RubyGems - metasm - Versions diffs - 1.0.0 - Mend

metasm 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (192) hide show

data/BUGS +11 -0
data/CREDITS +17 -0
data/README +270 -0
data/TODO +114 -0
data/doc/code_organisation.txt +146 -0
data/doc/const_missing.txt +16 -0
data/doc/core_classes.txt +75 -0
data/doc/feature_list.txt +53 -0
data/doc/index.txt +59 -0
data/doc/install_notes.txt +170 -0
data/doc/style.css +3 -0
data/doc/use_cases.txt +18 -0
data/lib/metasm.rb +80 -0
data/lib/metasm/arm.rb +12 -0
data/lib/metasm/arm/debug.rb +39 -0
data/lib/metasm/arm/decode.rb +167 -0
data/lib/metasm/arm/encode.rb +77 -0
data/lib/metasm/arm/main.rb +75 -0
data/lib/metasm/arm/opcodes.rb +177 -0
data/lib/metasm/arm/parse.rb +130 -0
data/lib/metasm/arm/render.rb +55 -0
data/lib/metasm/compile_c.rb +1457 -0
data/lib/metasm/dalvik.rb +8 -0
data/lib/metasm/dalvik/decode.rb +196 -0
data/lib/metasm/dalvik/main.rb +60 -0
data/lib/metasm/dalvik/opcodes.rb +366 -0
data/lib/metasm/decode.rb +213 -0
data/lib/metasm/decompile.rb +2659 -0
data/lib/metasm/disassemble.rb +2068 -0
data/lib/metasm/disassemble_api.rb +1280 -0
data/lib/metasm/dynldr.rb +1329 -0
data/lib/metasm/encode.rb +333 -0
data/lib/metasm/exe_format/a_out.rb +194 -0
data/lib/metasm/exe_format/autoexe.rb +82 -0
data/lib/metasm/exe_format/bflt.rb +189 -0
data/lib/metasm/exe_format/coff.rb +455 -0
data/lib/metasm/exe_format/coff_decode.rb +901 -0
data/lib/metasm/exe_format/coff_encode.rb +1078 -0
data/lib/metasm/exe_format/dex.rb +457 -0
data/lib/metasm/exe_format/dol.rb +145 -0
data/lib/metasm/exe_format/elf.rb +923 -0
data/lib/metasm/exe_format/elf_decode.rb +979 -0
data/lib/metasm/exe_format/elf_encode.rb +1375 -0
data/lib/metasm/exe_format/macho.rb +827 -0
data/lib/metasm/exe_format/main.rb +228 -0
data/lib/metasm/exe_format/mz.rb +164 -0
data/lib/metasm/exe_format/nds.rb +172 -0
data/lib/metasm/exe_format/pe.rb +437 -0
data/lib/metasm/exe_format/serialstruct.rb +246 -0
data/lib/metasm/exe_format/shellcode.rb +114 -0
data/lib/metasm/exe_format/xcoff.rb +167 -0
data/lib/metasm/gui.rb +23 -0
data/lib/metasm/gui/cstruct.rb +373 -0
data/lib/metasm/gui/dasm_coverage.rb +199 -0
data/lib/metasm/gui/dasm_decomp.rb +369 -0
data/lib/metasm/gui/dasm_funcgraph.rb +103 -0
data/lib/metasm/gui/dasm_graph.rb +1354 -0
data/lib/metasm/gui/dasm_hex.rb +543 -0
data/lib/metasm/gui/dasm_listing.rb +599 -0
data/lib/metasm/gui/dasm_main.rb +906 -0
data/lib/metasm/gui/dasm_opcodes.rb +291 -0
data/lib/metasm/gui/debug.rb +1228 -0
data/lib/metasm/gui/gtk.rb +884 -0
data/lib/metasm/gui/qt.rb +495 -0
data/lib/metasm/gui/win32.rb +3004 -0
data/lib/metasm/gui/x11.rb +621 -0
data/lib/metasm/ia32.rb +14 -0
data/lib/metasm/ia32/compile_c.rb +1523 -0
data/lib/metasm/ia32/debug.rb +193 -0
data/lib/metasm/ia32/decode.rb +1167 -0
data/lib/metasm/ia32/decompile.rb +564 -0
data/lib/metasm/ia32/encode.rb +314 -0
data/lib/metasm/ia32/main.rb +233 -0
data/lib/metasm/ia32/opcodes.rb +872 -0
