metasm 1.0.0

data/lib/metasm/mips/parse.rb

@@ -0,0 +1,51 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+
+
+require 'metasm/mips/opcodes'
+require 'metasm/parse'
+
+module Metasm
+class MIPS
+	def parse_arg_valid?(op, sym, arg)
+		# special case for lw reg, imm32(reg) ? (pseudo-instr, need to convert to 'lui t0, up imm32  ori t0 down imm32  add t0, reg  lw reg, 0(t0)
+		case sym
+		when :rs, :rt, :rd;   arg.kind_of? Reg
+		when :sa, :i16, :i20, :i26; arg.kind_of? Expression
+		when :rs_i16;         arg.kind_of? Memref
+		when :ft;             arg.kind_of? FpReg
+		else raise "internal error: mips arg #{sym.inspect}"
+		end
+	end
+
+	def parse_argument(pgm)
+		pgm.skip_space
+		return if not tok = pgm.nexttok
+		if tok.type == :string and Reg.s_to_i[tok.raw]
+			pgm.readtok
+			arg = Reg.new Reg.s_to_i[tok.raw]
+		elsif tok.type == :string and FpReg.s_to_i[tok.raw]
+			pgm.readtok
+			arg = FpReg.new FpReg.s_to_i[tok.raw]
+		else
+			arg = Expression.parse pgm
+			pgm.skip_space
+			# check memory indirection: 'off(base reg)'	# XXX scaled index ?
+			if arg and pgm.nexttok and pgm.nexttok.type == :punct and pgm.nexttok.raw == '('
+				pgm.readtok
+				pgm.skip_space_eol
+				ntok = pgm.readtok
+				raise tok, "Invalid base #{ntok}" unless ntok and ntok.type == :string and Reg.s_to_i[ntok.raw]
+				base = Reg.new Reg.s_to_i[ntok.raw]
+				pgm.skip_space_eol
+				ntok = pgm.readtok
+				raise tok, "Invalid memory reference, ')' expected" if not ntok or ntok.type != :punct or ntok.raw != ')'
+				arg = Memref.new base, arg
+			end
+		end
+		arg
+	end
+end
+end

data/lib/metasm/mips/render.rb

@@ -0,0 +1,43 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+
+
+require 'metasm/mips/opcodes'
+require 'metasm/render'
+
+module Metasm
+class MIPS
+	class Reg
+		include Renderable
+		def render ; [self.class.i_to_s[@i]] end
+	end
+	class FpReg
+		include Renderable
+		def render ; [self.class.i_to_s[@i]] end
+	end
+	class Memref
+		include Renderable
+		def render ; [@offset, '(', @base, ')'] end
+	end
+
+	def render_instruction(i)
+		r = []
+		r << i.opname
+		if not i.args.empty?
+			r << ' '
+			if (a = i.args.first).kind_of? Expression and a.op == :- and a.lexpr.kind_of? String and a.rexpr.kind_of? String and opcode_list_byname[i.opname].first.props[:setip]
+				# jmp foo is stored as jmp foo - bar ; bar:
+				r << a.lexpr
+			else
+				i.args.each { |a_|
+					r << a_ << ', '
+				}
+				r.pop
+			end
+		end
+		r
+	end
+end
+end

data/lib/metasm/os/gnu_exports.rb

@@ -0,0 +1,270 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+
+
+module Metasm
+class GNUExports
+	# exported symbol name => exporting library name for common libraries
+	# used by ELF#automagic_symbols
+	EXPORT = {}
+	# see samples/elf_listexports for the generator of this data
+	data = <<EOL	# XXX libraries do not support __END__/DATA...
+libc.so.6
+ _IO_adjust_column _IO_adjust_wcolumn _IO_default_doallocate _IO_default_finish _IO_default_pbackfail _IO_default_uflow _IO_default_xsgetn _IO_default_xsputn
+ _IO_do_write _IO_do_write _IO_doallocbuf _IO_fclose _IO_fclose _IO_fdopen _IO_fdopen _IO_feof _IO_ferror _IO_fflush _IO_fgetpos _IO_fgetpos _IO_fgetpos64
+ _IO_fgetpos64 _IO_fgets _IO_file_attach _IO_file_attach _IO_file_close _IO_file_close_it _IO_file_close_it _IO_file_doallocate _IO_file_finish _IO_file_fopen
+ _IO_file_fopen _IO_file_init _IO_file_init _IO_file_open _IO_file_overflow _IO_file_overflow _IO_file_read _IO_file_seek _IO_file_seekoff _IO_file_seekoff
+ _IO_file_setbuf _IO_file_setbuf _IO_file_stat _IO_file_sync _IO_file_sync _IO_file_underflow _IO_file_underflow _IO_file_write _IO_file_write _IO_file_xsputn
+ _IO_file_xsputn _IO_flockfile _IO_flush_all _IO_flush_all_linebuffered _IO_fopen _IO_fopen _IO_fputs _IO_fread _IO_free_backup_area _IO_free_wbackup_area
+ _IO_fsetpos _IO_fsetpos _IO_fsetpos64 _IO_fsetpos64 _IO_ftell _IO_ftrylockfile _IO_funlockfile _IO_fwrite _IO_getc _IO_getline _IO_getline_info _IO_gets
+ _IO_init _IO_init_marker _IO_init_wmarker _IO_iter_begin _IO_iter_end _IO_iter_file _IO_iter_next _IO_least_wmarker _IO_link_in _IO_list_lock
+ _IO_list_resetlock _IO_list_unlock _IO_marker_delta _IO_marker_difference _IO_padn _IO_peekc_locked _IO_popen _IO_popen _IO_printf _IO_proc_close
+ _IO_proc_close _IO_proc_open _IO_proc_open _IO_putc _IO_puts _IO_remove_marker _IO_seekmark _IO_seekoff _IO_seekpos _IO_seekwmark _IO_setb _IO_setbuffer
+ _IO_setvbuf _IO_sgetn _IO_sprintf _IO_sputbackc _IO_sputbackwc _IO_sscanf _IO_str_init_readonly _IO_str_init_static _IO_str_overflow _IO_str_pbackfail
+ _IO_str_seekoff _IO_str_underflow _IO_sungetc _IO_sungetwc _IO_switch_to_get_mode _IO_switch_to_main_wget_area _IO_switch_to_wbackup_area
+ _IO_switch_to_wget_mode _IO_un_link _IO_ungetc _IO_unsave_markers _IO_unsave_wmarkers _IO_vfprintf _IO_vfscanf _IO_vsprintf _IO_wdefault_doallocate
+ _IO_wdefault_finish _IO_wdefault_pbackfail _IO_wdefault_uflow _IO_wdefault_xsgetn _IO_wdefault_xsputn _IO_wdo_write _IO_wdoallocbuf _IO_wfile_overflow
+ _IO_wfile_seekoff _IO_wfile_sync _IO_wfile_underflow _IO_wfile_xsputn _IO_wmarker_delta _IO_wsetb _Unwind_Find_FDE __adjtimex __argz_count __argz_next
+ __argz_stringify __asprintf __assert __assert_fail __assert_perror_fail __backtrace __backtrace_symbols __backtrace_symbols_fd __bsd_getpgrp __bzero
+ __chk_fail __clone __cmpdi2 __cmsg_nxthdr __confstr_chk __ctype_b_loc __ctype_tolower_loc __ctype_toupper_loc __cxa_atexit __cxa_finalize
+ __cyg_profile_func_enter __cyg_profile_func_exit __dcgettext __default_morecore __deregister_frame __deregister_frame_info __deregister_frame_info_bases
+ __dgettext __divdi3 __dup2 __duplocale __endmntent __errno_location __fbufsize __ffs __fgets_chk __fgets_unlocked_chk __fgetws_chk __fgetws_unlocked_chk
+ __finite __finitef __finitel __fixunsdfdi __fixunsxfdi __flbf __floatdidf __fork __fpending __fprintf_chk __fpurge __frame_state_for __freadable __freading
+ __freelocale __fsetlocking __fwprintf_chk __fwritable __fwriting __fxstat __fxstat64 __fxstat64 __fxstatat __fxstatat64 __gai_sigqueue __gconv_get_alias_db
+ __gconv_get_cache __gconv_get_modules_db __getcwd_chk __getdomainname_chk __getgroups_chk __gethostname_chk __getlogin_r_chk __getmntent_r __getpagesize
+ __getpgid __getpid __gets_chk __gettimeofday __getwd_chk __gmtime_r __h_errno_location __internal_endnetgrent __internal_getnetgrent_r __internal_setnetgrent
+ __isalnum_l __isalpha_l __isblank_l __iscntrl_l __isctype __isdigit_l __isgraph_l __isinf __isinff __isinfl __islower_l __isnan __isnanf __isnanl __isprint_l
+ __ispunct_l __isspace_l __isupper_l __iswalnum_l __iswalpha_l __iswblank_l __iswcntrl_l __iswctype __iswctype_l __iswdigit_l __iswgraph_l __iswlower_l
+ __iswprint_l __iswpunct_l __iswspace_l __iswupper_l __iswxdigit_l __isxdigit_l __ivaliduser __libc_allocate_rtsig __libc_allocate_rtsig_private __libc_calloc
+ __libc_current_sigrtmax __libc_current_sigrtmax_private __libc_current_sigrtmin __libc_current_sigrtmin_private __libc_dl_error_tsd __libc_dlclose
+ __libc_dlopen_mode __libc_dlsym __libc_fatal __libc_fork __libc_free __libc_freeres __libc_init_first __libc_longjmp __libc_mallinfo __libc_malloc
+ __libc_mallopt __libc_memalign __libc_msgrcv __libc_msgsnd __libc_pthread_init __libc_pvalloc __libc_pwrite __libc_realloc __libc_sa_len __libc_siglongjmp
+ __libc_start_main __libc_system __libc_thread_freeres __libc_valloc __lxstat __lxstat64 __lxstat64 __mbrlen __mbrtowc __mbsnrtowcs_chk __mbsrtowcs_chk
+ __mbstowcs_chk __memcpy_by2 __memcpy_by4 __memcpy_c __memcpy_chk __memcpy_g __memmove_chk __mempcpy __mempcpy_by2 __mempcpy_by4 __mempcpy_byn __mempcpy_chk
+ __mempcpy_small __memset_cc __memset_ccn_by2 __memset_ccn_by4 __memset_cg __memset_chk __memset_gcn_by2 __memset_gcn_by4 __memset_gg __moddi3 __modify_ldt
+ __monstartup __newlocale __nl_langinfo_l __nss_configure_lookup __nss_database_lookup __nss_disable_nscd __nss_group_lookup __nss_hostname_digits_dots
+ __nss_hosts_lookup __nss_lookup_function __nss_next __nss_passwd_lookup __nss_services_lookup __open_catalog __overflow __pipe __poll __pread64_chk
+ __pread_chk __printf_chk __printf_fp __profile_frequency __ptsname_r_chk __rawmemchr __read_chk __readlink_chk __readlinkat_chk __realpath_chk __recv_chk
+ __recvfrom_chk __register_atfork __register_frame __register_frame_info __register_frame_info_bases __register_frame_info_table
+ __register_frame_info_table_bases __register_frame_table __res_iclose __res_init __res_maybe_init __res_nclose __res_ninit __res_randomid __res_state
+ __rpc_thread_createerr __rpc_thread_svc_fdset __rpc_thread_svc_max_pollfd __rpc_thread_svc_pollfd __sbrk __sched_cpucount __sched_get_priority_max
+ __sched_get_priority_min __sched_getparam __sched_getscheduler __sched_setscheduler __sched_yield __secure_getenv __select __setmntent __setpgid __sigaddset
+ __sigdelset __sigismember __signbit __signbitf __signbitl __sigpause __sigsetjmp __sigsuspend __snprintf_chk __sprintf_chk __stack_chk_fail __statfs __stpcpy
+ __stpcpy_chk __stpcpy_g __stpcpy_small __stpncpy __stpncpy_chk __strcasecmp __strcasecmp_l __strcasestr __strcat_c __strcat_chk __strcat_g __strchr_c
+ __strchr_g __strchrnul_c __strchrnul_g __strcmp_gg __strcoll_l __strcpy_chk __strcpy_g __strcpy_small __strcspn_c1 __strcspn_c2 __strcspn_c3 __strcspn_cg
+ __strcspn_g __strdup __strerror_r __strfmon_l __strftime_l __strlen_g __strncasecmp_l __strncat_chk __strncat_g __strncmp_g __strncpy_by2 __strncpy_by4
+ __strncpy_byn __strncpy_chk __strncpy_gg __strndup __strpbrk_c2 __strpbrk_c3 __strpbrk_cg __strpbrk_g __strrchr_c __strrchr_g __strsep_1c __strsep_2c
+ __strsep_3c __strsep_g __strspn_c1 __strspn_c2 __strspn_c3 __strspn_cg __strspn_g __strstr_cg __strstr_g __strtod_internal __strtof_internal __strtok_r
+ __strtok_r_1c __strtol_internal __strtold_internal __strtoll_internal __strtoq_internal __strtoul_internal __strtoull_internal __strtouq_internal __strverscmp
+ __strxfrm_l __swprintf_chk __sysconf __sysctl __syslog_chk __sysv_signal __tolower_l __toupper_l __towctrans __towctrans_l __towlower_l __towupper_l
+ __ttyname_r_chk __ucmpdi2 __udivdi3 __uflow __umoddi3 __underflow __uselocale __vfork __vfprintf_chk __vfscanf __vfwprintf_chk __vprintf_chk __vsnprintf_chk
