RubyGems - metasm - Versions diffs - 1.0.1 → 1.0.2 - Mend

metasm 1.0.1 → 1.0.2

Files changed (235) hide show

checksums.yaml +7 -0
data/.gitignore +1 -0
data/.hgtags +3 -0
data/Gemfile +1 -0
data/INSTALL +61 -0
data/LICENCE +458 -0
data/README +29 -21
data/Rakefile +10 -0
data/TODO +10 -12
data/doc/code_organisation.txt +2 -0
data/doc/core/DynLdr.txt +247 -0
data/doc/core/ExeFormat.txt +43 -0
data/doc/core/Expression.txt +220 -0
data/doc/core/GNUExports.txt +27 -0
data/doc/core/Ia32.txt +236 -0
data/doc/core/SerialStruct.txt +108 -0
data/doc/core/VirtualString.txt +145 -0
data/doc/core/WindowsExports.txt +61 -0
data/doc/core/index.txt +1 -0
data/doc/style.css +6 -3
data/doc/usage/debugger.txt +327 -0
data/doc/usage/index.txt +1 -0
data/doc/use_cases.txt +2 -2
data/metasm.gemspec +22 -0
data/{lib/metasm.rb → metasm.rb} +11 -3
data/{lib/metasm → metasm}/compile_c.rb +13 -7
data/metasm/cpu/arc.rb +8 -0
data/metasm/cpu/arc/decode.rb +425 -0
data/metasm/cpu/arc/main.rb +191 -0
data/metasm/cpu/arc/opcodes.rb +588 -0
data/{lib/metasm → metasm/cpu}/arm.rb +7 -5
data/{lib/metasm → metasm/cpu}/arm/debug.rb +2 -2
data/{lib/metasm → metasm/cpu}/arm/decode.rb +13 -12
data/{lib/metasm → metasm/cpu}/arm/encode.rb +23 -8
data/{lib/metasm → metasm/cpu}/arm/main.rb +0 -3
data/metasm/cpu/arm/opcodes.rb +324 -0
data/{lib/metasm → metasm/cpu}/arm/parse.rb +25 -13
data/{lib/metasm → metasm/cpu}/arm/render.rb +2 -2
data/metasm/cpu/arm64.rb +15 -0
data/metasm/cpu/arm64/debug.rb +38 -0
data/metasm/cpu/arm64/decode.rb +289 -0
data/metasm/cpu/arm64/encode.rb +41 -0
data/metasm/cpu/arm64/main.rb +105 -0
data/metasm/cpu/arm64/opcodes.rb +232 -0
data/metasm/cpu/arm64/parse.rb +20 -0
data/metasm/cpu/arm64/render.rb +95 -0
data/{lib/metasm/ppc.rb → metasm/cpu/bpf.rb} +2 -4
data/metasm/cpu/bpf/decode.rb +142 -0
data/metasm/cpu/bpf/main.rb +60 -0
data/metasm/cpu/bpf/opcodes.rb +81 -0
data/metasm/cpu/bpf/render.rb +41 -0
data/metasm/cpu/cy16.rb +9 -0
data/metasm/cpu/cy16/decode.rb +253 -0
data/metasm/cpu/cy16/main.rb +63 -0
data/metasm/cpu/cy16/opcodes.rb +78 -0
data/metasm/cpu/cy16/render.rb +41 -0
data/metasm/cpu/dalvik.rb +11 -0
data/{lib/metasm → metasm/cpu}/dalvik/decode.rb +35 -13
data/{lib/metasm → metasm/cpu}/dalvik/main.rb +51 -2
data/{lib/metasm → metasm/cpu}/dalvik/opcodes.rb +19 -11
data/metasm/cpu/ia32.rb +17 -0
data/{lib/metasm → metasm/cpu}/ia32/compile_c.rb +5 -7
data/{lib/metasm → metasm/cpu}/ia32/debug.rb +5 -5
data/{lib/metasm → metasm/cpu}/ia32/decode.rb +246 -59
data/{lib/metasm → metasm/cpu}/ia32/decompile.rb +7 -7
data/{lib/metasm → metasm/cpu}/ia32/encode.rb +19 -13
data/{lib/metasm → metasm/cpu}/ia32/main.rb +51 -8
data/metasm/cpu/ia32/opcodes.rb +1424 -0
data/{lib/metasm → metasm/cpu}/ia32/parse.rb +47 -16
data/{lib/metasm → metasm/cpu}/ia32/render.rb +31 -4
data/metasm/cpu/mips.rb +14 -0
