Live Coding in C++ 
Seiya Ishibashi 
2014/09/02
Objective 
ᮏබ₇䛜┠ᣦ䛩䛸䛣䜝 
● C++ 䛷ᛌ㐺䛻䝀䞊䝮䜢㛤Ⓨ䛩䜛⎔ቃ䜢 
● 䛔䜝䜣䛺㯮㨱⾡䜢㥑౑䛧䛶 
● 䛷䛝䜛䛰䛡ỗ⏝ⓗ䛻 
● 䛷䛝䜛䛰䛡㠀౵ධⓗ䛻 
● ୍ಶே䛾ປຊ䛷ྍ⬟䛺⠊ᅖ䛷 
● ᇶᮏⓗ䛻 Windows ๓...
About Me 
Seiya Ishibashi 
● a.k.a i-saint (@i_saint) 
● CPU & GPU ඲ຊ䛷䜆䜣ᅇ䛧䛶⨾䛧䛔䜲䞁䝍䝷䜽䝅䝵䞁䜢ᐇ⌧䛩䜛䛾䛜⏕䛝⏥ᩫ 
● ୪ิ䝥䝻䜾䝷䝭䞁䜾䜢୰ᚰ䛻䝻䞊䝺䝧䝹඲⯡䜢...
Topics 
● Runtime C++ Code Editing 
● State Save 
● Inspector
Topics 
● Runtime C++ Code Editing 
● State Save 
● Inspector
Runtime C++ Code Editing 
Runtime C++ Code Editing ? 
● C++ 䝋䞊䝇䛾ኚ᭦䜢ᐇ⾜୰䛾䝥䝻䜾䝷䝮䛻䝸䜰䝹䝍䜲䝮䛻཯ᫎ䛥䛫䜛ᶵ⬟ 
● 䛔䛟䛴䛛䛾ᐇ⿦䛜䛒䜚䚸㡰ḟゎㄝ 
● Edit and...
Runtime C++ Code Editing 
● Edit and Continue (Visual Studio) 
● Runtime Compiled C++ 
● DynamicPatcher
Edit and Continue 
Edit and Continue ? 
● VisualStudio 䛻ഛ䜟䛳䛶䛔䜛ᶵ⬟ 
● ᐇ⾜୰䛻䝕䝞䝑䜺䛷Ṇ䜑䛶 C++ 䝋䞊䝇䜢⦅㞟䛩䜛䛸䚸䛭䜜䜢཯ᫎ䛧䛴䛴ᐇ⾜䜢⥅⥆䛷䛝䜛 
● ≉ᐃ䛾䝁䞁䝟䜲...
Runtime C++ Code Editing 
● Edit and Continue (Visual Studio) 
● Runtime Compiled C++ 
● DynamicPatcher
Runtime Compiled C++ 
Runtime Compiled C++ 
● http://runtimecompiledcplusplus.blogspot.jp/ 
● Doug Binks Ặస 
● ከ䛟䛾᥇⏝ᐇ⦼䛜䛒䜛 ...
Runtime Compiled C++ 
ᐇ⿦ᡓ␎ 
1. 䜲䞁䝍䞊䝣䜵䞊䝇 class 䜢ᐃ⩏䛧䚸⦅㞟ྍ⬟䛻䛧䛯䛔㒊ศ䜢⥅ᢎ䛧䛯 class 䛻㛢䛨㎸䜑䚸DLL 䛻ศ㞳 
2. C++ 䝋䞊䝇䜢᭦᪂䛧䛯䜙 DLL 䜢䝡䝹䝗 
3. ᑐ㇟ D...
Runtime Compiled C++ 
// main.exe 
class Interface 
{ 
public: 
virtual void Update()=0; 
virtual void Serialize(...)=0; 
...
Runtime Compiled C++ 
// main.exe 
class Interface 
{ 
public: 
virtual void Update()=0; 
virtual void Serialize(...)=0; 
...
Runtime Compiled C++ 
// main.exe 
class Interface 
{ 
public: 
virtual void Update()=0; 
virtual void Serialize(...)=0; 
...
Runtime Compiled C++ 
DLL 䜈䛾ศ๭ 
● interface class 䜢⏝ព 
● ⦅㞟ྍ⬟䛻䛧䛯䛔༢఩䛷 DLL 䛻ศ๭ (䍦䝥䝻䝆䜵䜽䝖䜢ศ๭ ) 
● DLL ഃ䛿 interface 䜢⥅ᢎ䛧䛯 class...
Runtime Compiled C++ 
DLL 䛾䝡䝹䝗 
● VisualStudio 䛾䝁䞁䝟䜲䝷䜢࿧䜆 
○ 䝺䝆䝇䝖䝸䛛䜙᝟ሗ䜢ᚓ䛶 cl.exe 䜢㉳ື
Runtime Compiled C++ 
DLL 䛾䝸䝻䞊䝗 
1. DLL 䛻ᒓ䛩䜛䜸䝤䝆䜵䜽䝖䜢䝅䝸䜰䝷䜲䝈 
2. ᪂䛧䛔 DLL 䜢䝻䞊䝗 
3. ᪂䛧䛔 DLL 䛷䜸䝤䝆䜵䜽䝖䜢෌⏕ᡂ䛧䚸䝕䝅䝸䜰䝷䜲䝈 
4. ྂ䛔䜸䝤䝆䜵䜽䝖䜢◚...
Runtime Compiled C++ 
pros: 
● ᐇ⿦䛜䝅䞁䝥䝹䛛䛴ሀᐇ 
● ከ䛟䛾䝥䝷䝑䝖䝣䜷䞊䝮䛷ᐇ⌧ྍ⬟ 
● ᭱㐺໬䛜᭷ຠ䛷䜒ᶵ⬟䛩䜛 
● ⦅㞟ᚋ䜒䝕䝞䝑䜺䛷㏣㊧ྍ⬟ 
cons: 
● ⦅㞟ྍ⬟䛻䛧䛯䛔㒊ศ䜢 DLL ...
Runtime C++ Code Editing 
● Edit and Continue (Visual Studio) 
● Runtime Compiled C++ 
● DynamicPatcher
DynamicPatcher 
DynamicPatcher 
● https://github.com/i-saint/DynamicPatcher 
● Runtime Compiled C++ 䛻䜲䞁䝇䝟䜲䜰䛥䜜䛶స䜚䜎䛧䛯 
● ᪤Ꮡ䛾...
DynamicPatcher 
ᐇ⿦ᡓ␎ 
1. C++ 䝋䞊䝇䜢䝁䞁䝟䜲䝹 
2. ⏕ᡂ䛥䜜䛯 .obj 䝣䜯䜲䝹䜢⮬ຊ䛷䝻䞊䝗䠃䝸䞁䜽 
3. ྂ䛔㛵ᩘ䜢᪂䛧䛔㛵ᩘ䜈䛾 jmp 䛻᭩䛝᥮䛘䛶᭦᪂
DynamicPatcher 
// main.exe 
class Entity 
{ 
public: 
virtual void Update(); 
};
DynamicPatcher 
// main.exe 
class Entity 
{ 
public: 
virtual void Update(); 
}; 
// entity.obj 
class Entity 
{ 
public:...
DynamicPatcher 
C++ 䝋䞊䝇䜢䝁䞁䝟䜲䝹 
● msbuild 䛻௵䛫䜛 
○ VisualStudio 䛾䝡䝹䝗䝒䞊䝹 
○ 䝍䞊䝀䝑䝖䜢 “ClCompile” 䛸䛩䜛䛣䛸䛷䝁䞁䝟䜲䝹䛰䛡ᐇ⾜ྍ⬟
DynamicPatcher 
.obj 䝣䜯䜲䝹䛾䝻䞊䝗䠃䝸䞁䜽 
● .obj 䛿䝣䜷䞊䝬䝑䝖䛜බ㛤䛥䜜䛶䛚䜚䚸ẚ㍑ⓗ䜟䛛䜚䜔䛩䛔ᵓ㐀䜢䛧䛶䛔䜛䛯䜑䚸⮬ຊ䝻䞊䝗䠃䝸䞁䜽 
䛿䛭䛣䜎䛷㞴䛧䛟䛿䛺䛔 
○ 䝣䜯䜲䝹䝣䜷䞊䝬䝑䝖㈨ᩱ䠖 http:...
DynamicPatcher 
section 䜢෌㓄⨨䛧䛴䛴䝯䝰䝸ୖ䛻䝬䝑䝥 
● .obj 䝣䜯䜲䝹䛿 section 䛸࿧䜀䜜䜛䝤䝻䝑䜽䛷ᵓᡂ䛥䜜䜛 
● section ẖ䛻Ⰽ䜣䛺ᒓᛶ䛸᝟ሗ䛜௜㝶䛩䜛 
○ 䝕䞊䝍䚸ᐇ⾜䝁䞊䝗䚸䝕䝞䝑䜾...
DynamicPatcher 
relocation ᝟ሗ䜢ඖ䛻䝅䞁䝪䝹䜢䝸䞁䜽 
● relocation ᝟ሗ: 䝸䞁䜽᫬䛻䛣䛣䛻䛒䛾䝅䞁䝪䝹䛾䜰䝗䝺䝇䜢᭩䛝㎸䜣䛷䛽䚸䛸䛔䛖᝟ሗ 
● 䛣䛾᝟ሗ䛻ᚑ䛳䛶䜰䝗䝺䝇䜢᭩䛝㎸䜣䛷䛔䛡䜀䝸䞁䜽䛜᏶஢...
