RubyGems - metasm - Versions diffs - 1.0.1 → 1.0.2 - Mend

metasm 1.0.1 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (235) hide show

checksums.yaml +7 -0
data/.gitignore +1 -0
data/.hgtags +3 -0
data/Gemfile +1 -0
data/INSTALL +61 -0
data/LICENCE +458 -0
data/README +29 -21
data/Rakefile +10 -0
data/TODO +10 -12
data/doc/code_organisation.txt +2 -0
data/doc/core/DynLdr.txt +247 -0
data/doc/core/ExeFormat.txt +43 -0
data/doc/core/Expression.txt +220 -0
data/doc/core/GNUExports.txt +27 -0
data/doc/core/Ia32.txt +236 -0
data/doc/core/SerialStruct.txt +108 -0
data/doc/core/VirtualString.txt +145 -0
data/doc/core/WindowsExports.txt +61 -0
data/doc/core/index.txt +1 -0
data/doc/style.css +6 -3
data/doc/usage/debugger.txt +327 -0
data/doc/usage/index.txt +1 -0
data/doc/use_cases.txt +2 -2
data/metasm.gemspec +22 -0
data/{lib/metasm.rb → metasm.rb} +11 -3
data/{lib/metasm → metasm}/compile_c.rb +13 -7
data/metasm/cpu/arc.rb +8 -0
data/metasm/cpu/arc/decode.rb +425 -0
data/metasm/cpu/arc/main.rb +191 -0
data/metasm/cpu/arc/opcodes.rb +588 -0
data/{lib/metasm → metasm/cpu}/arm.rb +7 -5
data/{lib/metasm → metasm/cpu}/arm/debug.rb +2 -2
data/{lib/metasm → metasm/cpu}/arm/decode.rb +13 -12
data/{lib/metasm → metasm/cpu}/arm/encode.rb +23 -8
data/{lib/metasm → metasm/cpu}/arm/main.rb +0 -3
data/metasm/cpu/arm/opcodes.rb +324 -0
data/{lib/metasm → metasm/cpu}/arm/parse.rb +25 -13
data/{lib/metasm → metasm/cpu}/arm/render.rb +2 -2
data/metasm/cpu/arm64.rb +15 -0
data/metasm/cpu/arm64/debug.rb +38 -0
data/metasm/cpu/arm64/decode.rb +289 -0
data/metasm/cpu/arm64/encode.rb +41 -0
data/metasm/cpu/arm64/main.rb +105 -0
data/metasm/cpu/arm64/opcodes.rb +232 -0
data/metasm/cpu/arm64/parse.rb +20 -0
data/metasm/cpu/arm64/render.rb +95 -0
data/{lib/metasm/ppc.rb → metasm/cpu/bpf.rb} +2 -4
data/metasm/cpu/bpf/decode.rb +142 -0
data/metasm/cpu/bpf/main.rb +60 -0
data/metasm/cpu/bpf/opcodes.rb +81 -0
data/metasm/cpu/bpf/render.rb +41 -0
data/metasm/cpu/cy16.rb +9 -0
data/metasm/cpu/cy16/decode.rb +253 -0
data/metasm/cpu/cy16/main.rb +63 -0
data/metasm/cpu/cy16/opcodes.rb +78 -0
data/metasm/cpu/cy16/render.rb +41 -0
data/metasm/cpu/dalvik.rb +11 -0
data/{lib/metasm → metasm/cpu}/dalvik/decode.rb +35 -13
data/{lib/metasm → metasm/cpu}/dalvik/main.rb +51 -2
data/{lib/metasm → metasm/cpu}/dalvik/opcodes.rb +19 -11
data/metasm/cpu/ia32.rb +17 -0
data/{lib/metasm → metasm/cpu}/ia32/compile_c.rb +5 -7
data/{lib/metasm → metasm/cpu}/ia32/debug.rb +5 -5
data/{lib/metasm → metasm/cpu}/ia32/decode.rb +246 -59
data/{lib/metasm → metasm/cpu}/ia32/decompile.rb +7 -7
data/{lib/metasm → metasm/cpu}/ia32/encode.rb +19 -13
data/{lib/metasm → metasm/cpu}/ia32/main.rb +51 -8
data/metasm/cpu/ia32/opcodes.rb +1424 -0
data/{lib/metasm → metasm/cpu}/ia32/parse.rb +47 -16
data/{lib/metasm → metasm/cpu}/ia32/render.rb +31 -4
data/metasm/cpu/mips.rb +14 -0
data/{lib/metasm → metasm/cpu}/mips/compile_c.rb +1 -1
data/metasm/cpu/mips/debug.rb +42 -0
data/{lib/metasm → metasm/cpu}/mips/decode.rb +46 -16
data/{lib/metasm → metasm/cpu}/mips/encode.rb +4 -3
data/{lib/metasm → metasm/cpu}/mips/main.rb +11 -4
data/{lib/metasm → metasm/cpu}/mips/opcodes.rb +86 -17
data/{lib/metasm → metasm/cpu}/mips/parse.rb +1 -1
data/{lib/metasm → metasm/cpu}/mips/render.rb +1 -1
data/{lib/metasm/dalvik.rb → metasm/cpu/msp430.rb} +1 -1
data/metasm/cpu/msp430/decode.rb +247 -0
data/metasm/cpu/msp430/main.rb +62 -0
data/metasm/cpu/msp430/opcodes.rb +101 -0
