Hi,
I think it will be useful to say the called syscall name like this:
0x08048329 8d1d61830408 lea ebx, [0x8048361]
0x0804832F b900000000 ecx = 0x0
0x08048334 baff010000 edx = 0x1ff ; eax+0x1fa
0x08048339 cd80 int 0x80 ;sys_open :)
regards.
2008/1/20, pancake <[EMAIL PROTECTED]>:
>
> It depends, currently the internal structures of radare are mostly raw
> single list or arrays of data, and access to it when more than 1000 are
> stored the program gets slow.
>
> I have been thinking about the way to reduce this overhead by using
> caches,
> ranges, binary trees and modulus access, but I have not yet decided which
> will be the choose.
>
> One of the things I plan to do is to create an universal linked list with
> a hashmap and some attributes like string hash within a double linked
> list,
> this way i will be able to access any type of data inside radare on the
> same
> way and be able to index arrays of internal data from the radare shell.
>
> BTW if I have a single data structure for everything I can easily wrap
> code
> and create parsers and mergers for all of them, viewers ...
>
> Some time ago I thought that SQL was the solution for this...but its one
> more dependency and I'm not really sure about the performance of this
> solution..
>
> For small binaries like hello worlds, store all the dwarf stuff is quite
> fast and assumible, but for most of programs dwarf-lines is slow.
>
> In the future the libdwarf will be included inside radare and all these
> queries will be performed in realtime like the GNU "addr2line" program
> does. And be able to toggle dwarf information file.dwarf=false|true..
>
> Well.. I don't think this changes be prepared for the stable 0.9.3, but
> they are on the way and these days I have made the TODO file grow too
> much :P so changes and enhacements will come soon.
>
> PD: The same happens with the strings and symbols rsc scripts. Both must
> be rewritten in C inside the rabin. With an own ELF/PE parser (GNU one is
> buggy and can be fooled), etc.. This way the results will be better and
> the program will run faster :)
>
> --pancake
>
> On Sat, Jan 19, 2008 at 09:24:57PM +0100, sha0 sha0 wrote:
> > Hi ppl,
> >
> > I think it will be useful to include dwarf-lines by default, what do you
> > think about?
> > Why symbols start with sym_, is it possible for simplicity/speed dont
> > prepend this?
> >
> > regards.
> >
> >
> > 2008/1/19, pancake <[EMAIL PROTECTED]>:
> > >
> > > I've started to move the !hack command as Hack into the core.
> > > Currently doesnt works for the debugger, but i'll finish the
> > > change soon.
> > >
> > > Btw thanks to pof to warn me about the missing libexec scripts
> > > in Makefile:install.. This make me review the dwarf-lines script
> > > to make it work again for the new comment infrastructure.
> > >
> > > $ cat a.c
> > > main()
> > > {
> > > printf("Fuckmenot!\n");
> > > }
> > >
> > > $ gcc -g a.c
> > > $ radare dbg://./a.out
> > > (...)
> > > [0xB7FA98C0]> .!rsc dwarf-lines $FILE
> > > [0xB7FA98C0]> pD 45 @ sym_main
> > > 0x0804837C sym_main:
> > > ; 2 {
> > > 0x0804837C 55 push ebp
> > > 0x0804837D 89e5 ebp = esp
> > > 0x0804837F 83ec08 esp -= 0x8 ; 8
> > > 0x08048382 83e4f0 esp &= 0xf0 ; 240 ; oeax+0xe5
> > > 0x08048385 b800000000 eax = 0x0
> > > 0x0804838A 83c00f eax += 0xf ; 15 ; oeax+0x4
> > > 0x0804838D 83c00f eax += 0xf ; 15 ; oeax+0x4
> > > 0x08048390 c1e804 eax >>= 0x4 ; 4 (zerofill)
> > > 0x08048393 c1e004 eax <<= 0x4 ; 4
> > > 0x08048396 29c4 e
> > > Remember that you can move the comments to the right using the
> > > asm.cmtmargin
> > > and limit the number of comments per offset with asm.cmtlimit.
> > > sp -= eax
> > > ; 3 printf("Fuckmenot!\n");
> > > 0x08048398 83ec0c esp -= 0xc ; 12 ; oeax+0x1
> > > 0x0804839B 6874840408 push dword 0x8048474 ; sym__fini+0x24
> > > 0x080483A0 e80bffffff ^ call 0x80482B0 ; sym_printf
> > > 0x080483A5 83c410 esp += 0x10 ; 16 ; oeax+0x5
> > > ; 4 }
> > > 0x080483A8 c9 leave ;--
> > > 0x080483A9 c3 ret ;--
> > > [0xB7FA98C0]>
> > >
> > > Yeah, thats quite cool for analyzing compilers with dwarf support :)
> > >
> > > Remember that you can move the comments to the right using the
> > > asm.cmtmargin
> > > and limit the number of comments per offset with asm.cmtlimit.
> > >
> > > Have fun! ;D
> > >
> > >
> > > --pancake
> > > _______________________________________________
> > > radare mailing list
> > > [email protected]
> > > https://lists.nopcode.org/mailman/listinfo/radare
> > >
> > -------------- next part --------------
> > An HTML attachment was scrubbed...
> > URL:
> https://lists.nopcode.org/mailman/private/radare/attachments/20080119/271a3ebb/attachment.htm
> > _______________________________________________
> > radare mailing list
> > [email protected]
> > https://lists.nopcode.org/mailman/listinfo/radare
> >
> _______________________________________________
> radare mailing list
> [email protected]
> https://lists.nopcode.org/mailman/listinfo/radare
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://lists.nopcode.org/mailman/private/radare/attachments/20080124/bac5eb23/attachment.htm
_______________________________________________
radare mailing list
[email protected]
https://lists.nopcode.org/mailman/listinfo/radare
