From 15230bbb9b1f69def9b0e1b41a097638c0fda734 Mon Sep 17 00:00:00 2001 From: johannst Date: Tue, 28 Apr 2020 09:11:18 +0000 Subject: deploy: fef4d6ff2ad9f48e6dccde0f061453e6a3ac624e --- print.html | 927 +++++++++++++++++++++++++++++++------------------------------ 1 file changed, 474 insertions(+), 453 deletions(-) (limited to 'print.html') diff --git a/print.html b/print.html index 66f1ebe..c10b517 100644 --- a/print.html +++ b/print.html @@ -83,7 +83,7 @@ @@ -150,221 +150,106 @@
-

ld.so(8)

-

Environment Variables

-
  LD_PRELOAD=<l_so>       colon separated list of libso's to be pre loaded
-  LD_DEBUG=<opts>         comma separated list of debug options
-          =help           list available options
-          =libs           show library search path
-          =files          processing of input files
-          =symbols        show search path for symbol lookup
-          =bindings       show against which definition a symbol is bound
+                        
zsh(1)

+
Keybindings

+
Change input mode:

+
bindkey -v              change to vi keymap
+bindkey -e              change to emacs keymap
 

-
LD_PRELOAD: Initialization Order and Link Map

-
Libraries specified in LD_PRELOAD are loaded from left-to-right but
-initialized from right-to-left.

-
  > ldd ./main
-    >> libc.so.6 => /usr/lib/libc.so.6
+
Define key-mappings:

+
bindkey                 list mappings in current keymap
+bindkey in-str cmd      create mapping for `in-str` to `cmd`
+bindkey -r in-str       remove binding for `in-str`
 
-  > LD_PRELOAD=liba.so:libb.so ./main
-             -->
-      preloaded in this order
-             <--
-      initialized in this order
-

-
The preload order determines:

-
    
-
  • the order libraries are inserted into the link map
    • 
-
  • the initialization order for libraries
    • 
-

-
For the example listed above the resulting link map will look like the
-following:

-
  +------+    +------+    +------+    +------+
-  | main | -> | liba | -> | libb | -> | libc |
-  +------+    +------+    +------+    +------+
+# C-v <key>             dump <key> code, which can be used in `in-str`
+# zle -l                list all functions for keybindings
+# man zshzle(1)         STANDARD WIDGETS: get description of functions
 

-
This can be seen when running with LD_DEBUG=files:

-
  > LD_DEBUG=files LD_PRELOAD=liba.so:libb.so ./main
-    # load order (-> determines link map)
-    >> file=liba.so [0];  generating link map
-    >> file=libb.so [0];  generating link map
-    >> file=libc.so.6 [0];  generating link map
+
Completion

+
Installation

+
Completion functions are provided via files and need to be placed in a location
+covered by $fpath. By convention the completion files are names as _<CMD>.

+
A completion skeleton for the command foo, stored in _foo

+
#compdef _foo foo
 
-    # init order
-    >> calling init: /usr/lib/libc.so.6
-    >> calling init: <path>/libb.so
-    >> calling init: <path>/liba.so
-    >> initialize program: ./main
-

-
To verify the link map order we let ld.so resolve the memcpy(3) libc
-symbol (used in main) dynamically, while enabling LD_DEBUG=symbols,bindings
-to see the resolving in action.

-
  > LD_DEBUG=symbols,bindings LD_PRELOAD=liba.so:libb.so ./main
-    >> symbol=memcpy;  lookup in file=./main [0]
-    >> symbol=memcpy;  lookup in file=<path>/liba.so [0]
-    >> symbol=memcpy;  lookup in file=<path>/libb.so [0]
-    >> symbol=memcpy;  lookup in file=/usr/lib/libc.so.6 [0]
-    >> binding file ./main [0] to /usr/lib/libc.so.6 [0]: normal symbol `memcpy' [GLIBC_2.14]
-

-
Dynamic Linking (x86_64)

-
Dynamic linking basically works via one indirect jump. It uses a combination of
-function trampolines (.plt section) and a function pointer table (.got.plt
-section).
-On the first call the trampoline sets up some metadata and then jumps to the
-ld.so runtime resolve function, which in turn patches the table with the
-correct function pointer.

-
  .plt ....... procedure linkage table, contains function trampolines, usually
-               located in code segment (rx permission)
-  .got.plt ... global offset table for .plt, holds the function pointer table
+function _foo() {
+	...
+}
 

-
Using radare2 we can analyze this in more detail:

-
  [0x00401040]> pd 4 @ section..got.plt
-              ;-- section..got.plt:
-              ;-- .got.plt:    ; [22] -rw- section size 32 named .got.plt
-              ;-- _GLOBAL_OFFSET_TABLE_:
-         [0]  0x00404000      .qword 0x0000000000403e10 ; section..dynamic
-         [1]  0x00404008      .qword 0x0000000000000000
-              ; CODE XREF from section..plt @ +0x6
-         [2]  0x00404010      .qword 0x0000000000000000
-              ;-- reloc.puts:
-              ; CODE XREF from sym.imp.puts @ 0x401030
-         [3]  0x00404018      .qword 0x0000000000401036 ; RELOC 64 puts
-
-  [0x00401040]> pd 6 @ section..plt
-              ;-- section..plt:
-              ;-- .plt:       ; [12] -r-x section size 32 named .plt
-          ┌─> 0x00401020      ff35e22f0000   push qword [0x00404008]
-          ╎   0x00401026      ff25e42f0000   jmp qword [0x00404010]
-          ╎   0x0040102c      0f1f4000       nop dword [rax]
-  ┌ 6: int sym.imp.puts (const char *s);
-  └       ╎   0x00401030      ff25e22f0000   jmp qword [reloc.puts]
-          ╎   0x00401036      6800000000     push 0
-          └─< 0x0040103b      e9e0ffffff     jmp sym..plt
+
Alternatively one can install a completion function explicitly by calling compdef <FUNC> <CMD>.

