Month: July 2015

GKD is running fast with bochs instrumentation stub now

GKD is running fast with bochs instrumentation stub now, it captures all jmp/call/int/ret, all instructions that change you EIP. I am using H2 as the backbone database, every second can records over 100,000 instruction, which is pretty fast.

Turn on subtitle when you are watching it:

read count : 113

Getting the parameters by parsing the dwarf directly

I used another two months to getting correct location of each parameter of a functions. Mission sounds stupid, the timeframe i spent sounds stupid. If I use GDB, i perhaps never know how parameters are stored in memory. Now i know how computer ACTUALLY works. People think the parameters are store in the stack, and having a fixed offset (such as integer is +4, long is +8), it is wrong. Because the expression to get that offset is defined in dwarf and sometimes parameters are not stored in stack too.

get parameter location

read count : 206