+ __vsprintf_chk __vswprintf_chk __vsyslog_chk __vwprintf_chk __waitpid __wcpcpy_chk __wcpncpy_chk __wcrtomb_chk __wcscasecmp_l __wcscat_chk __wcscoll_l
+ __wcscpy_chk __wcsftime_l __wcsncasecmp_l __wcsncat_chk __wcsncpy_chk __wcsnrtombs_chk __wcsrtombs_chk __wcstod_internal __wcstof_internal __wcstol_internal
+ __wcstold_internal __wcstoll_internal __wcstombs_chk __wcstoul_internal __wcstoull_internal __wcsxfrm_l __wctomb_chk __wctrans_l __wctype_l __wmemcpy_chk
+ __wmemmove_chk __wmempcpy_chk __wmemset_chk __woverflow __wprintf_chk __wuflow __wunderflow __xmknod __xmknodat __xpg_basename __xpg_strerror_r __xstat
+ __xstat64 __xstat64 _authenticate _dl_addr _dl_mcount_wrapper _dl_mcount_wrapper_check _dl_sym _dl_vsym _exit _mcleanup _mcount _nss_files_parse_grent
+ _nss_files_parse_pwent _nss_files_parse_spent _obstack_allocated_p _obstack_begin _obstack_begin_1 _obstack_free _obstack_memory_used _obstack_newchunk
+ _rpc_dtablesize _seterr_reply _setjmp _tolower _toupper a64l abort abs acct addseverity alarm alphasort alphasort64 alphasort64 argz_delete asctime atexit
+ atof atoi atol atoll authdes_create authdes_getucred authdes_pk_create authnone_create authunix_create authunix_create_default basename bcopy bdflush bind
+ bindresvport bsearch callrpc capget capset catclose catgets catopen cbc_crypt cfgetispeed cfgetospeed cfmakeraw cfsetispeed cfsetospeed cfsetspeed chflags
+ chown chown chroot clearerr clearerr_unlocked clnt_broadcast clnt_create clnt_pcreateerror clnt_perrno clnt_perror clnt_spcreateerror clnt_sperrno
+ clnt_sperror clntraw_create clnttcp_create clntudp_bufcreate clntudp_create clntunix_create clock closelog confstr creat64 create_module ctermid ctime ctime_r
+ cuserid daemon delete_module des_setparity difftime dirfd dirname div dprintf drand48 drand48_r dysize ecb_crypt ecvt ecvt_r endaliasent endfsent endgrent
+ endhostent endnetent endnetgrent endprotoent endpwent endrpcent endservent endspent endttyent endusershell endutxent envz_add envz_entry envz_get envz_merge
+ envz_remove envz_strip epoll_create epoll_ctl epoll_pwait epoll_wait erand48 err errx ether_aton ether_aton_r ether_hostton ether_line ether_ntoa ether_ntoa_r
+ ether_ntohost execl execle execlp execv execvp exit faccessat fattach fchflags fchmodat fchownat fclose fclose fcvt fcvt_r fdatasync fdetach fdopen fdopen
+ feof_unlocked ferror_unlocked fexecve fflush_unlocked ffs ffsll fgetgrent fgetpos fgetpos fgetpos64 fgetpos64 fgetpwent fgets_unlocked fgetspent fgetws
+ fgetws_unlocked fgetxattr fileno flistxattr fmemopen fmtmsg fnmatch fnmatch fopen fopen fopencookie fopencookie fprintf fputc fputc_unlocked fputs_unlocked
+ fputwc fputwc_unlocked fputws fputws_unlocked fread_unlocked free freeaddrinfo freeifaddrs fremovexattr freopen freopen64 fscanf fseek fseeko fseeko64 fsetpos
+ fsetpos fsetpos64 fsetpos64 fsetxattr fstatvfs ftello ftello64 ftime ftok fts_children fts_close fts_open fts_read fts_set ftw ftw64 futimens futimesat fwide
+ fwrite_unlocked fwscanf gai_strerror gcvt get_current_dir_name get_kernel_syms get_myaddress getaddrinfo getaliasbyname getaliasbyname_r getaliasbyname_r
+ getaliasent getaliasent_r getaliasent_r getchar getchar_unlocked getdate getdirentries getdirentries64 getdomainname getenv getfsent getfsfile getfsspec
+ getgrent getgrent_r getgrent_r getgrgid getgrgid_r getgrgid_r getgrnam getgrnam_r getgrnam_r getgrouplist gethostbyaddr gethostbyaddr_r gethostbyaddr_r
+ gethostbyname gethostbyname2 gethostbyname2_r gethostbyname2_r gethostbyname_r gethostbyname_r gethostent gethostent_r gethostent_r gethostid getifaddrs
+ getipv4sourcefilter getloadavg getlogin getlogin_r getmntent getmsg getnameinfo getnetbyaddr getnetbyaddr_r getnetbyaddr_r getnetbyname getnetbyname_r
+ getnetbyname_r getnetent getnetent_r getnetent_r getnetgrent getnetname getopt getopt_long getopt_long_only getpass getpgrp getpid getpmsg getpriority
+ getprotobyname getprotobyname_r getprotobyname_r getprotobynumber getprotobynumber_r getprotobynumber_r getprotoent getprotoent_r getprotoent_r getpublickey
+ getpwent getpwent_r getpwent_r getpwnam getpwnam_r getpwnam_r getpwuid getpwuid_r getpwuid_r getrlimit getrlimit getrlimit64 getrlimit64 getrpcbyname
+ getrpcbyname_r getrpcbyname_r getrpcbynumber getrpcbynumber_r getrpcbynumber_r getrpcent getrpcent_r getrpcent_r getrpcport getsecretkey getservbyname
+ getservbyname_r getservbyname_r getservbyport getservbyport_r getservbyport_r getservent getservent_r getservent_r getsid getsockname getsourcefilter getspent
+ getspent_r getspent_r getspnam getspnam_r getspnam_r getsubopt getttyent getttynam getusershell getutmp getutmpx getutxent getutxid getutxline getw getwchar
+ getwchar_unlocked getwd getxattr glob glob64 glob64 globfree globfree64 gmtime gnu_dev_major gnu_dev_makedev gnu_dev_minor grantpt gtty hcreate hcreate_r
+ hdestroy_r herror host2netname hsearch hsearch_r hstrerror htonl htons iconv iconv_close iconv_open if_freenameindex if_indextoname if_nameindex
+ if_nametoindex inet6_opt_append inet6_opt_find inet6_opt_finish inet6_opt_get_val inet6_opt_init inet6_opt_next inet6_opt_set_val inet6_option_alloc
+ inet6_option_append inet6_option_find inet6_option_init inet6_option_next inet6_option_space inet6_rth_add inet6_rth_getaddr inet6_rth_init inet6_rth_reverse
+ inet6_rth_segments inet6_rth_space inet_addr inet_lnaof inet_makeaddr inet_netof inet_network inet_nsap_addr inet_nsap_ntoa inet_ntoa inet_ntop inet_pton
+ init_module initgroups innetgr inotify_add_watch inotify_init inotify_rm_watch insque ioperm iopl iruserok iruserok_af isalnum isalpha isascii isastream
+ isblank iscntrl isdigit isfdtype isgraph islower isprint ispunct isspace isupper isxdigit jrand48 key_decryptsession key_decryptsession_pk key_encryptsession
+ key_encryptsession_pk key_gendes key_get_conv key_secretkey_is_set key_setnet key_setsecret killpg klogctl l64a labs lchmod lcong48 ldiv lfind lgetxattr
+ linkat listen listxattr llabs lldiv llistxattr localeconv localeconv localtime lockf lockf64 lrand48 lrand48_r lremovexattr lsearch lsetxattr lutimes madvise
+ malloc mblen mbstowcs mbtowc mcheck mcheck_check_all mcheck_pedantic memcmp memcpy memfrob memmem memmove mempcpy memset mincore mkdirat mkdtemp mkfifo
+ mkfifoat mkstemp mkstemp64 mktemp mktime mlock mlockall mprobe mrand48 mrand48_r msgctl msgctl msgget mtrace munlock munlockall muntrace netname2host
+ netname2user nfsservctl nftw nftw nftw64 nftw64 nice nl_langinfo nrand48 ntp_gettime obstack_free open_memstream open_wmemstream openlog parse_printf_format
+ passwd2des pclose pclose perror pivot_root pmap_getmaps pmap_getport pmap_rmtcall pmap_set pmap_unset popen popen posix_fadvise posix_fadvise64
+ posix_fadvise64 posix_fallocate posix_fallocate64 posix_fallocate64 posix_madvise posix_spawn posix_spawn_file_actions_addclose
+ posix_spawn_file_actions_adddup2 posix_spawn_file_actions_addopen posix_spawn_file_actions_destroy posix_spawn_file_actions_init posix_spawnattr_destroy
+ posix_spawnattr_getflags posix_spawnattr_getpgroup posix_spawnattr_getschedparam posix_spawnattr_getschedpolicy posix_spawnattr_getsigdefault
+ posix_spawnattr_getsigmask posix_spawnattr_init posix_spawnattr_setflags posix_spawnattr_setpgroup posix_spawnattr_setschedparam
+ posix_spawnattr_setschedpolicy posix_spawnattr_setsigdefault posix_spawnattr_setsigmask posix_spawnp ppoll printf printf_size printf_size_info psignal
+ pthread_attr_destroy pthread_attr_getdetachstate pthread_attr_getinheritsched pthread_attr_getschedparam pthread_attr_getschedpolicy pthread_attr_getscope
+ pthread_attr_init pthread_attr_init pthread_attr_setdetachstate pthread_attr_setinheritsched pthread_attr_setschedparam pthread_attr_setschedpolicy
+ pthread_attr_setscope pthread_cond_broadcast pthread_cond_broadcast pthread_cond_destroy pthread_cond_destroy pthread_cond_init pthread_cond_init
+ pthread_cond_signal pthread_cond_signal pthread_cond_timedwait pthread_cond_timedwait pthread_cond_wait pthread_cond_wait pthread_condattr_destroy
+ pthread_condattr_init pthread_equal pthread_exit pthread_getschedparam pthread_mutex_destroy pthread_mutex_init pthread_mutex_lock pthread_mutex_unlock
+ pthread_self pthread_setcanceltype pthread_setschedparam ptrace ptsname putc_unlocked putchar putchar_unlocked putenv putgrent putmsg putpmsg putpwent
+ putspent pututxline putw putwc putwc_unlocked putwchar putwchar_unlocked qecvt qecvt_r qfcvt qfcvt_r qgcvt qsort query_module quotactl raise rand rand_r rcmd
+ rcmd_af readdir64 readdir64 readdir64_r readdir64_r readlinkat realloc realpath realpath reboot regexec regexec registerrpc remove removexattr remque rename
+ renameat revoke rewind rewinddir rexec rexec_af rpmatch rresvport rresvport_af rtime ruserok ruserok_af ruserpass scandir scandir64 scandir64 scanf
+ sched_getaffinity sched_getaffinity sched_getcpu sched_setaffinity sched_setaffinity seed48 seekdir semctl semctl semget semop semtimedop sendfile sendfile64
+ setaliasent setbuf setdomainname setegid seteuid setfsent setfsgid setfsuid setgrent setgroups sethostent sethostid sethostname setipv4sourcefilter setjmp
+ setlinebuf setlocale setlogin setlogmask setnetent setnetgrent setpgrp setpriority setprotoent setpwent setrlimit setrlimit setrlimit64 setrpcent setservent
+ setsockopt setsourcefilter setspent setttyent setusershell setutxent setxattr sgetspent shmat shmctl shmctl shmdt shmget sigaddset sigandset sigdelset
+ sigemptyset sigfillset siggetmask sighold sigignore siginterrupt sigisemptyset sigismember sigorset sigpending sigrelse sigset sigstack sockatmark splice
+ sprintf srand48 sscanf sstk statvfs stime strcat strchr strcmp strcoll strcpy strcspn strerror strerror_l strfmon strfry strftime strlen strncat strncmp
+ strncpy strnlen strpbrk strptime strrchr strsignal strspn strstr strtoimax strtok strtol strtoll strtoul strtoull strtoumax strxfrm stty svc_exit svc_getreq
+ svc_getreq_common svc_getreq_poll svc_getreqset svc_register svc_run svc_sendreply svc_unregister svcerr_auth svcerr_decode svcerr_noproc svcerr_noprog
+ svcerr_progvers svcerr_systemerr svcerr_weakauth svcfd_create svcraw_create svctcp_create svcudp_bufcreate svcudp_create svcudp_enablecache svcunix_create