data/{lib/metasm → metasm/cpu}/mips/compile_c.rb +1 -1
data/metasm/cpu/mips/debug.rb +42 -0
data/{lib/metasm → metasm/cpu}/mips/decode.rb +46 -16
data/{lib/metasm → metasm/cpu}/mips/encode.rb +4 -3
data/{lib/metasm → metasm/cpu}/mips/main.rb +11 -4
data/{lib/metasm → metasm/cpu}/mips/opcodes.rb +86 -17
data/{lib/metasm → metasm/cpu}/mips/parse.rb +1 -1
data/{lib/metasm → metasm/cpu}/mips/render.rb +1 -1
data/{lib/metasm/dalvik.rb → metasm/cpu/msp430.rb} +1 -1
data/metasm/cpu/msp430/decode.rb +247 -0
data/metasm/cpu/msp430/main.rb +62 -0
data/metasm/cpu/msp430/opcodes.rb +101 -0
data/{lib/metasm → metasm/cpu}/pic16c/decode.rb +6 -7
data/{lib/metasm → metasm/cpu}/pic16c/main.rb +0 -0
data/{lib/metasm → metasm/cpu}/pic16c/opcodes.rb +1 -1
data/{lib/metasm/mips.rb → metasm/cpu/ppc.rb} +4 -4
data/{lib/metasm → metasm/cpu}/ppc/decode.rb +18 -12
data/{lib/metasm → metasm/cpu}/ppc/decompile.rb +3 -3
data/{lib/metasm → metasm/cpu}/ppc/encode.rb +2 -2
data/{lib/metasm → metasm/cpu}/ppc/main.rb +17 -12
data/{lib/metasm → metasm/cpu}/ppc/opcodes.rb +11 -5
data/metasm/cpu/ppc/parse.rb +55 -0
data/metasm/cpu/python.rb +8 -0
data/metasm/cpu/python/decode.rb +136 -0
data/metasm/cpu/python/main.rb +36 -0
data/metasm/cpu/python/opcodes.rb +180 -0
data/{lib/metasm → metasm/cpu}/sh4.rb +1 -1
data/{lib/metasm → metasm/cpu}/sh4/decode.rb +48 -17
data/{lib/metasm → metasm/cpu}/sh4/main.rb +13 -4
data/{lib/metasm → metasm/cpu}/sh4/opcodes.rb +7 -8
data/metasm/cpu/x86_64.rb +15 -0
data/{lib/metasm → metasm/cpu}/x86_64/compile_c.rb +28 -17
data/{lib/metasm → metasm/cpu}/x86_64/debug.rb +4 -4
data/{lib/metasm → metasm/cpu}/x86_64/decode.rb +57 -15
data/{lib/metasm → metasm/cpu}/x86_64/encode.rb +55 -26
data/{lib/metasm → metasm/cpu}/x86_64/main.rb +14 -6
data/metasm/cpu/x86_64/opcodes.rb +136 -0
data/{lib/metasm → metasm/cpu}/x86_64/parse.rb +10 -2
data/metasm/cpu/x86_64/render.rb +35 -0
data/metasm/cpu/z80.rb +9 -0
data/metasm/cpu/z80/decode.rb +313 -0
data/metasm/cpu/z80/main.rb +67 -0
data/metasm/cpu/z80/opcodes.rb +224 -0
data/metasm/cpu/z80/render.rb +59 -0
data/{lib/metasm/os/main.rb → metasm/debug.rb} +160 -401
data/{lib/metasm → metasm}/decode.rb +35 -4
data/{lib/metasm → metasm}/decompile.rb +15 -16
data/{lib/metasm → metasm}/disassemble.rb +201 -45
data/{lib/metasm → metasm}/disassemble_api.rb +651 -87
data/{lib/metasm → metasm}/dynldr.rb +220 -133
data/{lib/metasm → metasm}/encode.rb +10 -1
data/{lib/metasm → metasm}/exe_format/a_out.rb +9 -6
data/{lib/metasm → metasm}/exe_format/autoexe.rb +1 -0
data/{lib/metasm → metasm}/exe_format/bflt.rb +57 -27
data/{lib/metasm → metasm}/exe_format/coff.rb +11 -3
data/{lib/metasm → metasm}/exe_format/coff_decode.rb +53 -20
data/{lib/metasm → metasm}/exe_format/coff_encode.rb +11 -13
data/{lib/metasm → metasm}/exe_format/dex.rb +13 -5