+
Completion Variables

+
Following variables are available in Completion functions:

+
$words              # array with command line in words
+$#words             # number words
+$CURRENT            # index into $words for cursor position
+$words[CURRENT-1]   # previous word (relative to cursor position)
 

+
Completion Functions

 
    
-
  • At address 0x00401030 in the .plt section we see the indirect jump for
-puts using the function pointer in _GLOBAL_OFFSET_TABLE_[3] (GOT).
    • 
-
  • GOT[3] initially points to instruction after the puts trampoline
-0x00401036.
    • 
-
  • This pushes the relocation index 0 and then jumps to the first trampoline
-0x00401020.
    • 
-
  • The first trampoline jumps to GOT[2] which will be filled at program
-startup by the ld.so with its resolve function.
    • 
-
  • The ld.so resolve function fixes the relocation referenced by the
-relocation index pushed by the puts trampoline.
    • 
-
  • The relocation entry at index 0 tells the resolve function which symbol to
-search for and where to put the function pointer:
-
      > readelf -r <main>
-    >> Relocation section '.rela.plt' at offset 0x4b8 contains 1 entry:
-    >>   Offset          Info           Type           Sym. Value    Sym. Name + Addend
-    >> 000000404018  000200000007 R_X86_64_JUMP_SLO 0000000000000000 puts@GLIBC_2.2.5 + 0
-
    
-As we can see the offset from relocation at index 0 points to GOT[3].
    • 
+
  • _describe     simple completion, just words + description
    • 
+
  • _arguments    sophisticated completion, allow to specify actions
    • 
 

-
git(1)

-
staging

-
  git add -p [<file>] ............ partial staging (interactive)
-

-
Remote

-
  git remote -v .................. list remotes verbose (with URLs)
-  git remote show [-n] <remote> .. list info for <remote> (like remote HEAD,
-                                   remote branches, tracking mapping)
-

-
Branching

-
  git branch [-a] ................ list available branches; -a to include
-                                   remote branches
-  git branch -vv ................. list branch & annotate with head sha1 &
-                                   remote tracking branch
-  git branch <bname> ............. create branch with name <bname>
-  git checkout <bname> ........... switch to branch with name <bname>
-  git push -u origin <rbname> .... push branch to origin (or other remote), and
-                                   setup <rbname> as tracking branch
-

-
Resetting

-
  git reset [opt] <ref|commit>
-    opt:
-      --mixed .................... resets index, but not working tree
-      --hard ..................... matches the working tree and index to that
-                                   of the tree being switched to any changes to
-                                   tracked files in the working tree since
-                                   <commit> are lost
-  git reset HEAD <file> .......... remove file from staging
-  git reset --soft HEAD~1 ........ delete most recent commit but keep work
-  git reset --hard HEAD~1 ........ delete most recent commit and delete work
+
Completion with _describe

+
_describe MSG COMP
 

-
Tags

-
  git tag -a <tname> -m "descr" ........ creates an annotated tag (full object
-                                         containing tagger, date, ...)
-  git tag -l ........................... list available tags
-  git checkout tag/<tname> ............. checkout specific tag
-  git checkout tag/<tname> -b <bname> .. checkout specific tag in a new branch
+
    
+
  • MSG simple string with header message
    • 
+
  • COMP array of completions where each entry is "opt:description"
    • 
+

+
function _foo() {
+    local -a opts
+    opts=('bla:desc for bla' 'blu:desc for blu')
+    _describe 'foo-msg' opts
+}
+compdef _foo foo
+
+foo <TAB><TAB>
+ -- foo-msg --
+bla  -- desc for bla
+blu  -- desc for blu
 

-
Diff

-
  git diff HEAD:<fname> origin/HEAD:<fname> ... diff files for different refs
-  git diff -U$(wc -l <fname>) <fname> ......... shows complete file with diffs
-                                                instead of usual diff snippets
+
Completion with _arguments

+
_arguments SPEC [SPEC...]
 

-
Log

-
  git log --oneline .... shows log in single line per commit -> alias for
-                         '--pretty=oneline --abbrev-commit'
-  git log --graph ...... text based graph of commit history
-  git log --decorate ... decorate log with REFs
+
where SPEC can have one of the following forms:

+
    
+
  • OPT[DESC]:MSG:ACTION
    • 
+
  • N:MSG:ACTION
    • 
+

+
Available actions

+
(op1 op2)   list possible matches
+->VAL       set $state=VAL and continue, `$state` can be checked later in switch case
+FUNC        call func to generate matches
+{STR}       evaluate `STR` to generate matches
 

-
File history

-
  git log -p <file> ......... show commit history + diffs for <file>
-  git log --oneline <file> .. show commit history for <file> in compact format
+
Example

+
Skeleton to copy/paste for writing simple completions.

