WO2010121770A2 - Procédé d'exécution d'un programme par une machine virtuelle, code de machine virtuelle et dispositif associé - Google Patents

Procédé d'exécution d'un programme par une machine virtuelle, code de machine virtuelle et dispositif associé Download PDF

Info

Publication number
WO2010121770A2
WO2010121770A2 PCT/EP2010/002381 EP2010002381W WO2010121770A2 WO 2010121770 A2 WO2010121770 A2 WO 2010121770A2 EP 2010002381 W EP2010002381 W EP 2010002381W WO 2010121770 A2 WO2010121770 A2 WO 2010121770A2
Authority
WO
WIPO (PCT)
Prior art keywords
instruction
virtual
instructions
patch
execution
Prior art date
Application number
PCT/EP2010/002381
Other languages
English (en)
Other versions
WO2010121770A3 (fr
Inventor
Cedric Mesnil
Dominique Bouveron
Original Assignee
Trusted Logic
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Trusted Logic filed Critical Trusted Logic
Publication of WO2010121770A2 publication Critical patent/WO2010121770A2/fr
Publication of WO2010121770A3 publication Critical patent/WO2010121770A3/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45504Abstract machines for programme code execution, e.g. Java virtual machine [JVM], interpreters, emulators
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • G06F8/656Updates while running
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • G06F8/66Updates of program code stored in read-only memory [ROM]

