Example #1
0
/// \brief Duplicate non-Phi instructions from the beginning of block up to
/// StopAt instruction into a split block between BB and its predecessor.
BasicBlock *
llvm::DuplicateInstructionsInSplitBetween(BasicBlock *BB, BasicBlock *PredBB,
                                          Instruction *StopAt,
                                          ValueToValueMapTy &ValueMapping) {
  // We are going to have to map operands from the original BB block to the new
  // copy of the block 'NewBB'.  If there are PHI nodes in BB, evaluate them to
  // account for entry from PredBB.
  BasicBlock::iterator BI = BB->begin();
  for (; PHINode *PN = dyn_cast<PHINode>(BI); ++BI)
    ValueMapping[PN] = PN->getIncomingValueForBlock(PredBB);

  BasicBlock *NewBB = SplitEdge(PredBB, BB);
  NewBB->setName(PredBB->getName() + ".split");
  Instruction *NewTerm = NewBB->getTerminator();

  // Clone the non-phi instructions of BB into NewBB, keeping track of the
  // mapping and using it to remap operands in the cloned instructions.
  for (; StopAt != &*BI; ++BI) {
    Instruction *New = BI->clone();
    New->setName(BI->getName());
    New->insertBefore(NewTerm);
    ValueMapping[&*BI] = New;

    // Remap operands to patch up intra-block references.
    for (unsigned i = 0, e = New->getNumOperands(); i != e; ++i)
      if (Instruction *Inst = dyn_cast<Instruction>(New->getOperand(i))) {
        auto I = ValueMapping.find(Inst);
        if (I != ValueMapping.end())
          New->setOperand(i, I->second);
      }
  }

  return NewBB;
}
   void ModuloSchedulerDriverPass::duplicateValuesWithMultipleUses(BasicBlock* bb, Instruction* ind) {

       // While we keep duplicating nodes (and create more possible work), keep going
       bool keep_going = false; 
       do {
           keep_going = false; 
           // For each instruction in this BB
           for (BasicBlock::iterator it = bb->begin(); it!= bb->end(); ++it) {
               // if it is not the induction variable and it has more than one use
               if ((!dyn_cast<PHINode>(it)) &&  // Do not clone PHINodes
                       (ind != it) &&  // Do not clone induction pointer
                       // Only clone when you have more than one #uses
                       (instructionPriority::getLocalUses(it,bb) >1)) {

                   Instruction* cloned = it->clone(); // duplicate it
                    it->getParent()->getInstList().insert(it, cloned);
                    //Can also do: cloned->insertBefore(it); // on newer LLVMS
                    cloned->setName("cloned");
                    instructionPriority::replaceFirstUseOfWith(it, cloned);
                    // we may have created potential candidates for duplication. 
                    // you have to keep going
                   keep_going = true; 
               }
           } // foe rach inst
       } while (keep_going);
   }
Example #3
0
/// eliminateUnconditionalBranch - Clone the instructions from the destination
/// block into the source block, eliminating the specified unconditional branch.
/// If the destination block defines values used by successors of the dest
/// block, we may need to insert PHI nodes.
///
void TailDup::eliminateUnconditionalBranch(BranchInst *Branch) {
  BasicBlock *SourceBlock = Branch->getParent();
  BasicBlock *DestBlock = Branch->getSuccessor(0);
  assert(SourceBlock != DestBlock && "Our predicate is broken!");

  DEBUG(errs() << "TailDuplication[" << SourceBlock->getParent()->getName()
        << "]: Eliminating branch: " << *Branch);

  // See if we can avoid duplicating code by moving it up to a dominator of both
  // blocks.
  if (BasicBlock *DomBlock = FindObviousSharedDomOf(SourceBlock, DestBlock)) {
    DEBUG(errs() << "Found shared dominator: " << DomBlock->getName() << "\n");

    // If there are non-phi instructions in DestBlock that have no operands
    // defined in DestBlock, and if the instruction has no side effects, we can
    // move the instruction to DomBlock instead of duplicating it.
    BasicBlock::iterator BBI = DestBlock->getFirstNonPHI();
    while (!isa<TerminatorInst>(BBI)) {
      Instruction *I = BBI++;

      bool CanHoist = I->isSafeToSpeculativelyExecute() &&
                      !I->mayReadFromMemory();
      if (CanHoist) {
        for (unsigned op = 0, e = I->getNumOperands(); op != e; ++op)
          if (Instruction *OpI = dyn_cast<Instruction>(I->getOperand(op)))
            if (OpI->getParent() == DestBlock ||
                (isa<InvokeInst>(OpI) && OpI->getParent() == DomBlock)) {
              CanHoist = false;
              break;
            }
        if (CanHoist) {
          // Remove from DestBlock, move right before the term in DomBlock.
          DestBlock->getInstList().remove(I);
          DomBlock->getInstList().insert(DomBlock->getTerminator(), I);
          DEBUG(errs() << "Hoisted: " << *I);
        }
      }
    }
  }