data/{lib/metasm → metasm}/exe_format/dol.rb +1 -0
data/{lib/metasm → metasm}/exe_format/elf.rb +93 -57
data/{lib/metasm → metasm}/exe_format/elf_decode.rb +143 -34
data/{lib/metasm → metasm}/exe_format/elf_encode.rb +122 -31
data/metasm/exe_format/gb.rb +65 -0
data/metasm/exe_format/javaclass.rb +424 -0
data/{lib/metasm → metasm}/exe_format/macho.rb +204 -16
data/{lib/metasm → metasm}/exe_format/main.rb +26 -3
data/{lib/metasm → metasm}/exe_format/mz.rb +1 -0
data/{lib/metasm → metasm}/exe_format/nds.rb +7 -4
data/{lib/metasm → metasm}/exe_format/pe.rb +71 -8
data/metasm/exe_format/pyc.rb +167 -0
data/{lib/metasm → metasm}/exe_format/serialstruct.rb +67 -14
data/{lib/metasm → metasm}/exe_format/shellcode.rb +7 -3
data/metasm/exe_format/shellcode_rwx.rb +114 -0
data/metasm/exe_format/swf.rb +205 -0
data/{lib/metasm → metasm}/exe_format/xcoff.rb +7 -7
data/metasm/exe_format/zip.rb +335 -0
data/metasm/gui.rb +13 -0
data/{lib/metasm → metasm}/gui/cstruct.rb +35 -41
data/{lib/metasm → metasm}/gui/dasm_coverage.rb +11 -11
data/{lib/metasm → metasm}/gui/dasm_decomp.rb +7 -20
data/{lib/metasm → metasm}/gui/dasm_funcgraph.rb +0 -0
data/metasm/gui/dasm_graph.rb +1695 -0
data/{lib/metasm → metasm}/gui/dasm_hex.rb +12 -8
data/{lib/metasm → metasm}/gui/dasm_listing.rb +43 -28
data/{lib/metasm → metasm}/gui/dasm_main.rb +310 -53
data/{lib/metasm → metasm}/gui/dasm_opcodes.rb +5 -19
data/{lib/metasm → metasm}/gui/debug.rb +93 -27
data/{lib/metasm → metasm}/gui/gtk.rb +162 -40
data/{lib/metasm → metasm}/gui/qt.rb +12 -2
data/{lib/metasm → metasm}/gui/win32.rb +179 -42
data/{lib/metasm → metasm}/gui/x11.rb +59 -59
data/{lib/metasm → metasm}/main.rb +389 -264
data/{lib/metasm/os/remote.rb → metasm/os/gdbremote.rb} +146 -54
data/{lib/metasm → metasm}/os/gnu_exports.rb +1 -1
data/{lib/metasm → metasm}/os/linux.rb +628 -151
data/metasm/os/main.rb +330 -0
data/{lib/metasm → metasm}/os/windows.rb +132 -42
data/{lib/metasm → metasm}/os/windows_exports.rb +141 -0
data/{lib/metasm → metasm}/parse.rb +26 -24
data/{lib/metasm → metasm}/parse_c.rb +221 -116
data/{lib/metasm → metasm}/preprocessor.rb +55 -40
data/{lib/metasm → metasm}/render.rb +14 -38
data/misc/hexdump.rb +2 -1
data/misc/lint.rb +58 -0
data/misc/txt2html.rb +9 -7
data/samples/bindiff.rb +3 -4
data/samples/dasm-plugins/bindiff.rb +15 -0
data/samples/dasm-plugins/bookmark.rb +133 -0
data/samples/dasm-plugins/c_constants.rb +57 -0
data/samples/dasm-plugins/colortheme_solarized.rb +125 -0
data/samples/dasm-plugins/cppobj_funcall.rb +60 -0
data/samples/dasm-plugins/dasm_all.rb +70 -0
data/samples/dasm-plugins/demangle_cpp.rb +31 -0
data/samples/dasm-plugins/deobfuscate.rb +251 -0
data/samples/dasm-plugins/dump_text.rb +35 -0
data/samples/dasm-plugins/export_graph_svg.rb +86 -0
data/samples/dasm-plugins/findgadget.rb +75 -0
data/samples/dasm-plugins/hl_opcode.rb +32 -0
