bytecode verification on java smart cards

Bytecode Verification on Java Smart cards

Xavier LeroyPresentation(Day 2)

- Nithya

JSR Subroutines -> mostly used for

compiling the try-finally construct Subroutines and Sun’s Verfn algorithm Subroutines and our Verfn Algorithm

JSR instruction Ret instruction Role of local variable

Algorithm

JSR vs invoke Methods : invokevirtual,

invokenonvirtual, return, areturn, Ireturn

JSR instruction and ret instruction

OffCard code Transformations Two methods to ensure that all

correct applets pass verification:1. Using special Java compiler2. Using a std Java Compiler and

Java Card Converter (for Off-card code Transformation) and pass it to on card verifier

Applet Conversion

Applet Installation

Architecture of the System

Transformations Stack Normalisation Register Reallocation

Stack Normalisation

For a branch with non-empty stack: Insert stores to fresh registers

before the branch Loads from the same registers at

the branch target

Example : C.m(b ? x : y);

Second pass of SN Case 1: if i is a branch target with

non-empty stack Case 2: if i is a branch to

instruction j and the operand stack is not empty at j.

1) i ->Branch Target Case a:

If instruction before i doesnt fall thru (uncndl branch/return/throw),

Insert loads from l1…ln before i Redirect the branches to the first load

thus inserted

Case a

1)i ->Branch Target Case b:

If the instruction before i falls thru: Insert stores to ln..l1 Load from l1..ln, before i

Case b

2) i ->Branch to instruction j Case a:

If instruction i does not fall through (unconditional branch):

Insert before i code to swap the top k words of the stack with the n words

Insert stores ln…l1

Case a

2)I ->Branch to instruction j Case b:

If instruction I can fall thru (conditional branch)

Insert after I, loads from l1…ln

Case b

Worst case Example of combination of two

transformations: The instruction before i falls through i itself falls through

Worst case

Tunneling optimizations Idea: reduce the number of

branches Replace branches “goto lbl” by a

direct branch to lbl Replace unconditional branches

“return” or “throw” by a copy of the return or a throw instruction itself

Example

Tunneling optimization

• Conforms to Requirement R1

• No stack Normalisation needed for this code

Before Register reallocation

After Register reallocation

Number of registers stays constant

Chaitin’s graph coloring allocator Compute live ranges for every register Compute principal type for every live range Build the interference graph between live

ranges Nodes -> live ranges

Add interference edges between live ranges that dont have same principal type

Coalescing: Detect reg-to-reg copies Color the interference graph:

Assign a new reg number to every live range that 2 interfering live edges have distinct reg numbers

After compilation and stack normalisation ->JCVM code:

After coalescing sload Rtmp, sstore Rs :

Short s; if (b) {s=x;} else{s=y;}

Effect of offcard code transformation on code size and register

Comments?