data/lib/metasm/ia32/parse.rb +327 -0
data/lib/metasm/ia32/render.rb +91 -0
data/lib/metasm/main.rb +1193 -0
data/lib/metasm/mips.rb +11 -0
data/lib/metasm/mips/compile_c.rb +7 -0
data/lib/metasm/mips/decode.rb +253 -0
data/lib/metasm/mips/encode.rb +51 -0
data/lib/metasm/mips/main.rb +72 -0
data/lib/metasm/mips/opcodes.rb +443 -0
data/lib/metasm/mips/parse.rb +51 -0
data/lib/metasm/mips/render.rb +43 -0
data/lib/metasm/os/gnu_exports.rb +270 -0
data/lib/metasm/os/linux.rb +1112 -0
data/lib/metasm/os/main.rb +1686 -0
data/lib/metasm/os/remote.rb +527 -0
data/lib/metasm/os/windows.rb +2027 -0
data/lib/metasm/os/windows_exports.rb +745 -0
data/lib/metasm/parse.rb +876 -0
data/lib/metasm/parse_c.rb +3938 -0
data/lib/metasm/pic16c/decode.rb +42 -0
data/lib/metasm/pic16c/main.rb +17 -0
data/lib/metasm/pic16c/opcodes.rb +68 -0
data/lib/metasm/ppc.rb +11 -0
data/lib/metasm/ppc/decode.rb +264 -0
data/lib/metasm/ppc/decompile.rb +251 -0
data/lib/metasm/ppc/encode.rb +51 -0
data/lib/metasm/ppc/main.rb +129 -0
data/lib/metasm/ppc/opcodes.rb +410 -0
data/lib/metasm/ppc/parse.rb +52 -0
data/lib/metasm/preprocessor.rb +1277 -0
data/lib/metasm/render.rb +130 -0
data/lib/metasm/sh4.rb +8 -0
data/lib/metasm/sh4/decode.rb +336 -0
data/lib/metasm/sh4/main.rb +292 -0
data/lib/metasm/sh4/opcodes.rb +381 -0
data/lib/metasm/x86_64.rb +12 -0
data/lib/metasm/x86_64/compile_c.rb +1025 -0
data/lib/metasm/x86_64/debug.rb +59 -0
data/lib/metasm/x86_64/decode.rb +268 -0
data/lib/metasm/x86_64/encode.rb +264 -0
data/lib/metasm/x86_64/main.rb +135 -0
data/lib/metasm/x86_64/opcodes.rb +118 -0
data/lib/metasm/x86_64/parse.rb +68 -0
data/misc/bottleneck.rb +61 -0
data/misc/cheader-findpppath.rb +58 -0
data/misc/hexdiff.rb +74 -0
data/misc/hexdump.rb +55 -0
data/misc/metasm-all.rb +13 -0
data/misc/objdiff.rb +47 -0
data/misc/objscan.rb +40 -0
data/misc/pdfparse.rb +661 -0
data/misc/ppc_pdf2oplist.rb +192 -0
data/misc/tcp_proxy_hex.rb +84 -0
data/misc/txt2html.rb +440 -0
data/samples/a.out.rb +31 -0
data/samples/asmsyntax.rb +77 -0
data/samples/bindiff.rb +555 -0
data/samples/compilation-steps.rb +49 -0
data/samples/cparser_makestackoffset.rb +55 -0
data/samples/dasm-backtrack.rb +38 -0
data/samples/dasmnavig.rb +318 -0
data/samples/dbg-apihook.rb +228 -0
data/samples/dbghelp.rb +143 -0
data/samples/disassemble-gui.rb +102 -0
data/samples/disassemble.rb +133 -0
data/samples/dump_upx.rb +95 -0
data/samples/dynamic_ruby.rb +1929 -0
data/samples/elf_list_needed.rb +46 -0
data/samples/elf_listexports.rb +33 -0
data/samples/elfencode.rb +25 -0
data/samples/exeencode.rb +128 -0
data/samples/factorize-headers-elfimports.rb +77 -0
data/samples/factorize-headers-peimports.rb +109 -0
data/samples/factorize-headers.rb +43 -0
data/samples/gdbclient.rb +583 -0
data/samples/generate_libsigs.rb +102 -0
data/samples/hotfix_gtk_dbg.rb +59 -0
data/samples/install_win_env.rb +78 -0
data/samples/lindebug.rb +924 -0
data/samples/linux_injectsyscall.rb +95 -0