data/{lib/metasm → metasm/cpu}/pic16c/decode.rb +6 -7
data/{lib/metasm → metasm/cpu}/pic16c/main.rb +0 -0
data/{lib/metasm → metasm/cpu}/pic16c/opcodes.rb +1 -1
data/{lib/metasm/mips.rb → metasm/cpu/ppc.rb} +4 -4
data/{lib/metasm → metasm/cpu}/ppc/decode.rb +18 -12
data/{lib/metasm → metasm/cpu}/ppc/decompile.rb +3 -3
data/{lib/metasm → metasm/cpu}/ppc/encode.rb +2 -2
data/{lib/metasm → metasm/cpu}/ppc/main.rb +17 -12
data/{lib/metasm → metasm/cpu}/ppc/opcodes.rb +11 -5
data/metasm/cpu/ppc/parse.rb +55 -0
data/metasm/cpu/python.rb +8 -0
data/metasm/cpu/python/decode.rb +136 -0
data/metasm/cpu/python/main.rb +36 -0
data/metasm/cpu/python/opcodes.rb +180 -0
data/{lib/metasm → metasm/cpu}/sh4.rb +1 -1
data/{lib/metasm → metasm/cpu}/sh4/decode.rb +48 -17
data/{lib/metasm → metasm/cpu}/sh4/main.rb +13 -4
data/{lib/metasm → metasm/cpu}/sh4/opcodes.rb +7 -8
data/metasm/cpu/x86_64.rb +15 -0
data/{lib/metasm → metasm/cpu}/x86_64/compile_c.rb +28 -17
data/{lib/metasm → metasm/cpu}/x86_64/debug.rb +4 -4
data/{lib/metasm → metasm/cpu}/x86_64/decode.rb +57 -15
data/{lib/metasm → metasm/cpu}/x86_64/encode.rb +55 -26
data/{lib/metasm → metasm/cpu}/x86_64/main.rb +14 -6
data/metasm/cpu/x86_64/opcodes.rb +136 -0
data/{lib/metasm → metasm/cpu}/x86_64/parse.rb +10 -2
data/metasm/cpu/x86_64/render.rb +35 -0
data/metasm/cpu/z80.rb +9 -0
data/metasm/cpu/z80/decode.rb +313 -0
data/metasm/cpu/z80/main.rb +67 -0
data/metasm/cpu/z80/opcodes.rb +224 -0
data/metasm/cpu/z80/render.rb +59 -0
data/{lib/metasm/os/main.rb → metasm/debug.rb} +160 -401
data/{lib/metasm → metasm}/decode.rb +35 -4
data/{lib/metasm → metasm}/decompile.rb +15 -16
data/{lib/metasm → metasm}/disassemble.rb +201 -45
data/{lib/metasm → metasm}/disassemble_api.rb +651 -87
data/{lib/metasm → metasm}/dynldr.rb +220 -133
data/{lib/metasm → metasm}/encode.rb +10 -1
data/{lib/metasm → metasm}/exe_format/a_out.rb +9 -6
data/{lib/metasm → metasm}/exe_format/autoexe.rb +1 -0
data/{lib/metasm → metasm}/exe_format/bflt.rb +57 -27
data/{lib/metasm → metasm}/exe_format/coff.rb +11 -3
data/{lib/metasm → metasm}/exe_format/coff_decode.rb +53 -20
data/{lib/metasm → metasm}/exe_format/coff_encode.rb +11 -13
data/{lib/metasm → metasm}/exe_format/dex.rb +13 -5
data/{lib/metasm → metasm}/exe_format/dol.rb +1 -0
data/{lib/metasm → metasm}/exe_format/elf.rb +93 -57
data/{lib/metasm → metasm}/exe_format/elf_decode.rb +143 -34
data/{lib/metasm → metasm}/exe_format/elf_encode.rb +122 -31
data/metasm/exe_format/gb.rb +65 -0
data/metasm/exe_format/javaclass.rb +424 -0
data/{lib/metasm → metasm}/exe_format/macho.rb +204 -16
data/{lib/metasm → metasm}/exe_format/main.rb +26 -3
data/{lib/metasm → metasm}/exe_format/mz.rb +1 -0
data/{lib/metasm → metasm}/exe_format/nds.rb +7 -4
data/{lib/metasm → metasm}/exe_format/pe.rb +71 -8
data/metasm/exe_format/pyc.rb +167 -0
data/{lib/metasm → metasm}/exe_format/serialstruct.rb +67 -14
data/{lib/metasm → metasm}/exe_format/shellcode.rb +7 -3
data/metasm/exe_format/shellcode_rwx.rb +114 -0
data/metasm/exe_format/swf.rb +205 -0
data/{lib/metasm → metasm}/exe_format/xcoff.rb +7 -7
data/metasm/exe_format/zip.rb +335 -0
data/metasm/gui.rb +13 -0
data/{lib/metasm → metasm}/gui/cstruct.rb +35 -41
data/{lib/metasm → metasm}/gui/dasm_coverage.rb +11 -11
data/{lib/metasm → metasm}/gui/dasm_decomp.rb +7 -20
data/{lib/metasm → metasm}/gui/dasm_funcgraph.rb +0 -0
data/metasm/gui/dasm_graph.rb +1695 -0
data/{lib/metasm → metasm}/gui/dasm_hex.rb +12 -8