  // Tail duplication can not update SSA properties correctly if the values
  // defined in the duplicated tail are used outside of the tail itself.  For
  // this reason, we spill all values that are used outside of the tail to the
  // stack.
  for (BasicBlock::iterator I = DestBlock->begin(); I != DestBlock->end(); ++I)
    if (I->isUsedOutsideOfBlock(DestBlock)) {
      // We found a use outside of the tail.  Create a new stack slot to
      // break this inter-block usage pattern.
      DemoteRegToStack(*I);
    }

  // We are going to have to map operands from the original block B to the new
  // copy of the block B'.  If there are PHI nodes in the DestBlock, these PHI
  // nodes also define part of this mapping.  Loop over these PHI nodes, adding
  // them to our mapping.
  //
  std::map<Value*, Value*> ValueMapping;

  BasicBlock::iterator BI = DestBlock->begin();
  bool HadPHINodes = isa<PHINode>(BI);
  for (; PHINode *PN = dyn_cast<PHINode>(BI); ++BI)
    ValueMapping[PN] = PN->getIncomingValueForBlock(SourceBlock);

  // Clone the non-phi instructions of the dest block into the source block,
  // keeping track of the mapping...
  //
  for (; BI != DestBlock->end(); ++BI) {
    Instruction *New = BI->clone();
    New->setName(BI->getName());
    SourceBlock->getInstList().push_back(New);
    ValueMapping[BI] = New;
  }

  // Now that we have built the mapping information and cloned all of the
  // instructions (giving us a new terminator, among other things), walk the new
  // instructions, rewriting references of old instructions to use new
  // instructions.
  //
  BI = Branch; ++BI;  // Get an iterator to the first new instruction
  for (; BI != SourceBlock->end(); ++BI)
    for (unsigned i = 0, e = BI->getNumOperands(); i != e; ++i) {
      std::map<Value*, Value*>::const_iterator I =
        ValueMapping.find(BI->getOperand(i));
      if (I != ValueMapping.end())
        BI->setOperand(i, I->second);
    }

  // Next we check to see if any of the successors of DestBlock had PHI nodes.
  // If so, we need to add entries to the PHI nodes for SourceBlock now.
  for (succ_iterator SI = succ_begin(DestBlock), SE = succ_end(DestBlock);
       SI != SE; ++SI) {
    BasicBlock *Succ = *SI;
    for (BasicBlock::iterator PNI = Succ->begin(); isa<PHINode>(PNI); ++PNI) {
      PHINode *PN = cast<PHINode>(PNI);
      // Ok, we have a PHI node.  Figure out what the incoming value was for the
      // DestBlock.
      Value *IV = PN->getIncomingValueForBlock(DestBlock);

      // Remap the value if necessary...
      std::map<Value*, Value*>::const_iterator I = ValueMapping.find(IV);
      if (I != ValueMapping.end())
        IV = I->second;
      PN->addIncoming(IV, SourceBlock);
    }
  }

  // Next, remove the old branch instruction, and any PHI node entries that we
  // had.
  BI = Branch; ++BI;  // Get an iterator to the first new instruction
  DestBlock->removePredecessor(SourceBlock); // Remove entries in PHI nodes...
  SourceBlock->getInstList().erase(Branch);  // Destroy the uncond branch...

  // Final step: now that we have finished everything up, walk the cloned
  // instructions one last time, constant propagating and DCE'ing them, because
  // they may not be needed anymore.
  //
  if (HadPHINodes) {
    while (BI != SourceBlock->end()) {
      Instruction *Inst = BI++;
      if (isInstructionTriviallyDead(Inst))
        Inst->eraseFromParent();
      else if (Constant *C = ConstantFoldInstruction(Inst)) {
        Inst->replaceAllUsesWith(C);
        Inst->eraseFromParent();
      }
    }
  }

  ++NumEliminated;  // We just killed a branch!
}
Example #4
0
void ArrayObfs::ArrObfuscate ( Function *F )
{

	// Iterate the whole Function
	Function *f = F;
	for ( Function::iterator bb = f->begin(); bb != f->end(); ++bb )
	{
		for ( BasicBlock::iterator inst = bb->begin(); inst != bb->end(); )
		{
			if ( inst->getOpcode() == 29 )		// getelementptr
			{
				//errs() << "INST : " << *inst << "\n";