Definitions

  • This invention concerns an execution process for a programme by a virtual machine, as well as an associated computer device.
  • the invention applies particularly in the field of smart cards such as Java Cards.
  • a processor In general, a processor is designed to carry out a certain number of operations: for example, addition, reading in memory, writing in memory, etc.
  • the processor is designed to execute a set of instructions (ie. a program), each instruction representing an action, that is an operation and, if necessary, the operands to which the operation is applied (for example, numbers to be added for an addition operation, the memory address to be read for an instruction to read in memory).
  • An instruction is represented by a set of bits containing a binary code defining the operation, called opcode or operation code, and the binary representation of the operands expected for this operation.
  • the action: "add registers 1 and 2 and put the result in register 6" is represented by the instruction (in decimal, for MIPS architecture): 0 1 2 6 0 32 with 0 being the operation code and 1, 2, 6, 0, 32 the operands.
  • a virtual machine is a program that, when executed by a first processor ("real" processor), emulates a second processor (“virtual” processor), usually of a different type to the first, that is having a different machine language.
  • the virtual machine is thus intended to execute instructions written in the machine language of the second processor, by translating these instructions written in the machine language of the first processor on the fly, to that the second can execute them.
  • Such translation on the fly is called interpretation.
  • the result of interpretation is not intended to be stored for later execution, but is executed on the fly as soon as interpretation has been carried out.
  • instructions intended to be executed by the virtual machine will be called virtual instructions, while instructions intended to be executed by the real processor will be called real instructions.
  • the virtual machine is therefore a program made up of real instructions, the task of which is to interpret virtual instructions.
  • saying that the virtual machine executes virtual instructions will be equivalent to saying that the processor is executing the code (real) of the virtual machine in order to translate virtual instructions into real instructions.
  • a corrected virtual instruction for at least one virtual instruction of the program, called a corrected virtual instruction, to begin executing a loop of instructions of virtual machine code, called an interpretation loop, the interpretation loop being designed to be executed in turn on the virtual instructions, the virtual instruction interpreted by the interpretation loop being called a current virtual instruction, complete execution of the loop enabling:
  • the purpose of the invention is to reduce the execution time for an update call, as well as the size (number of bits making up the set of virtual instructions) of the update call instructions.
  • update instructions (the "patch point") are integrated into the interpretation loop, and so test for the presence of an update, which improves search speed for an update.
  • a patch point is not represented in the program code by a set of virtual instructions, which reduces program size.
  • the execution process for a program comprises one or several of the following characteristics: - the patch may comprise virtual instructions and the command to execute the patch leads to execution of the interpretation loop on the patch;
  • the patch may comprise real instructions; - for each current instruction, on which the interpretation loop is executed, it comprises searching the lookup table for a patch associated with the current instruction;
  • the invention also comprises a virtual machine code comprising real instructions, which when executed by a processor leads the processor to execute a process of the type mentioned above.
  • the invention also comprises a type of computer device comprising:
  • a virtual machine code comprising a loop of instructions, called an interpretation loop, intended to be executed by the processor in turn on each virtual instruction of the program, the virtual instruction interpreted by the interpretation loop being called a current virtual instruction, the interpretation loop comprising, in order of execution:
  • the virtual machine code comprises instructions, called update instructions, intended to be executed by the processor for the corrected virtual instructions, before restarting execution of the interpretation loop for a new current instruction, searching in the lookup table for a patch associated with the corrected program instruction, and commanding execution of the patch.
  • the computer device comprises one or several of the following characteristics:
  • the first memory is a non-rewritable memory
  • - the second memory is a rewritable memory
  • the update instructions are located, in the sequence of the interpretation loop, after instructions to determine the action represented by the current virtual instruction;
  • - translation comprises update instructions to search for and call the patch
  • - figure 1 represents a computer device according to the invention, including a virtual machine
  • - figure 2 represents a first implementation method of a code for the virtual computer machine in figure 1 ;
  • - figure 3 is a block-diagram illustrating an execution process for a program by the virtual machine having the code in figure 2;
  • - figure 4 represents a second implementation method of a code for the virtual machine of the computer device in figure 1 ;
  • figure 5 is a block-diagram illustrating an execution process for a program by the virtual machine having the code in figure 4;
  • figure 6 represents a third implementation method of a code for the virtual machine of the computer device in figure 1 ;
  • figure 7 is a block-diagram illustrating an execution process for a program by the virtual machine having the code in figure 6.
  • a computer device designated by the general reference 100, is represented in figure 1.
  • computer device 100 is Java Card type smart card.
  • Computer device 100 comprises a support 102, for example having the format of a normal bank card.
  • Device 100 also comprises a processor 104 mounted on support 102.
  • processor 104 is a microprocessor.
  • Device 100 also has a volatile memory 106, for example RAM meaning
  • Device 100 also comprises a non-rewritable permanent memory 108.
  • ROM Read-Only Memory
  • Permanent memory is a memory in which data are not erased when device 100 is not supplied with power.
  • the processor also has access to non-rewritable memory 108.
  • Device 100 also has a permanent rewritable memory 110, to which processor 104 has access.
  • a permanent rewritable memory 110 for example this is an EEPROM memory, meaning "Electrically-Erasable Programmable Read-Only Memory”.
