RubyGems - metasm - Versions diffs - 1.0.0 - Mend

metasm 1.0.0

Files changed (192) hide show

data/BUGS +11 -0
data/CREDITS +17 -0
data/README +270 -0
data/TODO +114 -0
data/doc/code_organisation.txt +146 -0
data/doc/const_missing.txt +16 -0
data/doc/core_classes.txt +75 -0
data/doc/feature_list.txt +53 -0
data/doc/index.txt +59 -0
data/doc/install_notes.txt +170 -0
data/doc/style.css +3 -0
data/doc/use_cases.txt +18 -0
data/lib/metasm.rb +80 -0
data/lib/metasm/arm.rb +12 -0
data/lib/metasm/arm/debug.rb +39 -0
data/lib/metasm/arm/decode.rb +167 -0
data/lib/metasm/arm/encode.rb +77 -0
data/lib/metasm/arm/main.rb +75 -0
data/lib/metasm/arm/opcodes.rb +177 -0
data/lib/metasm/arm/parse.rb +130 -0
data/lib/metasm/arm/render.rb +55 -0
data/lib/metasm/compile_c.rb +1457 -0
data/lib/metasm/dalvik.rb +8 -0
data/lib/metasm/dalvik/decode.rb +196 -0
data/lib/metasm/dalvik/main.rb +60 -0
data/lib/metasm/dalvik/opcodes.rb +366 -0
data/lib/metasm/decode.rb +213 -0
data/lib/metasm/decompile.rb +2659 -0
data/lib/metasm/disassemble.rb +2068 -0
data/lib/metasm/disassemble_api.rb +1280 -0
data/lib/metasm/dynldr.rb +1329 -0
data/lib/metasm/encode.rb +333 -0
data/lib/metasm/exe_format/a_out.rb +194 -0
data/lib/metasm/exe_format/autoexe.rb +82 -0
data/lib/metasm/exe_format/bflt.rb +189 -0
data/lib/metasm/exe_format/coff.rb +455 -0
data/lib/metasm/exe_format/coff_decode.rb +901 -0
data/lib/metasm/exe_format/coff_encode.rb +1078 -0
data/lib/metasm/exe_format/dex.rb +457 -0
data/lib/metasm/exe_format/dol.rb +145 -0
data/lib/metasm/exe_format/elf.rb +923 -0
data/lib/metasm/exe_format/elf_decode.rb +979 -0
data/lib/metasm/exe_format/elf_encode.rb +1375 -0
data/lib/metasm/exe_format/macho.rb +827 -0
data/lib/metasm/exe_format/main.rb +228 -0
data/lib/metasm/exe_format/mz.rb +164 -0
data/lib/metasm/exe_format/nds.rb +172 -0
data/lib/metasm/exe_format/pe.rb +437 -0
data/lib/metasm/exe_format/serialstruct.rb +246 -0
data/lib/metasm/exe_format/shellcode.rb +114 -0
data/lib/metasm/exe_format/xcoff.rb +167 -0
data/lib/metasm/gui.rb +23 -0
data/lib/metasm/gui/cstruct.rb +373 -0
data/lib/metasm/gui/dasm_coverage.rb +199 -0
data/lib/metasm/gui/dasm_decomp.rb +369 -0
data/lib/metasm/gui/dasm_funcgraph.rb +103 -0
data/lib/metasm/gui/dasm_graph.rb +1354 -0
data/lib/metasm/gui/dasm_hex.rb +543 -0
data/lib/metasm/gui/dasm_listing.rb +599 -0
data/lib/metasm/gui/dasm_main.rb +906 -0
data/lib/metasm/gui/dasm_opcodes.rb +291 -0
data/lib/metasm/gui/debug.rb +1228 -0
data/lib/metasm/gui/gtk.rb +884 -0
data/lib/metasm/gui/qt.rb +495 -0
data/lib/metasm/gui/win32.rb +3004 -0
data/lib/metasm/gui/x11.rb +621 -0
data/lib/metasm/ia32.rb +14 -0
data/lib/metasm/ia32/compile_c.rb +1523 -0
data/lib/metasm/ia32/debug.rb +193 -0
data/lib/metasm/ia32/decode.rb +1167 -0
data/lib/metasm/ia32/decompile.rb +564 -0
data/lib/metasm/ia32/encode.rb +314 -0
data/lib/metasm/ia32/main.rb +233 -0
data/lib/metasm/ia32/opcodes.rb +872 -0