+
Assume a program foo with the following interface:

+
foo -c green|red|blue -s low|high -f <file> -d <dir> -h
 

-
Patching

-
  git format-patch <opt> <since>/<revision range>
-    opt:
-      -N ................... use [PATCH] instead [PATCH n/m] in subject when
-                             generating patch description (for patches spanning
-                             multiple commits)
-      --start-number <n> ... start output file generation with <n> as start
-                             number instead '1'
-    since spcifier:
-      -3 .................. e.g: create a patch from last three commits
-      <commit hash> ....... create patch with commits starting after <commit hash>
-
-  git am <patch> ......... apply patch and create a commit for it
+
The completion handler could be implemented as follows in a file called _foo:

+
#compdef _foo foo
 
-  git apply --stat <PATCH> ... see which files the patch would change
-  git apply --check <PATCH> .. see if the patch can be applied cleanly
-  git apply <PATCH> .......... apply the patch locally without creating a commit
+function _foo_color() {
+    local colors=()
+    colors+=('green:green color')
+    colors+=('red:red color')
+    colors+=('blue:blue color')
+    _describe "color" colors
+}
 
-  # eg: generate patches for each commit from initial commit on
-  git format-patch -N $(git rev-list --max-parents=0 HEAD)
+function _foo() {
+    _arguments                              \
+        "-c[define color]:color:->s_color"  \
+        "-s[select sound]:color:(low high)" \
+        "-f[select file]:file:_files"       \
+        "-d[select dir]:fir:_files -/"      \
+        "-h[help]"
 
-  # generate single patch file from a certain commit/ref
-  git format-patch <COMMIT/REF> --stdout > my-patch.patch
-

-
Submodules

-
  git submodule add <url> [<path>] .......... add new submodule to current project
-  git clone --recursive <url> ............... clone project and recursively all
-                                              submodules (same as using
-                                              'git submodule update --init
-                                              --recursive' after clone)
-  git submodule update --init --recursive ... checkout submodules recursively
-                                              using the commit listed in the
-                                              super-project (in detached HEAD)
-  git submodule update --remote <submod> .... fetch & merge remote changes for
-                                              <submod>, this will pull
-                                              origin/HEAD or a branch specified
-                                              for the submodule
-  git diff --submodule ...................... show commits that are part of the
-                                              submodule diff
-

-
Inspection

-
  git ls-tree [-r] <ref> .... show git tree for <ref>, -r to recursively ls sub-trees
-  git show <obj> ............ show <obj>
-  git cat-file -p <obj> ..... print content of <obj>
-

-
Revision Specifier

-
  HEAD ........ last commit
-  HEAD~1 ...... last commit-1
-  HEAD~N ...... last commit-N (linear backwards when in tree structure, check
-                difference between HEAD^ and HEAD~)
-  git rev-list --max-parents=0 HEAD ........... first commit
+    case $state in
+        s_color) _foo_color;;
+    esac
+}
 

 
bash(1)

 
Expansion

@@ -402,7 +287,7 @@ ${foo/pattern/string}  # replace pattern with string when expanding foo
 # '%'   pattern match at end
 

 

-
Note: prefix/suffix/pattern are expanded as pathnames.

+
Note: prefix/suffix/pattern are expanded as pathnames.

 

 
Pathname

 
*           match any string
@@ -451,162 +336,73 @@ command 2>&1 >file
 
  • duplicate fd 1 to fd 2, effectively redirecting stderr to stdout
    • 
 
  • redirect stdout to file
    • 
 
-
    Completion
    
-
    The complete builtin is used to interact with the completion system.
    
-
    complete                    # print currently installed completion handler
-complete -F <func> <cmd>    # install <func> as completion handler for <cmd>
-complete -r <cmd>           # uninstall completion handler for <cmd>
-
    
-
    Variables available in completion functions:
    
-
    # in
-$1              # <cmd>
-$2              # current word
-$3              # privous word
-
-COMP_WORDS      # array with current command line words
-COMP_CWORD      # index into COMP_WORDS with current cursor position
-
-# out
-COMPREPLY       # array with possible completions
-
    
-
    The compgen builtin is used to generate possible matches by comparing word
-against words generated by option.
    
-
    compgen [option] [word]
-
-# usefule options:
-# -W <list>    specify list of possible completions
-# -d           generate list with dirs
-# -f           generate list with files
-# -u           generate list with users
-# -e           generate list with exported variables
-
-# compare "f" against words "foo" "foobar" "bar" and generate matches
-compgen -W "foo foobar bar" "f"
-
-# compare "hom" against file/dir names and generate matches
-compgen -d -f "hom"
-
    
-
    Example
    
-
    Skeleton to copy/paste for writing simple completions.
    
-
    Assume a program foo with the following interface:
    
-
    foo -c green|red|blue -s low|high -f <file> -h
-
    
-
    The completion handler could be implemented as follows:
    
-
    function _foo() {
-    local curr=$2
-    local prev=$3
-
-    local opts="-c -s -f -h"
-    case $prev in
-        -c) COMPREPLY=( $(compgen -W "green red blue" -- $curr) );;
-        -s) COMPREPLY=( $(compgen -W "low high" -- $curr) );;
-        -f) COMPREPLY=( $(compgen -f -- $curr) );;
-        *)  COMPREPLY=( $(compgen -W "$opts" -- $curr) );;
-    esac
-}
-
-complete -F _foo foo
-
    
-
    zsh(1)
    
-
    Keybindings
    
-
    Change input mode:
    
-
    bindkey -v              change to vi keymap
-bindkey -e              change to emacs keymap
-
    
-
    Define key-mappings:
    
-
    bindkey                 list mappings in current keymap
-bindkey in-str cmd      create mapping for `in-str` to `cmd`
-bindkey -r in-str       remove binding for `in-str`
-
-# C-v <key>             dump <key> code, which can be used in `in-str`
-# zle -l                list all functions for keybindings
-# man zshzle(1)         STANDARD WIDGETS: get description of functions
-
    
 
    Completion
    
-
    Installation
    
-
    Completion functions are provided via files and need to be placed in a location
-covered by $fpath. By convention the completion files are names as _<CMD>.
    