+ svcunixfd_create swab swprintf swscanf symlinkat sync sync_file_range syscall sysinfo syslog tcflow tcflush tcgetpgrp tcgetsid tcsendbreak tcsetattr tcsetpgrp
+ tee telldir tempnam time timegm tmpfile tmpfile tmpfile64 tmpnam tmpnam_r toascii tolower toupper towlower towupper tr_break truncate64 ttyname ttyslot ualarm
+ ungetwc unlinkat unlockpt unshare updwtmpx uselib user2netname usleep ustat utime utimensat utmpxname verr verrx versionsort versionsort64 versionsort64
+ vfprintf vhangup vlimit vm86 vm86 vmsplice vprintf vswscanf vsyslog vtimes vwarn vwarnx vwprintf vwscanf warn warnx wcschr wcscmp wcscpy wcscspn wcsdup
+ wcsftime wcsncat wcsncmp wcspbrk wcsrchr wcsspn wcsstr wcstoimax wcstok wcstol wcstoll wcstombs wcstoul wcstoull wcstoumax wcswidth wcsxfrm wctob wctomb
+ wcwidth wmemchr wmemcmp wmemset wordexp wordfree wprintf wscanf xdecrypt xdr_accepted_reply xdr_array xdr_authdes_cred xdr_authdes_verf xdr_authunix_parms
+ xdr_bool xdr_bytes xdr_callhdr xdr_callmsg xdr_char xdr_cryptkeyarg xdr_cryptkeyarg2 xdr_cryptkeyres xdr_des_block xdr_double xdr_enum xdr_float xdr_free
+ xdr_getcredres xdr_hyper xdr_int xdr_int16_t xdr_int32_t xdr_int64_t xdr_int8_t xdr_key_netstarg xdr_key_netstres xdr_keybuf xdr_keystatus xdr_long
+ xdr_longlong_t xdr_netnamestr xdr_netobj xdr_opaque xdr_opaque_auth xdr_pmap xdr_pmaplist xdr_pointer xdr_quad_t xdr_reference xdr_rejected_reply xdr_replymsg
+ xdr_rmtcall_args xdr_rmtcallres xdr_short xdr_sizeof xdr_string xdr_u_char xdr_u_hyper xdr_u_int xdr_u_long xdr_u_longlong_t xdr_u_quad_t xdr_u_short
+ xdr_uint16_t xdr_uint32_t xdr_uint64_t xdr_uint8_t xdr_union xdr_unixcred xdr_vector xdr_void xdr_wrapstring xdrmem_create xdrrec_create xdrrec_endofrecord
+ xdrrec_eof xdrrec_skiprecord xdrstdio_create xencrypt xprt_register xprt_unregister
+ _Exit _IO_fprintf __close __connect __ctype_get_mb_cur_max __fcntl __getdelim __isascii_l __lseek __nanosleep __open __open64 __pread64 __pwrite64 __read
+ __send __sigaction __toascii_l __vsnprintf __vsscanf __wait __write __xpg_sigpause _flushlbf _longjmp accept access addmntent adjtime adjtimex advance
+ argp_error argp_failure argp_help argp_parse argp_state_help argp_usage argz_add argz_add_sep argz_append argz_count argz_create argz_create_sep argz_extract
+ argz_insert argz_next argz_replace argz_stringify asctime_r asprintf backtrace backtrace_symbols backtrace_symbols_fd bcmp bind_textdomain_codeset
+ bindtextdomain brk bsd_signal btowc bzero calloc canonicalize_file_name cfree chdir chmod clearenv clone close closedir connect copysign copysignf copysignl
+ creat dcgettext dcngettext dgettext dl_iterate_phdr dngettext dup dup2 duplocale eaccess endmntent endutent erand48_r error error_at_line euidaccess execve
+ fchdir fchmod fchown fcloseall fcntl fdatasync fdopendir feof ferror fflush ffsl fgetc fgetc_unlocked fgetgrent_r fgetpwent_r fgets fgetspent_r fgetwc
+ fgetwc_unlocked fileno_unlocked finite finitef finitel flock flockfile fopen64 fork fpathconf fputs fread freelocale frexp frexpf frexpl fstatfs fstatfs64
+ fstatvfs64 fsync ftell ftruncate ftruncate64 ftrylockfile funlockfile futimes fwprintf fwrite get_avphys_pages get_nprocs get_nprocs_conf get_phys_pages getc
+ getc_unlocked getcontext getcwd getdate_r getdelim getdtablesize getegid geteuid getgid getgroups gethostname getitimer getline getmntent_r getnetgrent_r
+ getpagesize getpeername getpgid getppid getpt getpw getresgid getresuid getrusage gets getsockopt gettext gettimeofday getuid getutent getutent_r getutid
+ getutid_r getutline getutline_r getwc getwc_unlocked glob_pattern_p gmtime_r gnu_get_libc_release gnu_get_libc_version group_member gsignal hasmntopt hdestroy
+ imaxabs imaxdiv index inet_aton initstate initstate_r ioctl isalnum_l isalpha_l isatty isblank_l iscntrl_l isctype isdigit_l isgraph_l isinf isinff isinfl
+ islower_l isnan isnanf isnanl isprint_l ispunct_l isspace_l isupper_l iswalnum iswalnum_l iswalpha iswalpha_l iswblank iswblank_l iswcntrl iswcntrl_l iswctype
+ iswctype_l iswdigit iswdigit_l iswgraph iswgraph_l iswlower iswlower_l iswprint iswprint_l iswpunct iswpunct_l iswspace iswspace_l iswupper iswupper_l
+ iswxdigit iswxdigit_l isxdigit_l jrand48_r kill lchown lckpwdf lcong48_r ldexp ldexpf ldexpl link llseek localtime_r longjmp lseek lseek64 makecontext
+ mallinfo malloc_get_state malloc_set_state malloc_stats malloc_trim malloc_usable_size mallopt mbrlen mbrtowc mbsinit mbsnrtowcs mbsrtowcs mcount memalign
+ memccpy memchr memrchr mkdir mmap mmap64 modf modff modfl modify_ldt moncontrol monstartup mount mprotect mremap msgrcv msgsnd msync munmap nanosleep
+ newlocale ngettext nl_langinfo_l nrand48_r ntohl ntohs ntp_adjtime obstack_printf obstack_vprintf on_exit open open64 openat openat64 opendir pathconf pause
+ personality pipe pipe2 poll posix_memalign posix_openpt prctl pread pread64 profil pselect pthread_setcancelstate ptsname_r putc puts pututline pvalloc pwrite
+ pwrite64 random random_r rawmemchr re_comp re_compile_fastmap re_compile_pattern re_exec re_match re_match_2 re_search re_search_2 re_set_registers
+ re_set_syntax read readahead readdir readdir_r readlink readv recv recvfrom recvmsg regcomp regerror regfree register_printf_function remap_file_pages
+ res_init rindex rmdir sbrk scalbln scalblnf scalblnl scalbn scalbnf scalbnl sched_get_priority_max sched_get_priority_min sched_getparam sched_getscheduler
+ sched_rr_get_interval sched_setparam sched_setscheduler sched_yield seed48_r select send sendmsg sendto setbuffer setcontext setenv setgid setitimer setmntent
+ setpgid setregid setresgid setresuid setreuid setsid setstate setstate_r settimeofday setuid setutent setvbuf sgetspent_r shutdown sigaction sigaltstack
+ sigblock siglongjmp signal sigpause sigprocmask sigqueue sigreturn sigsetmask sigsuspend sigtimedwait sigvec sigwait sigwaitinfo sleep snprintf socket
+ socketpair sprofil srand srand48_r srandom srandom_r ssignal statfs statfs64 statvfs64 step stpcpy stpncpy strcasecmp strcasecmp_l strcasestr strchrnul
+ strcoll_l strdup strerror_r strfmon_l strftime_l strncasecmp strncasecmp_l strndup strptime_l strsep strtod_l strtof_l strtok_r strtol_l strtold_l strtoll_l
+ strtoq strtoul_l strtoull_l strtouq strverscmp strxfrm_l swapcontext swapoff swapon symlink sysconf sysctl system sysv_signal tcdrain tcgetattr tdelete
+ tdestroy textdomain tfind timelocal times tolower_l toupper_l towctrans towctrans_l towlower_l towupper_l truncate tsearch ttyname_r twalk tzset ulckpwdf
+ ulimit umask umount umount2 uname ungetc unlink unsetenv updwtmp uselocale utimes utmpname valloc vasprintf vdprintf vfork vfscanf vfwprintf vfwscanf vscanf
+ vsnprintf vsprintf vsscanf vswprintf wait wait3 wait4 waitid waitpid wcpcpy wcpncpy wcrtomb wcscasecmp wcscasecmp_l wcscat wcschrnul wcscoll wcscoll_l
+ wcsftime_l wcslen wcsncasecmp wcsncasecmp_l wcsncpy wcsnlen wcsnrtombs wcsrtombs wcstod_l wcstof_l wcstol_l wcstold_l wcstoll_l wcstoq wcstoul_l wcstoull_l
+ wcstouq wcswcs wcsxfrm_l wctrans wctrans_l wctype wctype_l wmemcpy wmemmove wmempcpy write writev
+libdl.so.2
+ dladdr dladdr1 dlclose dlerror dlinfo dlmopen dlopen dlopen dlsym dlvsym
+libruby1.8.so.1.8
+ Init_Array Init_Bignum Init_Binding Init_Comparable Init_Dir Init_Enumerable Init_Enumerator Init_Exception Init_File Init_GC Init_Hash Init_IO Init_Math
+ Init_Numeric Init_Object Init_Precision Init_Proc Init_Random Init_Range Init_Regexp Init_String Init_Struct Init_Thread Init_Time Init_eval Init_ext
+ Init_heap Init_load Init_marshal Init_pack Init_process Init_signal Init_stack Init_sym Init_syserr Init_var_tables Init_version _fini _init dln_find_exe
+ dln_find_file dln_load dtoa freedtoa is_ruby_native_thread posix_nativethread_signal rb_Array rb_Float rb_Integer rb_String rb_add_event_hook rb_add_method
+ rb_alias rb_alias_variable rb_any_to_s rb_apply rb_ary_aref rb_ary_assoc rb_ary_clear rb_ary_cmp rb_ary_concat rb_ary_delete rb_ary_delete_at rb_ary_dup
+ rb_ary_each rb_ary_entry rb_ary_freeze rb_ary_includes rb_ary_join rb_ary_new rb_ary_new2 rb_ary_new3 rb_ary_new4 rb_ary_plus rb_ary_pop rb_ary_push
+ rb_ary_rassoc rb_ary_reverse rb_ary_shift rb_ary_sort rb_ary_sort_bang rb_ary_store rb_ary_to_ary rb_ary_to_s rb_ary_unshift rb_assoc_new rb_attr rb_attr_get
+ rb_autoload rb_autoload_load rb_autoload_p rb_backref_get rb_backref_set rb_backtrace rb_big2dbl rb_big2ll rb_big2long rb_big2str rb_big2str0 rb_big2ull
+ rb_big2ulong rb_big2ulong_pack rb_big_2comp rb_big_and rb_big_clone rb_big_divmod rb_big_lshift rb_big_minus rb_big_mul rb_big_mul0 rb_big_norm rb_big_or
+ rb_big_plus rb_big_pow rb_big_rand rb_big_rshift rb_big_xor rb_block_call rb_block_dup rb_block_given_p rb_block_proc rb_bug rb_call_inits rb_call_super
+ rb_catch rb_check_array_type rb_check_backtrace rb_check_convert_type rb_check_frozen rb_check_inheritable rb_check_safe_obj rb_check_safe_str
+ rb_check_string_type rb_check_to_integer rb_check_type rb_class2name rb_class_boot rb_class_inherited rb_class_inherited_p rb_class_init_copy
+ rb_class_instance_methods rb_class_name rb_class_new rb_class_new_instance rb_class_path rb_class_private_instance_methods rb_class_protected_instance_methods
+ rb_class_public_instance_methods rb_class_real rb_clear_cache rb_clear_cache_by_class rb_cmperr rb_cmpint rb_compile_cstr rb_compile_error
+ rb_compile_error_append rb_compile_file rb_compile_string rb_const_defined rb_const_defined_at rb_const_defined_from rb_const_get rb_const_get_at
+ rb_const_get_from rb_const_list rb_const_set rb_convert_type rb_copy_generic_ivar rb_copy_node_scope rb_cstr2inum rb_cstr_to_dbl rb_cstr_to_inum rb_cv_get
+ rb_cv_set rb_cvar_defined rb_cvar_get rb_cvar_set rb_data_object_alloc rb_dbl2big rb_dbl_cmp rb_define_alias rb_define_alloc_func rb_define_attr
+ rb_define_class rb_define_class_id rb_define_class_under rb_define_class_variable rb_define_const rb_define_global_const rb_define_global_function
+ rb_define_hooked_variable rb_define_method rb_define_method_id rb_define_module rb_define_module_function rb_define_module_id rb_define_module_under
+ rb_define_private_method rb_define_protected_method rb_define_readonly_variable rb_define_singleton_method rb_define_variable rb_define_virtual_variable