data/lib/metasm/ia32/parse.rb +327 -0
data/lib/metasm/ia32/render.rb +91 -0
data/lib/metasm/main.rb +1193 -0
data/lib/metasm/mips.rb +11 -0
data/lib/metasm/mips/compile_c.rb +7 -0
data/lib/metasm/mips/decode.rb +253 -0
data/lib/metasm/mips/encode.rb +51 -0
data/lib/metasm/mips/main.rb +72 -0
data/lib/metasm/mips/opcodes.rb +443 -0
data/lib/metasm/mips/parse.rb +51 -0
data/lib/metasm/mips/render.rb +43 -0
data/lib/metasm/os/gnu_exports.rb +270 -0
data/lib/metasm/os/linux.rb +1112 -0
data/lib/metasm/os/main.rb +1686 -0
data/lib/metasm/os/remote.rb +527 -0
data/lib/metasm/os/windows.rb +2027 -0
data/lib/metasm/os/windows_exports.rb +745 -0
data/lib/metasm/parse.rb +876 -0
data/lib/metasm/parse_c.rb +3938 -0
data/lib/metasm/pic16c/decode.rb +42 -0
data/lib/metasm/pic16c/main.rb +17 -0
data/lib/metasm/pic16c/opcodes.rb +68 -0
data/lib/metasm/ppc.rb +11 -0
data/lib/metasm/ppc/decode.rb +264 -0
data/lib/metasm/ppc/decompile.rb +251 -0
data/lib/metasm/ppc/encode.rb +51 -0
data/lib/metasm/ppc/main.rb +129 -0
data/lib/metasm/ppc/opcodes.rb +410 -0
data/lib/metasm/ppc/parse.rb +52 -0
data/lib/metasm/preprocessor.rb +1277 -0
data/lib/metasm/render.rb +130 -0
data/lib/metasm/sh4.rb +8 -0
data/lib/metasm/sh4/decode.rb +336 -0
data/lib/metasm/sh4/main.rb +292 -0
data/lib/metasm/sh4/opcodes.rb +381 -0
data/lib/metasm/x86_64.rb +12 -0
data/lib/metasm/x86_64/compile_c.rb +1025 -0
data/lib/metasm/x86_64/debug.rb +59 -0
data/lib/metasm/x86_64/decode.rb +268 -0
data/lib/metasm/x86_64/encode.rb +264 -0
data/lib/metasm/x86_64/main.rb +135 -0
data/lib/metasm/x86_64/opcodes.rb +118 -0
data/lib/metasm/x86_64/parse.rb +68 -0
data/misc/bottleneck.rb +61 -0
data/misc/cheader-findpppath.rb +58 -0
data/misc/hexdiff.rb +74 -0
data/misc/hexdump.rb +55 -0
data/misc/metasm-all.rb +13 -0
data/misc/objdiff.rb +47 -0
data/misc/objscan.rb +40 -0
data/misc/pdfparse.rb +661 -0
data/misc/ppc_pdf2oplist.rb +192 -0
data/misc/tcp_proxy_hex.rb +84 -0
data/misc/txt2html.rb +440 -0
data/samples/a.out.rb +31 -0
data/samples/asmsyntax.rb +77 -0
data/samples/bindiff.rb +555 -0
data/samples/compilation-steps.rb +49 -0
data/samples/cparser_makestackoffset.rb +55 -0
data/samples/dasm-backtrack.rb +38 -0
data/samples/dasmnavig.rb +318 -0
data/samples/dbg-apihook.rb +228 -0
data/samples/dbghelp.rb +143 -0
data/samples/disassemble-gui.rb +102 -0
data/samples/disassemble.rb +133 -0
data/samples/dump_upx.rb +95 -0
data/samples/dynamic_ruby.rb +1929 -0
data/samples/elf_list_needed.rb +46 -0
data/samples/elf_listexports.rb +33 -0
data/samples/elfencode.rb +25 -0
data/samples/exeencode.rb +128 -0
data/samples/factorize-headers-elfimports.rb +77 -0
data/samples/factorize-headers-peimports.rb +109 -0
data/samples/factorize-headers.rb +43 -0
data/samples/gdbclient.rb +583 -0
data/samples/generate_libsigs.rb +102 -0
data/samples/hotfix_gtk_dbg.rb +59 -0
data/samples/install_win_env.rb +78 -0
data/samples/lindebug.rb +924 -0