-
    A completion skeleton for the command foo, stored in _foo
    
-
    #compdef _foo foo
-
-function _foo() {
-	...
-}
-
    
-
    Alternatively one can install a completion function explicitly by calling compdef <FUNC> <CMD>.
    
-
    Completion Variables
    
-
    Following variables are available in Completion functions:
    
-
    $words              # array with command line in words
-$#words             # number words
-$CURRENT            # index into $words for cursor position
-$words[CURRENT-1]   # previous word (relative to cursor position)
-
    
-
    Completion Functions
    
-
      
-
    • _describe     simple completion, just words + description
      • 
-
    • _arguments    sophisticated completion, allow to specify actions
      • 
-
    
-
    Completion with _describe
    
-
    _describe MSG COMP
-
    
-
      
-
    • MSG simple string with header message
      • 
-
    • COMP array of completions where each entry is "opt:description"
      • 
-
    
-
    function _foo() {
-    local -a opts
-    opts=('bla:desc for bla' 'blu:desc for blu')
-    _describe 'foo-msg' opts
-}
-compdef _foo foo
-
-foo <TAB><TAB>
- -- foo-msg --
-bla  -- desc for bla
-blu  -- desc for blu
+
    The complete builtin is used to interact with the completion system.
    
+
    complete                    # print currently installed completion handler
+complete -F <func> <cmd>    # install <func> as completion handler for <cmd>
+complete -r <cmd>           # uninstall completion handler for <cmd>
 
    
-
    Completion with _arguments
    
-
    _arguments SPEC [SPEC...]
+
    Variables available in completion functions:
    
+
    # in
+$1              # <cmd>
+$2              # current word
+$3              # privous word
+
+COMP_WORDS      # array with current command line words
+COMP_CWORD      # index into COMP_WORDS with current cursor position
+
+# out
+COMPREPLY       # array with possible completions
 
    
-
    where SPEC can have one of the following forms:
    
-
      
-
    • OPT[DESC]:MSG:ACTION
      • 
-
    • N:MSG:ACTION
      • 
-
    
-
    Available actions
    
-
    (op1 op2)   list possible matches
-->VAL       set $state=VAL and continue, `$state` can be checked later in switch case
-FUNC        call func to generate matches
-{STR}       evaluate `STR` to generate matches
+
    The compgen builtin is used to generate possible matches by comparing word
+against words generated by option.
    
+
    compgen [option] [word]
+
+# usefule options:
+# -W <list>    specify list of possible completions
+# -d           generate list with dirs
+# -f           generate list with files
+# -u           generate list with users
+# -e           generate list with exported variables
+
+# compare "f" against words "foo" "foobar" "bar" and generate matches
+compgen -W "foo foobar bar" "f"
+
+# compare "hom" against file/dir names and generate matches
+compgen -d -f "hom"
 
    
 
    Example
    
 
    Skeleton to copy/paste for writing simple completions.
    
 
    Assume a program foo with the following interface:
    
-
    foo -c green|red|blue -s low|high -f <file> -d <dir> -h
+
    foo -c green|red|blue -s low|high -f <file> -h
 
    
-
    The completion handler could be implemented as follows in a file called _foo:
    
-
    #compdef _foo foo
-
-function _foo_color() {
-    local colors=()
-    colors+=('green:green color')
-    colors+=('red:red color')
-    colors+=('blue:blue color')
-    _describe "color" colors
-}
-
-function _foo() {
-    _arguments                              \
-        "-c[define color]:color:->s_color"  \
-        "-s[select sound]:color:(low high)" \
-        "-f[select file]:file:_files"       \
-        "-d[select dir]:fir:_files -/"      \
-        "-h[help]"
+
    The completion handler could be implemented as follows:
    
+
    function _foo() {
+    local curr=$2
+    local prev=$3
 
-    case $state in
-        s_color) _foo_color;;
+    local opts="-c -s -f -h"
+    case $prev in
+        -c) COMPREPLY=( $(compgen -W "green red blue" -- $curr) );;
+        -s) COMPREPLY=( $(compgen -W "low high" -- $curr) );;
+        -f) COMPREPLY=( $(compgen -f -- $curr) );;
+        *)  COMPREPLY=( $(compgen -W "$opts" -- $curr) );;
     esac
 }
+
+complete -F _foo foo
+
    
+
    fish(1)
    
+
    keymaps
    
+
      Shift-Tab ........... tab-completion with search
+  Alt-Up / Alt-Down ... search history with token under the cursor
+  Alt-l ............... list content of dir under cursor
+  Alt-p ............... append '2>&1 | less;' to current cmdline
+
    
+
    debug
    
+
      status print-stack-trace .. prints function stacktrace (can be used in scripts)
+  breakpoint ................ halt script execution and gives shell (C-d | exit
+                              to continue)
 