				GetElementPtrInst *Ary = dyn_cast<GetElementPtrInst>(&*inst);
				Value *ptrVal = Ary->getOperand(0);
				Type *type = ptrVal->getType();

				unsigned numOfOprand = Ary->getNumOperands();
				unsigned lastOprand = numOfOprand - 1;

				// Check Type Array

				if ( PointerType *ptrType = dyn_cast<PointerType>( type ) )
				{
					Type *elementType = ptrType->getElementType();
					if ( elementType->isArrayTy() )
					{
						// Skip if Index is a Variable
						if ( dyn_cast<ConstantInt>( Ary->getOperand( lastOprand ) ) )
						{

				//////////////////////////////////////////////////////////////////////////////

				// Do Real Stuff
				Value *oprand = Ary->getOperand( lastOprand );
				Value *basePtr = Ary->getOperand( 0 );
				APInt offset = dyn_cast<ConstantInt>(oprand)->getValue();
				Value *prevPtr = basePtr;

				// Enter a Loop to Perform Random Obfuscation
				unsigned cnt = 100;

				// Prelog : Clone the Original Inst
				unsigned ObfsIdx =  cryptoutils->get_uint64_t() & 0xffff;
				Value *newOprand = ConstantInt::get( oprand->getType(), ObfsIdx );
				Instruction *gep = inst->clone();
				gep->setOperand( lastOprand, newOprand );
				gep->setOperand( 0, prevPtr );
				gep->insertBefore( inst );
				prevPtr = gep;
				offset = offset - ObfsIdx;

				// Create a Global Variable to Avoid Optimization
				Module *M = f->getParent();
				Constant *initGV = ConstantInt::get( prevPtr->getType(), 0 );
				GlobalVariable *gv = new GlobalVariable( *M, prevPtr->getType(), false, GlobalValue::CommonLinkage, initGV );

				while ( cnt-- )
				{
					// Iteratively Generate Obfuscated Code
					switch( cryptoutils->get_uint64_t() & 7 )
					{
					// Random Indexing Obfuscation
					case 0 :
					case 1 :
					case 2 :
						{
						//errs() << "=> Random Index \n";

						// Create New Instruction
						//   Create Obfuscated New Oprand in ConstantInt Type
						unsigned ObfsIdx =  cryptoutils->get_uint64_t() & 0xffff;
						Value *newOprand = ConstantInt::get( oprand->getType(), ObfsIdx );

						//   Create GetElementPtrInst Instruction
						GetElementPtrInst *gep = GetElementPtrInst::Create( prevPtr, newOprand, "", inst );

						//Set prevPtr
						prevPtr = gep;

						//errs() << "Created : " << *prevPtr << "\n";

						offset = offset - ObfsIdx;
						break;
						}

					// Ptr Dereference
					case 3 :
					case 4 :
						{
						//errs() << "=> Ptr Dereference \n";

						Module *M = f->getParent();
						Value *ONE = ConstantInt::get( Type::getInt32Ty( M->getContext() ), 1 );
						Value *tmp = new AllocaInst( prevPtr->getType(), ONE, "", inst );

						new StoreInst( prevPtr, tmp, inst );

						prevPtr = new LoadInst( tmp, "", inst );

						break;
						}

					// Ptr Value Transform
					case 5 :
					case 6 :
					case 7 :
						{
						//errs() << "=> Ptr Value Trans \n";

						unsigned RandNum =  cryptoutils->get_uint64_t();
						Value *ObfsVal = ConstantInt::get( prevPtr->getType(), RandNum );

						BinaryOperator *op = BinaryOperator::Create( Instruction::FAdd, prevPtr, ObfsVal, "", inst );
						new StoreInst( prevPtr, gv, inst );
						BinaryOperator::Create( Instruction::FSub, gv, ObfsVal, "", inst );
						prevPtr = new LoadInst( gv, "", inst );

						break;
						}
					}
				}

				// Postlog : Fix the Original Indexing
				{
				Value *fixOprand = ConstantInt::get( oprand->getType(), offset );
				// Refine the Last Instruction
				GetElementPtrInst *gep = GetElementPtrInst::Create( prevPtr, fixOprand, "", inst );

				// Fix the Relationship
				inst->replaceAllUsesWith( gep );

				// Finally : Unlink This Instruction From Parent
				Instruction *DI = inst++;
				//errs() << "user_back : " << *(DI->user_back()) << "\n";
				DI->removeFromParent();
				}

				//////////////////////////////////////////////////////////////////////////////

						// End : Variable Index
						} else { inst++; }
					// End : Check Array Type
					} else { inst++; }
				// End : Check Pointer Type
				} else { inst++; }
			// End : Check Opcode GetElementPtr
			} else { inst++; }
		}
	}
	++ArrayMod;
}