data/samples/linux_injectsyscall.rb +95 -0
data/samples/machoencode.rb +31 -0
data/samples/metasm-shell.rb +91 -0
data/samples/pe-hook.rb +69 -0
data/samples/pe-ia32-cpuid.rb +203 -0
data/samples/pe-mips.rb +35 -0
data/samples/pe-shutdown.rb +78 -0
data/samples/pe-testrelocs.rb +51 -0
data/samples/pe-testrsrc.rb +24 -0
data/samples/pe_listexports.rb +31 -0
data/samples/peencode.rb +19 -0
data/samples/peldr.rb +494 -0
data/samples/preprocess-flatten.rb +19 -0
data/samples/r0trace.rb +308 -0
data/samples/rubstop.rb +399 -0
data/samples/scan_pt_gnu_stack.rb +54 -0
data/samples/scanpeexports.rb +62 -0
data/samples/shellcode-c.rb +40 -0
data/samples/shellcode-dynlink.rb +146 -0
data/samples/source.asm +34 -0
data/samples/struct_offset.rb +47 -0
data/samples/testpe.rb +32 -0
data/samples/testraw.rb +45 -0
data/samples/win32genloader.rb +132 -0
data/samples/win32hooker-advanced.rb +169 -0
data/samples/win32hooker.rb +96 -0
data/samples/win32livedasm.rb +33 -0
data/samples/win32remotescan.rb +133 -0
data/samples/wintrace.rb +92 -0
data/tests/all.rb +8 -0
data/tests/dasm.rb +39 -0
data/tests/dynldr.rb +35 -0
data/tests/encodeddata.rb +132 -0
data/tests/ia32.rb +82 -0
data/tests/mips.rb +116 -0
data/tests/parse_c.rb +239 -0
data/tests/preprocessor.rb +269 -0
data/tests/x86_64.rb +62 -0
metadata +255 -0

@@ -0,0 +1,527 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+require 'metasm/os/main'
+require 'socket'
+module Metasm
+# lowlevel interface to the gdbserver protocol
+class GdbClient
+	GDBREGS_IA32 = %w[eax ecx edx ebx esp ebp esi edi eip eflags cs ss ds es fs gs].map { |r| r.to_sym }	# XXX [77] = 'orig_eax'
+	GDBREGS_X64 = %w[rax rbx rcx rdx rsi rdi rbp rsp r8 r9 r10 r11 r12 r13 r14 r15 rip rflags cs ss ds es fs gs].map { |r| r.to_sym }
+	# compute the hex checksum used in gdb protocol
+	def gdb_csum(buf)
+		'%02x' % (buf.unpack('C*').inject(0) { |cs, c| cs + c } & 0xff)
+	end
+	# send the buffer, waits ack
+	# return true on success
+	def gdb_send(cmd, buf='')
+		buf = cmd + buf
+		buf = '$' << buf << '#' << gdb_csum(buf)
+		5.times {
+			@io.write buf
+			loop do
+				break if not IO.select([@io], nil, nil, 0.2)
+				raise Errno::EPIPE if not ack = @io.read(1)
+				case ack
+				when '+'
+					return true
+				when '-'
+					puts "gdb_send: ack neg" if $DEBUG
+					break
+				when nil
+					return
+				end
+			end
+		}
+		log "send error #{cmd.inspect} (no ack)"
+		false
+	end
+	def quiet_during
+		pq = quiet
+		@quiet = true
+		yield
+	ensure
+		@quiet = pq
+	end
+	# return buf, or nil on error / csum error
+	# waits IO.select(timeout) between each char
+	# outstr is used internally only to handle multiline output string
+	def gdb_readresp(timeout=nil, outstr=nil)
+		@recv_ctx ||= {}
+		@recv_ctx[:state] ||= :nosync
+		buf = nil
+		while @recv_ctx
+			return unless IO.select([@io], nil, nil, timeout)
+			raise Errno::EPIPE if not c = @io.read(1)
+			case @recv_ctx[:state]