  • Rewritable memory 110 is more expensive than non-rewritable memory 108, in such a way that non- rewritable memory 108 is used in priority.
  • Non-rewritable memory 108 comprises a virtual machine code 112 as well as a program 114.
  • Virtual machine code 112 and processor 104 form a virtual machine 113 intended to execute program 114.
  • Program 114 comprises a set of virtual instructions, each virtual instruction of program 114 representing an action intended to be executed by the virtual processor emulated by virtual machine 113.
  • each virtual instruction of program 114 comprises an operation code representing an elementary operation of the virtual machine language, followed as . appropriate by one or several operations.
  • These virtual instructions are written in a format comprehensible by virtual machine 112 but not by processor 104, in such a way that processor 104 cannot directly execute the virtual instructions of programme 114.
  • Virtual machine 113 is intended to interpret the virtual instructions of program 114 into real instructions.
  • Virtual machine 113 is, for example, the Java Card virtual machine (JCVM).
  • JCVM Java Card virtual machine
  • Code 112 for virtual machine 113 comprises real instructions, directly executable by processor 104, and in particular an interpretation loop. Different implementation methods of the interpretation loop for code 112 for virtual machine
  • At least one patch 116 is saved in rewritable memory 110.
  • Patch 116 comprises a set of virtual instructions executable by virtual machine 113 and is intended to be called during execution of program 114 by virtual machine 113.
  • Rewritable memory 110 also comprises a lookup table 118, associating at least one respective virtual instruction of program 114 with each patch 116.
  • virtual instructions of program 114 each have an identifier, enabling them to be distinguished from one another, for example their address in non-rewritable memory 108.
  • patches 116 also have an identifier, for example the address of their first instruction in rewritable memory 110.
  • Lookup table 118 preferably associates the identifier for each patch 116 with one or several identifiers for virtual instructions of program 114.
  • Volatile memory 106 comprises registers 120.
  • One of the registers 120 is called code marker 122.
  • code marker 122 When computer device 100 is operating, code marker
  • Processor 104 is intended to execute real instructions in the sequence in which they are written. This means that after executing a real instruction, processor 104 executes the real instruction written immediately afterwards, unless the real instruction executed indicates another subsequent real instruction.
  • code 112 of virtual machine 113 first of all comprises real instructions 202 to initialise code marker 122 to the address of the first virtual instruction for program 114.
  • Code 112 is then followed by an interpretation loop 200, intended to be executed once only by processor 104 for each current virtual instruction, program
  • code marker 122 in the case where no other virtual instruction of program 114 or patch 116 changes code marker 122 in order to reread this current virtual instruction.
  • Interpretation loop 200 first of all comprises real instructions 204 in order to read and check syntax of the current virtual instruction.
  • Interpretation loop 200 also comprises real instructions 206 in order to determine the action of the current virtual instruction. This is done by extracting the operation code from the current virtual instruction and, if appropriate, the associated operands.
  • Interpretation loop 200 also comprises real instructions, called update instructions 208, in order to search in the lookup table 118 for a patch 116 associated with the current instruction, and in order to command execution of this patch 116.
  • update instructions 208 By modifying lookup table 118, it is possible to choose at what points in program 114, that is at the level of which virtual instructions in program 114, patch 116 is applied. In addition, it will be commented that the same patch can be called for several virtual instructions of program 114.
  • Interpretation loop 200 then comprises several series of real instructions
  • Each of these series of real instructions is associated with a respective operation code for the language of the virtual processor, and is intended to be executed by processor 104 when this operation code is encountered in the current virtual instruction. In what follows, each of these series of real instructions will be called "translation".
  • Each translation 212-1...212-N comprises real instructions, called translated real instructions 213-1 , ...213-n, ...213-N, intended, when they are executed by processor 104, to carry out the same action as that represented by the current virtual instruction.
  • Interpretation loop 200 also comprises real instructions 210 to select translation 212-n associated with the operation code for the current instruction, and therefore with the operation for the current instruction.
  • Interpretation loop 200 then comprises real instructions 214 to select a subsequent virtual instruction intended to be executed by virtual machine 113 during the next cycle, that is during the next execution of the loop. For example, code marker 122 is incremented by one, in order to read the next virtual instruction in the memory.
  • Interpretation loop 200 then comprises real instructions 216 in order to return to the beginning of interpretation loop 200.
  • FIGS 2 and 3 we will now describe a process 300 for executing program 114 by virtual machine 113.
  • processor 104 executes instructions 202 to initialise code marker 122 to the first line of program 114.
  • Process 300 then comprises repeated execution of interpretation loop 200 by processor 104, each time to translate a virtual instruction.
  • processor 104 begins to execute loop 200 of real instructions of code for virtual machine 112, for the current instruction of program 114.
  • processor 104 executes instructions 204 to read and check syntax of the current instruction.
  • processor 104 executes instructions 206 to determine the action represented by the current instruction.
  • instructions 206 For this purpose, virtual machine
  • the process also comprises a step 308, during which instructions 208 are executed by processor 104, in order to search in lookup table 118 for a patch 116 associated with the current instruction, and in order to call and execute this patch 116 if necessary.
  • virtual machine 113 searches for the address of the current instruction in lookup table 118 and, if it finds this address, infers from it the address of associated patch 116.
  • virtual machine 113 calls, during a step 309, the identified patch 116 - for example, by modifying code marker 122 so that it points to the address for the first virtual instruction of patch 116.
