|
This thesis addresses the challenges of building a software system for
general-purpose runtime code manipulation. Modern applications, with
dynamically-loaded modules and dynamically-generated code, are assembled
at runtime. While it was once feasible at compile time to observe and
manipulate every instruction --- which is critical for program analysis,
instrumentation, trace gathering, optimization, and similar tools --- it
can now only be done at runtime. Existing runtime tools are successful
at inserting instrumentation calls, but no general framework has been
developed for fine-grained and comprehensive code observation and
modification without high overheads.
This thesis demonstrates the feasibility of building such a system in
software. We present DynamoRIO, a fully-implemented runtime
code manipulation system that supports code transformations on any part
of a program, while it executes. DynamoRIO uses code caching
technology to provide efficient, transparent, and comprehensive
manipulation of an unmodified application running on a stock operating
system and commodity hardware. DynamoRIO executes large, complex,
modern applications with dynamically-loaded, generated, or even modified
code. Despite the formidable obstacles inherent in the IA-32
architecture, DynamoRIO provides these capabilities efficiently, with
zero to thirty percent time and memory overhead on both Windows and
Linux.
DynamoRIO exports an interface for building custom runtime code
manipulation tools of all types. It has been used by many researchers,
with several hundred downloads of our public release, and is being
commercialized in a product for protection against remote security
exploits, one of numerous applications of runtime code manipulation.
|