widget.dasm.undefine_from(@dasm_widget.curview.current_address) ; @dasm_widget.gui_update }
 		addsubmenu(actions, 'Unde_fine function') { @dasm_widget.undefine_function(@dasm_widget.curview.current_address) }
 		addsubmenu(actions, 'Undefine function & _subfuncs') { @dasm_widget.undefine_function(@dasm_widget.curview.current_address, true) }
 		addsubmenu(actions, 'Data', 'd') { @dasm_widget.toggle_data(@dasm_widget.curview.current_address) }
 		addsubmenu(actions, 'Pause dasm', 'p', :check) { |ck| !@dasm_widget.playpause_dasm }
+		addsubmenu(actions, 'Spawn EmuDb_g', 'G') { @dasm_widget.spawn_emudbg }
 		addsubmenu(actions, 'Run ruby snippet', '^r') { promptruby }
 		addsubmenu(actions, 'Run _ruby plugin') { @dasm_widget.prompt_run_ruby_plugin }
 
@@ -870,6 +1152,7 @@ class DasmWindow < Window
 			} if @dasm_widget
 		}
 		addsubmenu(options)
+		addsubmenu(options, 'Forbid a_ll optimizations', :check) { |ck| @dasm_widget.dasm.decompiler.forbid_all_optimizations = ck }
 		addsubmenu(options, 'Forbid decompile _types', :check) { |ck| @dasm_widget.dasm.decompiler.forbid_decompile_types = ck }
 		addsubmenu(options, 'Forbid decompile _if/while', :check) { |ck| @dasm_widget.dasm.decompiler.forbid_decompile_ifwhile = ck }
 		addsubmenu(options, 'Forbid decomp _optimize', :check) { |ck| @dasm_widget.dasm.decompiler.forbid_optimize_code = ck }