+ rb_detach_process rb_disable_super rb_during_gc rb_dvar_curr rb_dvar_defined rb_dvar_push rb_dvar_ref rb_each rb_enable_super rb_ensure rb_enumeratorize
+ rb_env_path_tainted rb_eof_error rb_eql rb_equal rb_error_frozen rb_eval_cmd rb_eval_string rb_eval_string_protect rb_eval_string_wrap rb_exc_fatal
+ rb_exc_jump rb_exc_new rb_exc_new2 rb_exc_new3 rb_exc_raise rb_exec_end_proc rb_exec_recursive rb_exit rb_extend_object rb_f_abort rb_f_exec rb_f_exit
+ rb_f_global_variables rb_f_kill rb_f_lambda rb_f_require rb_f_sprintf rb_f_trace_var rb_f_untrace_var rb_fatal rb_fdopen rb_file_const rb_file_expand_path
+ rb_file_open rb_file_s_expand_path rb_file_sysopen rb_find_file rb_find_file_ext rb_fix2int rb_fix2str rb_float_new rb_fopen rb_frame_last_func
+ rb_frame_this_func rb_free_generic_ivar rb_frozen_class_p rb_funcall rb_funcall2 rb_funcall3 rb_funcall_rescue rb_gc rb_gc_abort_threads
+ rb_gc_call_finalizer_at_exit rb_gc_copy_finalizer rb_gc_disable rb_gc_enable rb_gc_finalize_deferred rb_gc_force_recycle rb_gc_mark rb_gc_mark_frame
+ rb_gc_mark_global_tbl rb_gc_mark_locations rb_gc_mark_maybe rb_gc_mark_parser rb_gc_mark_threads rb_gc_mark_trap_list rb_gc_register_address rb_gc_start
+ rb_gc_unregister_address rb_generic_ivar_table rb_genrand_int32 rb_genrand_real rb_get_kcode rb_getc rb_gets rb_glob rb_global_entry rb_global_variable
+ rb_gv_get rb_gv_set rb_gvar_defined rb_gvar_get rb_gvar_set rb_hash rb_hash_aref rb_hash_aset rb_hash_delete rb_hash_delete_if rb_hash_foreach rb_hash_freeze
+ rb_hash_lookup rb_hash_new rb_hash_reject_bang rb_hash_select rb_hash_values_at rb_id2name rb_id_attrset rb_include_module rb_inspect rb_inspecting_p
+ rb_int2big rb_int2inum rb_intern rb_interrupt rb_invalid_str rb_io_addstr rb_io_binmode rb_io_check_closed rb_io_check_initialized rb_io_check_readable
+ rb_io_check_writable rb_io_close rb_io_eof rb_io_flags_mode rb_io_fptr_finalize rb_io_fread rb_io_fwrite rb_io_getc rb_io_gets rb_io_mode_flags
+ rb_io_modenum_flags rb_io_print rb_io_printf rb_io_puts rb_io_set_nonblock rb_io_synchronized rb_io_taint_check rb_io_unbuffered rb_io_ungetc
+ rb_io_wait_readable rb_io_wait_writable rb_io_write rb_is_class_id rb_is_const_id rb_is_instance_id rb_is_junk_id rb_is_local_id rb_iter_break rb_iterate
+ rb_iterator_p rb_iv_get rb_iv_set rb_ivar_defined rb_ivar_get rb_ivar_set rb_jump_tag rb_kcode rb_kcode_reset_option rb_kcode_set_option rb_lastline_get
+ rb_lastline_set rb_ll2big rb_ll2inum rb_load rb_load_fail rb_load_file rb_load_protect rb_loaderror rb_make_metaclass rb_mark_end_proc rb_mark_generic_ivar
+ rb_mark_generic_ivar_tbl rb_mark_hash rb_mark_set rb_mark_tbl rb_marshal_dump rb_marshal_load rb_match_busy rb_mem_clear rb_memcicmp rb_memcmp rb_memerror
+ rb_memsearch rb_method_boundp rb_method_dup rb_method_node rb_mod_ancestors rb_mod_class_variables rb_mod_const_at rb_mod_const_missing rb_mod_const_of
+ rb_mod_constants rb_mod_include_p rb_mod_included_modules rb_mod_init_copy rb_mod_module_eval rb_mod_module_exec rb_mod_name rb_mod_remove_const
+ rb_mod_remove_cvar rb_module_new rb_name_class rb_name_error rb_need_block rb_newobj rb_node_newnode rb_notimplement rb_num2dbl rb_num2fix rb_num2int
+ rb_num2ll rb_num2long rb_num2ull rb_num2ulong rb_num_coerce_bin rb_num_coerce_cmp rb_num_coerce_relop rb_num_zerodiv rb_obj_alloc rb_obj_as_string
+ rb_obj_call_init rb_obj_class rb_obj_classname rb_obj_clone rb_obj_dup rb_obj_freeze rb_obj_id rb_obj_id_obsolete rb_obj_infect rb_obj_init_copy
+ rb_obj_instance_eval rb_obj_instance_exec rb_obj_instance_variables rb_obj_is_instance_of rb_obj_is_kind_of rb_obj_method rb_obj_remove_instance_variable
+ rb_obj_respond_to rb_obj_singleton_methods rb_obj_taint rb_obj_tainted rb_obj_tap rb_obj_type rb_obj_untaint rb_p rb_parser_append_print rb_parser_while_loop
+ rb_path2class rb_path_check rb_path_end rb_path_last_separator rb_path_next rb_path_skip_prefix rb_proc_call rb_proc_exec rb_proc_new rb_proc_times rb_protect
+ rb_protect_inspect rb_provide rb_provided rb_quad_pack rb_quad_unpack rb_raise rb_range_beg_len rb_range_new rb_read_check rb_read_pending
+ rb_reg_adjust_startpos rb_reg_eqq rb_reg_last_match rb_reg_match rb_reg_match2 rb_reg_match_last rb_reg_match_post rb_reg_match_pre rb_reg_mbclen2 rb_reg_new
+ rb_reg_nth_defined rb_reg_nth_match rb_reg_options rb_reg_quote rb_reg_regcomp rb_reg_regsub rb_reg_search rb_remove_event_hook rb_remove_method rb_require
+ rb_require_safe rb_rescue rb_rescue2 rb_reserved_word rb_respond_to rb_scan_args rb_secure rb_secure_update rb_set_class_path rb_set_end_proc rb_set_kcode
+ rb_set_safe_level rb_singleton_class rb_singleton_class_attached rb_singleton_class_clone rb_source_filename rb_str2cstr rb_str2inum rb_str_append
+ rb_str_associate rb_str_associated rb_str_buf_append rb_str_buf_cat rb_str_buf_cat2 rb_str_buf_new rb_str_buf_new2 rb_str_cat rb_str_cat2 rb_str_cmp
+ rb_str_concat rb_str_dump rb_str_dup rb_str_dup_frozen rb_str_format rb_str_freeze rb_str_hash rb_str_inspect rb_str_intern rb_str_locktmp rb_str_modify
+ rb_str_new rb_str_new2 rb_str_new3 rb_str_new4 rb_str_new5 rb_str_plus rb_str_resize rb_str_set_len rb_str_setter rb_str_split rb_str_substr rb_str_times
+ rb_str_tmp_new rb_str_to_dbl rb_str_to_inum rb_str_to_str rb_str_unlocktmp rb_str_update rb_str_upto rb_string_value rb_string_value_cstr rb_string_value_ptr
+ rb_struct_alloc rb_struct_aref rb_struct_aset rb_struct_define rb_struct_getmember rb_struct_iv_get rb_struct_members rb_struct_new rb_struct_s_members
+ rb_svar rb_sym_all_symbols rb_sym_interned_p rb_symname_p rb_sys_fail rb_sys_warning rb_syswait rb_tainted_str_new rb_tainted_str_new2 rb_thread_alive_p
+ rb_thread_alone rb_thread_atfork rb_thread_create rb_thread_current rb_thread_fd_close rb_thread_fd_writable rb_thread_group rb_thread_interrupt
+ rb_thread_join rb_thread_kill rb_thread_list rb_thread_local_aref rb_thread_local_aset rb_thread_main rb_thread_polling rb_thread_reset_raised rb_thread_run
+ rb_thread_schedule rb_thread_select rb_thread_set_raised rb_thread_signal_exit rb_thread_signal_raise rb_thread_sleep rb_thread_sleep_forever
+ rb_thread_start_timer rb_thread_stop rb_thread_stop_timer rb_thread_trap_eval rb_thread_wait_fd rb_thread_wait_for rb_thread_wakeup rb_thread_wakeup_alive
+ rb_throw rb_time_interval rb_time_new rb_time_timeval rb_to_id rb_to_int rb_trap_exec rb_trap_exit rb_trap_restore_mask rb_uint2big rb_uint2inum rb_ull2big
+ rb_ull2inum rb_undef rb_undef_alloc_func rb_undef_method rb_values_at rb_waitpid rb_warn rb_warning rb_with_disable_interrupt rb_write_error rb_write_error2
+ rb_yield rb_yield_splat rb_yield_values re_mbc_startpos re_set_syntax ruby_brace_expand ruby_brace_glob ruby_cleanup ruby_default_signal ruby_each_words
+ ruby_exec ruby_finalize ruby_float_step ruby_getcwd ruby_glob ruby_incpush ruby_init ruby_init_ext ruby_init_loadpath ruby_init_stack ruby_native_thread_kill
+ ruby_options ruby_parser_stack_on_heap ruby_posix_signal ruby_process_options ruby_prog_init ruby_qsort ruby_re_adjust_startpos ruby_re_compile_fastmap
+ ruby_re_compile_pattern ruby_re_copy_registers ruby_re_free_pattern ruby_re_free_registers ruby_re_match ruby_re_mbcinit ruby_re_search ruby_re_set_casetable
+ ruby_run ruby_scan_hex ruby_scan_oct ruby_script ruby_set_argv ruby_set_current_source ruby_set_stack_size ruby_setenv ruby_show_copyright ruby_show_version
+ ruby_signal_name ruby_stack_check ruby_stack_length ruby_stop ruby_strdup ruby_strtod ruby_unsetenv ruby_xcalloc ruby_xfree ruby_xmalloc ruby_xrealloc
+ ruby_yyparse st_add_direct st_cleanup_safe st_copy st_delete st_delete_safe st_foreach st_foreach_safe st_free_table st_init_numtable
+ st_init_numtable_with_size st_init_strtable st_init_strtable_with_size st_init_table st_init_table_with_size st_insert st_lookup
+ rb_argv rb_argv0 rb_cArray rb_cBignum rb_cBinding rb_cClass rb_cCont rb_cData rb_cDir rb_cEnumerator rb_cFalseClass rb_cFile rb_cFixnum rb_cFloat rb_cHash
+ rb_cIO rb_cInteger rb_cMatch rb_cMethod rb_cModule rb_cNameErrorMesg rb_cNilClass rb_cNumeric rb_cObject rb_cProc rb_cRange rb_cRegexp rb_cStat rb_cString
+ rb_cStruct rb_cSymbol rb_cThread rb_cTime rb_cTrueClass rb_cUnboundMethod rb_class_tbl rb_curr_thread rb_default_rs rb_deferr rb_eArgError rb_eEOFError
+ rb_eException rb_eFatal rb_eFloatDomainError rb_eIOError rb_eIndexError rb_eInterrupt rb_eLoadError rb_eLocalJumpError rb_eNameError rb_eNoMemError
+ rb_eNoMethodError rb_eNotImpError rb_eRangeError rb_eRegexpError rb_eRuntimeError rb_eScriptError rb_eSecurityError rb_eSignal rb_eStandardError
+ rb_eStopIteration rb_eSyntaxError rb_eSysStackError rb_eSystemCallError rb_eSystemExit rb_eThreadError rb_eTypeError rb_eZeroDivError rb_fs rb_gc_stack_start
+ rb_global_tbl rb_last_status rb_load_path rb_mComparable rb_mEnumerable rb_mErrno rb_mFConst rb_mFileTest rb_mGC rb_mKernel rb_mMath rb_mPrecision rb_mProcGID
+ rb_mProcID_Syscall rb_mProcUID rb_mProcess rb_main_thread rb_origenviron rb_output_fs rb_output_rs rb_progname rb_prohibit_interrupt rb_rs rb_stderr rb_stdin
+ rb_stdout rb_thread_critical rb_thread_pending rb_trap_immediate rb_trap_pending re_mbctab ruby__end__seen ruby_class ruby_copyright ruby_cref
+ ruby_current_node ruby_debug ruby_description ruby_digitmap ruby_dln_librefs ruby_dyna_vars ruby_errinfo ruby_eval_tree ruby_eval_tree_begin ruby_frame
+ ruby_gc_stress ruby_ignorecase ruby_in_compile ruby_in_eval ruby_inplace_mode ruby_nerrs ruby_patchlevel ruby_platform ruby_release_date ruby_safe_level
+ ruby_sandbox_restore ruby_sandbox_save ruby_scope ruby_sourcefile ruby_sourceline ruby_top_cref ruby_top_self ruby_verbose ruby_version ruby_yychar
+ ruby_yydebug ruby_yylval
+EOL
+	curlibname = nil
+	data.each_line { |l|
+		list = l.split
+		curlibname = list.shift if l[0, 1] != ' '
+		list.each { |export| EXPORT[export] = curlibname }
+	}
+end
+end

data/lib/metasm/os/linux.rb

@@ -0,0 +1,1112 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+
+
+require 'metasm/os/main'
+
+module Metasm
+class PTrace
+	attr_accessor :buf, :pid
+
+	def self.open(target)
+		ptrace = new(target)
+		return ptrace if not block_given?