DynamicPatcher 
ྂ䛔㛵ᩘ䜢᪂䛧䛔㛵ᩘ䜈䛾 jmp 䛻᭩䛝᥮䛘䛶᭦᪂ 
● 㛵ᩘ䛾ඛ㢌 5 byte 䜢᪂䛧䛔㛵ᩘ䜈䛾 jmp 䛻᭩䛝᥮䛘䜛 
○ x86 䛻䛿࿨௧⮬㌟䛻㣕䜃ඛ䜰䝗䝺䝇䜢ྵ䜑䜙䜜䜛 jmp ࿨௧䛜䛒䜛 
○ 䝺䝆䝇...
DynamicPatcher 
᪤Ꮡ䛾䝥䝻䜾䝷䝮䛻⤌䜏㎸䜐 
● main() 㛵ᩘ䛻 1 ⾜㊊䛧䛶䝡䝹䝗䛧䛶䜒䜙䛘䜛䛺䜙䛭䜜䛷஦㊊䜚䜛 
● 䛧䛛䛧䝋䞊䝇䛻ኚ᭦䛜ᚲせ䛰䛸ᑟධ䝁䝇䝖䛜ୖ䛜䜛䚹䝋䞊䝇䛾ኚ᭦䛺䛧䛷ᑐᛂ䛧䛯䛔 
● 䛣䛖䛔䛖᫬䛣䛭 ...
DynamicPatcher 
DLL Injection 
● ᪤Ꮡ䛾䝥䝻䜾䝷䝮䛻௵ព䛾 DLL (=௵ព䛾䝁䞊䝗) 䜢ὀධ䛩䜛䝔䜽䝙䝑䜽 
● CreateRemoteThread() 䜢⏝䛔䚸ᑐ㇟䝥䝻䝉䝇䛾୰䛷 LoadLibrary()...
DynamicPatcher 
᪤Ꮡ䛾䝥䝻䜾䝷䝮䛻⤌䜏㎸䜐 (2) 
● ୍㐃䛾ᶵ⬟䜢ᐇ⿦䛧䛯 DLL 䜢ᑐ㇟䝥䝻䝉䝇䛻ὀධ 
● DLL 䛛䜙䝥䝻䝉䝇㛫㏻ಙ䛷እ㒊䛛䜙㏻ಙ䛩䜛❆ཱྀ䜢㛤䛟 
● 䝸䜽䜶䝇䝖䛻ᛂ䛨䛶᭦᪂䛩䜛㛵ᩘ䛾ᣦᐃ䜔 .obj ...
DynamicPatcher 
demo
DynamicPatcher 
ไ㝈䠃ὀពⅬ 
● ኚ᭦ᚋ䛾 .cpp 䛿䝕䝞䝑䜺䛷㏣䛘䛺䛟䛺䜛 
○ 䝋䞊䝇䛸䝞䜲䝘䝸䛿ኚ䜟䜛୍᪉䝕䝞䝑䜾᝟ሗ䛿ኚ䜟䜙䛺䛔䛯䜑 
● /LTCG (䝸䞁䜽᫬䝁䞊䝗⏕ᡂ ) 䜸䝥䝅䝵䞁䛷䝁䞁䝟䜲䝹䛥䜜䛯 .obj...
DynamicPatcher 
pros 
● ᪤Ꮡ䛾䝥䝻䝆䜵䜽䝖䛻䛭䛾䜎䜎㐺⏝ྍ⬟ 
● ᭱㐺໬䛜᭷ຠ䛷䜒ᶵ⬟䛩䜛 (䛯䛰䛧䝸䞁䜽᫬䝁䞊䝗⏕ᡂ䛿䝎䝯 ) 
● 䜋䜌඲䛶䛾㛵ᩘ䜢᭦᪂ྍ⬟ 
cons 
● ⦅㞟ᚋ䝕䝞䝑䜺䛷㏣䛘䛺䛟䛺䜛 
● ᑐ...
Runtime C++ Code Editing 
⪃ᐹ 
● Edit and Continue 
○ x64 ᑐᛂ & ᭱㐺໬᭷ຠ䛜䛺䛔䛸䝀䞊䝮ᒇⓗ䛻ཝ䛧䛔 … 
● Runtime Compiled C++ 
○ ಙ㢗ᛶ䛾㧗䛥䛿᥇⏝ᐇ⦼䛜...
Runtime C++ Code Editing 
⿵㊊᝟ሗ 
● Recode 
○ http://www.indefiant.com/ 
○ GDC 2014 䛷Ⓨ⾲䚹Cryengine 䛜᥇⏝ 
○ ᪤Ꮡ䝥䝻䝆䜵䜽䝖䛻䛭䛾䜎䜎㐺⏝ྍ⬟䚹䝬...
Topics 
● Runtime C++ Code Editing 
● State Save 
● Inspector
State Save 
State Save? 
● 䝥䝻䝉䝇䛾ෆ㒊≧ែ䜢䜎䜛䛤䛸ಖᏑ䠃᚟ඖ䛩䜛ᶵ⬟ 
● Checkpointing 䛸䛔䛖ྡ๓䛜䜘䜚ṇᘧ䜙䛧䛔 
○ http://en.wikipedia.org/wiki/Applicat...
State Save 
ᐇ⿦ᡓ␎ 
● 䝥䝻䝉䝇䛾≧ែ䜢᚟ඖ䛩䜛䛾䛻ᚲせ䛺䜒䛾䛿௨ୗ䛾 3 䛴 
○ 䝯䝰䝸䛾≧ែ 
○ 䝇䝺䝑䝗䛾≧ែ 
○ 䜹䞊䝛䝹䜸䝤䝆䜵䜽䝖䛾≧ែ 
● 䛣䜜䜙䛾᚟ඖ䛻ᚲせ䛺᝟ሗ䜢཰㞟䛩䜛
State Save 
ணഛ▱㆑: API Hook 
● 㛵ᩘ䛾࿧䜃ฟ䛧䜢ู䛾㛵ᩘ䛻䝸䝎䜲䝺䜽䝖䛥䛫䜛䝔䜽䝙䝑䜽 
● ᑐ㇟䛜እ㒊 DLL 䛾㛵ᩘ䛾ሙྜ䚸 Import Address Table 䜢᭩䛝᥮䛘䜛䛣䛸䛷ᐜ᫆䛻ᐇ⌧ྍ⬟ 
○ ྛ䝰...
State Save 
ணഛ▱㆑: API Hook 
● 㛵ᩘ䛾࿧䜃ฟ䛧䜢ู䛾㛵ᩘ䛻䝸䝎䜲䝺䜽䝖䛥䛫䜛䝔䜽䝙䝑䜽 
● ᑐ㇟䛜እ㒊 DLL 䛾㛵ᩘ䛾ሙྜ䚸 Import Address Table 䜢᭩䛝᥮䛘䜛䛣䛸䛷ᐜ᫆䛻ᐇ⌧ྍ⬟ 
○ ྛ䝰...
State Save 
ணഛ▱㆑: API Hook (2) 
● WinAPI 䜢 hook 䛧䛶 
○ ᚟ඖ䛻ᚲせ䛺᝟ሗ䜢䛛䛩䜑ྲྀ䜛 
○ 䜒䛧䛟䛿᚟ඖྍ⬟䛺⊂⮬䝹䞊䝏䞁䛻ᕪ䛧᭰䛘䜛 
● 䛸䛔䛖䛾䛜௒ᅇ䛾ᇶᮏᡓ␎
State Save 
䝯䝰䝸䛾≧ែ 
● 䝰䝆䝳䞊䝹㡿ᇦ䚸䝠䞊䝥㡿ᇦ䚸䝨䞊䝆䝯䝰䝸䚸䝇䝍䝑䜽㡿ᇦ䚸ಶูᑐฎ䛜ᚲせ
State Save 
䝯䝰䝸䛾≧ែ (2) 
● 䝰䝆䝳䞊䝹㡿ᇦ 
○ exe 䜔 dll 䛜䝬䝑䝥䛥䜜䛯㡿ᇦ 
○ global ኚᩘ䚸static ኚᩘ䛿䛣䛾㡿ᇦ䛻Ꮡᅾ 
○ 䝁䞊䝗㡿ᇦ䛿᭩䛝㎸䜏୙ྍ⬟䚸ኚᩘ㡿ᇦ䛿᭩䛝㎸䜏ྍ⬟ᒓᛶ䛜䛴䛔䛶...
State Save 
䝯䝰䝸䛾≧ែ (3) 
● 䝠䞊䝥㡿ᇦ 
○ malloc() 䜔 new 䛻䜘䛳䛶☜ಖ䛥䜜䛯㡿ᇦ 
○ 䛣䜜䜙䛿䛭䛾䜎䜎䛷䛿☜ಖ䛩䜛㡿ᇦ䛾䜰䝗䝺䝇䛾ண 䛜ᅔ㞴 
○ MSVCRT 䛾䝯䝰䝸☜ಖ䝹䞊䝏䞁䛿඲䛶 WinAP...
State Save 
䝯䝰䝸䛾≧ែ (4) 
● 䝨䞊䝆䝯䝰䝸 
○ VirtualAlloc() ୍᪘䛷☜ಖ䛥䜜䛯㡿ᇦ 
○ 䜰䝗䝺䝇ᣦᐃ䛾☜ಖ䛜䛷䛝䜛䛯䜑⡆༢ 
○ VirtualAlloc() ୍᪘䜢 hook 䛧䛶ᚲせ䛺᝟ሗ䜢グ㘓䛩䜛...