data/samples/dasm-plugins/hotfix_gtk_dbg.rb +19 -0
data/samples/dasm-plugins/imm2off.rb +34 -0
data/samples/dasm-plugins/match_libsigs.rb +93 -0
data/samples/dasm-plugins/patch_file.rb +95 -0
data/samples/dasm-plugins/scanfuncstart.rb +36 -0
data/samples/dasm-plugins/scanxrefs.rb +26 -0
data/samples/dasm-plugins/selfmodify.rb +197 -0
data/samples/dasm-plugins/stringsxrefs.rb +28 -0
data/samples/dasmnavig.rb +1 -1
data/samples/dbg-apihook.rb +24 -9
data/samples/dbg-plugins/heapscan.rb +283 -0
data/samples/dbg-plugins/heapscan/compiled_heapscan_lin.c +155 -0
data/samples/dbg-plugins/heapscan/compiled_heapscan_win.c +128 -0
data/samples/dbg-plugins/heapscan/graphheap.rb +616 -0
data/samples/dbg-plugins/heapscan/heapscan.rb +709 -0
data/samples/dbg-plugins/heapscan/winheap.h +174 -0
data/samples/dbg-plugins/heapscan/winheap7.h +307 -0
data/samples/dbg-plugins/trace_func.rb +214 -0
data/samples/disassemble-gui.rb +35 -5
data/samples/disassemble.rb +31 -6
data/samples/dump_upx.rb +24 -12
data/samples/dynamic_ruby.rb +12 -3
data/samples/exeencode.rb +6 -5
data/samples/factorize-headers-peimports.rb +1 -1
data/samples/lindebug.rb +175 -381
data/samples/metasm-shell.rb +1 -2
data/samples/peldr.rb +2 -2
data/tests/all.rb +1 -1
data/tests/arc.rb +26 -0
data/tests/dynldr.rb +22 -4
data/tests/expression.rb +55 -0
data/tests/graph_layout.rb +285 -0
data/tests/ia32.rb +79 -26
data/tests/mips.rb +9 -2
data/tests/x86_64.rb +66 -18
metadata +330 -218
data/lib/metasm/arm/opcodes.rb +0 -177
data/lib/metasm/gui.rb +0 -23
data/lib/metasm/gui/dasm_graph.rb +0 -1354
data/lib/metasm/ia32.rb +0 -14
data/lib/metasm/ia32/opcodes.rb +0 -873
data/lib/metasm/ppc/parse.rb +0 -52
data/lib/metasm/x86_64.rb +0 -12
data/lib/metasm/x86_64/opcodes.rb +0 -118
data/samples/gdbclient.rb +0 -583
data/samples/rubstop.rb +0 -399

@@ -1,399 +0,0 @@
-#    This file is part of Metasm, the Ruby assembly manipulation suite
-#    Copyright (C) 2006-2009 Yoann GUILLOT
-#
-#    Licence is LGPL, see LICENCE in the top-level directory
-#
-# this exemple illustrates the use of the PTrace class to implement a pytstop-like functionnality
-# Works on linux/x86
-#
-require 'metasm'
-class Rubstop < Metasm::PTrace
-	EFLAGS = {0 => 'c', 2 => 'p', 4 => 'a', 6 => 'z', 7 => 's', 9 => 'i', 10 => 'd', 11 => 'o'}
-	# define accessors for registers
-	%w[eax ebx ecx edx ebp esp edi esi eip orig_eax eflags dr0 dr1 dr2 dr3 dr6 dr7 cs ds es fs gs].each { |reg|
-		define_method(reg) { peekusr(REGS_I386[reg.upcase]) & 0xffffffff }
-		define_method(reg+'=') { |v|
-			@regs_cache[reg] = v
-			v = [v & 0xffffffff].pack('L').unpack('l').first if v >= 0x8000_0000
-			pokeusr(REGS_I386[reg.upcase], v)
-		}
-	}
-	def cont(signal=0)
-		@ssdontstopbp = nil
-		singlestep(true) if @wantbp
-		super(signal)
-		::Process.waitpid(@pid)
-		return if child.exited?