data/samples/machoencode.rb +31 -0
data/samples/metasm-shell.rb +91 -0
data/samples/pe-hook.rb +69 -0
data/samples/pe-ia32-cpuid.rb +203 -0
data/samples/pe-mips.rb +35 -0
data/samples/pe-shutdown.rb +78 -0
data/samples/pe-testrelocs.rb +51 -0
data/samples/pe-testrsrc.rb +24 -0
data/samples/pe_listexports.rb +31 -0
data/samples/peencode.rb +19 -0
data/samples/peldr.rb +494 -0
data/samples/preprocess-flatten.rb +19 -0
data/samples/r0trace.rb +308 -0
data/samples/rubstop.rb +399 -0
data/samples/scan_pt_gnu_stack.rb +54 -0
data/samples/scanpeexports.rb +62 -0
data/samples/shellcode-c.rb +40 -0
data/samples/shellcode-dynlink.rb +146 -0
data/samples/source.asm +34 -0
data/samples/struct_offset.rb +47 -0
data/samples/testpe.rb +32 -0
data/samples/testraw.rb +45 -0
data/samples/win32genloader.rb +132 -0
data/samples/win32hooker-advanced.rb +169 -0
data/samples/win32hooker.rb +96 -0
data/samples/win32livedasm.rb +33 -0
data/samples/win32remotescan.rb +133 -0
data/samples/wintrace.rb +92 -0
data/tests/all.rb +8 -0
data/tests/dasm.rb +39 -0
data/tests/dynldr.rb +35 -0
data/tests/encodeddata.rb +132 -0
data/tests/ia32.rb +82 -0
data/tests/mips.rb +116 -0
data/tests/parse_c.rb +239 -0
data/tests/preprocessor.rb +269 -0
data/tests/x86_64.rb +62 -0
metadata +255 -0

data/lib/metasm/os/remote.rb ADDED

@@ -0,0 +1,527 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2009 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+require 'metasm/os/main'
+require 'socket'
+module Metasm
+# lowlevel interface to the gdbserver protocol
+class GdbClient
+	GDBREGS_IA32 = %w[eax ecx edx ebx esp ebp esi edi eip eflags cs ss ds es fs gs].map { |r| r.to_sym }	# XXX [77] = 'orig_eax'
+	GDBREGS_X64 = %w[rax rbx rcx rdx rsi rdi rbp rsp r8 r9 r10 r11 r12 r13 r14 r15 rip rflags cs ss ds es fs gs].map { |r| r.to_sym }
+	# compute the hex checksum used in gdb protocol
+	def gdb_csum(buf)
+		'%02x' % (buf.unpack('C*').inject(0) { |cs, c| cs + c } & 0xff)
+	end
+	# send the buffer, waits ack
+	# return true on success
+	def gdb_send(cmd, buf='')
+		buf = cmd + buf
+		buf = '$' << buf << '#' << gdb_csum(buf)
+		5.times {
+			@io.write buf
+			loop do
+				break if not IO.select([@io], nil, nil, 0.2)
+				raise Errno::EPIPE if not ack = @io.read(1)
+				case ack
+				when '+'
+					return true
+				when '-'
+					puts "gdb_send: ack neg" if $DEBUG
+					break
+				when nil
+					return
+				end
+			end
+		}
+		log "send error #{cmd.inspect} (no ack)"
+		false
+	end
+	def quiet_during
+		pq = quiet
+		@quiet = true
+		yield
+	ensure
+		@quiet = pq
+	end
+	# return buf, or nil on error / csum error
+	# waits IO.select(timeout) between each char
+	# outstr is used internally only to handle multiline output string
+	def gdb_readresp(timeout=nil, outstr=nil)
+		@recv_ctx ||= {}
+		@recv_ctx[:state] ||= :nosync
+		buf = nil
+		while @recv_ctx
+			return unless IO.select([@io], nil, nil, timeout)
+			raise Errno::EPIPE if not c = @io.read(1)
