Using the ASM Library
While it is possible to process bytecode files with no other support than reading/writing bytes, there are well-defined libraries that considerably simplify the work, by managing the details and bookkeeping, such as computing the maximal size of the stack operand, the index of a literal in the constant pool, or the precise offsets when inserting jump operations. ASM (asm.objectweb.org) is such a library, particularly small yet powerful and efficient, making heavy use of design patterns. ASM offers methods to process bytecode streams, either in the form of an editable structure holding the entire code (analogous to a DOM-like parser for XML files), or through an event model (a SAX-like parser).
The event model makes filtering easy; for instance, to replace every iadd by a method call. The library also offers a program named ASMifier, which takes an existing *.class file and generates the Java+ASM source code that generates the same bytecode sequence at runtime. Integrated in an Eclipse plug-in, this tool quickly becomes a must-have.
Example 2 is a fragment of Java source code, and the corresponding bytecode instructions, first in an abstracted syntax, then as an output of ASMifier.
<b></b> (a) public static double arraySum(double [] t) { double sum=0.0; for(int i=0; i<t.length; i++) sum+=t[i]; return sum; } <b>(b)</b> public static arraySum(double[]):double L0 (0) LINENUMBER 11 L0 DCONST_0 DSTORE 1: sum L1 (3) LINENUMBER 12 L1 ICONST_0 ISTORE 3: i L2 (6) GOTO L3 L4 (8) LINENUMBER 13 L4 DLOAD 1: sum ALOAD 0: t ILOAD 3: i DALOAD DADD DSTORE 1: sum L5 (15) LINENUMBER 12 L5 IINC 3: i 1 L3 (17) ILOAD 3: i ALOAD 0: t ARRAYLENGTH IF_ICMPLT L4 L6 (22) LINENUMBER 14 L6 DLOAD 1: sum DRETURN L7 (25) LOCALVARIABLE t double[] L0 L7 0 LOCALVARIABLE sum double L1 L7 1 LOCALVARIABLE i int L2 L6 3 MAXSTACK = 4 MAXLOCALS = 4 <b>(c)</b> MethodVisitor mv; mv = cw.visitMethod(ACC_PUBLIC + ACC_STATIC, "arraySum", "([D)D", null, null); mv.visitCode(); Label l0=new Label(), l1=new Label(), l2=new Label(),...; mv.visitLabel(l0); mv.visitLineNumber(11, l0); mv.visitInsn(DCONST_0); mv.visitVarInsn(DSTORE, 1); mv.visitLabel(l1); mv.visitLineNumber(12, l1); mv.visitInsn(ICONST_0); mv.visitVarInsn(ISTORE, 3); mv.visitJumpInsn(GOTO, l3); mv.visitLabel(l4); mv.visitLineNumber(13, l4); mv.visitVarInsn(DLOAD, 1); mv.visitVarInsn(ALOAD, 0); mv.visitVarInsn(ILOAD, 3); mv.visitInsn(DALOAD); mv.visitInsn(DADD); mv.visitVarInsn(DSTORE, 1); mv.visitLabel(l5); mv.visitLineNumber(12, l5); mv.visitIincInsn(3, 1); mv.visitLabel(l3); mv.visitVarInsn(ILOAD, 3); mv.visitVarInsn(ALOAD, 0); mv.visitInsn(ARRAYLENGTH); mv.visitJumpInsn(IF_ICMPLT, l4); mv.visitLabel(l6); mv.visitLineNumber(14, l6); mv.visitVarInsn(DLOAD, 1); mv.visitInsn(DRETURN); mv.visitLabel(l7); mv.visitLocalVariable("t", "[D", null, l0, l7, 0); mv.visitLocalVariable("sum", "D", null, l1, l7, 1); mv.visitLocalVariable("i", "I", null, l2, l6, 3); mv.visitMaxs(4, 4); mv.visitEnd();
Example 3 illustrates how to write a program that replaces every iadd by a call to the presumably existing method used in Example 1.
<b>(a)</b> import org.objectweb.asm.*; import java.io.*; public class MyInstrumentation { public static void main(String[] args) throws IOException { String filename = args[0]; FileInputStream fis = new FileInputStream(filename); ClassReader cr = new ClassReader(fis); ClassWriter cw = new ClassWriter(cr, ClassWriter.COMPUTE_FRAMES); ClassAdapter ca = new MyClassAdapter(cw); cr.accept(ca, 0); byte[] newByteCode = cw.toByteArray(); fis.close(); FileOutputStream fos = new FileOutputStream(filename); fos.write(newByteCode); fos.close(); } } //- class MyMethodAdapter extends MethodAdapter implements Opcodes { public MyMethodAdapter(MethodVisitor mv) { super(mv); } // public void visitInsn(int opcode) { final String METHOD_NAME= "checkedIADD"; final String METHOD_LOCATION="utils/SecuredArithmetics"; final String METHOD_SIGNATURE="(II)I"; if (opcode == IADD) { mv.visitMethodInsn(INVOKESTATIC, METHOD_LOCATION, METHOD_NAME, METHOD_SIGNATURE); } else { mv.visitInsn(opcode); } } } //- class MyClassAdapter extends ClassAdapter { public MyClassAdapter(ClassVisitor cv) { super(cv); } // public MethodVisitor visitMethod(int access, String name, String desc, String signature, String[] exceptions) { MethodVisitor mv; mv = cv.visitMethod(access, name, desc, signature, exceptions); if (mv != null) { mv = new MyMethodAdapter(mv); } return mv; } } <b>(b)</b> public class Hello { public static void main(String[] args) { int a=3, b=5, c=Integer.MAX_VALUE; System.out.println(a+c); System.out.println(a+b); } } <b>(c)</b> prompt> javac Hello.java prompt> java Hello -2147483646 8 prompt> java MyInstrumentation "Hello.class" prompt> java Hello Overflow! -2147483646 8
The ASM library makes it easy to write a bytecode instrumentation program, but sketching the details of overflow management requires a careful analysis. For instance, you might not at first notice that unary integer negation or integer division are "dangerous" operations, or that incrementation has its own bytecode instruction. When playing with the operand stack instructions, it appears that some manipulations are possible on int values but not on long values, because the latter occupy two slots in the stack. The identifiers of added methods must be unique, even when processing an already instrumented class.