+			when :nosync
+				if c == '$'
+					@recv_ctx[:state] = :data
+					@recv_ctx[:buf] = ''
+				end
+			when :data
+				if c == '#'
+					@recv_ctx[:state] = :csum1
+					@recv_ctx[:cs] = ''
+				else
+					@recv_ctx[:buf] << c
+				end
+			when :csum1
+				@recv_ctx[:cs] << c
+				@recv_ctx[:state] = :csum2
+			when :csum2
+				cs = @recv_ctx[:cs] << c
+				buf = @recv_ctx[:buf]
+				@recv_ctx = nil
+				if cs.downcase == gdb_csum(buf).downcase
+					@io.write '+'
+				else
+					log "transmit error"
+					@io.write '-'
+					return
+				end
+			end
+		end
+		case buf
+		when /^E(..)$/
+			e = $1.to_i(16)
+			log "error #{e} (#{PTrace::ERRNO.index(e)})"
+			return
+		when /^O([0-9a-fA-F]*)$/
+			if not outstr
+				first = true
+				outstr = ''
+			end
+			outstr << unhex($1)
+			ret = gdb_readresp(timeout, outstr)
+			outstr.split("\n").each { |e| log 'gdb: ' + e } if first
+			return ret
+		end
+		puts "gdb_readresp: got #{buf[0, 64].inspect}#{'...' if buf.length > 64}" if $DEBUG
+		buf
+	end
+	def gdb_msg(*a)
+		gdb_readresp if gdb_send(*a)
+	end
+	# rle: build the regexp that will match repetitions of a character, skipping counts leading to invalid char
+	rng = [3..(125-29)]
+	[?+, ?-, ?#, ?$].sort.each { |invalid|
+		invalid = invalid.unpack('C').first if invalid.kind_of? String
+		invalid -= 29
+		rng.each_with_index { |r, i|
+			if r.include? invalid
+				replace = [r.begin..invalid-1, invalid+1..r.end]
+				replace.delete_if { |r_| r_.begin > r_.end }
+				rng[i, 1] = replace
+			end
+		}
+	}
+	repet = rng.reverse.map { |r| "\\1{#{r.begin},#{r.end}}" }.join('|')
+	RLE_RE = /(.)(#{repet})/m
+	# rle-compress a buffer
+	# a character followed by '*' followed by 'x' is asc(x)-28 repetitions of the char
+	# eg '0* ' => '0' * (asc(' ') - 28) = '0000'
+	# for the count character, it must be 32 <= char < 126 and not be '+' '-' '#' or '$'
+	def rle(buf)
+		buf.gsub(RLE_RE) {
+			chr, len = $1, $2.length+1
+			chr + '*' + (len+28).chr
+		}
+	end
+	# decompress rle-encoded data
+	def unrle(buf) buf.gsub(/(.)\*(.)/) { $1 * ($2.unpack('C').first-28) } end
+	# send an integer as a long hex packed with leading 0 stripped
+	def hexl(int) @pack_netint[[int]].unpack('H*').first.sub(/^0+(.)/, '\\1') end
+	# send a binary buffer as a rle hex-encoded
+	def hex(buf) buf.unpack('H*').first end
+	# decode an rle hex-encoded buffer
+	def unhex(buf)
+		buf = buf[/^[a-fA-F0-9]*/]
+		buf = '0' + buf if buf.length & 1 == 1
+		[buf].pack('H*')
+	end
+	# retrieve remote regs
+	def read_regs
+		if buf = gdb_msg('g')
+			regs = unhex(unrle(buf))
+			p @unpack_int[regs].map { |v| '%x' % v } if $DEBUG
+			if regs.length < @regmsgsize
+				# retry once, was probably a response to something else
+				puts "bad regs size!" if $DEBUG
+				buf = gdb_msg('g')
+				regs = unhex(unrle(buf)) if buf
+				if not buf or regs.length < @regmsgsize
+					raise "regs buffer recv is too short !"
