LLVM's use_iterator example

LLVM 3.5


Instruction::use_iterator

    for (Instruction::use_iterator ui = instruction->use_begin(),
           ue = instruction->use_end();
         ui != ue; ++ui) {
#if defined LLVM_3_2 || defined LLVM_3_3 || defined LLVM_3_4
      llvm::Instruction *user = cast<Instruction>(*ui);
#else
      llvm::Instruction *user = cast<Instruction>(ui->getUser());
#endif


Value *v = pending.back();
for (Value::use_iterator i = v->use_begin(), e = v->use_end(); != e; ++i) {
}

llvm::Function *F = M.getFunction(BARRIER_FUNCTION_NAME);
if (F != NULL) {
  for (llvm::Function::use_iterator i = F->use_begin(), e = F->use_end();
       i != e; ++i)
    B.push_back(llvm::cast<Barrier>(*i));
}

anti debugging

ref: http://erenyagdiran.github.io/I-was-just-asked-to-crack-a-program-Part-1/

#include<stdio.h>
#include <sys/ptrace.h>
int main()
{
    if (ptrace(PTRACE_TRACEME, 0, 1, 0) < 0) {
            printf("DEBUGGING... Bye\n");
            return 1;
        }
    printf("Hello\n");
    return 0;
}

zakk@lex:[~/test]$ ./a.out

Hello

zakk@lex:[~/test]$ gdb ./a.out

(gdb) r

Starting program: /home/zakk/test/a.out

DEBUGGING... Bye

[Inferior 1 (process 338) exited with code 01]

http://blog.linux.org.tw/~jserv/archives/002027.html

http://www.oenhan.com/gdb-principle

gdb主要功能的实现依赖于一个系统函数ptrace，通过man手册可以了解到，ptrace可以让父进程观察和控制其子进程的检查、执行，改变其寄存器和内存的内容，主要应用于打断点（也是gdb的主要功能）和打印系统调用轨迹。

gdb使用ptrace的基本流程

1. gdb调试一个新进程：通过fork函数创建一个新进程，在子进程中执行ptrace(PTRACE_TRACEME, 0, 0, 0)函数，然后通过execv()调用准备调试的程序。
2. attach到已运行进程：将pid传递给gdb，然后执行ptrace(PTRACE_ATTACH, pid, 0, 0)。

Linux Anti-Debugging
http://www.julioauto.com/rants/anti_ptrace.htm

TRYING TO MAKE YOUR BINARY SHUT UP

http://www.exploit-db.com/papers/13188/

Continuation-passing Style

To compare it to C, the current continuation is like the current state of the stack
(http://stackoverflow.com/questions/612761/what-is-call-cc)

A function written in continuation-passing style takes an extra argument: an explicit "continuation" i.e. a function of one argument. When the CPS function has computed its result value, it "returns" it by calling the continuation function with this value as the argument.

To compare it to C, the current continuation is like the current state of the stack

A programmer can discover continuation-passing style by themselves if subjected to one constraint:

No procedure is allowed to return to its caller--ever.

One hint makes programming in this style possible:

When a procedure is ready to "return" to its caller, it invokes the "current continuation" callback (provided by its caller) on the return value.

below code is reference from

http://matt.might.net/articles/by-example-continuation-passing-style/

Example: Naive factorial

Here's the standard naive factorial:

function fact(n) {   if (n == 0)     return 1 ;   else     return n * fact(n-1) ; }

Here it is in CPS:

function fact(n,ret) {   if (n == 0)     ret(1) ;   else     fact(n-1, function (t0) {      ret(n * t0) }) ; }

And, to "use" the function, we pass it a callback:

fact (5, function (n) {   console.log(n) ; // Prints 120 in Firebug. })

Call graph

fact (3, function (n) { 

  console.log(n) ; 

})

call 

fact (2, function (t0) {

     console.log(3 * t0) }) ;

call

fact (1, function (t0) {   

     console.log(3 * 2* t0) }) ;

call

 

fact (0, function (t0) {   

     console.log(3 * 2*  1 * t0) }) ;

Example: Tail-recursive factorial

Here's tail-recursive factorial:

function fact(n) {   return tail_fact(n,1) ; } function tail_fact(n,a) {   if (n == 0)     return a ;   else     return tail_fact(n-1,n*a) ; }

And, in CPS:

function fact(n,ret) {   tail_fact(n,1,ret) ; } function tail_fact(n,a,ret) {   if (n == 0)     ret(a) ;   else     tail_fact(n-1,n*a,ret) ; }

They are the same style that moving result calculation wehn function calling

CPS will change program flow as continue

http://lodr.github.io/presentations/cps-javascript/index.html#/1/1

to

http://lodr.github.io/presentations/cps-javascript/index.html#/1/3

Why is useful?

good example

http://lodr.github.io/presentations/cps-javascript/index.html#/5