+		ret = yield ptrace
+		ptrace.detach
+		ret
+	end
+
+	# calls PTRACE_TRACEME on the current (ruby) process
+	def self.traceme
+		new(::Process.pid, false).traceme
+	end
+
+	# creates a ptraced process (target = path)
+	# or opens a running process (target = pid)
+	# values for do_attach:
+	#  :create => always fork+traceme+exec+wait
+	#  :attach => always attach
+	#  false/nil => same as attach, without actually calling PT_ATTACH (usefull if we're already tracing pid)
+	#  anything else: try to attach if pid is numeric (using Integer()), else create
+	def initialize(target, do_attach=true)
+		begin
+			raise ArgumentError if do_attach == :create
+			@pid = Integer(target)
+			tweak_for_pid(@pid)
+			return if not do_attach
+			attach
+		rescue ArgumentError, TypeError
+			raise if do_attach == :attach or not do_attach
+			did_exec = true
+			if not @pid = fork
+				tweak_for_pid(::Process.pid)
+				traceme
+				::Process.exec(*target)
+				exit!(0)
+			end
+		end
+		wait
+		raise "could not exec #{target}" if $?.exited?
+		tweak_for_pid(@pid) if did_exec
+		puts "Ptrace: attached to #@pid" if $DEBUG
+	end
+
+	def wait
+		::Process.wait(@pid, ::Process::WALL)
+	end
+
+	attr_accessor :reg_off, :intsize, :syscallnr, :syscallreg
+	attr_accessor :packint, :packuint, :host_intsize, :host_syscallnr
+	# setup the variables according to the target
+	def tweak_for_pid(pid=@pid)
+		# use these for our syscalls PTRACE
+		case LinOS.open_process(::Process.pid).cpu.shortname
+		when 'ia32'
+			@packint = 'l'
+			@packuint = 'L'
+			@host_intsize = 4
+			@host_syscallnr = SYSCALLNR_I386
+			@reg_off = REGS_I386
+		when 'x64'
+			@packint = 'q'
+			@packuint = 'Q'
+			@host_intsize = 8
+			@host_syscallnr = SYSCALLNR_X86_64
+			@reg_off = REGS_X86_64
+		else raise 'unsupported architecture'
+		end
+
+		# use these to interpret the child state
+		tgcpu = LinOS.open_process(pid).cpu
+		case tgcpu.shortname
+		when 'ia32'
+			@syscallreg = 'ORIG_EAX'
+			@syscallnr = SYSCALLNR_I386
+			@intsize = 4
+		when 'x64'
+			@syscallreg = 'ORIG_RAX'
+			@syscallnr = SYSCALLNR_X86_64
+			@intsize = 8
+		else raise 'unsupported target architecture'
+		end
+
+		cp = tgcpu.new_cparser
+		cp.parse SIGINFO_C
+		@siginfo = cp.alloc_c_struct('siginfo')
+
+		# buffer used in ptrace syscalls
+		@buf = [0].pack(@packint)
+		@bufptr = str_ptr(@buf)
+	end
+
+	def str_ptr(str)
+		[str].pack('P').unpack(@packint).first
+	end
+
+	# interpret the value turned as an unsigned long
+	def bufval
+		@buf.unpack(@packint).first
+	end
+
+	# reads a memory range
+	def readmem(off, len)
+		decal = off % @host_intsize
+		buf = ''
+		if decal > 0
+			off -= decal
+			peekdata(off)
+			off += @host_intsize
+			buf << @buf[decal...@host_intsize]
+		end
+		offend = off + len
+		while off < offend
+			peekdata(off)
+			buf << @buf[0, @host_intsize]
+			off += @host_intsize
+		end
+		buf[0, len]
+	end
+
+	def writemem(off, str)
+		decal = off % @host_intsize
+		if decal > 0
+			off -= decal
+			peekdata(off)
+			str = @buf[0...decal] + str
+		end
+		decal = str.length % @host_intsize
+		if decal > 0
+			peekdata(off+str.length-decal)
+			str += @buf[decal...@host_intsize]
+		end
+		i = 0
+		while i < str.length
+			pokedata(off+i, str[i, @host_intsize])
+			i += @host_intsize
+		end
+	end
+
+	# linux/ptrace.h
+	COMMAND = {
+		'TRACEME'         =>   0, 'PEEKTEXT'        =>   1,
+		'PEEKDATA'        =>   2, 'PEEKUSR'         =>   3,
+		'POKETEXT'        =>   4, 'POKEDATA'        =>   5,
+		'POKEUSR'         =>   6, 'CONT'            =>   7,
+		'KILL'            =>   8, 'SINGLESTEP'      =>   9,
+		'ATTACH'          =>  16, 'DETACH'          =>  17,
+		'SYSCALL'         =>  24,
+
+		# arch/x86/include/ptrace-abi.h
+		'GETREGS'         =>  12, 'SETREGS'         =>  13,
+		'GETFPREGS'       =>  14, 'SETFPREGS'       =>  15,
+		'GETFPXREGS'      =>  18, 'SETFPXREGS'      =>  19,
+		'OLDSETOPTIONS'   =>  21, 'GET_THREAD_AREA' =>  25,
+		'SET_THREAD_AREA' =>  26, 'ARCH_PRCTL'      =>  30,
+		'SYSEMU'          =>  31, 'SYSEMU_SINGLESTEP'=> 32,
+		'SINGLEBLOCK'     =>  33,
+		# 0x4200-0x4300 are reserved for architecture-independent additions.
+		'SETOPTIONS'      => 0x4200, 'GETEVENTMSG'   => 0x4201,
+		'GETSIGINFO'      => 0x4202, 'SETSIGINFO'    => 0x4203
+	}
+
+	OPTIONS = {
+		# options set using PTRACE_SETOPTIONS
+		'TRACESYSGOOD'  => 0x01, 'TRACEFORK'     => 0x02,
+		'TRACEVFORK'    => 0x04, 'TRACECLONE'    => 0x08,
+		'TRACEEXEC'     => 0x10, 'TRACEVFORKDONE'=> 0x20,
+		'TRACEEXIT'     => 0x40
+	}
+
+	WAIT_EXTENDEDRESULT = {
+		# Wait extended result codes for the above trace options.
