Check out the new USENIX Web site. next up previous
Next: Modifying the Frame Up: Implementation of the JOIE Previous: ClassInfo

Splicing and Inserting Bytecodes


In a typical JVM, each method invocation runs with an operand stack and a single index-addressable frame whose size is statically determined. JVM bytecodes operate on elements at the top of the operand stack or move operands from the frame to the operand stack or vice versa. For example, the iadd instruction pops the top two elements off the stack as integers, adds them, and pushes the result onto the stack. Similarly, a method invocation pops the target of the method and the appropriate number of parameters, and places the result (if any) onto the stack.

This architecture has interesting implications for bytecode modification. First, being stack instructions, bytecodes are sensitive to placement and ordering. For example, simply inserting a method call instruction into a sequence might consume the wrong value off the stack, and leave an unexpected value on the top. In general, splices must be stack-neutral, i.e., the spliced code must leave the depth and types of the stack unchanged. However, the values of the entries in the stack may be changed, and the splice may have other side effects that affect the rest of the method, such as modifying the frame or some object.

A second issue is that all branches are relative, so inserting instructions between a branch and its destination will make the destination field incorrect. To preserve the original control flow, JOIE must correctly update the destination field. JOIE solves this by applying modifications to collections of Instruction objects linked to the ClassInfo. The Instruction objects represent branch targets as pointers to the destination Instruction. A similar approach is used to update the exception handler table, to preserve the binding of exception handlers to ranges of instructions. In each case, JOIE regenerates the relative addresses when it linearizes the ClassInfo to a classfile. For load-time transformation, the JOIE ClassLoader generates the transformed in-memory classfile with the correct relative offsets before submitting it to the JVM for verification.

next up previous
Next: Modifying the Frame Up: Implementation of the JOIE Previous: ClassInfo

Geoff Alex Cohen
Tue Apr 28 14:31:49 EDT 1998