    
 
    tmux(1)
    
 
    Terminology:
    
@@ -705,6 +501,111 @@ y     yank selected text
 
    setw synchronize-panes on/off       enables/disables synchronized input to all panes
 list-keys -t vi-copy                list keymaps for vi-copy mode
 
    
+
    git(1)
    
+
    staging
    
+
      git add -p [<file>] ............ partial staging (interactive)
+
    
+
    Remote
    
+
      git remote -v .................. list remotes verbose (with URLs)
+  git remote show [-n] <remote> .. list info for <remote> (like remote HEAD,
+                                   remote branches, tracking mapping)
+
    
+
    Branching
    
+
      git branch [-a] ................ list available branches; -a to include
+                                   remote branches
+  git branch -vv ................. list branch & annotate with head sha1 &
+                                   remote tracking branch
+  git branch <bname> ............. create branch with name <bname>
+  git checkout <bname> ........... switch to branch with name <bname>
+  git push -u origin <rbname> .... push branch to origin (or other remote), and
+                                   setup <rbname> as tracking branch
+
    
+
    Resetting
    
+
      git reset [opt] <ref|commit>
+    opt:
+      --mixed .................... resets index, but not working tree
+      --hard ..................... matches the working tree and index to that
+                                   of the tree being switched to any changes to
+                                   tracked files in the working tree since
+                                   <commit> are lost
+  git reset HEAD <file> .......... remove file from staging
+  git reset --soft HEAD~1 ........ delete most recent commit but keep work
+  git reset --hard HEAD~1 ........ delete most recent commit and delete work
+
    
+
    Tags
    
+
      git tag -a <tname> -m "descr" ........ creates an annotated tag (full object
+                                         containing tagger, date, ...)
+  git tag -l ........................... list available tags
+  git checkout tag/<tname> ............. checkout specific tag
+  git checkout tag/<tname> -b <bname> .. checkout specific tag in a new branch
+
    
+
    Diff
    
+
      git diff HEAD:<fname> origin/HEAD:<fname> ... diff files for different refs
+  git diff -U$(wc -l <fname>) <fname> ......... shows complete file with diffs
+                                                instead of usual diff snippets
+
    
+
    Log
    
+
      git log --oneline .... shows log in single line per commit -> alias for
+                         '--pretty=oneline --abbrev-commit'
+  git log --graph ...... text based graph of commit history
+  git log --decorate ... decorate log with REFs
+
    
+
    File history
    
+
      git log -p <file> ......... show commit history + diffs for <file>
+  git log --oneline <file> .. show commit history for <file> in compact format
+
    
+
    Patching
    
+
      git format-patch <opt> <since>/<revision range>
+    opt:
+      -N ................... use [PATCH] instead [PATCH n/m] in subject when
+                             generating patch description (for patches spanning
+                             multiple commits)
+      --start-number <n> ... start output file generation with <n> as start
+                             number instead '1'
+    since spcifier:
+      -3 .................. e.g: create a patch from last three commits
+      <commit hash> ....... create patch with commits starting after <commit hash>
+
+  git am <patch> ......... apply patch and create a commit for it
+
+  git apply --stat <PATCH> ... see which files the patch would change
+  git apply --check <PATCH> .. see if the patch can be applied cleanly
+  git apply <PATCH> .......... apply the patch locally without creating a commit
+
+  # eg: generate patches for each commit from initial commit on
+  git format-patch -N $(git rev-list --max-parents=0 HEAD)
+
+  # generate single patch file from a certain commit/ref
+  git format-patch <COMMIT/REF> --stdout > my-patch.patch
+
    
+
    Submodules
    
+
      git submodule add <url> [<path>] .......... add new submodule to current project
+  git clone --recursive <url> ............... clone project and recursively all
+                                              submodules (same as using
+                                              'git submodule update --init
+                                              --recursive' after clone)
+  git submodule update --init --recursive ... checkout submodules recursively
+                                              using the commit listed in the
+                                              super-project (in detached HEAD)
+  git submodule update --remote <submod> .... fetch & merge remote changes for
+                                              <submod>, this will pull
+                                              origin/HEAD or a branch specified
+                                              for the submodule
+  git diff --submodule ...................... show commits that are part of the
+                                              submodule diff
+
    
+
    Inspection
    
+
      git ls-tree [-r] <ref> .... show git tree for <ref>, -r to recursively ls sub-trees
+  git show <obj> ............ show <obj>
+  git cat-file -p <obj> ..... print content of <obj>
+
    
+
    Revision Specifier
    
+
      HEAD ........ last commit
+  HEAD~1 ...... last commit-1
+  HEAD~N ...... last commit-N (linear backwards when in tree structure, check
+                difference between HEAD^ and HEAD~)
+  git rev-list --max-parents=0 HEAD ........... first commit
+
    
 
    awk(1)
    
 
    awk [opt] program [input]
     -F <sepstr>        field separator string (can be regex)
@@ -818,8 +719,72 @@ done | sort -k2 -n
                          print user
                      }'
 
    
-
    We build a ps command line and capture the first line of the processes output
-in the user variable and then print it.
    
+
    We build a ps command line and capture the first line of the processes output
+in the user variable and then print it.
    
