Verified Bytecode Verifiers
نویسنده
چکیده
Using the theorem prover Isabelle/HOL we have formalized and proved correct an executable bytecode verifier in the style of Kildall’s algorithm for a significant subset of the Java Virtual Machine. First an abstract framework for proving correctness of data flow based type inference algorithms for assembly languages is formalized. It is shown that under certain conditions Kildall’s algorithm yields a correct bytecode verifier. Then the framework is instantiated with our previous work about the JVM. Finally we demonstrate the flexibility of the framework by extending our previous JVM model and the executable bytecode verifier with object initialization.
منابع مشابه
Formal Translation of Bytecode into BoogiePL
Many modern program verifiers translate the program to be verified and its specification into a simple intermediate representation and then compute verification conditions on this representation. Using an intermediate language improves the interoperability of tools and facilitates the computation of small verification conditions. Even though the translation into an intermediate representation i...
متن کاملVerified Java bytecode verification
The bytecode verifier is an important part of Java’s security architecture. This thesis presents a fully formal, executable, and machine checked specification of a representative subset of the Java Virtual Machine and its bytecode verifier together with a proof that the bytecode verifier is safe. The specification consists of an abstract framework for bytecode verification which is instantiated...
متن کاملIntegrated Java Bytecode Verification
Existing Java verifiers perform an iterative data-flow analysis to discover the unambiguous type of values stored on the stack or in registers. Our novel verification algorithm uses abstract interpretation to obtain definition/use information for each register and stack location in the program, which in turn is used to transform the program into Static Single Assignment form. In SSA, verificati...
متن کاملJayHorn: A Framework for Verifying Java programs
Building a competitive program verifiers is becoming cheaper. On the front-end side, openly available compiler infrastructure and optimization frameworks take care of hairy problems such as alias analysis, and break down the subtleties of modern languages into a handful of simple instructions that need to be handled. On the back-end side, theorem provers start providing full-fledged model check...
متن کاملEfficient Bytecode Verification Using Immediate Postdominators in Control Flow Graphs: Extended Abstract
Java Virtual Machine (JVM) code (also called bytecode) [11] can be downloaded by untrusted sources and executed directly. A component of the Java security model is the Java bytecode Verifier, which makes sure that the bytecode is safe by static analysis at loading time and prior to execution. The bytecode Verifier checks type correctness, stack overflow or underflow, code containment, registers...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Theor. Comput. Sci.
دوره 298 شماره
صفحات -
تاریخ انتشار 2001