+		'EVENT_FORK'       => 1, 'EVENT_VFORK'      => 2,
+		'EVENT_CLONE'      => 3, 'EVENT_EXEC'       => 4,
+		'EVENT_VFORK_DONE' => 5, 'EVENT_EXIT'       => 6
+	}
+	WAIT_EXTENDEDRESULT.update WAIT_EXTENDEDRESULT.invert
+
+
+	# block trace
+	BTS_O = { 'TRACE' => 1, 'SCHED' => 2, 'SIGNAL' => 4, 'ALLOC' => 8 }
+	BTS = { 'CONFIG' => 40, 'STATUS' => 41, 'SIZE' => 42,
+		'GET' => 43, 'CLEAR' => 44, 'DRAIN' => 45 }
+
+	REGS_I386 = {
+		'EBX' => 0, 'ECX' => 1, 'EDX' => 2, 'ESI' => 3,
+		'EDI' => 4, 'EBP' => 5, 'EAX' => 6, 'DS'  => 7,
+		'ES'  => 8, 'FS'  => 9, 'GS'  => 10, 'ORIG_EAX' => 11,
+		'EIP' => 12, 'CS'  => 13,  'EFL' => 14, 'UESP'=> 15,
+					'EFLAGS' => 14, 'ESP' => 15,
+		'SS'  => 16,
+		# from ptrace.c in kernel source & asm-i386/user.h
+		'DR0' => 63, 'DR1' => 64, 'DR2' => 65, 'DR3' => 66,
+		'DR4' => 67, 'DR5' => 68, 'DR6' => 69, 'DR7' => 70
+	}
+
+	REGS_X86_64 = {
+		'R15' => 0, 'R14' => 1, 'R13' => 2, 'R12' => 3,
+		'RBP' => 4, 'RBX' => 5, 'R11' => 6, 'R10' => 7,
+		'R9' => 8, 'R8' => 9, 'RAX' => 10, 'RCX' => 11,
+		'RDX' => 12, 'RSI' => 13, 'RDI' => 14, 'ORIG_RAX' => 15,
+		'RIP' => 16, 'CS' => 17, 'RFLAGS' => 18, 'RSP' => 19,
+		'SS' => 20, 'FS_BASE' => 21, 'GS_BASE' => 22, 'DS' => 23,
+		'ES' => 24, 'FS' => 25, 'GS' => 26,
+		#'FP_VALID' => 27,
+		#'387_XWD' => 28, '387_RIP' => 29, '387_RDP' => 30, '387_MXCSR' => 31,
+		#'FP0' => 32, 'FP1' => 34, 'FP2' => 36, 'FP3' => 38,
+		#'FP4' => 40, 'FP5' => 42, 'FP6' => 44, 'FP7' => 46,
+		#'XMM0' => 48, 'XMM1' => 52, 'XMM2' => 56, 'XMM3' => 60,
+		#'XMM4' => 64, 'XMM5' => 68, 'XMM6' => 72, 'XMM7' => 76,
+		#'FPAD0' => 80, 'FPAD11' => 91,
+		#'TSZ' => 92, 'DSZ' => 93, 'SSZ' => 94, 'CODE' => 95,
+		#'STK' => 96, 'SIG' => 97, 'PAD' => 98, 'U_AR0' => 99,
+		#'FPPTR' => 100, 'MAGIC' => 101, 'COMM0' => 102, 'COMM1' => 103,
+		#'COMM2' => 104, 'COMM3' => 105,
+		'DR0' => 106, 'DR1' => 107, 'DR2' => 108, 'DR3' => 109,
+		'DR4' => 110, 'DR5' => 111, 'DR6' => 112, 'DR7' => 113,
+		#'ERROR_CODE' => 114, 'FAULT_ADDR' => 115
+	}
+
+	SYSCALLNR_I386 = %w[restart_syscall exit fork read write open close waitpid creat link unlink execve chdir time
+		mknod chmod lchown break oldstat lseek getpid mount umount setuid getuid stime ptrace alarm oldfstat
+		pause utime stty gtty access nice ftime sync kill  rename mkdir rmdir dup pipe times prof brk setgid
+		getgid signal  geteuid getegid acct  umount2 lock ioctl fcntl  mpx setpgid ulimit  oldolduname umask
+		chroot ustat  dup2 getppid getpgrp setsid  sigaction sgetmask ssetmask setreuid  setregid sigsuspend
+		sigpending sethostname  setrlimit getrlimit getrusage gettimeofday  settimeofday getgroups setgroups
+		select symlink oldlstat readlink uselib swapon  reboot readdir mmap munmap truncate ftruncate fchmod
+		fchown getpriority  setpriority profil statfs  fstatfs ioperm socketcall syslog  setitimer getitimer
+		stat  lstat fstat  olduname iopl  vhangup idle  vm86old wait4  swapoff sysinfo  ipc fsync  sigreturn
+		clone  setdomainname  uname  modify_ldt  adjtimex  mprotect  sigprocmask  create_module  init_module
+		delete_module get_kernel_syms quotactl getpgid fchdir bdflush sysfs personality afs_syscall setfsuid
+		setfsgid  _llseek getdents  _newselect  flock  msync readv  writev  getsid  fdatasync _sysctl  mlock
+		munlock  mlockall  munlockall  sched_setparam sched_getparam  sched_setscheduler  sched_getscheduler
+		sched_yield  sched_get_priority_max  sched_get_priority_min sched_rr_get_interval  nanosleep  mremap
+		setresuid  getresuid  vm86  query_module  poll nfsservctl  setresgid  getresgid  prctl  rt_sigreturn
+		rt_sigaction  rt_sigprocmask  rt_sigpending  rt_sigtimedwait rt_sigqueueinfo  rt_sigsuspend  pread64
+		pwrite64 chown  getcwd capget  capset sigaltstack  sendfile getpmsg  putpmsg vfork  ugetrlimit mmap2
+		truncate64  ftruncate64  stat64  lstat64  fstat64 lchown32  getuid32  getgid32  geteuid32  getegid32
+		setreuid32  setregid32   getgroups32  setgroups32   fchown32  setresuid32   getresuid32  setresgid32
+		getresgid32 chown32  setuid32 setgid32 setfsuid32  setfsgid32 pivot_root mincore  madvise getdents64
+		fcntl64 sys_222 sys_223  gettid readahead setxattr lsetxattr fsetxattr  getxattr lgetxattr fgetxattr
+		listxattr  llistxattr  flistxattr  removexattr  lremovexattr  fremovexattr  tkill  sendfile64  futex
+		sched_setaffinity sched_getaffinity set_thread_area get_thread_area io_setup io_destroy io_getevents
+		io_submit io_cancel  fadvise64 sys_251  exit_group lookup_dcookie epoll_create  epoll_ctl epoll_wait
+		remap_file_pages   set_tid_address   timer_create   timer_settime   timer_gettime   timer_getoverrun
+		timer_delete  clock_settime clock_gettime  clock_getres  clock_nanosleep  statfs64 fstatfs64  tgkill
+		utimes  fadvise64_64  vserver  mbind  get_mempolicy  set_mempolicy  mq_open  mq_unlink  mq_timedsend
+		mq_timedreceive mq_notify mq_getsetattr kexec_load  waitid sys_setaltroot add_key request_key keyctl
+		ioprio_set ioprio_get  inotify_init inotify_add_watch inotify_rm_watch migrate_pages  openat mkdirat
+		mknodat  fchownat  futimesat  fstatat64  unlinkat  renameat  linkat  symlinkat  readlinkat  fchmodat
+		faccessat pselect6 ppoll unshare set_robust_list get_robust_list splice sync_file_range tee vmsplice
+		move_pages   getcpu  epoll_pwait  utimensat   signalfd  timerfd  eventfd  fallocate  timerfd_settime
+	       	timerfd_gettime  signalfd4   eventfd2  epoll_create1   dup3   pipe2  inotify_init1   preadv  pwritev
+		rt_tg_sigqueueinfo perf_counter_open].inject({}) { |h, sc| h.update sc => h.length }
+	SYSCALLNR_I386.update SYSCALLNR_I386.invert
+	
+	SYSCALLNR_X86_64 = %w[read write open close stat fstat lstat poll lseek mmap mprotect munmap brk rt_sigaction
+		rt_sigprocmask  rt_sigreturn ioctl  pread64 pwrite64  readv  writev access  pipe select  sched_yield
+		mremap  msync  mincore  madvise  shmget  shmat  shmctl dup  dup2  pause  nanosleep  getitimer  alarm
+		setitimer  getpid  sendfile   socket  connect  accept  sendto  recvfrom   sendmsg  recvmsg  shutdown
+		bind  listen  getsockname getpeername  socketpair  setsockopt  getsockopt  clone fork  vfork  execve
+		exit  wait4  kill  uname  semget  semop  semctl  shmdt  msgget  msgsnd  msgrcv  msgctl  fcntl  flock
+		fsync  fdatasync  truncate  ftruncate  getdents  getcwd   chdir  fchdir  rename  mkdir  rmdir  creat
+		link  unlink  symlink  readlink  chmod  fchmod chown  fchown  lchown  umask  gettimeofday  getrlimit
+		getrusage  sysinfo  times  ptrace  getuid  syslog  getgid  setuid  setgid  geteuid  getegid  setpgid
+		getppid  getpgrp  setsid  setreuid  setregid   getgroups  setgroups  setresuid  getresuid  setresgid
+		getresgid   getpgid   setfsuid  setfsgid   getsid   capget   capset  rt_sigpending   rt_sigtimedwait
+		rt_sigqueueinfo  rt_sigsuspend  sigaltstack utime  mknod  uselib  personality ustat  statfs  fstatfs
+		sysfs  getpriority setpriority  sched_setparam sched_getparam  sched_setscheduler sched_getscheduler
+		sched_get_priority_max   sched_get_priority_min   sched_rr_get_interval   mlock   munlock   mlockall
+		munlockall vhangup  modify_ldt pivot_root  _sysctl prctl arch_prctl  adjtimex setrlimit  chroot sync
+		acct  settimeofday  mount  umount2  swapon  swapoff reboot  sethostname  setdomainname  iopl  ioperm
+		create_module  init_module delete_module  get_kernel_syms query_module  quotactl nfsservctl  getpmsg
+		putpmsg  afs_syscall  tuxcall  security  gettid  readahead  setxattr  lsetxattr  fsetxattr  getxattr
+		lgetxattr fgetxattr listxattr llistxattr flistxattr removexattr lremovexattr fremovexattr tkill time
+		futex sched_setaffinity sched_getaffinity set_thread_area io_setup io_destroy io_getevents io_submit
+		io_cancel get_thread_area lookup_dcookie  epoll_create epoll_ctl_old epoll_wait_old remap_file_pages
+		getdents64   set_tid_address  restart_syscall   semtimedop   fadvise64  timer_create   timer_settime
+		timer_gettime timer_getoverrun timer_delete clock_settime clock_gettime clock_getres clock_nanosleep
+		exit_group  epoll_wait epoll_ctl  tgkill utimes  vserver mbind  set_mempolicy get_mempolicy  mq_open
+		mq_unlink mq_timedsend mq_timedreceive mq_notify mq_getsetattr kexec_load waitid add_key request_key
+		keyctl ioprio_set  ioprio_get inotify_init  inotify_add_watch inotify_rm_watch  migrate_pages openat
+		mkdirat  mknodat  fchownat  futimesat  newfstatat  unlinkat  renameat  linkat  symlinkat  readlinkat
+		fchmodat faccessat pselect6 ppoll unshare set_robust_list get_robust_list splice tee sync_file_range
+		vmsplice move_pages utimensat epoll_pwait  signalfd timerfd_create eventfd fallocate timerfd_settime
+		timerfd_gettime accept4  signalfd4 eventfd2  epoll_create1 dup3  pipe2 inotify_init1  preadv pwritev
+		rt_tgsigqueueinfo perf_counter_open].inject({}) { |h, sc| h.update sc => h.length }
+	SYSCALLNR_X86_64.update SYSCALLNR_X86_64.invert
+
+	SIGNAL = Signal.list.dup
+	SIGNAL.delete SIGNAL.index(0)
+	SIGNAL['TRAP'] ||= 5	# windows+gdbremote
+	SIGNAL.update SIGNAL.invert
+
+	# include/asm-generic/errno-base.h
+	ERRNO = %w[ERR0 EPERM ENOENT ESRCH EINTR EIO ENXIO E2BIG ENOEXEC EBADF ECHILD EAGAIN ENOMEM EACCES EFAULT
+		ENOTBLK EBUSY EEXIST EXDEV ENODEV ENOTDIR EISDIR EINVAL ENFILE EMFILE ENOTTY ETXTBSY EFBIG ENOSPC
+		ESPIPE EROFS EMLINK EPIPE EDOM ERANGE].inject({}) { |h, e| h.update e => h.length }
+	ERRNO.update ERRNO.invert
+
+	SIGINFO = {
+		# user-generated signal
+		'DETHREAD' => -7,	# execve killing threads
+		'TKILL' => -6, 'SIGIO' => -5, 'ASYNCIO' => -4, 'MESGQ' => -3,
+		'TIMER' => -2, 'QUEUE' => -1, 'USER' => 0, 'KERNEL' => 0x80,