+				end
+			end
+			Hash[*@gdbregs.zip(@unpack_int[regs]).flatten]
+		end
+	end
+	# send the reg values
+	def send_regs(r = {})
+		return if r.empty?
+		regs = r.values_at(*@gdbregs)
+		gdb_msg('G', hex(@pack_int[regs]))
+	end
+	# read memory (small blocks prefered)
+	def getmem(addr, len)
+		return '' if len == 0
+		if mem = quiet_during { gdb_msg('m', hexl(addr) << ',' << hexl(len)) } and mem != ''
+			unhex(unrle(mem))
+		end
+	end
+	# write memory (small blocks prefered)
+	def setmem(addr, data)
+		len = data.length
+		return if len == 0
+		raise 'writemem error' if not gdb_msg('M', hexl(addr) << ',' << hexl(len) << ':' << rle(hex(data)))
+	end
+	def continue
+		gdb_send('c')
+	end
+	def singlestep
+		gdb_send('s')
+	end
+	def break
+		@io.write("\3")
+	end
+	def kill
+		gdb_send('k')
+	end
+	def detach
+		gdb_send('D')
+	end
+	# monitor, aka remote command
+	def rcmd(cmd)
+		gdb_msg('qRcmd,' + hex(cmd))
+	end
+	attr_accessor :io, :cpu, :gdbregs
+	def initialize(io, cpu='Ia32')
+		cpu = Metasm.const_get(cpu).new if cpu.kind_of? String
+		raise 'unknown cpu' if not cpu.kind_of? CPU
+		setup_arch(cpu)
+		@cpu = cpu
+		case io
+		when IO; @io = io
+		when /^udp:(.*):(.*?)$/i; @io = UDPSocket.new ; @io.connect($1, $2)
+		when /^(?:tcp:)?(.*):(.*?)$/i; @io = TCPSocket.open($1, $2)	# XXX matches C:\fail
+		# TODO pipe, serial port, etc ; also check ipv6
+		else raise "unknown target #{io.inspect}"
+		end
+		gdb_setup
+	end
+	def gdb_setup
+		gdb_msg('q', 'Supported')
+		#gdb_msg('Hc', '-1')
+		#gdb_msg('qC')
+		if not gdb_msg('?')
+			log "nobody on the line, waiting for someone to wake up"
+			IO.select([@io], nil, nil, nil)
+			log "who's there ?"
+		end
+	end
+	def set_hwbp(type, addr, len=1, set=true)
+		set = (set ? 'Z' : 'z')
+		type = { 'r' => '3', 'w' => '2', 'x' => '1', 's' => '0' }[type.to_s] || raise("invalid bp type #{type.inspect}")
+		gdb_msg(set, type << ',' << hexl(addr) << ',' << hexl(len))
+		true
+	end
+	def unset_hwbp(type, addr, len=1)
+		set_hwbp(type, addr, len, false)
+	end
+	# use qSymbol to retrieve a symbol value (uint)
+	def request_symbol(name)
+		resp = gdb_msg('qSymbol:', hex(name))
+		if resp and a = resp.split(':')[1]
+			@unpack_netint[unhex(a)].first
+		end
+	end
+	def check_target(timeout=0)
+		return if not msg = gdb_readresp(timeout)
+		case msg[0]
+		when ?S
+			sig = unhex(msg[1, 2]).unpack('C').first
+			{ :state => :stopped, :info => "signal #{sig} #{PTrace::SIGNAL[sig]}" }
+		when ?T
+			sig = unhex(msg[1, 2]).unpack('C').first
+			ret = { :state => :stopped, :info => "signal #{sig} #{PTrace::SIGNAL[sig]}" }
+			ret.update msg[3..-1].split(';').inject({}) { |h, s| k, v = s.split(':', 2) ; h.update k => (v || true) }	# 'thread' -> pid
+		when ?W
+			code = unhex(msg[1, 2]).unpack('C').first
+			{ :state => :dead, :info => "exited with code #{code}" }
+		when ?X
+			sig = unhex(msg[1, 2]).unpack('C').first
+			{ :state => :dead, :info => "signal #{sig} #{PTrace::SIGNAL[sig]}" }
+		else
+			log "check_target: unhandled #{msg.inspect}"
+			{ :state => :unknown }
+		end
+	end
+	attr_accessor :logger, :quiet
+	def log(s)
+		return if quiet
+		@logger ||= $stdout
+		@logger.puts s
+	end
+	# setup the various function used to pack ints & the reg list