data/{lib/metasm → metasm}/gui/dasm_listing.rb +43 -28
data/{lib/metasm → metasm}/gui/dasm_main.rb +310 -53
data/{lib/metasm → metasm}/gui/dasm_opcodes.rb +5 -19
data/{lib/metasm → metasm}/gui/debug.rb +93 -27
data/{lib/metasm → metasm}/gui/gtk.rb +162 -40
data/{lib/metasm → metasm}/gui/qt.rb +12 -2
data/{lib/metasm → metasm}/gui/win32.rb +179 -42
data/{lib/metasm → metasm}/gui/x11.rb +59 -59
data/{lib/metasm → metasm}/main.rb +389 -264
data/{lib/metasm/os/remote.rb → metasm/os/gdbremote.rb} +146 -54
data/{lib/metasm → metasm}/os/gnu_exports.rb +1 -1
data/{lib/metasm → metasm}/os/linux.rb +628 -151
data/metasm/os/main.rb +330 -0
data/{lib/metasm → metasm}/os/windows.rb +132 -42
data/{lib/metasm → metasm}/os/windows_exports.rb +141 -0
data/{lib/metasm → metasm}/parse.rb +26 -24
data/{lib/metasm → metasm}/parse_c.rb +221 -116
data/{lib/metasm → metasm}/preprocessor.rb +55 -40
data/{lib/metasm → metasm}/render.rb +14 -38
data/misc/hexdump.rb +2 -1
data/misc/lint.rb +58 -0
data/misc/txt2html.rb +9 -7
data/samples/bindiff.rb +3 -4
data/samples/dasm-plugins/bindiff.rb +15 -0
data/samples/dasm-plugins/bookmark.rb +133 -0
data/samples/dasm-plugins/c_constants.rb +57 -0
data/samples/dasm-plugins/colortheme_solarized.rb +125 -0
data/samples/dasm-plugins/cppobj_funcall.rb +60 -0
data/samples/dasm-plugins/dasm_all.rb +70 -0
data/samples/dasm-plugins/demangle_cpp.rb +31 -0
data/samples/dasm-plugins/deobfuscate.rb +251 -0
data/samples/dasm-plugins/dump_text.rb +35 -0
data/samples/dasm-plugins/export_graph_svg.rb +86 -0
data/samples/dasm-plugins/findgadget.rb +75 -0
data/samples/dasm-plugins/hl_opcode.rb +32 -0
data/samples/dasm-plugins/hotfix_gtk_dbg.rb +19 -0
data/samples/dasm-plugins/imm2off.rb +34 -0
data/samples/dasm-plugins/match_libsigs.rb +93 -0
data/samples/dasm-plugins/patch_file.rb +95 -0
data/samples/dasm-plugins/scanfuncstart.rb +36 -0
data/samples/dasm-plugins/scanxrefs.rb +26 -0
data/samples/dasm-plugins/selfmodify.rb +197 -0
data/samples/dasm-plugins/stringsxrefs.rb +28 -0
data/samples/dasmnavig.rb +1 -1
data/samples/dbg-apihook.rb +24 -9
data/samples/dbg-plugins/heapscan.rb +283 -0
data/samples/dbg-plugins/heapscan/compiled_heapscan_lin.c +155 -0
data/samples/dbg-plugins/heapscan/compiled_heapscan_win.c +128 -0
data/samples/dbg-plugins/heapscan/graphheap.rb +616 -0
data/samples/dbg-plugins/heapscan/heapscan.rb +709 -0
data/samples/dbg-plugins/heapscan/winheap.h +174 -0
data/samples/dbg-plugins/heapscan/winheap7.h +307 -0
data/samples/dbg-plugins/trace_func.rb +214 -0
data/samples/disassemble-gui.rb +35 -5
data/samples/disassemble.rb +31 -6
data/samples/dump_upx.rb +24 -12
data/samples/dynamic_ruby.rb +12 -3
data/samples/exeencode.rb +6 -5
data/samples/factorize-headers-peimports.rb +1 -1
data/samples/lindebug.rb +175 -381
data/samples/metasm-shell.rb +1 -2
data/samples/peldr.rb +2 -2
data/tests/all.rb +1 -1
data/tests/arc.rb +26 -0
data/tests/dynldr.rb +22 -4
data/tests/expression.rb +55 -0
data/tests/graph_layout.rb +285 -0
data/tests/ia32.rb +79 -26
data/tests/mips.rb +9 -2
data/tests/x86_64.rb +66 -18
metadata +330 -218
data/lib/metasm/arm/opcodes.rb +0 -177
data/lib/metasm/gui.rb +0 -23
data/lib/metasm/gui/dasm_graph.rb +0 -1354
data/lib/metasm/ia32.rb +0 -14
data/lib/metasm/ia32/opcodes.rb +0 -873
data/lib/metasm/ppc/parse.rb +0 -52
data/lib/metasm/x86_64.rb +0 -12
data/lib/metasm/x86_64/opcodes.rb +0 -118
data/samples/gdbclient.rb +0 -583
data/samples/rubstop.rb +0 -399