+			case @recv_ctx[:state]
+			when :nosync
+				if c == '$'
+					@recv_ctx[:state] = :data
+					@recv_ctx[:buf] = ''
+				end
+			when :data
+				if c == '#'
+					@recv_ctx[:state] = :csum1
+					@recv_ctx[:cs] = ''
+				else
+					@recv_ctx[:buf] << c
+				end
+			when :csum1
+				@recv_ctx[:cs] << c
+				@recv_ctx[:state] = :csum2
+			when :csum2
+				cs = @recv_ctx[:cs] << c
+				buf = @recv_ctx[:buf]
+				@recv_ctx = nil
+				if cs.downcase == gdb_csum(buf).downcase
+					@io.write '+'
+				else
+					log "transmit error"
+					@io.write '-'
+					return
+				end
+			end
+		end
+		case buf
+		when /^E(..)$/
+			e = $1.to_i(16)
+			log "error #{e} (#{PTrace::ERRNO.index(e)})"
+			return
+		when /^O([0-9a-fA-F]*)$/
+			if not outstr
+				first = true
+				outstr = ''
+			end
+			outstr << unhex($1)
+			ret = gdb_readresp(timeout, outstr)
+			outstr.split("\n").each { |e| log 'gdb: ' + e } if first
+			return ret
+		end
+		puts "gdb_readresp: got #{buf[0, 64].inspect}#{'...' if buf.length > 64}" if $DEBUG
+		buf
+	end
+	def gdb_msg(*a)
+		gdb_readresp if gdb_send(*a)
+	end
+	# rle: build the regexp that will match repetitions of a character, skipping counts leading to invalid char
+	rng = [3..(125-29)]
+	[?+, ?-, ?#, ?$].sort.each { |invalid|
+		invalid = invalid.unpack('C').first if invalid.kind_of? String
+		invalid -= 29
+		rng.each_with_index { |r, i|
+			if r.include? invalid
+				replace = [r.begin..invalid-1, invalid+1..r.end]
+				replace.delete_if { |r_| r_.begin > r_.end }
+				rng[i, 1] = replace
+			end
+		}
+	}
+	repet = rng.reverse.map { |r| "\\1{#{r.begin},#{r.end}}" }.join('|')
+	RLE_RE = /(.)(#{repet})/m
+	# rle-compress a buffer
+	# a character followed by '*' followed by 'x' is asc(x)-28 repetitions of the char
+	# eg '0* ' => '0' * (asc(' ') - 28) = '0000'
+	# for the count character, it must be 32 <= char < 126 and not be '+' '-' '#' or '$'
+	def rle(buf)
+		buf.gsub(RLE_RE) {
+			chr, len = $1, $2.length+1
+			chr + '*' + (len+28).chr
+		}
+	end
+	# decompress rle-encoded data
+	def unrle(buf) buf.gsub(/(.)\*(.)/) { $1 * ($2.unpack('C').first-28) } end
+	# send an integer as a long hex packed with leading 0 stripped
+	def hexl(int) @pack_netint[[int]].unpack('H*').first.sub(/^0+(.)/, '\\1') end
+	# send a binary buffer as a rle hex-encoded
+	def hex(buf) buf.unpack('H*').first end
+	# decode an rle hex-encoded buffer
+	def unhex(buf)
+		buf = buf[/^[a-fA-F0-9]*/]
+		buf = '0' + buf if buf.length & 1 == 1
+		[buf].pack('H*')
+	end
+	# retrieve remote regs
+	def read_regs
+		if buf = gdb_msg('g')
+			regs = unhex(unrle(buf))
+			p @unpack_int[regs].map { |v| '%x' % v } if $DEBUG
+			if regs.length < @regmsgsize
+				# retry once, was probably a response to something else
+				puts "bad regs size!" if $DEBUG
+				buf = gdb_msg('g')
+				regs = unhex(unrle(buf)) if buf
+				if not buf or regs.length < @regmsgsize
+					raise "regs buffer recv is too short !"
