When working on compiler-related projects, especially ones that involve patching and testing multiple versions of GCC and Clang, environment management quickly becomes a pain point. Each compiler version may need to be built with different flags, installed in different prefixes, and invoked repeatedly in carefully controlled test environments.
记录一些很喜欢的中文歌词,排名不分先后,不定期更新。
In this post, I will briefly introduce the idea of Ken Thompson’s Trojan Horse, which I recently learned about while reading a book on compiler design.
Nov 20, 2025. For the first time ever, I reached 2300 in Blitz on Chess.com, along with an astonishing 11-game winning streak. I’m simply writing this blog post to share my happiness.
由于最近在秋招,笔试和面试中都遇到了大量的C++八股题,因此也不断暴露自己对C++的一无所知。在此整理一些遇到过的、网上见到的、以及自己延伸的C++细节知识,以供日后回顾。
中秋节快乐🎑
I’ve been busy with research and the challenges of job hunting lately, and my brain has been craving some interesting problems to work on. Luckily, I came across a book called Mathematical Puzzles, Revised Edition, which brought me to an interesting problem from Chapter 7 The Law of Small Numbers. After solving this problem, I was also inspired by the idea behind and managed to solve another puzzle I had in mind for a few months. So, I’m writing this blog to share these two interesting puzzles.
This is just a short post logging something I newly learned. It turned out that when launching VMs with QEMU, if the official cloud server images (available at this link) by Ubuntu is used, the networking will be missing by default (seemed to be related to some cloud-init issues).
The official documentation for running Xen on ARM in QEMU is quite old (latest update on 2019 by the time this post is published). Luckily, I managed to get it working, so I’m writing this post for future reference.
In the world of software and systems, terms like virtualization, emulation, hypervisor, and container are often used interchangeably — but they refer to very different technologies. Whether you’re a developer, a student, or just curious about how modern computing environments are built, understanding these concepts is essential. This post will break down what each term means, how they differ, and when you might use one over the other.
In this blog, I’ll walk through the basics of execution tracing for ARM chips. I will mainly focus on methods based on ETM - a powerful hardware feature found in many ARM processors that enables non-intrusive, cycle-accurate tracing of instruction execution. Unlike breakpoints or printf-style debugging, ETM allows developers to observe exactly what code was executed without altering the timing or behavior of the program.
This is a review of the paper Leveraging Binary Coverage for Effective Generation Guidance in Kernel Fuzzing.
This is a review of the paper 𝜇AFL: Non-intrusive Feedback-driven Fuzzing for Microcontroller Firmware.
In this blog, I’m trying to summarize some of the topics in Linux kernel development that I learned while reading its official documentation.
Sometimes, you get the opportunity to implement a C function that will be called by other programs. In some cases, the program may be multi-threaded, and you might want to verify whether your function is being called simultaneously by multiple threads :)
Lately, I’ve been working on a project related to recording Linux kernel execution traces at the object code level. During this process, I had the opportunity to work with the ARM64 architecture on Linux. I decided to write this blog to capture some of the highlights I learned along the way.
When using the Linux command line and related tools, there are many useful tricks and common practices worth noting. In this post, I’m keeping a running list of tips related to Linux command-line tools for future reference.
This blog presents a growing collection of papers and tools related to the topic of kernel testing. I (hopefully ;p) plan to update it regularly, since I want it to serve as a handy index whenever I revisit this topic.
This blog presents a growing collection of papers and tools related to the topic of symbolic execution. I (hopefully ;p) plan to update it regularly, since I want it to serve as a handy index whenever I revisit this topic.
Lately, I’ve been trying to record assembly execution trace of QEMU emulations. To grasp a better understanding of this process, I decided to take a look at the source code of QEMU, accel/tcg/cpu_exec.c in particular. As I’m reading the source code, I write this blog post as a review of what I’ve learnt from it.
千里共婵娟。
As a popular SVN, Git appears in almost every developper’s toolkit, regardless of what type of projects they are working on. Git provides us with a convenient way to keep track of all the changes made to a project, so that we can easily revert the project back to certain states if errors occur.
Failed to open the terminal on your ubuntu system after upgrading python3 version? Here’s a way to potentially heal your pool command line!
This is a series of notes for course CS 161: Computer Security held by UCB. I watched the recordings of its Summer 2021 version during winter holiday, 2023. The course website can be found here. After that, I took ECE 422: Introduction to Computer Security in UIUC during Spring 2023, the course structure was roughly the same as CS 161.
As a beginner of reverse engineering, I spent three days in the spring break to work on a single CTF problem…
This is a review of the article VM escape - QEMU Case Study by Mehdi Talbi and Paul Fariello published on Phrack.
What happens after you switch on your computer? What is a bootloader? What is BIOS? …
It’s 0:30am, Jan 24th, 2023. I’m writing this very first blog on this website.