State Save 
䝯䝰䝸䛾≧ែ (5) 
● 䝇䝍䝑䜽㡿ᇦ 
○ GetContext䠄䠅 䛷䝇䝺䝑䝗䛾䝺䝆䝇䝍䛾≧ែ䜢ྲྀᚓ䛷䛝䜛 
○ esp (x64 䛰䛸 rsp) 䝺䝆䝇䝍䛜䝇䝍䝑䜽䛾䛹䛣䛛䜢ᣦ䛧䛶䛔䜛 
○ VirualQuer...
State Save 
䝇䝺䝑䝗䛾≧ែ 
● ྛ䝇䝺䝑䝗䛾䝇䝍䝑䜽䛸䝺䝆䝇䝍䛾≧ែ 
● 䝇䝍䝑䜽䛻䛴䛔䛶䛿ඛ䛻ゐ䜜䛯㏻䜚 
● 䝺䝆䝇䝍䛾ෆᐜ䛿 GetContext() & SetContext() 䜢࿧䜆䛰䛡
State Save 
䜹䞊䝛䝹䜸䝤䝆䜵䜽䝖䛾≧ែ 
● 㠀ᖖ䛻㞴䛧䛔㒊ศ 
● API Hook 䛷㉸㡹ᙇ䛳䛶᚟ඖ䛻ᚲせ䛺᝟ሗ䜢཰㞟 
● HANDLE 䛿⊂⮬⟶⌮䛾䜒䛾䛷 wrap 
○ WinAPI 䛜㏉䛩 HANDLE 䛿್䛿ண ᅔ㞴䛺...
State Save 
᪤Ꮡ䛾䝥䝻䜾䝷䝮䛻⤌䜏㎸䜐 
● DLL Injection 䛷⡆༢䛻ᐇ⌧ྍ⬟ 
● ௒ᅇ䛾౛䛷䛿 DLL 䛾୰䛷≉ᐃ䜻䞊ධຊ䛻ᛂ䛨䛶䝉䞊䝤䠃䝻䞊䝗
State Save 
demo
State Save 
⪃ᐹ 
● 䛱䜓䜣䛸ືస䛩䜜䜀ᙉຊ䛺㛤Ⓨᨭ᥼ᶵ⬟䛻䛺䜛䛿䛪 
● 䛧䛛䛧䛱䜓䜣䛸ືస䛩䜛䜒䛾䛻௙ୖ䛢䜛䛾䛿㠀ᖖ䛻㞴䛧䛔 
● ௒ᅇ䛾౛䜒䜎䛰䜎䛰Ⓨᒎ㏵ୖ 
○ 䜹䞊䝛䝹䜸䝤䝆䜵䜽䝖䛿䜋䛸䜣䛹ᮍᑐᛂ䚹䜾䝷䝣䜱䝑䜽⣔䜒ᮍᑐᛂ...
State Save 
⿵㊊᝟ሗ: HourGlass 
● https://code.google.com/p/hourglass-win32/ 
● 䜸䞊䝥䞁䝋䞊䝇䛾 Windows ⏝ TAS ື⏬సᡂᨭ᥼䝒䞊䝹 
● API Hook ...
State Save 
⿵㊊᝟ሗ: undump 
● http://d.hatena.ne.jp/shinichiro_h/20060715/1152922272 
● Linux ୖ䛷௒ᅇㄝ᫂䛧䛯ෆᐜ䜢ᐇ⌧䛩䜛䜒䛾 
● Linux 䛷䛿䛔...
Topics 
● Runtime C++ Code Editing 
● State Save 
● Inspector
Inspector 
Inspector ? 
● GUI䛛䜙䝸䜰䝹䝍䜲䝮䛻䝕䞊䝍䜢⦅㞟䛩䜛ᶵ⬟ 
● 䛔䜎䛹䛝䛾䝀䞊䝮䜶䞁䝆䞁䛺䜙኱᢬ഛ䜟䛳䛶䜛䜰䝺
Inspector 
ᐇ⿦ᡓ␎ 
● 䝕䝞䝑䜾᝟ሗ䛻 class 䛾䝕䞊䝍ᵓ㐀䛜ධ䛳䛶䛔䜛䛾䛷䛭䜜䜢฼⏝ 
● 䜸䝤䝆䜵䜽䝖䜈䛾䝫䜲䞁䝍䛸ᆺྡ䛛䜙⦅㞟⏝ GUI 䜢ᵓ⠏ 
● GUI 䛾⦅㞟⤖ᯝ䜢཯ᫎ
Inspector 
䝕䝞䝑䜾᝟ሗ䛾䝟䞊䝇 
● ᆺྡ (ᩥᏐิ) 䛛䜙 SymGetTypeInfo() 䛷ᆺ᝟ሗ䜢ྲྀᚓ 
UDT 
class Hoge 
{ 
public: 
int m_data; 
}; 
Index = 15 
U...
Inspector 
䝕䝞䝑䜾᝟ሗ䛾䝟䞊䝇 (2) 
● n byte ┠䛻䛹䛾ᆺ䛾䝕䞊䝍䛜䛒䜛䚸䛸䛔䛳䛯᝟ሗ䛜ྲྀ䜜䜛 
● 䜸䝤䝆䜵䜽䝖䛾ྛ䝯䞁䝞䛻ᑐᛂ䛩䜛 GUI 䛾䝁䞁䝖䝻䞊䝹䜢సᡂ 
○ 㡹ᙇ䜜䜀䝕䝞䝑䜺䛾ኚᩘḍ䜢䛭䛾䜎䜎෌⌧䛷䛝䜛䛿䛪...
Inspector 
ᡭື⏕ᡂ䛸⤌䜏ྜ䜟䛫䜛 
● ⮬ື⏕ᡂ䜸䞁䝸䞊䛿ᑡ䚻ཝ䛧䛔 
○ std::vector ၥ㢟 
○ ⦅㞟䛥䛫䛯䛟䛺䛔䝯䞁䝞ၥ㢟 
○ ࿨ྡつ๎䜢タ䛡䛶 annotation 䛾௦䜟䜚䛻䛩䜛䚸䛺䛹䛿䛒䜚䛛䜒 
● ᡭື⏕ᡂ...
Inspector 
䜶䝕䜱䝍䛾ᐇ⿦ 
● GUI 䝣䝺䞊䝮䝽䞊䜽䛿䛺䜣䛷䜒䛔䛔䛜䚸௒ᅇ䛿 HTML & Javascript 䜢౑⏝ 
● HTTP 䝃䞊䝞䛿 Poco 䛾䛚䛛䛢䛷ᐜ᫆䛻ᐇ⿦ྍ⬟ 
○ http://pocoproject.o...
Inspector 
demo
Inspector 
⪃ᐹ 
● ẚ㍑ⓗ䛚ᡭ㍍䛻ᐇ⿦ྍ⬟䛷䛒䜚䛺䛜䜙ᜠᜨ䛿኱䛝䛔 
● 䝋䞊䝇䛻ᡭ䜢ຍ䛘䛪䛻ᶵ⬟㏣ຍ䛧䛯䛔ሙྜ䜔䜔㞴ᗘ䛜ୖ䛜䜛 
○ DLL Injection & class 䛾䝁䞁䝇䝖䝷䜽䝍 & 䝕䝇䝖䝷䜽䝍䜢 hook 
...
Inspector 
⿵㊊ 
● Unreal Engine 4 䛿ู䛾ᐇ⿦䜰䝥䝻䞊䝏 
○ 䝕䝞䝑䜾᝟ሗ౑䜟䛪⮬ຊゎᯒ
Conclusion 
● 䝕䝞䝑䜾᝟ሗ䛸ᐇ⾜ྍ⬟䝯䝰䝸䛥䛘䛒䜜䜀 C++ 䛿ືⓗゝㄒ 
● ≉ᐃ OS & 䝁䞁䝟䜲䝷๓ᥦ䛷䛒䜜䜀Ⰽ䚻䛺୙ᛮ㆟ᶵ⬟䜢ᐇ⌧ྍ⬟ 
● ᪤Ꮡ䛾䝒䞊䝹䛛䜙䜲䞁䝇䝢䝺䞊䝅䝵䞁䜢ᚓ䜙䜜䜛䛣䛸䜒
Questions?
End 
䛒䜚䛜䛸䛖䛤䛦䛔䜎䛧䛯䟿
Resources 
● 今ᅇ䛾䝕䝰䛾䝋䞊䝇䝁䞊䝗⩌ 
○ DynamicPatcher: https://github.com/i-saint/DynamicPatcher 
○ RestoreProcessState: https://gi...