+				end
+			end
+			Hash[*@gdbregs.zip(@unpack_int[regs]).flatten]
+		end
+	end
+	# send the reg values
+	def send_regs(r = {})
+		return if r.empty?
+		regs = r.values_at(*@gdbregs)
+		gdb_msg('G', hex(@pack_int[regs]))
+	end
+	# read memory (small blocks prefered)
+	def getmem(addr, len)
+		return '' if len == 0
+		if mem = quiet_during { gdb_msg('m', hexl(addr) << ',' << hexl(len)) } and mem != ''
+			unhex(unrle(mem))
+		end
+	end
+	# write memory (small blocks prefered)
+	def setmem(addr, data)
+		len = data.length
+		return if len == 0
+		raise 'writemem error' if not gdb_msg('M', hexl(addr) << ',' << hexl(len) << ':' << rle(hex(data)))
+	end
+	def continue
+		gdb_send('c')
+	end
+	def singlestep
+		gdb_send('s')
+	end
+	def break
+		@io.write("\3")
+	end
+	def kill
+		gdb_send('k')
+	end
+	def detach
+		gdb_send('D')
+	end
+	# monitor, aka remote command
+	def rcmd(cmd)
+		gdb_msg('qRcmd,' + hex(cmd))
+	end
+	attr_accessor :io, :cpu, :gdbregs
+	def initialize(io, cpu='Ia32')
+		cpu = Metasm.const_get(cpu).new if cpu.kind_of? String
+		raise 'unknown cpu' if not cpu.kind_of? CPU
+		setup_arch(cpu)
+		@cpu = cpu
+		case io
+		when IO; @io = io
+		when /^udp:(.*):(.*?)$/i; @io = UDPSocket.new ; @io.connect($1, $2)
+		when /^(?:tcp:)?(.*):(.*?)$/i; @io = TCPSocket.open($1, $2)	# XXX matches C:\fail
+		# TODO pipe, serial port, etc ; also check ipv6
+		else raise "unknown target #{io.inspect}"
+		end
+		gdb_setup
+	end
+	def gdb_setup
+		gdb_msg('q', 'Supported')
+		#gdb_msg('Hc', '-1')
+		#gdb_msg('qC')
+		if not gdb_msg('?')
+			log "nobody on the line, waiting for someone to wake up"
+			IO.select([@io], nil, nil, nil)
+			log "who's there ?"
+		end
+	end
+	def set_hwbp(type, addr, len=1, set=true)
+		set = (set ? 'Z' : 'z')
+		type = { 'r' => '3', 'w' => '2', 'x' => '1', 's' => '0' }[type.to_s] || raise("invalid bp type #{type.inspect}")
+		gdb_msg(set, type << ',' << hexl(addr) << ',' << hexl(len))
+		true
+	end
+	def unset_hwbp(type, addr, len=1)
+		set_hwbp(type, addr, len, false)
+	end
+	# use qSymbol to retrieve a symbol value (uint)
+	def request_symbol(name)
+		resp = gdb_msg('qSymbol:', hex(name))
+		if resp and a = resp.split(':')[1]
+			@unpack_netint[unhex(a)].first
+		end
+	end
+	def check_target(timeout=0)
+		return if not msg = gdb_readresp(timeout)
+		case msg[0]
+		when ?S
+			sig = unhex(msg[1, 2]).unpack('C').first
+			{ :state => :stopped, :info => "signal #{sig} #{PTrace::SIGNAL[sig]}" }
+		when ?T
+			sig = unhex(msg[1, 2]).unpack('C').first
+			ret = { :state => :stopped, :info => "signal #{sig} #{PTrace::SIGNAL[sig]}" }
+			ret.update msg[3..-1].split(';').inject({}) { |h, s| k, v = s.split(':', 2) ; h.update k => (v || true) }	# 'thread' -> pid
+		when ?W
+			code = unhex(msg[1, 2]).unpack('C').first
+			{ :state => :dead, :info => "exited with code #{code}" }
+		when ?X
+			sig = unhex(msg[1, 2]).unpack('C').first
+			{ :state => :dead, :info => "signal #{sig} #{PTrace::SIGNAL[sig]}" }
+		else
+			log "check_target: unhandled #{msg.inspect}"
+			{ :state => :unknown }
+		end
+	end
+	attr_accessor :logger, :quiet
+	def log(s)
+		return if quiet
+		@logger ||= $stdout
+		@logger.puts s
+	end
+	# setup the various function used to pack ints & the reg list