  • patch 116 located will start to be executed.
  • the instruction read at step 304 is not executed after all. If no patch is found, during a step 310, processor 104 executes instructions
  • the process also comprises a step 312 during which the processor executes the selected translation.
  • step 312 comprises a step 313 to execute translated instructions 213-1...213-N, and so carries out the action coded in the current virtual instruction.
  • processor 104 executes instructions 214 to select a subsequent virtual instruction intended to be executed by virtual machine 113 during the next execution of interpretation loop 200. For example, code marker 122 is incremented by one.
  • the processor executes instructions 216 bringing it back to the beginning of interpretation loop 200, in order to perform a new starting step 202 for interpretation loop 200, this time for the new current virtual instruction.
  • steps 304, 306, 308, 310, 312 and 314 are reiterated for the virtual instructions of called patch 116.
  • steps 304, 306, 308, 310, 312 and 314 are reiterated for the virtual instructions of called patch 116.
  • virtual machine 113 resumes execution of the instruction from program 114 read at step 304.
  • execution of patch 116 leads to modification of the instruction read at step 304 before its examination at step 310 and subsequent execution at step 312, either the operation code is replaced by another operation code, or at least one of the operands is modified, or the operation code and one or several operands are modified.
  • execution of the patch modifies the value of code marker 122 resulting in a jump of one or several lines of virtual instructions during reading of program 114 by virtual machine 113.
  • update instructions 208 are systematically executed after decoding step 306 for the current virtual instruction, but before selection and execution (steps 310 and 312) of its translation.
  • virtual machine 113 tests for the presence of a patch 116 in rewritable memory 110 for each virtual instruction of program 114. If the contents of rewritable memory 110 indicate that a patch 116 is present, the virtual instructions of this patch 116 are executed by virtual machine 113. If not, execution of the program's current virtual instruction proceeds normally.
  • a second implementation method of the invention represented on figure
  • the interpretation loop, now referenced 400 is identical to that in the first implementation method, if this is only real update instructions, from now on referenced 402, are placed in one or several pre-determined translations, chosen when writing code 112 for virtual machine 113, in addition to the translated instructions.
  • the first translation 212-1 comprises update instructions 402.
  • the translations chosen to receive real update instructions 402 can comprise certain or all of the method invocation instructions, for example
  • Update instructions 402 are similar to those in the first implementation method and so are intended to search in lookup table 118 for a patch 116 associated with the current instruction, and to command execution of this patch
  • Process 500 comprises steps 302, 303, 304, 306 and 310 described above.
  • patch search step 308 is not carried out in process
  • Execution step 312 for the translation associated with the operation code for the current virtual instruction this time comprises a step 502, similar to previous step 308, during which processor 104 executes update instructions 402 to confirm the presence of a patch 116 in rewritable memory 110. If a patch 116 is found, step 502 is followed by a step 504 similar to step 309, commanding execution of located patch 116. It will be noted that these steps 502 and 504 are executed before possible execution of step 313. This second implementation method sacrifices a little flexibility for the sake of performance gains. In fact, it reduces execution time for program 114, because update instructions 402 are no longer executed for each virtual instruction in program 114.
  • the code for virtual machine 112 comprises an interpretation loop 600, identical to that in figure 4, except that there is an operation code for which the associated translation consists only of update instructions, now referenced 602.
  • the example illustrated in figure 6 shows the case where the first translation 212-1 comprises only update instructions 602, meaning that translated instructions are formed by update instructions 602.
  • the language of virtual machine 113 comprises an operation dedicated to searching for and executing a patch, which can be placed at the desired points in program 114 when it is written. A patch point then only needs a single virtual instruction in program 114.
  • Process 700 is identical to process 300 in figure 3, except that the patch search and execution steps 308 and 309 are not present.
  • step 313 is replaced by an execution step 702 for real update instructions 602 to search for a patch, followed, if a patch is found, by a step 704 to call and execute the patch.
  • the contents of these steps 702 and 704 are identical to those of steps 308 and 309.
  • This third implementation method enables the frequency of patch call executions to be reduced, for the purposes of efficiency, without restricting the positions of these calls.
  • patch 116 comprises a set of real instructions directly executable by processor 104 and is intended to be called during execution of program 114 by virtual machine 113.
  • the execution step for the patch is performed directly by processor 104, meaning that processor 104 executes the real instruction in the patch in turn.
  • Patch 116 is terminated by a real instruction notifying processor 104 either to resume execution of the virtual instruction following step 302, or, following the first variant mentioned above, to continue execution of the virtual instruction previously read at step 304 from operation selection step 310. It is noted that according to the second and third variants described above, real instructions in patch 116 can check and modify code marker 122 in virtual machine 112 as well as the operation code and operands determined at step 306.
  • update instructions intended to look for and if necessary call a patch in rewritable memory 110
  • native code of virtual machine 113 makes execution of program 114 by processor 104 faster, compared to including virtual update instructions in program 114.
  • this invention is applicable to any system in which it is difficult or impossible to make direct modifications to the initial content of the memory in which the program is located.
  • the four previous implementation methods for update instructions can of course be combined into a single virtual machine code.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Executing Machine-Instructions (AREA)
  • Devices For Executing Special Programs (AREA)
  • Debugging And Monitoring (AREA)