+
    emacs(1)
    
+
    help
    
+
      C-h ?         list available help modes
+  C-h f         describe function
+  C-h v         describe variable
+  C-h c <KEY>   print command bound to <KEY>
+  C-h k <KEY>   describe command bound to <KEY>
+  C-h b         list buffer local key-bindings
+  <kseq> C-h    list possible key-bindings with <kseq>
+                eg C-x C-h -> list key-bindings beginning with C-x
+
    
+
    package manager
    
+
      package-refresh-contents    refresh package list
+  package-list-packages       list available/installed packages
+
    
+
    window
    
+
      C-x 0         kill focused window
+  C-x 1         kill all other windows
+  C-x 2         split horizontal
+  C-x 3         split vertical
+
    
+
    yank/paste
    
+
      C-<SPACE>  set start mark to select text
+  M-w        copy selected text
+  C-w        kill selected text
+  C-y        paste selected text
+  M-y        cycle through kill-ring
+
    
+
    block/rect
    
+
      C-x <SPC>                     activate rectangle-mark-mode
+  M-x string-rectangle <RET>    insert text in marked rect
+
    
+
    mass edit
    
+
      C-x h                                 mark whole buffer (mark-whole-buffer)
+  M-x delete-matching-line <RET>        delete lines matching regex
+  M-x %                                 search & replace region (query-replace)
+  C-M-x %                               search & replace regex (query-replace-regexp)
+
    
+
    grep
    
+
      M-x find-grep <RET>           run find-grep result in *grep* buffer
+  n/p                           navigate next/previous match in *grep* buffer
+
    
+
    lisp mode
    
+
      M-x lisp-interaction-mode     activate lisp mode
+  C-M-x                         evaluate top expr under cursor
+  C-x C-e                       eval-last-sexp
+  C-u C-x C-e                   eval-last-sexp and prints result in current buffer
+
    
+
    narrow
    
+
      C-x n n               show only focused region (narrow)
+  C-x n w               show whole buffer (wide)
+
    
+
    org
    
+
      M-up/M-down           re-arrange items in same hierarchy
+  M-left/M-right        change item hierarchy
+  C-RET                 create new item below current
+  C-S-RET               create new TODO item below current
+  S-left/S-right        cycle TODO states
+
    
+
    org source
    
+
      <s TAB                generate a source block
+  C-c '                 edit source block (in lang specific buffer)
+  C-c C-c               eval source block
+
    
 
    gdb(1)
    
 
    CLI
    
 
      gdb [opts] [prg [-c coredump | -p pid]]
@@ -970,7 +935,7 @@ executed. To workaround that bug one can create a wrapper function which calls
   fs <fs>       # select flag-space <fs>
   f             # print flags of selected flag-space
 
    
-
    help
    
+
    help
    
 
      ?*~<kw>       # '?*' list all commands and '~' grep for <kw>
   ?*~...        # '..' less mode /'...' interactive search
 
    
@@ -978,105 +943,7 @@ executed. To workaround that bug one can create a wrapper function which calls
 
      > r2 -B <baddr> <exe>         # open <exe> mapped to addr <baddr>
   oob <addr>                    # reopen current file at <baddr>
 
    
-
    emacs(1)
    
-
    help
    
-
      C-h ?         list available help modes
-  C-h f         describe function
-  C-h v         describe variable
-  C-h c <KEY>   print command bound to <KEY>
-  C-h k <KEY>   describe command bound to <KEY>
-  C-h b         list buffer local key-bindings
-  <kseq> C-h    list possible key-bindings with <kseq>
-                eg C-x C-h -> list key-bindings beginning with C-x
-
    
-
    package manager
    
-
      package-refresh-contents    refresh package list
-  package-list-packages       list available/installed packages
-
    
-
    window
    
-
      C-x 0         kill focused window
-  C-x 1         kill all other windows
-  C-x 2         split horizontal
-  C-x 3         split vertical
-
    
-
    yank/paste
    
-
      C-<SPACE>  set start mark to select text
-  M-w        copy selected text
-  C-w        kill selected text
-  C-y        paste selected text
-  M-y        cycle through kill-ring
-
    
-
    block/rect
    
-
      C-x <SPC>                     activate rectangle-mark-mode
-  M-x string-rectangle <RET>    insert text in marked rect
-
    
-
    mass edit
    
-
      C-x h                                 mark whole buffer (mark-whole-buffer)
-  M-x delete-matching-line <RET>        delete lines matching regex
-  M-x %                                 search & replace region (query-replace)
-  C-M-x %                               search & replace regex (query-replace-regexp)
-
    
-
    grep
    
-
      M-x find-grep <RET>           run find-grep result in *grep* buffer
-  n/p                           navigate next/previous match in *grep* buffer
-
    
-
    lisp mode
    
-
      M-x lisp-interaction-mode     activate lisp mode
-  C-M-x                         evaluate top expr under cursor
-  C-x C-e                       eval-last-sexp
-  C-u C-x C-e                   eval-last-sexp and prints result in current buffer
-
    
-
    narrow
    
-
      C-x n n               show only focused region (narrow)
-  C-x n w               show whole buffer (wide)
-
    
-
    org
    
-
      M-up/M-down           re-arrange items in same hierarchy
-  M-left/M-right        change item hierarchy
-  C-RET                 create new item below current
-  C-S-RET               create new TODO item below current
-  S-left/S-right        cycle TODO states
-
    
-
    org source
    
-
      <s TAB                generate a source block
-  C-c '                 edit source block (in lang specific buffer)
-  C-c C-c               eval source block
-
    