+	# according to a target CPU
+	def setup_arch(cpu)
+		case cpu.shortname
+		when 'ia32'
+			@gdbregs = GDBREGS_IA32
+			@regmsgsize = 4 * @gdbregs.length
+		when 'x64'
+			@gdbregs = GDBREGS_X64
+			@regmsgsize = 8 * @gdbregs.length
+		when 'arm'
+			@gdbregs = cpu.dbg_register_list
+			@regmsgsize = 4 * @gdbregs.length
+		else
+			# we can still use readmem/kill and other generic commands
+			# XXX serverside setregs may fail if we give an incorrect regbuf size
+			puts "unsupported GdbServer CPU #{cpu.shortname}"
+			@gdbregs = [*0..32].map { |i| "r#{i}".to_sym }
+			@regmsgsize = 0
+		end
+		# yay life !
+		# do as if cpu is littleendian, fixup at the end
+		case cpu.size
+		when 16
+			@pack_netint   = lambda { |i| i.pack('n*') }
+			@unpack_netint = lambda { |s| s.unpack('n*') }
+			@pack_int   = lambda { |i| i.pack('v*') }
+			@unpack_int = lambda { |s| s.unpack('v*') }
+		when 32
+			@pack_netint   = lambda { |i| i.pack('N*') }
+			@unpack_netint = lambda { |s| s.unpack('N*') }
+			@pack_int   = lambda { |i| i.pack('V*') }
+			@unpack_int = lambda { |s| s.unpack('V*') }
+		when 64
+			bswap = lambda { |s| s.scan(/.{8}/m).map { |ss| ss.reverse }.join }
+			@pack_netint   = lambda { |i| i.pack('Q*') }
+			@unpack_netint = lambda { |s| s.unpack('Q*') }
+			@pack_int   = lambda { |i| bswap[i.pack('Q*')] }
+			@unpack_int = lambda { |s| bswap[s].unpack('Q*') }
+			if [1].pack('Q')[0] == ?\1	# ruby interpreter littleendian
+				@pack_netint, @pack_int = @pack_int, @pack_netint
+				@unpack_netint, @unpack_int = @unpack_int, @unpack_netint
+			end
+		else raise "GdbServer: unsupported cpu size #{cpu.size}"
+		end
+		# if target cpu is bigendian, use netint everywhere
+		if cpu.endianness == :big
+			@pack_int   = @pack_netint
+			@unpack_int = @unpack_netint
+		end
+	end
+end
+# virtual string to access the remote process memory
+class GdbRemoteString < VirtualString
+	attr_accessor :gdb
+	def initialize(gdb, addr_start=0, length=nil)
+		@gdb = gdb
+		length ||= 1 << (@gdb.cpu.size rescue 32)
+		@pagelength = 512
+		super(addr_start, length)
+	end
+	def dup(addr=@addr_start, len=@length)
+		self.class.new(@gdb, addr, len)
+	end
+	def rewrite_at(addr, data)
+		len = data.length
+		off = 0
+		while len > @pagelength
+			@gdb.setmem(addr+off, data[off, @pagelength])
+			off += @pagelength
+			len -= @pagelength
+		end
+		@gdb.setmem(addr+off, data[off, len])
+	end
+	def get_page(addr, len=@pagelength)
+		@gdb.getmem(addr, len)
+	end
+end
+# this class implements a high-level API using the gdb-server network debugging protocol
+class GdbRemoteDebugger < Debugger
+	attr_accessor :gdb, :check_target_timeout
+	def initialize(url, cpu='Ia32')
+		@gdb = GdbClient.new(url, cpu)
+		@gdb.logger = self
+		@cpu = @gdb.cpu
+		@memory = GdbRemoteString.new(@gdb)
+		@reg_val_cache = {}
+		@regs_dirty = false
+		# when checking target, if no message seen since this much seconds, send a 'status' query
+		@check_target_timeout = 1
+		super()
+	end
+	def invalidate
+		sync_regs
+		@reg_val_cache.clear
+		super()
+	end
+	def get_reg_value(r)
+		return @reg_val_cache[r] || 0 if @state != :stopped
+		sync_regs
+		@reg_val_cache = @gdb.read_regs || {} if @reg_val_cache.empty?