+		# ILL
+		'ILLOPC' => 1, 'ILLOPN' => 2, 'ILLADR' => 3, 'ILLTRP' => 4,
+		'PRVOPC' => 5, 'PRVREG' => 6, 'COPROC' => 7, 'BADSTK' => 8,
+		# FPE
+		'INTDIV' => 1, 'INTOVF' => 2, 'FLTDIV' => 3, 'FLTOVF' => 4,
+		'FLTUND' => 5, 'FLTRES' => 6, 'FLTINV' => 7, 'FLTSUB' => 8,
+		# SEGV
+		'MAPERR' => 1, 'ACCERR' => 2,
+		# BUS
+		'ADRALN' => 1, 'ADRERR' => 2, 'OBJERR' => 3, 'MCEERR_AR' => 4,
+		'MCEERR_AO' => 5,
+		# TRAP
+		'BRKPT' => 1, 'TRACE' => 2, 'BRANCH' => 3, 'HWBKPT' => 4,
+		# CHLD
+		'EXITED' => 1, 'KILLED' => 2, 'DUMPED' => 3, 'TRAPPED' => 4,
+		'STOPPED' => 5, 'CONTINUED' => 6,
+		# POLL
+		'POLL_IN' => 1, 'POLL_OUT' => 2, 'POLL_MSG' => 3, 'POLL_ERR' => 4,
+		'POLL_PRI' => 5, 'POLL_HUP' => 6
+	}
+
+	SIGINFO_C = <<EOS
+typedef __int32 __pid_t;
+typedef unsigned __int32 __uid_t;
+typedef uintptr_t sigval_t;
+typedef long __clock_t;
+
+typedef struct siginfo {
+    int si_signo;
+    int si_errno;
+    int si_code;
+    // int pad64;
+    union {
+        int _pad[128/4-3];	/* total >= 128b */
+
+        struct {		/* kill().  */
+            __pid_t si_pid;	/* Sending process ID.  */
+            __uid_t si_uid;	/* Real user ID of sending process.  */
+        } _kill;
+        struct {		/* POSIX.1b timers.  */
+            int si_tid;		/* Timer ID.  */
+            int si_overrun;	/* Overrun count.  */
+            sigval_t si_sigval;	/* Signal value.  */
+        } _timer;
+        struct {		/* POSIX.1b signals.  */
+            __pid_t si_pid;	/* Sending process ID.  */
+            __uid_t si_uid;	/* Real user ID of sending process.  */
+            sigval_t si_sigval;	/* Signal value.  */
+        } _rt;
+        struct {		/* SIGCHLD.  */
+            __pid_t si_pid;	/* Which child.  */
+            __uid_t si_uid;	/* Real user ID of sending process.  */
+            int si_status;	/* Exit value or signal.  */
+            __clock_t si_utime;
+            __clock_t si_stime;
+        } _sigchld;
+        struct {		/* SIGILL, SIGFPE, SIGSEGV, SIGBUS.  */
+            uintptr_t si_addr;	/* Faulting insn/memory ref.  */
+        } _sigfault;
+        struct {		/* SIGPOLL.  */
+            long int si_band;	/* Band event for SIGPOLL.  */
+            int si_fd;
+        } _sigpoll;
+    };
+} siginfo_t;
+EOS
+
+	def sys_ptrace(req, pid, addr, data)
+		data = str_ptr(data) if data.kind_of?(String)
+		addr = [addr].pack(@packint).unpack(@packint).first
+		data = [data].pack(@packint).unpack(@packint).first
+		Kernel.syscall(@host_syscallnr['ptrace'], req, pid, addr, data)
+	end
+
+	def traceme
+		sys_ptrace(COMMAND['TRACEME'], 0, 0, 0)
+	end
+
+	def peektext(addr)
+		sys_ptrace(COMMAND['PEEKTEXT'], @pid, addr, @bufptr)
+		@buf
+	end
+
+	def peekdata(addr)
+		sys_ptrace(COMMAND['PEEKDATA'], @pid, addr, @bufptr)
+		@buf
+	end
+
+	def peekusr(addr)
+		sys_ptrace(COMMAND['PEEKUSR'],  @pid, @host_intsize*addr, @bufptr)
+		bufval & ((1 << ([@host_intsize, @intsize].min*8)) - 1)
+	end
+
+	def poketext(addr, data)
+		sys_ptrace(COMMAND['POKETEXT'], @pid, addr, data.unpack(@packint).first)
+	end
+
+	def pokedata(addr, data)
+		sys_ptrace(COMMAND['POKEDATA'], @pid, addr, data.unpack(@packint).first)
+	end
+
+	def pokeusr(addr, data)
+		sys_ptrace(COMMAND['POKEUSR'],  @pid, @host_intsize*addr, data)
+	end
+
+	def getregs(buf=nil)
+		buf ||= [0].pack('C')*512
+		sys_ptrace(COMMAND['GETREGS'], @pid, 0, buf)
+		buf
+	end
+	def setregs(buf)
+		sys_ptrace(COMMAND['SETREGS'], @pid, 0, buf)
+	end
+
+	def getfpregs(buf=nil)
+		buf ||= [0].pack('C')*1024
+		sys_ptrace(COMMAND['GETFPREGS'], @pid, 0, buf)
+		buf
+	end
+	def setfpregs(buf)
+		sys_ptrace(COMMAND['SETFPREGS'], @pid, 0, buf)
+	end
+
+	def getfpxregs(buf=nil)
+		buf ||= [0].pack('C')*512
+		sys_ptrace(COMMAND['GETFPXREGS'], @pid, 0, buf)
+		buf
+	end
+	def setfpxregs(buf)
+		sys_ptrace(COMMAND['SETFPXREGS'], @pid, 0, buf)
+	end
+
+	def get_thread_area(addr)
+		sys_ptrace(COMMAND['GET_THREAD_AREA'],  @pid, addr, @bufptr)
+		bufval
+	end
+	def set_thread_area(addr, data)
+		sys_ptrace(COMMAND['SET_THREAD_AREA'],  @pid, addr, data)
+	end
+
+	def prctl(addr, data)
+		sys_ptrace(COMMAND['ARCH_PRCTL'], @pid, addr, data)
+	end
+	
+	def cont(sig = nil)
+		sig ||= 0
+		sys_ptrace(COMMAND['CONT'], @pid, 0, sig)
+	end
+
+	def kill
+		sys_ptrace(COMMAND['KILL'], @pid, 0, 0)
+	end
+
+	def singlestep(sig = nil)
+		sig ||= 0
+		sys_ptrace(COMMAND['SINGLESTEP'], @pid, 0, sig)
+	end
+
+	def singleblock(sig = nil)
+		sig ||= 0
+		sys_ptrace(COMMAND['SINGLEBLOCK'], @pid, 0, sig)
+	end
+
+	def syscall(sig = nil)
+		sig ||= 0
+		sys_ptrace(COMMAND['SYSCALL'], @pid, 0, sig)
+	end
+
+	def attach
+		sys_ptrace(COMMAND['ATTACH'], @pid, 0, 0)
+	end
+
+	def detach
+		sys_ptrace(COMMAND['DETACH'], @pid, 0, 0)
+	end
+
+	def setoptions(*opt)
+		opt = opt.inject(0) { |b, o| b |= o.kind_of?(Integer) ? o : OPTIONS[o] }
+		sys_ptrace(COMMAND['SETOPTIONS'], @pid, 0, opt)
+	end
+
+	# retrieve pid of cld for EVENT_CLONE/FORK, exitcode for EVENT_EXIT
+	def geteventmsg
+		sys_ptrace(COMMAND['GETEVENTMSG'], @pid, 0, @bufptr)
+		bufval
+	end
+
+	def getsiginfo
+		sys_ptrace(COMMAND['GETSIGINFO'], @pid, 0, @siginfo.str)
+		@siginfo
+	end
+
+	def setsiginfo(si=@siginfo)
+		si = si.str if si.respond_to?(:str)
+		sys_ptrace(COMMAND['SETSIGINFO'], @pid, 0, si)
+	end
+end
+
+class LinOS < OS
+	class Process < OS::Process
+		# returns/create a LinuxRemoteString
+		def memory
+			@memory ||= LinuxRemoteString.new(pid)
+		end
+		attr_writer :memory
+
+		def debugger
+			@debugger ||= LinDebugger.new(@pid)
+		end
+		attr_writer :debugger
+
+		# returns the list of loaded Modules, incl start address & path
+		# read from /proc/pid/maps
+		def modules
+			list = []
+			seen = {}
+			File.readlines("/proc/#{pid}/maps").each { |l|
+				# 08048000-08064000 r-xp 000000 08:01 4234 /usr/bin/true
+				l = l.split
+				next if l.length < 6 or seen[l[-1]]
+				seen[l[-1]] = true
+				m = Module.new
+				m.addr = l[0].to_i(16)
+				m.path = l[-1]
+				list << m
+			}
+			list
+		rescue
+			[]
+		end
+
+		# return a list of [addr_start, length, perms, file]
+		def mappings
+			list = []
+			File.readlines("/proc/#{pid}/maps").each { |l|
+				l = l.split
+				addrstart, addrend = l[0].split('-').map { |i| i.to_i 16 }
+				list << [addrstart, addrend-addrstart, l[1], l[5]]
+			}
+			list
+		rescue
+			[]
+		end
+
+		# returns a list of threads sharing this process address space
+		# read from /proc/pid/task/
+		def threads
+			Dir.entries("/proc/#{pid}/task/").grep(/^\d+$/).map { |tid| tid.to_i }
+	       	rescue
+			# TODO handle pthread stuff (eg 2.4 kernels)
+			[pid]
+		end
+
+		# return the invocation commandline, from /proc/pid/cmdline
+		# this is manipulable by the target itself
+		def cmdline
+			@cmdline ||= File.read("/proc/#{pid}/cmdline") rescue ''
+		end
+		attr_writer :cmdline
+
+		def path
+			cmdline.split(0.chr)[0]
+		end
+
+		# returns the address size of the process, based on its #cpu
+		def addrsz
+			cpu.size
+		end
+
+		# returns the CPU for the process, by reading /proc/pid/exe
+		def cpu
+			e = ELF.load_file("/proc/#{pid}/exe")
+			# dont decode shdr/phdr, this is 2x faster for repeated debugger spawn
+			e.decode_header(0, false, false)
+			e.cpu
+		end
+
+		def terminate
+			kill
+		end
+
+		def kill(signr=9)
+			::Process.kill(signr, @pid)
+		end
+	end
+
+class << self
+	# returns an array of Processes, with pid/module listing
+	def list_processes
+		Dir.entries('/proc').grep(/^\d+$/).map { |pid| Process.new(pid.to_i) }
+	end
+
+	# return a Process for the specified pid if it exists in /proc
+	def open_process(pid)
+		Process.new(pid) if check_process(pid)
+	end
+
+	def check_process(pid)
+		File.directory?("/proc/#{pid}")
+	end
+
+	# create a LinDebugger on the target pid/binary
+	def create_debugger(path)
+		LinDebugger.new(path)
+	end
+end	# class << self
+end
+
+class LinuxRemoteString < VirtualString
+	attr_accessor :pid, :readfd
+	attr_accessor :dbg
+
+	# returns a virtual string proxying the specified process memory range
+	# reads are cached (4096 aligned bytes read at once), from /proc/pid/mem
+	# writes are done directly by ptrace
+	def initialize(pid, addr_start=0, length=nil, dbg=nil)
+		@pid = pid
+		length ||= 1 << (dbg ? dbg.cpu.size : (LinOS.open_process(@pid).addrsz rescue 32))
+		@readfd = File.open("/proc/#@pid/mem", 'rb') rescue nil
+		@dbg = dbg if dbg
+		super(addr_start, length)
+	end
+
+	def dup(addr = @addr_start, len = @length)
+		self.class.new(@pid, addr, len, dbg)
+	end
+
+	def do_ptrace
+		if dbg
+			dbg.switch_context(@pid) {
+				# XXX tid ?
+				yield dbg.ptrace if dbg.state == :stopped
+			}
+		else
+			PTrace.open(@pid) { |ptrace| yield ptrace }
+		end
+	end
+
+	def rewrite_at(addr, data)
+		# target must be stopped
+		do_ptrace { |ptrace| ptrace.writemem(addr, data) }
+	end
+
+	def get_page(addr, len=@pagelength)
+		do_ptrace { |ptrace|
+			begin
+				if readfd and addr < (1<<63)
+					# 1<<63: ruby seek = 'too big to fit longlong', linux read = EINVAL
+					@readfd.pos = addr
+					@readfd.read len
+				elsif addr < (1<<(ptrace.host_intsize*8))
+					# can reach 1<<64 with peek_data only if ptrace accepts 64bit args
+					ptrace.readmem(addr, len)
+				end
+			rescue Errno::EIO, Errno::ESRCH
+				nil
+			end
+		}
+	end
+end
+
+module ::Process
+	WALL   = 0x40000000 if not defined? WALL
+	WCLONE = 0x80000000 if not defined? WCLONE
+end
+
+# this class implements a high-level API over the ptrace debugging primitives
+class LinDebugger < Debugger
+	# ptrace is per-process or per-thread ?