data/doc/usage/index.txt ADDED

	@@ -0,0 +1 @@
1	+ See <use_cases.txt>

data/doc/use_cases.txt CHANGED

@@ -8,11 +8,11 @@ There are quite a lot of possible usages that can be derived from the
 The major would be related to:
 * the scriptable <usage/debugger.txt>
-* the <usage/disassembler.txt> (with the optionnal <usage/disassembler_gui.txt>)
+* the <usage/disassembler.txt> (with the optional <usage/disassembler_gui.txt>)
 * the <usage/assembler.txt>
 * the <usage/C_parser.txt>
 * the <usage/C_compiler.txt>
 * the <usage/exe_manipulation.txt> facilities
-and various interaction between those.
+and various interactions among them.

data/metasm.gemspec ADDED

@@ -0,0 +1,22 @@
+lib = File.expand_path('.', File.dirname(__FILE__))
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'metasm'
+Gem::Specification.new do |s|
+  s.name          = 'metasm'
+  s.version       = '1.0.2'
+  s.summary       =
+    "Metasm is a cross-architecture assembler, disassembler, linker, and debugger."
+  s.description   = ""
+  s.authors       = ["Yoann Guillot"]
+  s.email         = ['john at ofjj.net']
+  s.files         = `git ls-files -z`.split("\x0")
+  s.test_files    = s.files.grep(%r{^tests/})
+  s.require_paths = ["."]
+  s.homepage      = 'http://metasm.cr0.org'
+  s.license       = 'LGPL'
+  s.add_development_dependency "bundler", "~> 1.7"
+  s.add_development_dependency "rake"
+end

data/{lib/metasm.rb → metasm.rb} RENAMED

@@ -15,6 +15,7 @@ module Metasm
 	Const_autorequire_equiv = {
 		'X86' => 'Ia32', 'PPC' => 'PowerPC',
 		'X64' => 'X86_64', 'AMD64' => 'X86_64',
+		'MIPS64' => 'MIPS', 'AArch64' => 'ARM64',
 		'UniversalBinary' => 'MachO', 'COFFArchive' => 'COFF',
 		'DEY' => 'DEX',
 		'PTrace' => 'LinOS', 'FatELF' => 'ELF',
@@ -32,8 +33,10 @@ module Metasm
 	# files to require to get the definition of those constants
 	Const_autorequire = {
-		'Ia32' => 'ia32', 'MIPS' => 'mips', 'PowerPC' => 'ppc', 'ARM' => 'arm',
-		'X86_64' => 'x86_64', 'Sh4' => 'sh4', 'Dalvik' => 'dalvik',
+		'Ia32' => 'cpu/ia32', 'MIPS' => 'cpu/mips', 'PowerPC' => 'cpu/ppc', 'ARM' => 'cpu/arm',
+		'X86_64' => 'cpu/x86_64', 'Sh4' => 'cpu/sh4', 'Dalvik' => 'cpu/dalvik', 'ARC' => 'cpu/arc',
+		'Python' => 'cpu/python', 'Z80' => 'cpu/z80', 'CY16' => 'cpu/cy16', 'BPF' => 'cpu/bpf',
+		'MSP430' => 'cpu/msp430', 'ARM64' => 'cpu/arm64',
 		'C' => 'compile_c',
 		'MZ' => 'exe_format/mz', 'PE' => 'exe_format/pe',
 		'ELF' => 'exe_format/elf', 'COFF' => 'exe_format/coff',
@@ -41,12 +44,17 @@ module Metasm
 		'AOut' => 'exe_format/a_out', 'MachO' => 'exe_format/macho',
 		'DEX' => 'exe_format/dex',
 		'NDS' => 'exe_format/nds', 'XCoff' => 'exe_format/xcoff',
+		'GameBoyRom' => 'exe_format/gb',
 		'Bflt' => 'exe_format/bflt', 'Dol' => 'exe_format/dol',
+		'PYC' => 'exe_format/pyc', 'JavaClass' => 'exe_format/javaclass',
+		'SWF' => 'exe_format/swf', 'ZIP' => 'exe_format/zip',
+		'Shellcode_RWX' => 'exe_format/shellcode_rwx',
 		'Gui' => 'gui',
 		'WindowsExports' => 'os/windows_exports',
 		'GNUExports' => 'os/gnu_exports',
+		'Debugger' => 'debug',
 		'LinOS' => 'os/linux', 'WinOS' => 'os/windows',
-		'GdbClient' => 'os/remote',
+		'GdbClient' => 'os/gdbremote',
 		'Disassembler' => 'disassemble',
 		'Decompiler' => 'decompile',
 		'DynLdr' => 'dynldr',