-
    fish(1)
    
-
    keymaps
    
-
      Shift-Tab ........... tab-completion with search
-  Alt-Up / Alt-Down ... search history with token under the cursor
-  Alt-l ............... list content of dir under cursor
-  Alt-p ............... append '2>&1 | less;' to current cmdline
-
    
-
    debug
    
-
      status print-stack-trace .. prints function stacktrace (can be used in scripts)
-  breakpoint ................ halt script execution and gives shell (C-d | exit
-                              to continue)
-
    
-
    strace(1)
    
-
    strace [opts] [prg]
-  -f .......... follow child processes on fork(2)
-  -p <pid> .... attach to running process
-  -s <size> ... max string size, truncate of longer (default: 32)
-  -e <expr> ... expression for trace filtering
-  -o <file> ... log output into <file>
-  -c .......... dump syscall statitics at the end
-
    
-
    <expr>:
-  trace=syscall[,syscall] .... trace only syscall listed
-  trace=file ................. trace all syscall that take a filename as arg
-  trace=process .............. trace process management related syscalls
-  trace=signal ............... trace signal related syscalls
-  signal ..................... trace signals delivered to the process
-
    
-
    Examples
    
-
    Trace open(2) & socket(2) syscalls for a running process + child processes:
    
-
    strace -f -e trace=open,socket -p <pid>
-
    
-
    Trace signals delivered to a running process:
    
-
    strace -f -e signal -p <pid>
-
    
+
    Resource analysis & monitor
    
 
    lsof(8)
    
 
    lsof
   -a ......... AND slection filters instead ORing (OR: default)
@@ -1092,7 +959,7 @@ executed. To workaround that bug one can create a wrapper function which calls
   AP ......... append
   TR ......... truncate
 
    
-
    Examples
    
+
    Examples
    
 
    File flags
    
 
    Show open files with file flags for process:
    
 
    lsof +fg -p <pid>
@@ -1130,10 +997,6 @@ major_pagefault: Happens when the page needed is NOT in memory, the kernel
 
    I/O statistics
    
 
    pidstat -d -p <pid> [interval] [count]
 
    
-
    /usr/bin/time(1)
    
-
    # statistics of process run
-/usr/bin/time -v <cmd>
-
    
 
    pgrep(1)
    
 
    pgrep [opts] <pattern>
   -n         only list newest matching process
@@ -1145,10 +1008,51 @@ major_pagefault: Happens when the page needed is NOT in memory, the kernel
 
    For example attach gdb to newest zsh process from $USER.
    
 
    gdb -p $(pgrep -n -u $USER zsh)
 
    
+
    pmap(1)
    
+
    pmap <pid>
+    Dump virtual memory map of process.
+    Compared to /proc/<pid>/maps it shows the size of the mappings.
+
    
 
    pstack(1)
    
 
    pstack <pid>
     Dump stack for all threads of process.
 
    
+
    Trace and Profile
    
+
    strace(1)
    
+
    strace [opts] [prg]
+  -f .......... follow child processes on fork(2)
+  -p <pid> .... attach to running process
+  -s <size> ... max string size, truncate of longer (default: 32)
+  -e <expr> ... expression for trace filtering
+  -o <file> ... log output into <file>
+  -c .......... dump syscall statitics at the end
+
    
+
    <expr>:
+  trace=syscall[,syscall] .... trace only syscall listed
+  trace=file ................. trace all syscall that take a filename as arg
+  trace=process .............. trace process management related syscalls
+  trace=signal ............... trace signal related syscalls
+  signal ..................... trace signals delivered to the process
+
    
+
    Examples
    
+
    Trace open(2) & socket(2) syscalls for a running process + child processes:
    
+
    strace -f -e trace=open,socket -p <pid>
+
    
+
    Trace signals delivered to a running process:
    
+
    strace -f -e signal -p <pid>
+
    
+
    ltrace(1)
    
+
    ltrace [opts] [prg]
+  -f .......... follow child processes on fork(2)
+  -p <pid> .... attach to running process
+  -o <file> ... log output into <file>
+  -l <filter> . show who calls into lib matched by <filter>
+  -C .......... demangle
+
    
+
    Example
    
+
    List which program/libs call into libstdc++:
    
+
    ltrace -l '*libstdc++*' -C -o ltrace.log ./main
+
    
 
    perf(1)
    
 
    perf list      show supported hw/sw events
 
@@ -1207,6 +1111,11 @@ opreport [opt] FILE
 
 ophelp      show supported hw/sw events
 
    
+
    /usr/bin/time(1)
    
+
    # statistics of process run
+/usr/bin/time -v <cmd>
+
    
+
    Binary
    
 
    od(1)
    
 
      od [opts] <file>
     -An         don't print addr info
@@ -1304,6 +1213,7 @@ the .rodata section as follows:
    
     -C          demangle
     -u          undefined only
 
    
+
    Development
    
 
    c++filt(1)
    
 
    Demangle symbol
    
 
      c++-filt <symbol_str>
@@ -1400,6 +1310,117 @@ run1:
         xor     eax, eax
         jmp     bar
 
    
+
    ld.so(8)
    
+
    Environment Variables
    
+
      LD_PRELOAD=<l_so>       colon separated list of libso's to be pre loaded
+  LD_DEBUG=<opts>         comma separated list of debug options
+          =help           list available options
+          =libs           show library search path
+          =files          processing of input files
+          =symbols        show search path for symbol lookup
+          =bindings       show against which definition a symbol is bound
+
    
+
    LD_PRELOAD: Initialization Order and Link Map
    
+
    Libraries specified in LD_PRELOAD are loaded from left-to-right but
+initialized from right-to-left.
    