Upcoming SlideShare
Loading in...5
×

CEDEC2014 Live Coding in C++

10,048

Published on

0 Comments
36 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
10,048
On Slideshare
0
From Embeds
0
Number of Embeds
15
Actions
Shares
0
Downloads
51
Comments
0
Likes
36
Embeds 0
No embeds

No notes for slide

CEDEC2014 Live Coding in C++

  1. 1. Live Coding in C++ Seiya Ishibashi 2014/09/02
  2. 2. Objective ᮏබ₇䛜┠ᣦ䛩䛸䛣䜝 ● C++ 䛷ᛌ㐺䛻䝀䞊䝮䜢㛤Ⓨ䛩䜛⎔ቃ䜢 ● 䛔䜝䜣䛺㯮㨱⾡䜢㥑౑䛧䛶 ● 䛷䛝䜛䛰䛡ỗ⏝ⓗ䛻 ● 䛷䛝䜛䛰䛡㠀౵ධⓗ䛻 ● ୍ಶே䛾ປຊ䛷ྍ⬟䛺⠊ᅖ䛷 ● ᇶᮏⓗ䛻 Windows ๓ᥦ䛷 ● ᐇ⌧䛩䜛 *ᮏබ₇䛿⚾ಶே䛾ᐇ㦂䛾ᡂᯝ䛷䛒䜚䚸 Unity 䛸䛿≉䛻㛵ಀ䛿䛒䜚䜎䛫䜣 (ᑡ䛺䛟䛸䜒௒⌧ᅾ䛿䚹䛭䛖䛔䛖ヰ䜢ᮇᚅ䛧䛶䛔䛯᪉䛻䛿䛩䜏䜎䛫䜣 )
  3. 3. About Me Seiya Ishibashi ● a.k.a i-saint (@i_saint) ● CPU & GPU ඲ຊ䛷䜆䜣ᅇ䛧䛶⨾䛧䛔䜲䞁䝍䝷䜽䝅䝵䞁䜢ᐇ⌧䛩䜛䛾䛜⏕䛝⏥ᩫ ● ୪ิ䝥䝻䜾䝷䝭䞁䜾䜢୰ᚰ䛻䝻䞊䝺䝧䝹඲⯡䜢ᢸᙜ䚹䛯䜎䛻䜾䝷䝣䜱䝑䜽䜒 ● ᭱㏆䛰䛸 Unity 䛱䜓䜣䝇䝔䞊䝆䛾ᗋ䜢ᢸᙜ
  4. 4. Topics ● Runtime C++ Code Editing ● State Save ● Inspector
  5. 5. Topics ● Runtime C++ Code Editing ● State Save ● Inspector
  6. 6. Runtime C++ Code Editing Runtime C++ Code Editing ? ● C++ 䝋䞊䝇䛾ኚ᭦䜢ᐇ⾜୰䛾䝥䝻䜾䝷䝮䛻䝸䜰䝹䝍䜲䝮䛻཯ᫎ䛥䛫䜛ᶵ⬟ ● 䛔䛟䛴䛛䛾ᐇ⿦䛜䛒䜚䚸㡰ḟゎㄝ ● Edit and Continue (Visual Studio) ● Runtime Compiled C++ ● DynamicPatcher
  7. 7. Runtime C++ Code Editing ● Edit and Continue (Visual Studio) ● Runtime Compiled C++ ● DynamicPatcher
  8. 8. Edit and Continue Edit and Continue ? ● VisualStudio 䛻ഛ䜟䛳䛶䛔䜛ᶵ⬟ ● ᐇ⾜୰䛻䝕䝞䝑䜺䛷Ṇ䜑䛶 C++ 䝋䞊䝇䜢⦅㞟䛩䜛䛸䚸䛭䜜䜢཯ᫎ䛧䛴䛴ᐇ⾜䜢⥅⥆䛷䛝䜛 ● ≉ᐃ䛾䝁䞁䝟䜲䝹䜸䝥䝅䝵䞁 (/ZI) 䜢䛴䛡䛶䝡䝹䝗䛩䜛䛣䛸䛷ᑐᛂྍ⬟ ● 䝀䞊䝮ᒇⓗ䛻ཝ䛧䛔ไ㝈䛜䛔䛟䛴䛛䛒䜛 ○ ᭱㐺໬䛜᭷ຠ䛰䛸౑䛘䛺䛔 ○ x64 ᮍᑐᛂ ○ 䝕䝞䝑䜺䛷Ṇ䜑䛺䛔䛸ኚ᭦䜢཯ᫎ䛷䛝䛺䛔
  9. 9. Runtime C++ Code Editing ● Edit and Continue (Visual Studio) ● Runtime Compiled C++ ● DynamicPatcher
  10. 10. Runtime Compiled C++ Runtime Compiled C++ ● http://runtimecompiledcplusplus.blogspot.jp/ ● Doug Binks Ặస ● ከ䛟䛾᥇⏝ᐇ⦼䛜䛒䜛 ● Unreal Engine 4 䛾 Hot Reload 䛿኱య䛣䜜䛸ྠ䛨௙⤌䜏
  11. 11. Runtime Compiled C++ ᐇ⿦ᡓ␎ 1. 䜲䞁䝍䞊䝣䜵䞊䝇 class 䜢ᐃ⩏䛧䚸⦅㞟ྍ⬟䛻䛧䛯䛔㒊ศ䜢⥅ᢎ䛧䛯 class 䛻㛢䛨㎸䜑䚸DLL 䛻ศ㞳 2. C++ 䝋䞊䝇䜢᭦᪂䛧䛯䜙 DLL 䜢䝡䝹䝗 3. ᑐ㇟ DLL 䛻ᒓ䛩䜛䜸䝤䝆䜵䜽䝖䜢䝅䝸䜰䝷䜲䝈䛧䚸 DLL 䜢䝸䝻䞊䝗䛧䚸䜸䝤䝆䜵䜽䝖䜢䝕䝅䝸䜰䝷䜲䝈
  12. 12. Runtime Compiled C++ // main.exe class Interface { public: virtual void Update()=0; virtual void Serialize(...)=0; }; // entity.dll class Entity : public Interface { public: virtual void Update(); virtual void Serialize(...); };
  13. 13. Runtime Compiled C++ // main.exe class Interface { public: virtual void Update()=0; virtual void Serialize(...)=0; }; // entity.dll class Entity : public Interface { public: virtual void Update(); virtual void Serialize(...); }; // entity_updated.dll class Entity : public Interface { public: virtual void Update(); virtual void Serialize(...); };
  14. 14. Runtime Compiled C++ // main.exe class Interface { public: virtual void Update()=0; virtual void Serialize(...)=0; }; // entity.dll class Entity : public Interface { public: virtual void Update(); virtual void Serialize(...); }; // entity_updated.dll class Entity : public Interface { public: virtual void Update(); virtual void Serialize(...); };