+	attr_accessor :ptrace, :continuesignal, :has_pax_mprotect, :target_syscall
+	attr_accessor :callback_syscall, :callback_branch, :callback_exec
+
+	def initialize(pidpath=nil)
+		super()
+		@pid_stuff_list << :has_pax_mprotect << :ptrace	<< :breaking << :os_process
+		@tid_stuff_list << :continuesignal << :saved_csig << :ctx << :target_syscall
+
+		# by default, break on all signals except SIGWINCH (terminal resize notification)
+		@pass_all_exceptions = lambda { |e| e[:signal] == 'WINCH' }
+
+		@callback_syscall = lambda { |i| log "syscall #{i[:syscall]}" }
+		@callback_exec = lambda { |i| log "execve #{os_process.path}" }
+
+		return if not pidpath
+
+		begin
+			pid = Integer(pidpath)
+			attach(pid)
+		rescue ArgumentError
+			create_process(pidpath)
+		end
+	end
+
+	def shortname; 'lindbg'; end
+
+	# attach to a running process and all its threads
+	def attach(pid, do_attach=:attach)
+		pt = PTrace.new(pid, do_attach)
+		set_context(pt.pid, pt.pid)	# swapout+init_newpid
+		log "attached #@pid"
+		list_threads.each { |tid| attach_thread(tid) if tid != @pid }
+	end
+
+	# create a process and debug it
+	def create_process(path)
+		pt = PTrace.new(path, :create)
+		# TODO save path, allow restart etc
+		set_context(pt.pid, pt.pid)	# swapout+init_newpid
+		log "attached #@pid"
+	end
+
+	def initialize_cpu
+		@cpu = os_process.cpu
+		# need to init @ptrace here, before init_dasm calls gui.swapin
+		@ptrace = PTrace.new(@pid, false)
+		if @cpu.size == 64 and @ptrace.reg_off['EAX']
+			hack_64_32
+		end
+		set_tid @pid
+		set_thread_options
+	end
+
+	def initialize_memory
+		@memory = os_process.memory = LinuxRemoteString.new(@pid, 0, nil, self)
+	end
+
+	def os_process
+		@os_process ||= LinOS.open_process(@pid)
+	end
+
+	def list_threads
+		os_process.threads
+	end
+
+	def list_processes
+		LinOS.list_processes
+	end
+
+	def check_pid(pid)
+		LinOS.check_process(pid)
+	end
+
+	def mappings
+		os_process.mappings
+	end
+
+	def modules
+		os_process.modules
+	end
+
+	# we're a 32bit process debugging a 64bit target
+	# the ptrace kernel interface we use only allow us a 32bit-like target access
+	# with this we advertize the cpu as having eax..edi registers (the only one we
+	# can access), while still decoding x64 instructions (whose addr < 4G)
+	def hack_64_32
+		log "WARNING: debugging a 64bit process from a 32bit debugger is a very bad idea !"
+		@cpu.instance_eval {
+			ia32 = Ia32.new
+			@dbg_register_pc = ia32.dbg_register_pc
+			@dbg_register_flags = ia32.dbg_register_flags
+			@dbg_register_list = ia32.dbg_register_list
+			@dbg_register_size = ia32.dbg_register_size
+		}
+	end
+
+	# attach a thread of the current process
+	def attach_thread(tid)
+		set_tid tid
+		@ptrace.pid = tid
+		@ptrace.attach
+		@state = :stopped	# no need to wait()
+		log "attached thread #{tid}"
+		set_thread_options
+	end
+
+	# set the debugee ptrace options (notify clone/exec/exit, and fork/vfork depending on @trace_children)
+	def set_thread_options
+		opts  = %w[TRACESYSGOOD TRACECLONE TRACEEXEC TRACEEXIT]
+		opts += %w[TRACEFORK TRACEVFORK TRACEVFORKDONE] if trace_children
+		@ptrace.pid = @tid
+		@ptrace.setoptions(*opts)
+	end
+
+	# update the current pid relative to tracing children (@trace_children only effects newly traced pid/tid)
+	def do_trace_children
+		each_tid { set_thread_options }
+	end
+
+	def invalidate
+		@ctx = nil
+		super()
+	end
+
+	# a hash of the current thread context
+	# TODO keys = :gpr, :fpu, :xmm, :dr ; val = AllocCStruct
+	# include accessors for st0/xmm12 (@ptrace.getfpregs.unpack etc)
+	def ctx
+		@ctx ||= {}
+	end
+
+	def get_reg_value(r)
+		raise "bad register #{r}" if not k = @ptrace.reg_off[r.to_s.upcase]
+		return ctx[r] || 0 if @state != :stopped
+		@ptrace.pid = @tid
+		ctx[r] ||= @ptrace.peekusr(k)
+	rescue Errno::ESRCH
+		0
+	end
+	def set_reg_value(r, v)
+		raise "bad register #{r}" if not k = @ptrace.reg_off[r.to_s.upcase]
+		ctx[r] = v
+		return if @state != :stopped
+		@ptrace.pid = @tid
+		@ptrace.pokeusr(k, v)
+	end
+
+	def update_waitpid(status)
+		invalidate
+		@continuesignal = 0
+		@state = :stopped	# allow get_reg (for eg pt_syscall)
+		info = { :status => status }
+		if status.exited?
+			info.update :exitcode => status.exitstatus
+			if @tid == @pid		# XXX
+				evt_endprocess info
+			else
+				evt_endthread info
+			end
+		elsif status.signaled?
+			info.update :signal => (PTrace::SIGNAL[status.termsig] || status.termsig)
+			if @tid == @pid
+				evt_endprocess info
+			else
+				evt_endthread info
+			end
+		elsif status.stopped?
+			sig = status.stopsig & 0x7f
+			signame = PTrace::SIGNAL[sig] 
+			if signame == 'TRAP'
+				if status.stopsig & 0x80 > 0
+					# XXX int80 in x64 => syscallnr32 ?
+					evt_syscall info.update(:syscall => @ptrace.syscallnr[get_reg_value(@ptrace.syscallreg)])
+
+				elsif (status >> 16) > 0
+					case o = PTrace::WAIT_EXTENDEDRESULT[status >> 16]
+					when 'EVENT_FORK', 'EVENT_VFORK'
+						# parent notification of a fork
+						# child receives STOP (may have already happened)
+						#cld = @ptrace.geteventmsg
+						resume_badbreak
+
+					when 'EVENT_CLONE'
+						#cld = @ptrace.geteventmsg
+						resume_badbreak
+
+					when 'EVENT_EXIT'
+						info.update :exitcode => @ptrace.geteventmsg
+						if @tid == @pid
+							evt_endprocess info
+						else
+							evt_endthread info
+						end
+
+					when 'EVENT_VFORKDONE'
+						resume_badbreak
+
+					when 'EVENT_EXEC'
+						evt_exec info
+					end
+
+				else
+					si = @ptrace.getsiginfo
+					case si.si_code
+					when PTrace::SIGINFO['BRKPT'],
+					     PTrace::SIGINFO['KERNEL']	# \xCC prefer KERNEL to BRKPT
+						evt_bpx
+					when PTrace::SIGINFO['TRACE']
+						evt_singlestep	# singlestep/singleblock
+					when PTrace::SIGINFO['BRANCH']
+						evt_branch	# XXX BTS?
+					when PTrace::SIGINFO['HWBKPT']
+						evt_hwbp
+					else
+						@saved_csig = @continuesignal = sig
+						info.update :signal => signame, :type => "SIG#{signame}"
+						evt_exception info
+					end
+				end
+
+			elsif signame == 'STOP' and @info == 'new'
+				# new thread break on creation (eg after fork + TRACEFORK)
+				if @pid == @tid
+					attach(@pid, false)
+					evt_newprocess info
+				else
+					evt_newthread info
+				end
+
+			elsif signame == 'STOP' and @breaking
+				@state = :stopped
+				@info = 'break'
+				@breaking = nil
+
+			else
+				@saved_csig = @continuesignal = sig
+				info.update :signal => signame, :type => "SIG#{signame}"
+				if signame == 'SEGV'
+					# need more data on access violation (for bpm)
+					info.update :type => 'access violation'
+					si = @ptrace.getsiginfo
+					access = case si.si_code
+						 when PTrace::SIGINFO['MAPERR']; :r	# XXX write access to unmapped => ?
+						 when PTrace::SIGINFO['ACCERR']; :w
+						 end
+					info.update :fault_addr => si.si_addr, :fault_access => access
+				end
+				evt_exception info
+			end
+		else
+			log "unknown wait status #{status.inspect}"
+			evt_exception info.update(:type => "unknown wait #{status.inspect}")
+		end
+	end
+	
+	def set_tid_findpid(tid)
+		return if tid == @tid
+		if tid != @pid and pr = list_processes.find { |p| p.threads.include? tid }
+			set_pid pr.pid
+		end
+		set_tid tid
+	end
+
+	def do_check_target
+		return unless t = ::Process.waitpid(-1, ::Process::WNOHANG | ::Process::WALL)
+		# XXX all threads may have stopped, wait them now ?
+		set_tid_findpid t
+		update_waitpid $?
+	rescue ::Errno::ECHILD
+	end
+
+	def do_wait_target
+		t = ::Process.waitpid(-1, ::Process::WALL)
+		set_tid_findpid t
+		update_waitpid $?
+	rescue ::Errno::ECHILD
+	end
+
+	def do_continue
+		@ptrace.pid = tid
+		@ptrace.cont(@continuesignal)
+	end
+
+	def do_singlestep(*a)
+		@ptrace.pid = tid
+		@ptrace.singlestep(@continuesignal)
+	end
+
+	# use the PT_SYSCALL to break on next syscall
+	# regexp allowed to wait a specific syscall
+	def syscall(arg=nil)
+		arg = nil if arg and arg.strip == ''
+		return if not check_pre_run(:syscall, arg)
+		@target_syscall = arg
+		@ptrace.pid = @tid
+		@ptrace.syscall(@continuesignal)
+	end
+
+	def syscall_wait(*a, &b)
+		syscall(*a, &b)
+		wait_target
+	end
+
+	# use the PT_SINGLEBLOCK to execute until the next branch
+	def singleblock
+		# record as singlestep to avoid evt_singlestep -> evt_exception
+		# step or block doesn't matter much here anyway
+		return if not check_pre_run(:singlestep)
+		@ptrace.pid = @tid
+		@ptrace.singleblock(@continuesignal)
+	end
+
+	def singleblock_wait(*a, &b)
+		singleblock(*a, &b)
+		wait_target
+	end
+
+	# woke up from a PT_SYSCALL
+	def evt_syscall(info={})
+		@state = :stopped
+		@info = "syscall #{info[:syscall]}"
+
+		callback_syscall[info] if callback_syscall
+
+		if @target_syscall and info[:syscall] !~ /^#@target_syscall$/i
+			resume_badbreak
+		else
+			@target_syscall = nil
+		end
+	end
+
+	# SIGTRAP + SIGINFO_TRAP_BRANCH = ?
+	def evt_branch(info={})
+		@state = :stopped
+		@info = "branch"
+
+		callback_branch[info] if callback_branch
+	end
+
+	# called during sys_execve in the new process
+	def evt_exec(info={})
+		@state = :stopped
+		@info = "#{info[:exec]} execve"
+
+		initialize_newpid
+		# XXX will receive a SIGTRAP, could hide it..
+
+		callback_exec[info] if callback_exec
+		# calling continue() here will loop back to TRAP+INFO_EXEC
+	end
+
+	def break
+		@breaking = true
+		kill 'STOP'
+	end
+
+	def kill(sig=nil)
+		return if not tid
+		# XXX tkill ?
+		::Process.kill(sig2signr(sig), tid)
+	rescue Errno::ESRCH
+	end
+
+	def pass_current_exception(bool=true)
+		if bool
+			@continuesignal = @saved_csig
+		else
+			@continuesignal = 0
+		end
+	end
+
+	def sig2signr(sig)
+		case sig
+		when nil, ''; 9
+		when Integer; sig
+		when String
+		       	sig = sig.upcase.sub(/^SIG_?/, '')
+			PTrace::SIGNAL[sig] || Integer(sig)
+		else raise "unhandled signal #{sig.inspect}"
+		end
+	end
+
+	# stop debugging the current process
+	def detach
+		del_all_breakpoints
+		each_tid {
+			@ptrace.pid = @tid
+			@ptrace.detach
+			@delete_thread = true
+		}
+		del_pid
+	end
+
+	def bpx(addr, *a, &b)
+		return hwbp(addr, :x, 1, *a, &b) if @has_pax_mprotect
+		super(addr, *a, &b)
+	end
+
+	# handles exceptions from PaX-style mprotect restrictions on bpx,
+	# transmute them to hwbp on the fly
+	def do_enable_bp(b)
+		super(b)
+	rescue ::Errno::EIO
+		if b.type == :bpx
+			@memory[b.address, 1]	# check if we can read
+			# didn't raise: it's a PaX-style config
+			@has_pax_mprotect = true
+			b.del
+			hwbp(b.address, :x, 1, b.oneshot, b.condition, &b.action)
+			log 'PaX: bpx->hwbp'
+		else raise
+		end
+	end
+
+	def ui_command_setup(ui)
+		ui.new_command('syscall', 'waits for the target to do a syscall using PT_SYSCALL') { |arg| ui.wrap_run { syscall arg } }
+		ui.keyboard_callback[:f6] = lambda { ui.wrap_run { syscall } }
+
+		ui.new_command('signal_cont', 'set/get the continue signal (0 == unset)') { |arg|
+			case arg.to_s.strip
+			when ''; log "#{@continuesignal} (#{PTrace::SIGNAL[@continuesignal]})"
+			else @continuesignal = sig2signr(arg)
+			end
+		}
+	end
+end
+end