+		@reg_val_cache[r] || 0
+	end
+	def set_reg_value(r, v)
+		@reg_val_cache[r] = v
+		@regs_dirty = true
+	end
+	def sync_regs
+		@gdb.send_regs(@reg_val_cache) if @regs_dirty and not @reg_val_cache.empty?
+		@regs_dirty = false
+	end
+	def do_check_target
+		return if @state == :dead
+		t = Time.now
+		@last_check_target ||= t
+		if @state == :running and t - @last_check_target > @check_target_timeout
+			@gdb.io.write '$?#' << @gdb.gdb_csum('?')
+			@last_check_target = t
+		end
+		return unless i = @gdb.check_target(0.01)
+		invalidate if i[:state] == :stopped and @state != :stopped
+		@state, @info = i[:state], i[:info]
+		@info = nil if @info =~ /TRAP/
+	end
+	def do_wait_target
+		return unless i = @gdb.check_target(nil)
+		invalidate if i[:state] == :stopped and @state != :stopped
+		@state, @info = i[:state], i[:info]
+		@info = nil if @info =~ /TRAP/
+	end
+	def do_continue(*a)
+		return if @state != :stopped
+		@state = :running
+		@info = 'continue'
+		@gdb.continue
+		@last_check_target = Time.now
+	end
+	def do_singlestep(*a)
+		return if @state != :stopped
+		@state = :running
+		@info = 'singlestep'
+		@gdb.singlestep
+		@last_check_target = Time.now
+	end
+	def break
+		@gdb.break
+	end
+	def kill(sig=nil)
+		# TODO signal nr
+		@gdb.kill
+		@state = :dead
+		@info = 'killed'
+	end
+	def detach
+		super()	# remove breakpoints & stuff
+		@gdb.detach
+		@state = :dead
+		@info = 'detached'
+	end
+	# set to true to use the gdb msg to handle bpx, false to set 0xcc ourself
+	attr_accessor :gdb_bpx
+	def enable_bp(addr)
+		return if not b = @breakpoint[addr]
+		b.state = :active
+		case b.type
+		when :bpx
+			if gdb_bpx
+				@gdb.set_hwbp('s', addr, 1)
+			else
+				@cpu.dbg_enable_bp(self, addr, b)
+			end
+		when :hw
+			@gdb.set_hwbp(b.mtype, addr, b.mlen)
+		end
+	end
+	def disable_bp(addr)
+		return if not b = @breakpoint[addr]
+		b.state = :inactive
+		case b.type
+		when :bpx
+			if gdb_bpx
+				@gdb.unset_hwbp('s', addr, 1)
+			else
+				@cpu.dbg_disable_bp(self, addr, b)
+			end
+		when :hw
+			@gdb.unset_hwbp(b.mtype, addr, b.mlen)
+		end
+	end
+	def check_pre_run(*a)
+		sync_regs
+		super(*a)
+	end
+	def loadallsyms
+		puts 'loadallsyms unsupported'
+	end
+	def ui_command_setup(ui)
+		ui.new_command('monitor', 'send a remote command to run on the target') { |arg| @gdb.rcmd(arg) }
+	end
+end
+end