  15. 15. Runtime Compiled C++ DLL 䜈䛾ศ๭ ● interface class 䜢⏝ព ● ⦅㞟ྍ⬟䛻䛧䛯䛔༢఩䛷 DLL 䛻ศ๭ (䍦䝥䝻䝆䜵䜽䝖䜢ศ๭ ) ● DLL ഃ䛿 interface 䜢⥅ᢎ䛧䛯 class 䜢ᐇ⿦䛧䚸䛭䛾 factory 㛵ᩘ䜢 exe ഃ䛻ᥦ౪
  16. 16. Runtime Compiled C++ DLL 䛾䝡䝹䝗 ● VisualStudio 䛾䝁䞁䝟䜲䝷䜢࿧䜆 ○ 䝺䝆䝇䝖䝸䛛䜙᝟ሗ䜢ᚓ䛶 cl.exe 䜢㉳ື
  17. 17. Runtime Compiled C++ DLL 䛾䝸䝻䞊䝗 1. DLL 䛻ᒓ䛩䜛䜸䝤䝆䜵䜽䝖䜢䝅䝸䜰䝷䜲䝈 2. ᪂䛧䛔 DLL 䜢䝻䞊䝗 3. ᪂䛧䛔 DLL 䛷䜸䝤䝆䜵䜽䝖䜢෌⏕ᡂ䛧䚸䝕䝅䝸䜰䝷䜲䝈 4. ྂ䛔䜸䝤䝆䜵䜽䝖䜢◚Რ 5. ྂ䛔 DLL 䜢䜰䞁䝻䞊䝗 ● 䝅䝸䜰䝷䜲䝈䛿䝕䞊䝍ᵓ㐀䛻ኚ᭦䛜䛺䛟䛶䜒ᚲせ ○ 䛭䛖䛧䛺䛔䛸 vtable 䛜᭦᪂䛥䜜䛪䚸ྂ䛔 DLL 䛾㛵ᩘ䜢࿧䜃䛻⾜䛣䛖䛸䛧䛶Ṛ䛼
  18. 18. Runtime Compiled C++ pros: ● ᐇ⿦䛜䝅䞁䝥䝹䛛䛴ሀᐇ ● ከ䛟䛾䝥䝷䝑䝖䝣䜷䞊䝮䛷ᐇ⌧ྍ⬟ ● ᭱㐺໬䛜᭷ຠ䛷䜒ᶵ⬟䛩䜛 ● ⦅㞟ᚋ䜒䝕䝞䝑䜺䛷㏣㊧ྍ⬟ cons: ● ⦅㞟ྍ⬟䛻䛧䛯䛔㒊ศ䜢 DLL 䛻ศ㞳䛩䜛ᚲせ䛜䛒䜛 ● 䝅䝸䜰䝷䜲䝈䛜ᚲせ ● interface 䜢⥅ᢎ䛧䛯 class 䛧䛛᭦᪂䛷䛝䛺䛔
  19. 19. Runtime C++ Code Editing ● Edit and Continue (Visual Studio) ● Runtime Compiled C++ ● DynamicPatcher
  20. 20. DynamicPatcher DynamicPatcher ● https://github.com/i-saint/DynamicPatcher ● Runtime Compiled C++ 䛻䜲䞁䝇䝟䜲䜰䛥䜜䛶స䜚䜎䛧䛯 ● ᪤Ꮡ䛾䝥䝻䝆䜵䜽䝖䛻⡆༢䛻⤌䜏㎸䜑䜛䛣䛸䜢෌ඃඛ䛻タィ ● Riot Games 䛷᥇⏝䛥䜜䛯ᐇ⦼䛒䜚
  21. 21. DynamicPatcher ᐇ⿦ᡓ␎ 1. C++ 䝋䞊䝇䜢䝁䞁䝟䜲䝹 2. ⏕ᡂ䛥䜜䛯 .obj 䝣䜯䜲䝹䜢⮬ຊ䛷䝻䞊䝗䠃䝸䞁䜽 3. ྂ䛔㛵ᩘ䜢᪂䛧䛔㛵ᩘ䜈䛾 jmp 䛻᭩䛝᥮䛘䛶᭦᪂
  22. 22. DynamicPatcher // main.exe class Entity { public: virtual void Update(); };
  23. 23. DynamicPatcher // main.exe class Entity { public: virtual void Update(); }; // entity.obj class Entity { public: virtual void Update(); };
  24. 24. DynamicPatcher C++ 䝋䞊䝇䜢䝁䞁䝟䜲䝹 ● msbuild 䛻௵䛫䜛 ○ VisualStudio 䛾䝡䝹䝗䝒䞊䝹 ○ 䝍䞊䝀䝑䝖䜢 “ClCompile” 䛸䛩䜛䛣䛸䛷䝁䞁䝟䜲䝹䛰䛡ᐇ⾜ྍ⬟
  25. 25. DynamicPatcher .obj 䝣䜯䜲䝹䛾䝻䞊䝗䠃䝸䞁䜽 ● .obj 䛿䝣䜷䞊䝬䝑䝖䛜බ㛤䛥䜜䛶䛚䜚䚸ẚ㍑ⓗ䜟䛛䜚䜔䛩䛔ᵓ㐀䜢䛧䛶䛔䜛䛯䜑䚸⮬ຊ䝻䞊䝗䠃䝸䞁䜽 䛿䛭䛣䜎䛷㞴䛧䛟䛿䛺䛔 ○ 䝣䜯䜲䝹䝣䜷䞊䝬䝑䝖㈨ᩱ䠖 http://www.skyfree.org/linux/references/coff.pdf
  26. 26. DynamicPatcher section 䜢෌㓄⨨䛧䛴䛴䝯䝰䝸ୖ䛻䝬䝑䝥 ● .obj 䝣䜯䜲䝹䛿 section 䛸࿧䜀䜜䜛䝤䝻䝑䜽䛷ᵓᡂ䛥䜜䜛 ● section ẖ䛻Ⰽ䜣䛺ᒓᛶ䛸᝟ሗ䛜௜㝶䛩䜛 ○ 䝕䞊䝍䚸ᐇ⾜䝁䞊䝗䚸䝕䝞䝑䜾᝟ሗ䚸 etc ● 䜰䝷䜲䝯䞁䝖ᣦᐃ䛜䛒䜛 section 䛜䛒䜚䚸.obj 䝣䜯䜲䝹䛾≧ែ䛷䛿䛣䜜䜢⪃៖䛧䛯㓄⨨䛻䛺䛳䛶䛔䛺 䛔䚹⮬ຊ䛷෌㓄⨨䛩䜛ᚲせ䛜䛒䜛 ○ 䛣䜜䜢ᛰ䜛䛸 __m128 䛾 literal 䜢ཧ↷䛺䛹䛷ㅦ䛾䜽䝷䝑䝅䝳䛜㉳䛝䜛 ● VirtualAlloc() 䛷☜ಖ䛧䛯䚸ᐇ⾜ྍ⬟ᒓᛶ௜䛝䛾㡿ᇦ䛻 section 䛾ෆᐜ䜢⛣䛧䛶䛔䛡䜀 ok
  27. 27. DynamicPatcher relocation ᝟ሗ䜢ඖ䛻䝅䞁䝪䝹䜢䝸䞁䜽 ● relocation ᝟ሗ: 䝸䞁䜽᫬䛻䛣䛣䛻䛒䛾䝅䞁䝪䝹䛾䜰䝗䝺䝇䜢᭩䛝㎸䜣䛷䛽䚸䛸䛔䛖᝟ሗ ● 䛣䛾᝟ሗ䛻ᚑ䛳䛶䜰䝗䝺䝇䜢᭩䛝㎸䜣䛷䛔䛡䜀䝸䞁䜽䛜᏶஢䛩䜛 ● .obj ෆ䛻䛒䜛䝅䞁䝪䝹䛿 .obj 䛾䝅䞁䝪䝹䝔䞊䝤䝹䛛䜙ྲྀᚓྍ⬟ ● 䝩䝇䝖䝥䝻䜾䝷䝮䛾䝅䞁䝪䝹䛿 SymFromName() 䜒䛧䛟䛿 .map 䝣䜯䜲䝹䛛䜙ྲྀᚓྍ⬟ ○ SymFromName() 䛿 .pdb 䛜ᚲせ䛛䛴㉸㐜䛔ୖ䚸 thread unsafe ○ .map 䝣䜯䜲䝹䜢౑䛖᪉䛜ᮃ䜎䛧䛔 (䛯䛰䛧䝸䞁䜹䜸䝥䝅䝵䞁 /MAP 䛜ᚲせ) ● ≉ᐃ䛾䝅䞁䝪䝹䛿ᖖ䛻䝩䝇䝖䝥䝻䜾䝷䝮䛾䝅䞁䝪䝹䛷䝸䞁䜽䛩䜛ᚲせ䛜䛒䜛 ○ static 䛺䜸䝤䝆䜵䜽䝖䛺䛹䚸ศᩓ䛥䜜䜛䛸ᅔ䜛䜒䛾
  28. 28. DynamicPatcher ྂ䛔㛵ᩘ䜢᪂䛧䛔㛵ᩘ䜈䛾 jmp 䛻᭩䛝᥮䛘䛶᭦᪂ ● 㛵ᩘ䛾ඛ㢌 5 byte 䜢᪂䛧䛔㛵ᩘ䜈䛾 jmp 䛻᭩䛝᥮䛘䜛 ○ x86 䛻䛿࿨௧⮬㌟䛻㣕䜃ඛ䜰䝗䝺䝇䜢ྵ䜑䜙䜜䜛 jmp ࿨௧䛜䛒䜛 ○ 䝺䝆䝇䝍䛾ෆᐜ䜢ኚ䛘䛪䛻ไᚚ䜢㣕䜀䛫䜛䛯䜑䚸ᘬᩘ䛜ྠ䛨ᆺ䛾ู䛾㛵ᩘ䛻⡆༢䛻䝸䝎䜲䝺䜽 䝖䛷䛝䜛 ● 㛵ᩘ䛾䜰䝗䝺䝇䛿ኚ䜟䜙䛺䛔䛾䛷 vtable 䛾᭦᪂䛜ᚲせ䛺䛟䛺䜛 ○ 䝅䝸䜰䝷䜲䝈䛺䛧䛷 class 䛾ᣲື䜢ኚ᭦ྍ⬟ ● virtual 㛵ᩘ䛻㝈䜙䛪䜋䛸䜣䛹䛾㛵ᩘ䛾᭦᪂䛜ྍ⬟ ○ inline 㛵ᩘ䛺䛹୍㒊౛እ䛒䜚
