[prev in list] [next in list] [prev in thread] [next in thread]
List: radare
Subject: [radare] New graphing features.
From: pancake () youterm ! com (pancake)
Date: 2008-01-31 13:35:10
Message-ID: 20080131133510.GE11146 () pluna
[Download RAW message or body]
Hey! we finally got a decent layout and code analysis for the code analysis.
I'm probably a bad person to say that..but the current layout of radare
looks to me easier to read than the IDA ones. Loops are visually easier
to identify and less extra visual information is added on the nodes, so
keeping it simple and colorizing the nodes depending on propierties of
them (number of calls, num of jumps inside, is it a flagged node? etc..
makes the graphs quite useful.
Yesterday before going to sleep I implement some new sausage for radare,
adding tracing capabilities to the core and the dissasembler printage.
This way, all the traced instructions (by step, cont, trace, etc..) can
be recorded in internal structures, and later be able to dump these
traces and 'unroll' disassemblies, simulate backtraces and give extra
information of each opcode:
- show step counter when executing this opcode
- show number of times this opcode has been executed
I plan to make all this nfo available fro the graphs too (not only disasembly)
Obviously all this info is planned to be exported in csv or any other simple
format, to be imported from IDA.
--pancake
On Thu, Jan 31, 2008 at 12:06:10PM +0100, Esteve Espuna wrote:
> Hi,
>
> Since last weekend pancake and I have been working on getting a little
> more useful graphing interface. Now it is almost useful, hehe, a lot of
> improvements are needed for the default layout. And new layouts would
> also be nice.
>
> Here are some snapshots :
>
> http://radare.nopcode.org/img/prg-test/prg1/prg1.png
> http://radare.nopcode.org/img/prg-test/prg2/prg2.png
> http://radare.nopcode.org/img/prg-test/prg3/prg3.png
>
>
> This is the output IDA generates for the same programs ,
>
> http://radare.nopcode.org/img/prg-test/prg1/prg1_IDA.png
> http://radare.nopcode.org/img/prg-test/prg2/prg2_IDA.png
> http://radare.nopcode.org/img/prg-test/prg3/prg3_IDA.png
>
>
> Source code, as well as dissembled txt, for all of them can be found at :
>
> http://radare.nopcode.org/img/prg-test/
>
> To achieve this some changes have been made :
> - Corrected minor bug in intel code analysis
> - Changed the node size
> - Analysis stop when an already analyzed block is found
> - When analyzing an instruction which belongs to an already analyzed
> block. The old block is split into two new blocks.
>
> This results in non repeated code in the graph, and in node jumps where
> no jump instructions is found.
>
>
> Hope you enjoy it!
>
> esteve
>
> _______________________________________________
> radare mailing list
> radare at lists.nopcode.org
> https://lists.nopcode.org/mailman/listinfo/radare
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic