Asynchronous and Incremental Binary Editing for x86-64 at Runtime

Abstract

Dynamic patching enables to edit running code without terminating or restarting execution, but achiev- ing safe and low-stall patching remains challenging in practice. Existing runtime approaches often rely on stop-the-world synchronization or execution-coupled patching, leading to stalls, atomicity hazards, race conditions in multi-threaded execution, and unpredictable conflicts in trampoline allocation. These challenges are particularly pronounced on x86-64, where variable-length instructions and weak align- ment guarantees complicate safe in-place code modification. This paper presents DIBE, a run-time binary editing framework that enables asynchronous and in- cremental patching for x86-64 user-space programs. DIBE reinterprets E9Patch, a static binary rewriter, as an offline metadata generator rather than a binary transformer. Instead of producing a rewritten exe- cutable, E9Patch exports jmp overwrite plans, trampoline code, and physical page grouping metadata. At runtime, a lightweight library that has been loaded along with the target process applies this metadata by allocating conflict-free trampoline pages using a just-in-time mapping subsystem and performing alignment-aware atomic jmp overwrites. Crucially, patch planning is fully decoupled from execution, and any stall is confined to the thread executing the patched site rather than the entire process. We evaluate DIBE using the SPEC CPU2006 benchmark suite and a multi-process Nginx server. Across all benchmarks, DIBE achieves microsecond-scale stall, per-instruction overwrite latency of ap- proximately 3–4 µs, and execution time overhead comparable to static rewriting. Memory usage remains predictable and modest due to physical page grouping. Even when tens of thousands of instructions are patched simultaneously across all worker processes, DIBE preserves stable latency and throughput. Overall, DIBE demonstrates that static rewriting guarantees and run-time patching need not be mu- tually exclusive. By combining offline correctness reasoning with asynchronous run-time activation, DIBE provides a scalable and practical foundation for low-stall binary editing in modern multi-threaded systems.