+
      > ldd ./main
+    >> libc.so.6 => /usr/lib/libc.so.6
+
+  > LD_PRELOAD=liba.so:libb.so ./main
+             -->
+      preloaded in this order
+             <--
+      initialized in this order
+
    
+
    The preload order determines:
    
+
      
+
    • the order libraries are inserted into the link map
      • 
+
    • the initialization order for libraries
      • 
+
    
+
    For the example listed above the resulting link map will look like the
+following:
    
+
      +------+    +------+    +------+    +------+
+  | main | -> | liba | -> | libb | -> | libc |
+  +------+    +------+    +------+    +------+
+
    
+
    This can be seen when running with LD_DEBUG=files:
    
+
      > LD_DEBUG=files LD_PRELOAD=liba.so:libb.so ./main
+    # load order (-> determines link map)
+    >> file=liba.so [0];  generating link map
+    >> file=libb.so [0];  generating link map
+    >> file=libc.so.6 [0];  generating link map
+
+    # init order
+    >> calling init: /usr/lib/libc.so.6
+    >> calling init: <path>/libb.so
+    >> calling init: <path>/liba.so
+    >> initialize program: ./main
+
    
+
    To verify the link map order we let ld.so resolve the memcpy(3) libc
+symbol (used in main) dynamically, while enabling LD_DEBUG=symbols,bindings
+to see the resolving in action.
    
+
      > LD_DEBUG=symbols,bindings LD_PRELOAD=liba.so:libb.so ./main
+    >> symbol=memcpy;  lookup in file=./main [0]
+    >> symbol=memcpy;  lookup in file=<path>/liba.so [0]
+    >> symbol=memcpy;  lookup in file=<path>/libb.so [0]
+    >> symbol=memcpy;  lookup in file=/usr/lib/libc.so.6 [0]
+    >> binding file ./main [0] to /usr/lib/libc.so.6 [0]: normal symbol `memcpy' [GLIBC_2.14]
+
    
+
    Dynamic Linking (x86_64)
    
+
    Dynamic linking basically works via one indirect jump. It uses a combination of
+function trampolines (.plt section) and a function pointer table (.got.plt
+section).
+On the first call the trampoline sets up some metadata and then jumps to the
+ld.so runtime resolve function, which in turn patches the table with the
+correct function pointer.
    
+
      .plt ....... procedure linkage table, contains function trampolines, usually
+               located in code segment (rx permission)
+  .got.plt ... global offset table for .plt, holds the function pointer table
+
    
+
    Using radare2 we can analyze this in more detail:
    
+
      [0x00401040]> pd 4 @ section..got.plt
+              ;-- section..got.plt:
+              ;-- .got.plt:    ; [22] -rw- section size 32 named .got.plt
+              ;-- _GLOBAL_OFFSET_TABLE_:
+         [0]  0x00404000      .qword 0x0000000000403e10 ; section..dynamic
+         [1]  0x00404008      .qword 0x0000000000000000
+              ; CODE XREF from section..plt @ +0x6
+         [2]  0x00404010      .qword 0x0000000000000000
+              ;-- reloc.puts:
+              ; CODE XREF from sym.imp.puts @ 0x401030
+         [3]  0x00404018      .qword 0x0000000000401036 ; RELOC 64 puts
+
+  [0x00401040]> pd 6 @ section..plt
+              ;-- section..plt:
+              ;-- .plt:       ; [12] -r-x section size 32 named .plt
+          ┌─> 0x00401020      ff35e22f0000   push qword [0x00404008]
+          ╎   0x00401026      ff25e42f0000   jmp qword [0x00404010]
+          ╎   0x0040102c      0f1f4000       nop dword [rax]
+  ┌ 6: int sym.imp.puts (const char *s);
+  └       ╎   0x00401030      ff25e22f0000   jmp qword [reloc.puts]
+          ╎   0x00401036      6800000000     push 0
+          └─< 0x0040103b      e9e0ffffff     jmp sym..plt
+
    
+
      
+
    • At address 0x00401030 in the .plt section we see the indirect jump for
+puts using the function pointer in _GLOBAL_OFFSET_TABLE_[3] (GOT).
      • 
+
    • GOT[3] initially points to instruction after the puts trampoline
+0x00401036.
      • 
+
    • This pushes the relocation index 0 and then jumps to the first trampoline
+0x00401020.
      • 
+
    • The first trampoline jumps to GOT[2] which will be filled at program
+startup by the ld.so with its resolve function.
      • 
+
    • The ld.so resolve function fixes the relocation referenced by the
+relocation index pushed by the puts trampoline.
      • 
+
    • The relocation entry at index 0 tells the resolve function which symbol to
+search for and where to put the function pointer:
+
        > readelf -r <main>
+    >> Relocation section '.rela.plt' at offset 0x4b8 contains 1 entry:
+    >>   Offset          Info           Type           Sym. Value    Sym. Name + Addend
+    >> 000000404018  000200000007 R_X86_64_JUMP_SLO 0000000000000000 puts@GLIBC_2.2.5 + 0
+
      
+As we can see the offset from relocation at index 0 points to GOT[3].
      • 
+
    -- cgit v1.2.3