data/{lib/metasm → metasm}/compile_c.rb RENAMED

@@ -11,14 +11,14 @@ module Metasm
 module C
 	class Parser
 		def precompile
-			@toplevel.precompile(Compiler.new(self))
+			@toplevel.precompile(Compiler.new(self, @program))
 			self
 		end
 	end
 	# each CPU defines a subclass of this one
 	class Compiler
-		# an ExeFormat (mostly used for unique label creation)
+		# an ExeFormat (mostly used for unique label creation, and cpu.check_reserved_name)
 		attr_accessor :exeformat
 		# the C Parser (destroyed by compilation)
 		attr_accessor :parser
@@ -36,7 +36,8 @@ module C
 		end
 		# creates a new CCompiler from an ExeFormat and a C Parser
-		def initialize(parser, exeformat=ExeFormat.new, source=[])
+		def initialize(parser, exeformat=nil, source=[])
+			exeformat ||= ExeFormat.new
 			@parser, @exeformat, @source = parser, exeformat, source
 			@auto_label_list = {}
 			@label_oldname = {}
@@ -280,7 +281,7 @@ module C
 				when :ptr; " d#{%w[x b w x d x x x q][@parser.typesize[type.name]]} "
 				when :float;   ' db ' + [value].pack(@parser.endianness == :little ? 'e' : 'g').unpack('C*').join(', ') + ' // '
 				when :double;  ' db ' + [value].pack(@parser.endianness == :little ? 'E' : 'G').unpack('C*').join(', ') + ' // '
-				when :longdouble; ' db ' + [value].pack(@parser.endianness == :little ? 'E' : 'G').unpack('C*').join(', ') + ' // '	# XXX same as :double
+				when :longdouble; ' db ' + [value].pack(@parser.endianness == :little ? 'E' : 'G').unpack('C*').join(', ') + ' // '	# XXX same as :double
 				else raise "unknown idata type #{type.inspect} #{value.inspect}"
 				end
@@ -428,6 +429,7 @@ module C
 		# return non-nil if the variable name is unsuitable to appear as is in the asm listing
 		# eg filter out asm instruction names
 		def check_reserved_name(var)
+			return true if @exeformat.cpu and @exeformat.cpu.check_reserved_name(var.name)
 			%w[db dw dd dq].include?(var.name)
 		end
 	end
@@ -555,8 +557,12 @@ module C
 						# reuse same name as predeclarations
 						@var.name = n
 					else
-						@var.name = compiler.new_label @var.name until @var.name != old
-						compiler.label_oldname[@var.name] = old
+						newname = old
+						newname = compiler.new_label newname until newname != old
+						if not compiler.check_reserved_name(@var)
+							compiler.label_oldname[newname] = old
+						end
+						@var.name = newname
 					end
 					ref ||= scope.symbol[@var.name] || @var
 					# append only one actual declaration for all predecls (the one with init, or the last uninit)
@@ -684,7 +690,7 @@ module C
 					if not init.op and init.rexpr.kind_of? ::String
 						v = Variable.new
 						v.storage = :static
-						v.name = 'char_' + init.rexpr.tr('^a-zA-Z', '')[0, 8]
+						v.name = 'char_' + init.rexpr.gsub(/[^a-zA-Z]/, '')[0, 8]
 						v.type = Array.new(type.type)
 						v.type.length = init.rexpr.length + 1
 						v.type.type.qualifier = [:const]

data/metasm/cpu/arc.rb ADDED

@@ -0,0 +1,8 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2010 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+require 'metasm/main'
+require 'metasm/cpu/arc/decode'

