I am attempting to write a binary instrumentation library (for ARM) that requires I move/relocate ARM assembly instructions. Note that the ordering of the instructions are staying the same, I am just moving them to different regions of memory so that I can input my proxy/hook instructions. As part of my proxy/hook, I jump back to the original instructions (in the same order) and then jump back to the original function. Here's an example of what it might look like:
pseudo-code
function:
<jump to proxy>
<rest of original function>
proxy:
<some additional proxy instructions for logging, etc.>
<instructions from original function that were moved>
<jump back to original function plus offset>
I am noticing that if I blindly just move the instructions (without regards for the type of instructions), that I end up crashing the application.
I've determined that the "class" of these instructions are ones that reference the program counter (PC register). This makes sense to me since the location has now changed (moved to new region of memory) and any PC-relative offset is no longer correct.
However, I am wondering if there are other class/type of instructions that might be problematic. I've been trying to find references to help me but I haven't been able to. Also, I thought that instrumentation libraries are pretty common so I tried to see if I can find an open source example but I couldn't find any.
Is anyone aware of a similar open source project that is doing this? Or any references?
Any help would be greatly appreciated!
Is anyone aware of a similar open source project that is doing this? Or any references?
You can look at DynamoRIO -- it does much more than this: among other, it can decode instructions, pass it to you for insertion/deletion/reordering (with some restrictions) and reincode them to the code cache (from which the code is actually executed). It is open source and supports ARM.