  29. 29. DynamicPatcher ᪤Ꮡ䛾䝥䝻䜾䝷䝮䛻⤌䜏㎸䜐 ● main() 㛵ᩘ䛻 1 ⾜㊊䛧䛶䝡䝹䝗䛧䛶䜒䜙䛘䜛䛺䜙䛭䜜䛷஦㊊䜚䜛 ● 䛧䛛䛧䝋䞊䝇䛻ኚ᭦䛜ᚲせ䛰䛸ᑟධ䝁䝇䝖䛜ୖ䛜䜛䚹䝋䞊䝇䛾ኚ᭦䛺䛧䛷ᑐᛂ䛧䛯䛔 ● 䛣䛖䛔䛖᫬䛣䛭 DLL Injection
  30. 30. DynamicPatcher DLL Injection ● ᪤Ꮡ䛾䝥䝻䜾䝷䝮䛻௵ព䛾 DLL (=௵ព䛾䝁䞊䝗) 䜢ὀධ䛩䜛䝔䜽䝙䝑䜽 ● CreateRemoteThread() 䜢⏝䛔䚸ᑐ㇟䝥䝻䝉䝇䛾୰䛷 LoadLibrary() 䜢࿧䜀䛫䜛 ○ VirtualAlollocEx() 䛷ᑐ㇟䝥䝻䝉䝇ෆ䛻䝯䝰䝸䜢☜ಖ䛧䛶䝻䞊䝗䛥䛫䛯䛔 DLL 䛾䝟䝇䜢᭩䛝㎸ 䜏䚸䛭䜜䜢ᘬᩘ䛸䛧䛶 LoadLibrary() 䜢䜶䞁䝖䝸䝫䜲䞁䝖㛵ᩘ䛸䛧䛶䝇䝺䝑䝗䜢సᡂ ● 䜟䜚䛸䛔䜝䜣䛺䝒䞊䝹䛷⏝䛔䜙䜜䛶䛔䜛 ○ 䝡䝕䜸䜻䝱䝥䝏䝱䝋䝣䝖䚸䜾䝷䝣䜱䝑䜽䝕䝞䝑䜺䚸 etc
  31. 31. DynamicPatcher ᪤Ꮡ䛾䝥䝻䜾䝷䝮䛻⤌䜏㎸䜐 (2) ● ୍㐃䛾ᶵ⬟䜢ᐇ⿦䛧䛯 DLL 䜢ᑐ㇟䝥䝻䝉䝇䛻ὀධ ● DLL 䛛䜙䝥䝻䝉䝇㛫㏻ಙ䛷እ㒊䛛䜙㏻ಙ䛩䜛❆ཱྀ䜢㛤䛟 ● 䝸䜽䜶䝇䝖䛻ᛂ䛨䛶᭦᪂䛩䜛㛵ᩘ䛾ᣦᐃ䜔 .obj 䝣䜯䜲䝹䜢䝻䞊䝗䛺䛹䜢⾜䛖 ● ௒ᅇ䛿 VisualStudio 䛾䜰䝗䜲䞁䜢సᡂ䛧䚸ᑐ㇟䝥䝻䝉䝇䛸㏻ಙ䛩䜛䜘䛖䛻䛧䛯 ○ ௨ୗ䛾ᶵ⬟䜢ᐇ⿦ 1. DLL Injection 䛧䛴䛴䝥䝻䜾䝷䝮㉳ື 2. .cpp 䜢䝁䞁䝟䜲䝹䛧䛶䝻䞊䝗䝸䜽䜶䝇䝖䜢㏦䜛 3. ᭦᪂䛩䜛䝅䞁䝪䝹䜢ᣦᐃ
  32. 32. DynamicPatcher demo
  33. 33. DynamicPatcher ไ㝈䠃ὀពⅬ ● ኚ᭦ᚋ䛾 .cpp 䛿䝕䝞䝑䜺䛷㏣䛘䛺䛟䛺䜛 ○ 䝋䞊䝇䛸䝞䜲䝘䝸䛿ኚ䜟䜛୍᪉䝕䝞䝑䜾᝟ሗ䛿ኚ䜟䜙䛺䛔䛯䜑 ● /LTCG (䝸䞁䜽᫬䝁䞊䝗⏕ᡂ ) 䜸䝥䝅䝵䞁䛷䝁䞁䝟䜲䝹䛥䜜䛯 .obj 䛿ᑐᛂ୙ྍ ○ ㏻ᖖ䛸␗䛺䜛䝣䜯䜲䝹䝣䜷䞊䝬䝑䝖䛻䛺䜛䛯䜑 ● /GR (RTTI ᭷ຠ) 䛷䝁䞁䝟䜲䝹䛥䜜䛯 .obj 䛿༴㝤 ○ vtable 䛾ᵓ㐀䛜ኚ䜟䜛 ● global 䜸䝤䝆䜵䜽䝖䛾䝁䞁䝇䝖䝷䜽䝍ၥ㢟 ○ atexit() 䛷䝕䝇䝖䝷䜽䝍䜢࿧䜆ฎ⌮䜢Ⓩ㘓䛩䜛䛯䜑༴㝤 ● ౛እ ○ ᑐᛂ㞴ᗘ㧗䛧
  34. 34. DynamicPatcher pros ● ᪤Ꮡ䛾䝥䝻䝆䜵䜽䝖䛻䛭䛾䜎䜎㐺⏝ྍ⬟ ● ᭱㐺໬䛜᭷ຠ䛷䜒ᶵ⬟䛩䜛 (䛯䛰䛧䝸䞁䜽᫬䝁䞊䝗⏕ᡂ䛿䝎䝯 ) ● 䜋䜌඲䛶䛾㛵ᩘ䜢᭦᪂ྍ⬟ cons ● ⦅㞟ᚋ䝕䝞䝑䜺䛷㏣䛘䛺䛟䛺䜛 ● ᑐᛂྍ⬟䛺䝥䝷䝑䝖䝣䜷䞊䝮䛻኱䛝䛺ไ㝈䛜䛒䜛 ● Ⰽ䚻୙ᛮ㆟䛺ไ㝈䛜䛴䛔䛶䜎䜟䜛
  35. 35. Runtime C++ Code Editing ⪃ᐹ ● Edit and Continue ○ x64 ᑐᛂ & ᭱㐺໬᭷ຠ䛜䛺䛔䛸䝀䞊䝮ᒇⓗ䛻ཝ䛧䛔 … ● Runtime Compiled C++ ○ ಙ㢗ᛶ䛾㧗䛥䛿᥇⏝ᐇ⦼䛜ド᫂῭䜏 ○ 䛧䛛᪤Ꮡ䛾䝥䝻䝆䜵䜽䝖䛻⤌䜏㎸䜐䛾䛿኱ኚ ○ ᐇ⿦䛾㝿䛿䝡䝹䝗䝒䞊䝹䛺䛹࿘㎶⎔ቃ䛾ᩚഛ䛾᪉䛜኱ኚ䛰䛸ண᝿䛥䜜䜛 ● DynamicPatcher ○ ᑟධ䝁䝇䝖䛾ప䛔䠃㐺⏝⠊ᅖ䛾ᗈ䛔 ○ 䛯䛰䛧Ⰽ䚻୙ᛮ㆟䛺ไ㝈䛜䛴䛔䛶䜎䜟䜛 ○ ᨵⰋḟ➨䛷ไ㝈⦆࿴䛷䛝䛭䛖䛰䛜䚸ᐇ⿦䛿኱ኚ䛷䝥䝷䝑䝖䝣䜷䞊䝮౫Ꮡᛶ䜒㧗䛔
  36. 36. Runtime C++ Code Editing ⿵㊊᝟ሗ ● Recode ○ http://www.indefiant.com/ ○ GDC 2014 䛷Ⓨ⾲䚹Cryengine 䛜᥇⏝ ○ ᪤Ꮡ䝥䝻䝆䜵䜽䝖䛻䛭䛾䜎䜎㐺⏝ྍ⬟䚹䝬䝙䝳䜰䝹䛛䜙᥎ 䛩䜛䛻 DynamicPatcher ᪉ᘧ䠛 ● libdcompile ○ https://github.com/Fadis/libdcompile ○ clang & LLVM 䜢⏝䛔䛶 C++ 䛷 eval 䜢ᐇ⌧䛩䜛䝷䜲䝤䝷䝸 ● Projucer IDE ○ http://2013.cppnow.org/session/the-projucer-live-coding-with-c-and-the-llvm-jit-engine/ ○ clang & LLVM JIT engine 䜢ෆⶶ䛧䛯 IDE
  37. 37. Topics ● Runtime C++ Code Editing ● State Save ● Inspector
  38. 38. State Save State Save? ● 䝥䝻䝉䝇䛾ෆ㒊≧ែ䜢䜎䜛䛤䛸ಖᏑ䠃᚟ඖ䛩䜛ᶵ⬟ ● Checkpointing 䛸䛔䛖ྡ๓䛜䜘䜚ṇᘧ䜙䛧䛔 ○ http://en.wikipedia.org/wiki/Application_checkpointing ● 㐺ᙜ䛺㛫㝸䛷䝉䞊䝤䛧䛺䛜䜙䝔䝇䝖䝥䝺䜲 ->┤䛧䛯䛔䛸䛣䜝䛜䛒䛳䛯䜙ᕳ䛝ᡠ䛧䚸ಟṇ䛧䚸䝥䝺䜲⥅⥆䚸 䛸䛔䛖౑䛔᪉䜢᝿ᐃ ○ TAS ື⏬〇సᡭἲ䛾䝀䞊䝮ไస䜈䛾ᛂ⏝ ○ TAS 䛾ሙྜᕳ䛝ᡠ䛧䛶䝥䝺䜲䜢ಟṇ䛩䜛䛜䚸䛣䛾ሙྜ䝺䝧䝹䛭䛾䜒䛾䜢ಟṇ䛩䜛 ● ㏻ᖖ StateSave 䛿䝍䜲䝖䝹䛤䛸䛻ᐇ⿦䛩䜛䛜䚸኱䛝䛺ᡭ㛫䛜䛛䛛䜛䚹ỗ⏝ⓗ䛻ᐇ⌧䛷䛝䛺䛔䛛䠛 ○ PC 䛻㝈ᐃ䛩䜜䜀䛯䜆䜣ྍ⬟䟿
  39. 39. State Save ᐇ⿦ᡓ␎ ● 䝥䝻䝉䝇䛾≧ែ䜢᚟ඖ䛩䜛䛾䛻ᚲせ䛺䜒䛾䛿௨ୗ䛾 3 䛴 ○ 䝯䝰䝸䛾≧ែ ○ 䝇䝺䝑䝗䛾≧ែ ○ 䜹䞊䝛䝹䜸䝤䝆䜵䜽䝖䛾≧ែ ● 䛣䜜䜙䛾᚟ඖ䛻ᚲせ䛺᝟ሗ䜢཰㞟䛩䜛
  40. 40. State Save ணഛ▱㆑: API Hook ● 㛵ᩘ䛾࿧䜃ฟ䛧䜢ู䛾㛵ᩘ䛻䝸䝎䜲䝺䜽䝖䛥䛫䜛䝔䜽䝙䝑䜽 ● ᑐ㇟䛜እ㒊 DLL 䛾㛵ᩘ䛾ሙྜ䚸 Import Address Table 䜢᭩䛝᥮䛘䜛䛣䛸䛷ᐜ᫆䛻ᐇ⌧ྍ⬟ ○ ྛ䝰䝆䝳䞊䝹䛻䛿እ㒊 DLL 䛾㛵ᩘ䛾ྡ๓䛸䜰䝗䝺䝇䜢ಖᣢ䛩䜛㡿ᇦ䛜䛒䜛 ○ 䛭䛾䜰䝗䝺䝇䜢᭩䛝᥮䛘䜛䛣䛸䛷࿧䜃ฟ䛧䜢䝸䝎䜲䝺䜽䝖䛥䛫䜛䛣䛸䛜䛷䛝䜛 hoge.exe MSVCR.dll ImportNameTable ImportAddressTable printf 0x40000000 exit 0x40000020 ... MSVCR.dll 0x40000000 printf() 0x40000020 exit() ...