data/metasm/cpu/arc/decode.rb ADDED

@@ -0,0 +1,425 @@
+#    This file is part of Metasm, the Ruby assembly manipulation suite
+#    Copyright (C) 2006-2010 Yoann GUILLOT
+#
+#    Licence is LGPL, see LICENCE in the top-level directory
+require 'metasm/cpu/arc/opcodes'
+require 'metasm/decode'
+module Metasm
+class ARC
+	def major_opcode(val, sz = 16)
+		return val >> (sz == 16 ? 0xB : 0x1B)
+	end
+	def sub_opcode(val)
+		return ((val >> 16) & 0x3f)
+	end
+	def build_opcode_bin_mask(op, sz)
+		op.bin_mask = 0
+		op.args.each { |f| op.bin_mask |= @fields_mask[f] << @fields_shift[f]}
+		op.bin_mask = ((1 << sz)-1) ^ op.bin_mask
+	end
+	def build_bin_lookaside
+		bin_lookaside = {}
+		opcode_list.each{|mode,oplist|
+			lookaside = {}
+			# 2nd level to speed up lookaside for major 5
+			lookaside[5] = {}
+			oplist.each { |op|
+				next if not op.bin.kind_of? Integer
+				build_opcode_bin_mask(op, mode)
+				mj = major_opcode(op.bin, mode)
+				if mode == 32 and mj == 5
+					(lookaside[mj][sub_opcode(op.bin)] ||= []) << op
+				else
+					(lookaside[mj] ||= []) << op
+				end
+			}
+			bin_lookaside[mode] = lookaside
+		}
+		bin_lookaside
+	end
+	def instruction_size(edata)
+		val = major_opcode(edata.decode_imm(:u16, @endianness))
+		edata.ptr -= 2
+		(val >= 0xC) ? 16 : 32
+	end
+	def memref_size(di)
+		case di.opcode.name
+		when 'ldb_s', 'stb_s', 'extb_s', 'sexb_s'; 1
+		when 'ldw_s', 'stw_s', 'extw_s', 'sexw_s'; 2
+		else 4
+		end
+	end
+	def decode_bin(edata, sz)
+		case sz
+		when 16; edata.decode_imm(:u16, @endianness)
+		when 32
+			# wordswap
+			val = edata.decode_imm(:u32, :little)
+			((val >> 16) & 0xffff) | ((val & 0xffff) << 16)
+		end
+	end
+	def decode_findopcode(edata)
+		di = DecodedInstruction.new(self)
+		@instrlength = instruction_size(edata)
+		val = decode_bin(edata, @instrlength)
+		edata.ptr -= @instrlength/8
+		maj = major_opcode(val, @instrlength)
+		lookaside = @bin_lookaside[@instrlength][maj]
+		lookaside = lookaside[sub_opcode(val)] if @instrlength == 32 and maj == 5
+		op = lookaside.select { |opcode|
+			if $ARC_DEBUG and (val & opcode.bin_mask) == opcode.bin
+				puts "#{opcode.bin_mask.to_s(16)} - #{opcode.bin.to_s(16)} - #{(val & opcode.bin_mask).to_s(16)} -  #{opcode.name} - #{opcode.args}"
+			end
+			(val & opcode.bin_mask) == opcode.bin
+		}
+		if op.size == 2 and op.first.name == 'mov' and op.last.name == 'nop'
+			op = op.last
+		elsif op == nil or op.size != 1
+			puts "[> I sense a disturbance in the force <]"
+			op.to_a.each { |opcode| puts "#{opcode.name} - #{opcode.args} - #{Expression[opcode.bin]} - #{Expression[opcode.bin_mask]}" }
+			puts "current value: #{Expression[val]}"
+			puts "current value: 0b#{val.to_s(2)}"
+			op = nil
+		else
+			op = op.first
+		end
+		di if di.opcode = op
+	end
+	Reduced_reg = [0, 1, 2, 3, 12, 13, 14, 15]
+	def reduced_reg_set(i)
+		Reduced_reg[i]
+	end
+	def decode_instr_op(edata, di)
+		before_ptr = edata.ptr
+		op = di.opcode
+		di.instruction.opname = op.name
+		val = decode_bin(edata, @instrlength)
+		field_val = lambda { |f|
+			r = (val >> @fields_shift[f]) & @fields_mask[f]
+			case f
+			# 16-bits instruction operands ------------------------------------------"
+			when :ca, :cb, :cb2, :cb3, :cc;  r = reduced_reg_set(r)
+			when :ch
+				r = (((r & 7) << 3) | (r >> 5))
+			when :@cbu7, :@cbu6, :@cbu5
+				r = r & 0b11111
+				r = (f == :@cbu7) ? r << 2 : ( (f == :@cbu6) ? r << 1 : r)
+			when :cu5ee; r = r << 2
+			when :cdisps13
+				r = (Expression.make_signed(r,11) << 2) + ((di.address >> 2) << 2)
+			when :cdisps10
+				r = (Expression.make_signed(r, 9) << 1) + ((di.address >> 2) << 2)
+			when :cdisps8
+				r = (Expression.make_signed(r, 7) << 1) + ((di.address >> 2) << 2)
+			when :cdisps7
+				r = (Expression.make_signed(r, 6) << 1) + ((di.address >> 2) << 2)
+			when :cs9, :cs10, :cs11
+				r = Expression.make_signed(r, ((f== :cs11 ? 11 : (f == :cs10 ? 10 : 9) )))
+				r = (f == :cs11) ? r << 2 : ((f == :cs10) ? r << 1 : r)
+			when :@cspu7;
+				r = r << 2
+			# 32-bits instruction operands ------------------------------------------"
+			when :b
+				r = (r >> 12) | ((r & 0x7) << 3)
+			when :s8e
+				r = ((r & 0x1) << 7) | (r >> 2)
+				r = (Expression.make_signed(r, 8) << 1) + ((di.address >> 2) << 2)
+			when :u6e
+				r = (r << 1) + ((di.address >> 2) << 2)
+			when :s9
+				r = (Expression.make_signed(r, 7) << 1) + ((di.address >> 2) << 2)
+			when :s12
+				r = (r >> 6) | ((r & 0x3f) << 6)
+				r = Expression.make_signed(r, 12)