-		@oldregs.update @regs_cache
-		readregs
-		checkbp
-	end
-	def singlestep(justcheck=false)
-		super()
-		::Process.waitpid(@pid)
-		return if child.exited?
-		case @wantbp
-		when ::Integer; bpx @wantbp ; @wantbp = nil
-		when ::String; self.dr7 |= 1 << (2*@wantbp[2, 1].to_i) ; @wantbp = nil
-		end
-		return if justcheck
-		@oldregs.update @regs_cache
-		readregs
-		checkbp
-	end
-	def stepover
-		i = curinstr.instruction if curinstr
-		if i and (i.opname == 'call' or (i.prefix and i.prefix[:rep]))
-			eaddr = @regs_cache['eip'] + curinstr.bin_length
-			bpx eaddr, true
-			cont
-		else
-			singlestep
-		end
-	end
-	def stepout
-		# XXX @regs_cache..
-		stepover until curinstr.opcode.name == 'ret'
-		singlestep
-	end
-	def syscall
-		@ssdontstopbp = nil
-		singlestep(true) if @wantbp
-		super()
-		::Process.waitpid(@pid)
-		return if child.exited?
-		@oldregs.update @regs_cache
-		readregs
-		checkbp
-	end
-	def state; :stopped end
-	def ptrace; self end
-	attr_accessor :pgm, :regs_cache, :breakpoints, :singleshot, :wantbp,
-		:symbols, :symbols_len, :filemap, :has_pax, :oldregs
-	def initialize(*a)
-		super(*a)
-		@pgm = Metasm::ExeFormat.new Metasm::Ia32.new
-		@pgm.encoded = Metasm::EncodedData.new Metasm::LinuxRemoteString.new(@pid)
-		@pgm.encoded.data.dbg = self
-		@regs_cache = {}
-		@oldregs = {}
-		readregs
-		@oldregs.update @regs_cache
-		@breakpoints = {}
-		@singleshot = {}
-		@wantbp = nil
-		@symbols = {}
-		@symbols_len = {}
-		@filemap = {}
-		@has_pax = false
-		stack = self[regs_cache['esp'], 0x1000].to_str.unpack('L*')
-		stack.shift	# argc
-		stack.shift until stack.empty? or stack.first == 0	# argv
-		stack.shift
-		stack.shift until stack.empty? or stack.first == 0	# envp
-		stack.shift
-		stack.shift until stack.empty? or stack.shift == 3	# find PHDR ptr in auxv
-		if phdr = stack.shift
-			phdr &= 0xffff_f000
-			loadsyms phdr, phdr.to_s(16)
-		end
-	end
-	def set_pax(bool)
-		if bool
-			@pgm.encoded.data.invalidate
-			code = @pgm.encoded.data[eip, 4]
-			if code != "\0\0\0\0" and @pgm.encoded.data[eip+0x6000_0000, 4] == code
-				@has_pax = 'segmexec'
-			else
-				@has_pax = 'pax'
-			end
-		else
-			@has_pax = false
-		end
-	end
-	def readregs
-		%w[eax ebx ecx edx esi edi esp ebp eip orig_eax eflags dr0 dr1 dr2 dr3 dr6 dr7 cs ds].each { |r| @regs_cache[r] = send(r) }
-		@curinstr = nil if @regs_cache['eip'] != @oldregs['eip']
-		@pgm.encoded.data.invalidate
-	end
-	def curinstr
-		@curinstr ||= mnemonic_di
-	end
-	def child
-		$?
-	end
-	def checkbp
-		::Process::waitpid(@pid, ::Process::WNOHANG) if not child
-		return if not child
-		if not child.stopped?