  41. 41. State Save ணഛ▱㆑: API Hook ● 㛵ᩘ䛾࿧䜃ฟ䛧䜢ู䛾㛵ᩘ䛻䝸䝎䜲䝺䜽䝖䛥䛫䜛䝔䜽䝙䝑䜽 ● ᑐ㇟䛜እ㒊 DLL 䛾㛵ᩘ䛾ሙྜ䚸 Import Address Table 䜢᭩䛝᥮䛘䜛䛣䛸䛷ᐜ᫆䛻ᐇ⌧ྍ⬟ ○ ྛ䝰䝆䝳䞊䝹䛻䛿እ㒊 DLL 䛾㛵ᩘ䛾ྡ๓䛸䜰䝗䝺䝇䜢ಖᣢ䛩䜛㡿ᇦ䛜䛒䜛 ○ 䛭䛾䜰䝗䝺䝇䜢᭩䛝᥮䛘䜛䛣䛸䛷࿧䜃ฟ䛧䜢䝸䝎䜲䝺䜽䝖䛥䛫䜛䛣䛸䛜䛷䛝䜛 hoge.exe MSVCR.dll ImportNameTable ImportAddressTable printf 0x50000000 exit 0x50000020 ... MSVCR.dll 0x40000000 printf() 0x40000020 exit() ... Injected.dll 0x50000000 printf_hook() 0x50000020 exit_hook() ...
  42. 42. State Save ணഛ▱㆑: API Hook (2) ● WinAPI 䜢 hook 䛧䛶 ○ ᚟ඖ䛻ᚲせ䛺᝟ሗ䜢䛛䛩䜑ྲྀ䜛 ○ 䜒䛧䛟䛿᚟ඖྍ⬟䛺⊂⮬䝹䞊䝏䞁䛻ᕪ䛧᭰䛘䜛 ● 䛸䛔䛖䛾䛜௒ᅇ䛾ᇶᮏᡓ␎
  43. 43. State Save 䝯䝰䝸䛾≧ែ ● 䝰䝆䝳䞊䝹㡿ᇦ䚸䝠䞊䝥㡿ᇦ䚸䝨䞊䝆䝯䝰䝸䚸䝇䝍䝑䜽㡿ᇦ䚸ಶูᑐฎ䛜ᚲせ
  44. 44. State Save 䝯䝰䝸䛾≧ែ (2) ● 䝰䝆䝳䞊䝹㡿ᇦ ○ exe 䜔 dll 䛜䝬䝑䝥䛥䜜䛯㡿ᇦ ○ global ኚᩘ䚸static ኚᩘ䛿䛣䛾㡿ᇦ䛻Ꮡᅾ ○ 䝁䞊䝗㡿ᇦ䛿᭩䛝㎸䜏୙ྍ⬟䚸ኚᩘ㡿ᇦ䛿᭩䛝㎸䜏ྍ⬟ᒓᛶ䛜䛴䛔䛶䛔䜛 ○ 䝰䝆䝳䞊䝹䛾ඛ㢌䛛䜙 VirtualQuery() 䛷㡰ḟ䝯䝰䝸䜢ㄪ䜉䚸᭩䛝㎸䜏ྍ⬟䛺㡿ᇦ䜢ಖᏑ ○ 䝰䝆䝳䞊䝹䛾ᕠᅇ䛿 CreateToolhelp32Snapshot(), Module32First(), Module32Next()
  45. 45. State Save 䝯䝰䝸䛾≧ែ (3) ● 䝠䞊䝥㡿ᇦ ○ malloc() 䜔 new 䛻䜘䛳䛶☜ಖ䛥䜜䛯㡿ᇦ ○ 䛣䜜䜙䛿䛭䛾䜎䜎䛷䛿☜ಖ䛩䜛㡿ᇦ䛾䜰䝗䝺䝇䛾ண 䛜ᅔ㞴 ○ MSVCRT 䛾䝯䝰䝸☜ಖ䝹䞊䝏䞁䛿඲䛶 WinAPI 䛾 HeapAlloc() 䛷ᐇ⿦䛥䜜䛶䛔䜛 ○ HeapAlloc() 䜢 API hook 䛷஌䛳ྲྀ䛳䛶⊂⮬䝹䞊䝏䞁䛻ᕪ䛧᭰䛘䜛䛣䛸䛷ᑐᛂྍ⬟ ○ ௒ᅇ䛾౛䛷䛿஦๓䛻䛷䛛䛔䝯䝰䝸㡿ᇦ䜢☜ಖ䛧䛶 dlmalloc 䛷⟶⌮䛩䜛䝹䞊䝏䞁䜢౑⏝
  46. 46. State Save 䝯䝰䝸䛾≧ែ (4) ● 䝨䞊䝆䝯䝰䝸 ○ VirtualAlloc() ୍᪘䛷☜ಖ䛥䜜䛯㡿ᇦ ○ 䜰䝗䝺䝇ᣦᐃ䛾☜ಖ䛜䛷䛝䜛䛯䜑⡆༢ ○ VirtualAlloc() ୍᪘䜢 hook 䛧䛶ᚲせ䛺᝟ሗ䜢グ㘓䛩䜛䛰䛡
  47. 47. State Save 䝯䝰䝸䛾≧ែ (5) ● 䝇䝍䝑䜽㡿ᇦ ○ GetContext䠄䠅 䛷䝇䝺䝑䝗䛾䝺䝆䝇䝍䛾≧ែ䜢ྲྀᚓ䛷䛝䜛 ○ esp (x64 䛰䛸 rsp) 䝺䝆䝇䝍䛜䝇䝍䝑䜽䛾䛹䛣䛛䜢ᣦ䛧䛶䛔䜛 ○ VirualQuery() 䛷 esp/rsp 䛾㡿ᇦ䛾㛤ጞ䜰䝗䝺䝇䛸䝃䜲䝈䜢ྲྀᚓ䛧䛶グ㘓 ○ 䝇䝺䝑䝗䛾ᕠᅇ䛿 CreateToolhelp32Snapshot(), Thread32First(), Thread32Next() 䜢౑⏝ ■ ඲䝥䝻䝉䝇䛾඲䝇䝺䝑䝗䜢ᕠᅇ䛩䜛Ⅼ䛻ὀព
  48. 48. State Save 䝇䝺䝑䝗䛾≧ែ ● ྛ䝇䝺䝑䝗䛾䝇䝍䝑䜽䛸䝺䝆䝇䝍䛾≧ែ ● 䝇䝍䝑䜽䛻䛴䛔䛶䛿ඛ䛻ゐ䜜䛯㏻䜚 ● 䝺䝆䝇䝍䛾ෆᐜ䛿 GetContext() & SetContext() 䜢࿧䜆䛰䛡
  49. 49. State Save 䜹䞊䝛䝹䜸䝤䝆䜵䜽䝖䛾≧ែ ● 㠀ᖖ䛻㞴䛧䛔㒊ศ ● API Hook 䛷㉸㡹ᙇ䛳䛶᚟ඖ䛻ᚲせ䛺᝟ሗ䜢཰㞟 ● HANDLE 䛿⊂⮬⟶⌮䛾䜒䛾䛷 wrap ○ WinAPI 䛜㏉䛩 HANDLE 䛿್䛿ண ᅔ㞴䛺䛯䜑 ● DirectX / OpenGL 䛾䜸䝤䝆䜵䜽䝖䛺䛹䜒ᑐᛂ䛜ᚲせ ● ᑐᛂ䛧䛺䛟䛶䜒䛺䜣䛸䛛䛺䜛䝰䝆䝳䞊䝹䛿↓ど䛩䜛䛾䜒ᡭ ○ API hook 䛫䛪䚸䝰䝆䝳䞊䝹㡿ᇦ䛾䝯䝰䝸䜔䝇䝺䝑䝗䜒䝜䞊䝍䝑䝏
  50. 50. State Save ᪤Ꮡ䛾䝥䝻䜾䝷䝮䛻⤌䜏㎸䜐 ● DLL Injection 䛷⡆༢䛻ᐇ⌧ྍ⬟ ● ௒ᅇ䛾౛䛷䛿 DLL 䛾୰䛷≉ᐃ䜻䞊ධຊ䛻ᛂ䛨䛶䝉䞊䝤䠃䝻䞊䝗
  51. 51. State Save demo
  52. 52. State Save ⪃ᐹ ● 䛱䜓䜣䛸ືస䛩䜜䜀ᙉຊ䛺㛤Ⓨᨭ᥼ᶵ⬟䛻䛺䜛䛿䛪 ● 䛧䛛䛧䛱䜓䜣䛸ືస䛩䜛䜒䛾䛻௙ୖ䛢䜛䛾䛿㠀ᖖ䛻㞴䛧䛔 ● ௒ᅇ䛾౛䜒䜎䛰䜎䛰Ⓨᒎ㏵ୖ ○ 䜹䞊䝛䝹䜸䝤䝆䜵䜽䝖䛿䜋䛸䜣䛹ᮍᑐᛂ䚹䜾䝷䝣䜱䝑䜽⣔䜒ᮍᑐᛂ ○ 䛧䛛䛧≉ᐃ䝅䞊䞁䛻㝈ᐃ䛩䜜䜀౑䛘䛺䛟䜒䛺䛥䛭䛖 ● 䝥䝻䝉䝇䛾෌⏕ᡂ䛿௒ᅇ䛿ㅉ䜑 ○ ASLR 䛻䜘䜚䝯䝰䝸䝺䜲䜰䜴䝖䛾෌⌧䛜ᅔ㞴䛺䛯䜑 ○ WindowsXP SP3 ௨㝆䛾䝉䜻䝳䝸䝔䜱ᶵ⬟䛜䛯䜎䛻䝻䞊䝺䝧䝹䝥䝻䜾䝷䝭䞁䜾䜢㜼ᐖ䛩䜛