Abstract

L'invention porte sur un procédé d'exécution d'un programme comprenant des instructions virtuelles, exécutables par une machine virtuelle, chaque instruction virtuelle représentant une action. Le procédé comprend : pour au moins une instruction virtuelle du programme, l'appel d'une instruction virtuelle corrigée, un démarrage pour exécution d'une boucle d'instruction d'un code de machine virtuelle (112) appelée boucle d'interprétation. Une exécution complète de la boucle d'interprétation permet : la détermination de l'action représentée par l'instruction virtuelle courante ; la sélection et l'exécution d'une traduction de l'action, comprenant au moins une instruction réelle d'un code de machine virtuelle (112) et associée à l'action déterminée ; la sélection d'une instruction virtuelle ultérieure sur laquelle la boucle d'interprétation est censée être exécutée ; et, lors de l'exécution de la boucle d'interprétation pour l'instruction corrigée, avant le redémarrage de l'exécution de la boucle d'interprétation pour une nouvelle instruction, la recherche, dans une table de conversion, d'une modification associée à l'instruction corrigée et commandant l'exécution de la modification.
PCT/EP2010/002381 2009-04-20 2010-04-19 Procédé d'exécution d'un programme par une machine virtuelle, code de machine virtuelle et dispositif associé WO2010121770A2 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR0952568 2009-04-20
FR0952568 2009-04-20

Publications (2)

Publication Number Publication Date
WO2010121770A2 true WO2010121770A2 (fr) 2010-10-28
WO2010121770A3 WO2010121770A3 (fr) 2010-12-16

Family

ID=41258437

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2010/002381 WO2010121770A2 (fr) 2009-04-20 2010-04-19 Procédé d'exécution d'un programme par une machine virtuelle, code de machine virtuelle et dispositif associé

Country Status (1)

Country Link
WO (1) WO2010121770A2 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2660721A1 (fr) * 2012-05-03 2013-11-06 Gemalto SA Procédé pour charger une application dans un élément sécurisé

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0955578A1 (fr) * 1998-05-04 1999-11-10 International Business Machines Corporation Procédé et dispositif pour effectuer une fonction assignée à un code d'instruction
US6256752B1 (en) * 1998-07-24 2001-07-03 International Business Machines Corporation Method and apparatus for dynamic swappable bytecode loop in java virtual machines
DE102004060548A1 (de) * 2004-01-20 2005-08-04 Giesecke & Devrient Gmbh Ausführung eines Programms durch eine virtuelle Maschine
DE102006002181A1 (de) * 2006-01-17 2007-07-19 Giesecke & Devrient Gmbh Ausführung von Patches mittels eines Caches

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
None

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2660721A1 (fr) * 2012-05-03 2013-11-06 Gemalto SA Procédé pour charger une application dans un élément sécurisé

Also Published As

Publication number Publication date
WO2010121770A3 (fr) 2010-12-16

Similar Documents

Publication Publication Date Title
US6965984B2 (en) Data processing using multiple instruction sets
CN109614165B (zh) 一种com组件的多版本并行运行方法和装置
US20030084431A1 (en) Intermediate code execution system, intermediate code execution method, and computer program product for executing intermediate code
CN107480476B (zh) 一种基于ELF感染的Android本地层指令编译虚拟化加壳方法
CN106371940A (zh) 一种程序崩溃解决方法及装置
US7213237B2 (en) Intermediate code preprocessing apparatus, intermediate code execution apparatus, intermediate code execution system, and computer program product for preprocessing or executing intermediate code
US20060070049A1 (en) Java bytecode translation method and Java interpreter performing the same
US7089539B2 (en) Program instruction interpretation
CN114816417B (zh) 一种交叉编译方法、装置、计算设备及存储介质
US20080301653A1 (en) Method and apparatus for increasing task-execution speed
US6519768B1 (en) Instruction translation method
US20100192137A1 (en) Method and system to improve code in virtual machines
CN101334737A (zh) 一种嵌入式设备的启动或复位方法
US9098355B2 (en) Method and apparatus for substituting compiler built-in helper functions with machine instructions
KR100864891B1 (ko) 다중 명령 세트 시스템에서의 미처리된 연산 처리
CN102893260B (zh) 用以作为指令评估数据值的***和方法
CN112214266A (zh) 欺骗调用链安卓脱壳方法、装置、存储介质及计算机设备
US7647489B2 (en) Function calling mechanism with embedded index for a handler program and an embedded immediate value for passing a parameter
WO2010121770A2 (fr) Procédé d'exécution d'un programme par une machine virtuelle, code de machine virtuelle et dispositif associé
CN101295239A (zh) Java卡虚拟机的指令执行方法
US7698534B2 (en) Reordering application code to improve processing performance
CN115373707A (zh) 航天器实时***内存受限条件下任务在线更新***及方法
CN107341002B (zh) 一种内存访问方法
US7203867B2 (en) Processor system, processor and arithmetic processing method
US10235139B2 (en) Method for modifying the execution of a platform-independent method of an integrated circuit card

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10747154

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10747154

Country of ref document: EP

Kind code of ref document: A2