+	# according to a target CPU
+	def setup_arch(cpu)
+		case cpu.shortname
+		when 'ia32'
+			@gdbregs = GDBREGS_IA32
+			@regmsgsize = 4 * @gdbregs.length
+		when 'x64'
+			@gdbregs = GDBREGS_X64
+			@regmsgsize = 8 * @gdbregs.length
+		when 'arm'
+			@gdbregs = cpu.dbg_register_list
+			@regmsgsize = 4 * @gdbregs.length
+		else
+			# we can still use readmem/kill and other generic commands
+			# XXX serverside setregs may fail if we give an incorrect regbuf size
+			puts "unsupported GdbServer CPU #{cpu.shortname}"
+			@gdbregs = [*0..32].map { |i| "r#{i}".to_sym }
+			@regmsgsize = 0
+		end
+		# yay life !
+		# do as if cpu is littleendian, fixup at the end
+		case cpu.size
+		when 16
+			@pack_netint   = lambda { |i| i.pack('n*') }
+			@unpack_netint = lambda { |s| s.unpack('n*') }
+			@pack_int   = lambda { |i| i.pack('v*') }
+			@unpack_int = lambda { |s| s.unpack('v*') }
+		when 32
+			@pack_netint   = lambda { |i| i.pack('N*') }
+			@unpack_netint = lambda { |s| s.unpack('N*') }
+			@pack_int   = lambda { |i| i.pack('V*') }
+			@unpack_int = lambda { |s| s.unpack('V*') }
+		when 64
+			bswap = lambda { |s| s.scan(/.{8}/m).map { |ss| ss.reverse }.join }
+			@pack_netint   = lambda { |i| i.pack('Q*') }
+			@unpack_netint = lambda { |s| s.unpack('Q*') }
+			@pack_int   = lambda { |i| bswap[i.pack('Q*')] }
+			@unpack_int = lambda { |s| bswap[s].unpack('Q*') }
+			if [1].pack('Q')[0] == ?\1	# ruby interpreter littleendian
+				@pack_netint, @pack_int = @pack_int, @pack_netint
+				@unpack_netint, @unpack_int = @unpack_int, @unpack_netint
+			end
+		else raise "GdbServer: unsupported cpu size #{cpu.size}"
+		end
+		# if target cpu is bigendian, use netint everywhere
+		if cpu.endianness == :big
+			@pack_int   = @pack_netint
+			@unpack_int = @unpack_netint
+		end
+	end
+end
+# virtual string to access the remote process memory
+class GdbRemoteString < VirtualString
+	attr_accessor :gdb
+	def initialize(gdb, addr_start=0, length=nil)
+		@gdb = gdb
+		length ||= 1 << (@gdb.cpu.size rescue 32)
+		@pagelength = 512
+		super(addr_start, length)
+	end
+	def dup(addr=@addr_start, len=@length)
+		self.class.new(@gdb, addr, len)
+	end
+	def rewrite_at(addr, data)
+		len = data.length
+		off = 0
+		while len > @pagelength
+			@gdb.setmem(addr+off, data[off, @pagelength])
+			off += @pagelength
+			len -= @pagelength
+		end
+		@gdb.setmem(addr+off, data[off, len])
+	end
+	def get_page(addr, len=@pagelength)
+		@gdb.getmem(addr, len)
+	end
+end
+# this class implements a high-level API using the gdb-server network debugging protocol
+class GdbRemoteDebugger < Debugger
+	attr_accessor :gdb, :check_target_timeout
+	def initialize(url, cpu='Ia32')
+		@gdb = GdbClient.new(url, cpu)
+		@gdb.logger = self
+		@cpu = @gdb.cpu
+		@memory = GdbRemoteString.new(@gdb)
+		@reg_val_cache = {}
+		@regs_dirty = false
+		# when checking target, if no message seen since this much seconds, send a 'status' query
+		@check_target_timeout = 1
+		super()
+	end
+	def invalidate
+		sync_regs
+		@reg_val_cache.clear
+		super()
+	end
+	def get_reg_value(r)
+		return @reg_val_cache[r] || 0 if @state != :stopped
+		sync_regs
+		@reg_val_cache = @gdb.read_regs || {} if @reg_val_cache.empty?