  53. 53. State Save ⿵㊊᝟ሗ: HourGlass ● https://code.google.com/p/hourglass-win32/ ● 䜸䞊䝥䞁䝋䞊䝇䛾 Windows ⏝ TAS ື⏬సᡂᨭ᥼䝒䞊䝹 ● API Hook 䛻䜘䜛ෆ㒊䝇䝔䞊䝖䛾ಖᏑ䚸ධຊ䝕䞊䝍䛾෌⌧䚸ື⏬᧜ᙳᶵ⬟䛺䛹䜢ᐇ⿦ ● 䛯䛰䛧 32 bit 䛾 WindowsXP 䛷䛺䛔䛸䜎䛸䜒䛻ື䛛䛺䛔 ● 䝋䞊䝇䝁䞊䝗䛿䛸䛶䜒㠃ⓑ䛟ཧ⪃䛻䛺䜛
  54. 54. State Save ⿵㊊᝟ሗ: undump ● http://d.hatena.ne.jp/shinichiro_h/20060715/1152922272 ● Linux ୖ䛷௒ᅇㄝ᫂䛧䛯ෆᐜ䜢ᐇ⌧䛩䜛䜒䛾 ● Linux 䛷䛿䛔䛟䜙䛛 Windows 䜘䜚ᴦ䛻ᐇ⌧䛷䛝䜛ᵝᏊ
  55. 55. Topics ● Runtime C++ Code Editing ● State Save ● Inspector
  56. 56. Inspector Inspector ? ● GUI䛛䜙䝸䜰䝹䝍䜲䝮䛻䝕䞊䝍䜢⦅㞟䛩䜛ᶵ⬟ ● 䛔䜎䛹䛝䛾䝀䞊䝮䜶䞁䝆䞁䛺䜙኱᢬ഛ䜟䛳䛶䜛䜰䝺
  57. 57. Inspector ᐇ⿦ᡓ␎ ● 䝕䝞䝑䜾᝟ሗ䛻 class 䛾䝕䞊䝍ᵓ㐀䛜ධ䛳䛶䛔䜛䛾䛷䛭䜜䜢฼⏝ ● 䜸䝤䝆䜵䜽䝖䜈䛾䝫䜲䞁䝍䛸ᆺྡ䛛䜙⦅㞟⏝ GUI 䜢ᵓ⠏ ● GUI 䛾⦅㞟⤖ᯝ䜢཯ᫎ
  58. 58. Inspector 䝕䝞䝑䜾᝟ሗ䛾䝟䞊䝇 ● ᆺྡ (ᩥᏐิ) 䛛䜙 SymGetTypeInfo() 䛷ᆺ᝟ሗ䜢ྲྀᚓ UDT class Hoge { public: int m_data; }; Index = 15 UdtKind = UdtClass Name = “Hoge” Length = 4 Data Index = 16 Type = 17 Name = “m_data” BaseType Index = 17 Type = btInt Length = 4 child
  59. 59. Inspector 䝕䝞䝑䜾᝟ሗ䛾䝟䞊䝇 (2) ● n byte ┠䛻䛹䛾ᆺ䛾䝕䞊䝍䛜䛒䜛䚸䛸䛔䛳䛯᝟ሗ䛜ྲྀ䜜䜛 ● 䜸䝤䝆䜵䜽䝖䛾ྛ䝯䞁䝞䛻ᑐᛂ䛩䜛 GUI 䛾䝁䞁䝖䝻䞊䝹䜢సᡂ ○ 㡹ᙇ䜜䜀䝕䝞䝑䜺䛾ኚᩘḍ䜢䛭䛾䜎䜎෌⌧䛷䛝䜛䛿䛪 ● 䝯䞁䝞㛵ᩘ䜒᝟ሗྲྀ䜜䜛 ○ 㛵ᩘ䜢࿧䜆䝁䞁䝖䝻䞊䝹䛾⮬ື⏕ᡂ䜒ྍ⬟䛺䛿䛪䛰䛜䚸㠀ᖖ䛻㞴䛧䛔
  60. 60. Inspector ᡭື⏕ᡂ䛸⤌䜏ྜ䜟䛫䜛 ● ⮬ື⏕ᡂ䜸䞁䝸䞊䛿ᑡ䚻ཝ䛧䛔 ○ std::vector ၥ㢟 ○ ⦅㞟䛥䛫䛯䛟䛺䛔䝯䞁䝞ၥ㢟 ○ ࿨ྡつ๎䜢タ䛡䛶 annotation 䛾௦䜟䜚䛻䛩䜛䚸䛺䛹䛿䛒䜚䛛䜒 ● ᡭື⏕ᡂ䛷⿵䛖 ● 㛵ᩘ䜢࿧䜆 GUI 䜒ᡭື⏕ᡂ䛺䜙ᐇ⿦䛿⡆༢
  61. 61. Inspector 䜶䝕䜱䝍䛾ᐇ⿦ ● GUI 䝣䝺䞊䝮䝽䞊䜽䛿䛺䜣䛷䜒䛔䛔䛜䚸௒ᅇ䛿 HTML & Javascript 䜢౑⏝ ● HTTP 䝃䞊䝞䛿 Poco 䛾䛚䛛䛢䛷ᐜ᫆䛻ᐇ⿦ྍ⬟ ○ http://pocoproject.org/ ● 䝀䞊䝮䛛䜙䝤䝷䜴䝄䛻୍ᐃ㛫㝸ẖ䛻 json ᙧᘧ䛷䝕䞊䝍䜢 serve ● 䝤䝷䜴䝄䛛䜙㏦䜙䜜䛶䛝䛯䝣䜷䞊䝮䝕䞊䝍䜢䝟䞊䝇䛧䛶䝕䞊䝍᭦᪂
  62. 62. Inspector demo
  63. 63. Inspector ⪃ᐹ ● ẚ㍑ⓗ䛚ᡭ㍍䛻ᐇ⿦ྍ⬟䛷䛒䜚䛺䛜䜙ᜠᜨ䛿኱䛝䛔 ● 䝋䞊䝇䛻ᡭ䜢ຍ䛘䛪䛻ᶵ⬟㏣ຍ䛧䛯䛔ሙྜ䜔䜔㞴ᗘ䛜ୖ䛜䜛 ○ DLL Injection & class 䛾䝁䞁䝇䝖䝷䜽䝍 & 䝕䝇䝖䝷䜽䝍䜢 hook ○ ௒ᅇ䛾౛䛿䝋䞊䝇䛻ᡭ䜢ຍ䛘䜛ᙧ䛷ᐇ⿦
  64. 64. Inspector ⿵㊊ ● Unreal Engine 4 䛿ู䛾ᐇ⿦䜰䝥䝻䞊䝏 ○ 䝕䝞䝑䜾᝟ሗ౑䜟䛪⮬ຊゎᯒ
  65. 65. Conclusion ● 䝕䝞䝑䜾᝟ሗ䛸ᐇ⾜ྍ⬟䝯䝰䝸䛥䛘䛒䜜䜀 C++ 䛿ືⓗゝㄒ ● ≉ᐃ OS & 䝁䞁䝟䜲䝷๓ᥦ䛷䛒䜜䜀Ⰽ䚻䛺୙ᛮ㆟ᶵ⬟䜢ᐇ⌧ྍ⬟ ● ᪤Ꮡ䛾䝒䞊䝹䛛䜙䜲䞁䝇䝢䝺䞊䝅䝵䞁䜢ᚓ䜙䜜䜛䛣䛸䜒
  66. 66. Questions?
  67. 67. End 䛒䜚䛜䛸䛖䛤䛦䛔䜎䛧䛯䟿
  68. 68. Resources ● 今ᅇ䛾䝕䝰䛾䝋䞊䝇䝁䞊䝗⩌ ○ DynamicPatcher: https://github.com/i-saint/DynamicPatcher ○ RestoreProcessState: https://github.com/i-saint/scribble/tree/master/RestoreProcessState ○ WebDebugMenu: https://github.com/i-saint/WebDebugMenu ○ atomic: https://github.com/i-saint/atomic ● ᵝ䚻䛺㛵ᩘ hook 䛾ᐇ⿦: http://i-saint.hatenablog.com/entry/2013/07/19/205539
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×