+			when :s12e
+				r = (r >> 6) | ((r & 0x3f) << 6)
+				r = (Expression.make_signed(r, 12) <<1 ) + ((di.address >> 2) << 2)
+			when :s21e
+				r = ((r & 0x3ff) << 10) | (r >> 11)
+				r = (Expression.make_signed(r, 20) << 1) + ((di.address >> 2) << 2)
+			when :s21ee # pc-relative
+				r = ((r & 0x3ff) << 9) | (r >> 12)
+				r = (Expression.make_signed(r, 19) << 2) + ((di.address >> 2) << 2)
+			when :s25e # pc-relative
+				r = ((r & 0xf) << 20)  | (((r >> 6) & 0x3ff) << 10) | (r >> 17)
+				r = (Expression.make_signed(r, 24) << 1) + ((di.address >> 2) << 2)
+			when :s25ee # pc-relative
+				r = ((r & 0xf) << 19)  | (((r >> 6) & 0x3ff) << 9) | (r >> 18)
+				r = (Expression.make_signed(r, 23) << 2) + ((di.address >> 2) << 2)
+			when :@bs9
+				r = r >> 3
+				s9 = ((r & 1) << 8) | ((r >> 1) & 0xff)
+				r = Expression.make_signed(s9, 9)
+			when :bext, :cext, :@cext
+				if ((r = field_val[(f == :bext) ? :b : :c]) == 0x3E)
+					tmp = edata.decode_imm(:u32, :little)
+					r = Expression[(tmp >> 16) | ((tmp & 0xffff) << 16)]
+				else
+					r = GPR.new(r)
+				end
+			else r
+			end
+			r
+		}
+		# decode properties fields
+		op.args.each { |a|
+			case a
+			when :flags15, :flags16
+				di.instruction.opname += '.f' if field_val[a] != 0
+			when :ccond
+				di.instruction.opname += ('.' + @cond_suffix[field_val[a]]) if field_val[a] != 0
+			when :delay5, :delay16
+				di.instruction.opname += '.d' if field_val[a] != 0
+			when :cache5, :cache11, :cache16
+				di.instruction.opname +='.di' if field_val[a] != 0
+			when :signext6, :signext16
+				di.instruction.opname += '.x' if field_val[a] != 0
+			when :wb3, :wb9, :wb22
+				case field_val[a]
+				when 1; di.instruction.opname += ((memref_size(di) == 2) ? '.ab' : '.a')
+				when 2; di.instruction.opname += '.ab'
+				when 3; di.instruction.opname += '.as'
+				end
+			when :sz1, :sz7, :sz16, :sz17
+				case field_val[a]
+				when 1; di.instruction.opname += 'b'
+				when 2; di.instruction.opname += 'w'
+				end
+			else
+				di.instruction.args << case a
+				# 16-bits instruction operands ------------------------------------------"
+				when :cr0; GPR.new 0
+				when :ca, :cb, :cb2, :cb3, :cc; GPR.new(field_val[a])
+				when :ch
+					if ((r = field_val[a]) == 0x3E)
+						tmp = edata.decode_imm(:u32, :little)
+						Expression[(tmp >> 16) | ((tmp & 0xffff) << 16)]
+					else
+						GPR.new(r)
+					end
+				when :@gps9, :@gps10, :@gps11
+					imm = (a == :@gps11) ? :cs11 : (a == :@gps10) ? :cs10 : :cs9
+					Memref.new(GPR.new(26), Expression[field_val[imm]], memref_size(di))
+				when :cu3, :cu5, :cu5ee, :cu6, :cu7, :cu7l, :cu8; Expression[field_val[a]]
+				when :cs9, :cs10, :cs11;  Expression[field_val[a]]
+				when :cdisps7, :cdisps8, :cdisps10, :cdisps13; Expression[field_val[a]]
+				when :@cb; Memref.new(GPR.new(field_val[:cb]), nil, memref_size(di))
+				when :@cbu7, :@cbu6, :@cbu5; Memref.new(GPR.new(field_val[:cb]), Expression[field_val[a]], memref_size(di))
+				when :@cspu7; Memref.new(GPR.new(28), field_val[a], memref_size(di))
+				when :@cbcc; Memref.new(field_val[:cb], field_val[:cc], memref_size(di))
+				# 32-bits instruction operands ------------------------------------------"
+				when :a, :b
+					((r = field_val[a]) == 0x3E) ? :zero : GPR.new(r)
+				when :b2; GPR.new field_val[:b]
+				when :c; GPR.new field_val[a]
+				when :bext, :cext; field_val[a]
+				when :@cext
+					target = field_val[a]
+					(di.opcode.props[:setip] and target.kind_of? GPR) ? Memref.new(target, nil, memref_size(di)) : target
+				when :@bextcext
+					tmp = field_val[a]
+					#c = tmp & 0x3F
+					tmp = tmp >> 6
+					b = (tmp >> 12) | ((tmp & 0x7) << 3)
+					Memref.new(field_val[:bext],  field_val[:cext], memref_size(di))
+				when :u6, :u6e, :s8e, :s9, :s12; Expression[field_val[a]]
+				when :s12e, :s21e, :s21ee, :s25e, :s25ee; Expression[field_val[a]]
+				when :auxs12; AUX.new field_val[:s12]
+				when :@c; Memref.new(GPR.new(field_val[a]),  nil, memref_size(di))
+				when :@bcext; Memref.new(field_val[a],  nil, memref_size(di))
+				when :@bcext; Memref.new(field_val[:b], field_val[:cext], memref_size(di))
+				when :@bs9
+					# [b,s9] or [limm] if b = 0x3E
+					base = field_val[:bext]
+					Memref.new(base, (base.kind_of? GPR) ? Expression[field_val[a]] : nil, memref_size(di))
+				# common instruction operands ------------------------------------------"
+				when :zero; Expression[0]
+				when :gp; GPR.new(26)
+				when :sp, :sp2; GPR.new(28)
+				when :blink; GPR.new(31)