-			if child.exited?;      log "process exited with status #{child.exitstatus}"
-			elsif child.signaled?; log "process exited due to signal #{child.termsig} (#{Signal.list.index child.termsig})"
-			else                log "process in unknown status #{child.inspect}"
-			end
-			return
-		elsif child.stopsig != ::Signal.list['TRAP']
-			log "process stopped due to signal #{child.stopsig} (#{Signal.list.index child.stopsig})"
-			return	# do not check 0xcc at eip-1 ! ( if curinstr.bin_length == 1 )
-		end
-		ccaddr = @regs_cache['eip']-1
-		if @breakpoints[ccaddr] and self[ccaddr] == 0xcc
-			if @ssdontstopbp != ccaddr
-				self[ccaddr] = @breakpoints.delete ccaddr
-				self.eip = ccaddr
-				@wantbp = ccaddr if not @singleshot.delete ccaddr
-				@ssdontstopbp = ccaddr
-			else
-				@ssdontstopbp = nil
-			end
-		elsif @regs_cache['dr6'] & 15 != 0
-			dr = (0..3).find { |dr_| @regs_cache['dr6'] & (1 << dr_) != 0 }
-			@wantbp = "dr#{dr}" if not @singleshot.delete @regs_cache['eip']
-			self.dr6 = 0
-			self.dr7 = @regs_cache['dr7'] & (0xffff_ffff ^ (3 << (2*dr)))
-			readregs
-		end
-	end
-	def bpx(addr, singleshot=false)
-		@singleshot[addr] = singleshot
-		return if @breakpoints[addr]
-		if @has_pax
-			set_hwbp 'x', addr
-		else
-			begin
-				@breakpoints[addr] = self[addr]
-				self[addr] = 0xcc
-			rescue Errno::EIO
-				log 'i/o error when setting breakpoint, switching to PaX mode'
-				set_pax true
-				@breakpoints.delete addr
-				bpx(addr, singleshot)
-			end
-		end
-	end
-	def mnemonic_di(addr = eip)
-		@pgm.encoded.ptr = addr
-		di = @pgm.cpu.decode_instruction(@pgm.encoded, addr)
-		@curinstr = di if addr == @regs_cache['eip']
-		di
-	end
-	def mnemonic(addr=eip)
-		mnemonic_di(addr).instruction
-	end
-	def regs_dump
-		[%w[eax ebx ecx edx orig_eax], %w[ebp esp edi esi eip]].map { |l|
-			l.map { |reg| "#{reg}=#{'%08x' % @regs_cache[reg]}" }.join(' ')
-		}.join("\n")
-	end
-	def findfilemap(s)
-		@filemap.keys.find { |k| @filemap[k][0] <= s and @filemap[k][1] > s } || '???'
-	end
-	def findsymbol(k)
-		file = findfilemap(k) + '!'
-		if s = @symbols[k] ? k : @symbols.keys.find { |s_| s_ < k and s_ + @symbols_len[s_].to_i > k }
-			file + @symbols[s] + (s == k ? '' : "+#{(k-s).to_s(16)}")
-		else
-			file + ('%08x' % k)
-		end
-	end
-	def set_hwbp(type, addr, len=1)
-		dr = (0..3).find { |dr_| @regs_cache['dr7'] & (1 << (2*dr_)) == 0 and @wantbp != "dr#{dr}" }
-		if not dr
-			log 'no debug reg available :('
-			return false
-		end
-		@regs_cache['dr7'] &= 0xffff_ffff ^ (0xf << (16+4*dr))
-		case type
-		when 'x'; addr += (@has_pax == 'segmexec' ? 0x6000_0000 : 0)
-		when 'r'; @regs_cache['dr7'] |= (((len-1)<<2)|3) << (16+4*dr)
-		when 'w'; @regs_cache['dr7'] |= (((len-1)<<2)|1) << (16+4*dr)
-		end
-		send("dr#{dr}=", addr)
-		self.dr6 = 0
-		self.dr7 = @regs_cache['dr7'] | (1 << (2*dr))
-		readregs
-		true
-	end
-	def clearbreaks
-		@wantbp = nil if @wantbp == @regs_cache['eip']
-		@breakpoints.each { |addr, oct| self[addr, 1] = oct }
-		@breakpoints.clear
-		if @regs_cache['dr7'] & 0xff != 0
-			self.dr7 = 0
-			readregs
-		end
-	end
-	def loadsyms(baseaddr, name)
-		@loadedsyms ||= {}
-		return if @loadedsyms[name] or self[baseaddr, 4] != "\x7fELF"
-		@loadedsyms[name] = true
-		set_status " loading symbols from #{name}..."
-		e = Metasm::LoadedELF.load self[baseaddr, 0x100_0000]
-		e.load_address = baseaddr
-		begin
-			e.decode
-			#e = Metasm::ELF.decode_file name rescue return 	# read from disk
-		rescue
-			log "failed to load symbols from #{name}: #$!"