+		@reg_val_cache[r] || 0
+	end
+	def set_reg_value(r, v)
+		@reg_val_cache[r] = v
+		@regs_dirty = true
+	end
+	def sync_regs
+		@gdb.send_regs(@reg_val_cache) if @regs_dirty and not @reg_val_cache.empty?
+		@regs_dirty = false
+	end
+	def do_check_target
+		return if @state == :dead
+		t = Time.now
+		@last_check_target ||= t
+		if @state == :running and t - @last_check_target > @check_target_timeout
+			@gdb.io.write '$?#' << @gdb.gdb_csum('?')
+			@last_check_target = t
+		end
+		return unless i = @gdb.check_target(0.01)
+		invalidate if i[:state] == :stopped and @state != :stopped
+		@state, @info = i[:state], i[:info]
+		@info = nil if @info =~ /TRAP/
+	end
+	def do_wait_target
+		return unless i = @gdb.check_target(nil)
+		invalidate if i[:state] == :stopped and @state != :stopped
+		@state, @info = i[:state], i[:info]
+		@info = nil if @info =~ /TRAP/
+	end
+	def do_continue(*a)
+		return if @state != :stopped
+		@state = :running
+		@info = 'continue'
+		@gdb.continue
+		@last_check_target = Time.now
+	end
+	def do_singlestep(*a)
+		return if @state != :stopped
+		@state = :running
+		@info = 'singlestep'
+		@gdb.singlestep
+		@last_check_target = Time.now
+	end
+	def break
+		@gdb.break
+	end
+	def kill(sig=nil)
+		# TODO signal nr
+		@gdb.kill
+		@state = :dead
+		@info = 'killed'
+	end
+	def detach
+		super()	# remove breakpoints & stuff
+		@gdb.detach
+		@state = :dead
+		@info = 'detached'
+	end
+	# set to true to use the gdb msg to handle bpx, false to set 0xcc ourself
+	attr_accessor :gdb_bpx
+	def enable_bp(addr)
+		return if not b = @breakpoint[addr]
+		b.state = :active
+		case b.type
+		when :bpx
+			if gdb_bpx
+				@gdb.set_hwbp('s', addr, 1)
+			else
+				@cpu.dbg_enable_bp(self, addr, b)
+			end
+		when :hw
+			@gdb.set_hwbp(b.mtype, addr, b.mlen)
+		end
+	end
+	def disable_bp(addr)
+		return if not b = @breakpoint[addr]
+		b.state = :inactive
+		case b.type
+		when :bpx
+			if gdb_bpx
+				@gdb.unset_hwbp('s', addr, 1)
+			else
+				@cpu.dbg_disable_bp(self, addr, b)
+			end
+		when :hw
+			@gdb.unset_hwbp(b.mtype, addr, b.mlen)
+		end
+	end
+	def check_pre_run(*a)
+		sync_regs
+		super(*a)
+	end
+	def loadallsyms
+		puts 'loadallsyms unsupported'
+	end
+	def ui_command_setup(ui)
+		ui.new_command('monitor', 'send a remote command to run on the target') { |arg| @gdb.rcmd(arg) }
+	end
+end
+end