+				when :@ilink1; Memref.new(GPR.new(29), nil, memref_size(di))
+				when :@ilink2; Memref.new(GPR.new(30), nil, memref_size(di))
+				when :@blink;  Memref.new(GPR.new(31), nil, memref_size(di))
+				else raise SyntaxError, "Internal error: invalid argument #{a} in #{op.name}"
+				end
+			end
+		}
+		di.bin_length += edata.ptr - before_ptr
+		return if edata.ptr > edata.virtsize
+		di
+	end
+	def disassembler_default_func
+		df = DecodedFunction.new
+		df.backtrace_binding = {}
+		15.times { |i|
+			df.backtrace_binding["r#{i}".to_sym] = Expression::Unknown
+		}
+		df.backtracked_for = []
+		df.btfor_callback = lambda { |dasm, btfor, funcaddr, calladdr|
+			if funcaddr != :default
+				btfor
+			elsif di = dasm.decoded[calladdr] and di.opcode.props[:saveip]
+				btfor
+			else []
+			end
+		}
+		df
+	end
+	REG_SYMS = [:r26, :r27, :r28, :r29, :r30, :r31, :r60]
+	def register_symbols
+		REG_SYMS
+	end
+	def backtrace_binding
+		@backtrace_binding ||= init_backtrace_binding
+	end
+	def opshift(op)
+		op[/\d/].to_i
+	end
+	def with_res(arg)
+		arg != :zero
+	end
+	def init_backtrace_binding
+		sp = :r28
+		blink = :r31
+		@backtrace_binding ||= {}
+		mask = lambda { |sz| (1 << sz)-1 }  # 32bits => 0xffff_ffff
+		opcode_list.each{|mode, oplist|
+			oplist.map { |ol| ol.name }.uniq.each { |op|
+				binding = case op
+					  when /^add/, /^sub/
+						  lambda { |di, a0, a1, a2|
+							  if (shift = opshift(op)) == 0
+								  { a0 => Expression[[a1, :+, a2], :&, mask[32]] }
+							  else
+								  { a0 => Expression[[a1, :+, [a2, :<<, shift]], :&, mask[32]] }
+							  end
+						  }
+					  when /^and/
+						  lambda { |di, a0, a1, a2| { a0 => Expression[a1, :&, a2] } }
+					  when /^asl/
+						  lambda { |di, *a| { a[0] => Expression[[a[1], :<<, (a[2] ? a[2]:1)], :&, mask[32]] } }
+					  when /^bxor/
+						  lambda { |di, a0, a1, a2| { a0 => Expression[a1, :^, [1, :<<, a2]] }}
+					  when /^bclr/; lambda { |di, a0, a1, a2| { a0 => Expression[a1, :&, Expression[mask[32], :^, Expression[1, :<<, a2]]] } }
+					  when /^bset/; lambda { |di, a0, a1, a2| { a0 => Expression[a1, :|, Expression[1, :<<, a2]] } }
+					  when /^jl/; lambda { |di, a0| { blink => Expression[di.next_addr] } }
+					  when 'bl', 'bl_s', /^bl\./
+						  # FIXME handle delay slot
+						  # "This address is taken either from the first instruction following the branch (current PC) or the
+						  # instruction after that (next PC) according to the delay slot mode (.d)."
+						  lambda { |di, a0| { blink => Expression[di.next_addr] } }
+					  when /^mov/, /^lr/, /^ld/; lambda { |di, a0, a1| { a0 => a1 } }
+					  when /^neg/; lambda { |di, a0, a1| { a0 => Expression[[0, :-, a1], :&, mask[32]] } }
+					  when /^not/; lambda { |di, a0, a1| { a0 => Expression[[:~, a1], :&, mask[32]] } }
+					  when /^or/; lambda { |di, a0, a1, a2| { a0 => Expression[a1, :|, a2] } }
+					  when /^st/, /^sr/;  lambda { |di, a0, a1| { a1 => a0 } }
+					  when /^ex/; lambda { |di, a0, a1| { a1 => a0 , a0 => a1 } }
+					  when 'push_s'
+						  lambda { |di, a0| {
+							  sp => Expression[sp, :-, 4],
+							  Indirection[sp, @size/8, di.address] => Expression[a0]
+						  } }
+					  when 'pop_s'
+						  lambda { |di, a0| {
+							  a0 => Indirection[sp, @size/8, di.address],
+							  sp => Expression[sp, :+, 4]
+						  } }
+					  end
+				@backtrace_binding[op] ||= binding if binding
+			}
+		}
+		@backtrace_binding
+	end
+	def get_backtrace_binding(di)
+		a = di.instruction.args.map { |arg|
+			case arg
+			when GPR; arg.symbolic
+			when Memref; arg.symbolic(di.address)
+			else arg
+			end
+		}
+		if binding = backtrace_binding[di.opcode.basename]
+			binding[di, *a]
+		else
+			puts "unhandled instruction to backtrace: #{di}" if $VERBOSE
+			{ :incomplete_binding => Expression[1] }
+		end
+	end
+	def get_xrefs_x(dasm, di)
+		return [] if not di.opcode.props[:setip]
+		arg = case di.opcode.name
+		      when 'b', 'b_s', /^j/, /^bl/, /^br/, 'lp'
+			      expr = di.instruction.args.last
+			      expr.kind_of?(Memref) ? expr.base : expr
+		      else di.instruction.args.last
+		      end
+		[Expression[(arg.kind_of?(Reg) ? arg.symbolic : arg)]]
+	end
+	def backtrace_is_function_return(expr, di=nil)
+		Expression[expr].reduce == Expression[register_symbols[5]]
+	end
+	def delay_slot(di=nil)
+		return 0 if (not di) or (not di.opcode.props[:setip])
+		return 1 if di.opcode.props[:delay_slot]
+		(di.instruction.opname =~ /\.d/) ? 0 : 1
+	end
+end
+end