-			($!.backtrace - caller).each { |l| log l.chomp }
-			@filemap[baseaddr.to_s(16)] = [baseaddr, baseaddr+0x1000]
-			return
-		end
-		if e.tag['SONAME']
-			name = e.tag['SONAME']
-			return if name and @loadedsyms[name]
-			@loadedsyms[name] = true
-		end
-		last_s = e.segments.reverse.find { |s| s.type == 'LOAD' }
-		vlen = last_s.vaddr + last_s.memsz
-		vlen -= baseaddr if e.header.type == 'EXEC'
-		@filemap[name] = [baseaddr, baseaddr + vlen]
-		oldsyms = @symbols.length
-		e.symbols.each { |s|
-			next if not s.name or s.shndx == 'UNDEF'
-			sname = s.name
-			sname = 'weak_'+sname if s.bind == 'WEAK'
-			sname = 'local_'+sname if s.bind == 'LOCAL'
-			v = s.value
-			v = baseaddr + v if v < baseaddr
-			@symbols[v] = sname
-			@symbols_len[v] = s.size
-		}
-		if e.header.type == 'EXEC'
-			@symbols[e.header.entry] = 'entrypoint'
-		end
-		set_status nil
-		log "loaded #{@symbols.length-oldsyms} symbols from #{name} at #{'%08x' % baseaddr}"
-	end
-	def loadallsyms
-		File.read("/proc/#{@pid}/maps").each { |l|
-			name = l.split[5]
-			loadsyms l.to_i(16), name if name and name[0] == ?/
-		}
-	end
-	def loadmap(mapfile)
-		# file fmt: addr type name eg 'c01001ba t setup_idt'
-		minaddr = maxaddr = nil
-		File.read(mapfile).each { |l|
-			addr, type, name = l.chomp.split
-			addr = addr.to_i(16)
-			minaddr = addr if not minaddr or minaddr > addr
-			maxaddr = addr if not maxaddr or maxaddr < addr
-			@symbols[addr] = name
-		}
-		if minaddr
-			@filemap[minaddr.to_s(16)] = [minaddr, maxaddr+1]
-		end
-	end
-	def scansyms
-		addr = 0
-		fd = @pgm.encoded.data.readfd
-		while addr <= 0xffff_f000
-			addr = 0xc000_0000 if @has_pax and addr == 0x6000_0000
-			log "scansym: #{'%08x' % addr}" if addr & 0x0fff_ffff == 0
-			fd.pos = addr
-			loadsyms(addr, '%08x'%addr) if (fd.read(4) == "\x7fELF" rescue false)
-			addr += 0x1000
-		end
-	end
-	def backtrace
-		s = findsymbol(@regs_cache['eip'])
-		if block_given?
-			yield s
-		else
-			bt = []
-			bt << s
-		end
-		fp = @regs_cache['ebp']
-		while fp >= @regs_cache['esp'] and fp <= @regs_cache['esp']+0x10000
-			s = findsymbol(self[fp+4, 4].unpack('L').first)
-			if block_given?
-				yield s
-			else
-				bt << s
-			end
-			fp = self[fp, 4].unpack('L').first
-		end
-		bt
-	end
-	def [](addr, len=nil)
-		@pgm.encoded.data[addr, len]
-	end
-	def []=(addr, len, str=nil)
-		@pgm.encoded.data[addr, len] = str
-	end
-	attr_accessor :logger
-	def log(s)
-		@logger ||= $stdout
-		@logger.puts s
-	end
-	# set a temporary status info (nil for default value)
-	def set_status(s)
-		@logger ||= $stdout
-		if @logger != $stdout
-			@logger.statusline = s
-		else
-			s ||= ' '*72
-			@logger.print s + "\r"
-			@logger.flush
-		end
-	end
-end
-if $0 == __FILE__
-	# start debugging
-	rs = Rubstop.new(ARGV.shift)
-	begin
-		while rs.child.stopped? and rs.child.stopsig == Signal.list['TRAP']
-			if $VERBOSE
-				puts "#{'%08x' % rs.eip} #{rs.mnemonic}"
-				rs.singlestep
-			else
-				rs.syscall ; rs.syscall	# wait return of syscall
-				puts "#{rs.orig_eax.to_s.ljust(3)} #{rs.syscallnr.index rs.orig_eax}"
-			end
-		end
-		p rs.child
-		puts rs.regs_dump
-	rescue Interrupt
-		rs.detach rescue nil
-		puts 'interrupted!'
-	rescue Errno::ESRCH
-	end
-end