research-article

Open access

Java bytecode verification via static single assignment form

Authors:

Andreas Gal,

Christian W. Probst,

Michael FranzAuthors Info & Claims

ACM Transactions on Programming Languages and Systems (TOPLAS), Volume 30, Issue 4

Article No.: 21, Pages 1 - 21

https://doi.org/10.1145/1377492.1377496

Published: 01 August 2008 Publication History

PDF eReader

Abstract

Java Virtual Machines (JVMs) traditionally perform bytecode verification by way of an iterative dataflow analysis. Bytecode verification is necessary to ensure type safety because temporary variables in the JVM are not statically typed. We present an alternative verification mechanism that transforms JVM bytecode into Static Single Assignment Form (SSA) and thereby propagates definitions directly to uses. Type checking at control flow merge points can then be performed in a single pass.

Our prototype implementation of the new algorithm is faster than the standard JVM bytecode verifier. It has the additional benefit of generating SSA as a side effect, which may be immediately useful for a subsequent dynamic compilation stage.

References

[1]

Amme, W., Dalton, N., von Ronne, J., and Franz, M. 2001. SafeTSA: A type safe and referentially secure mobile-code representation based on static single assignment form. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation. ACM Press, New York, NY, 137--147.

Digital Library

Google Scholar

[2]

Davey, B. A. and Priestley, H. A. 1990. Introduction to Lattices and Order. Cambridge University Press.

Google Scholar

[3]

Fitzgerald, R., Knoblock, T. B., Ruf, E., Steensgaard, B., and Tarditi, D. 2000. Marmot: An optimizing compiler for Java. Softw. Prac. Exper. 30, 3, 199--232.

Digital Library

Google Scholar

[4]

Freund, S. N. 1998. The costs and benefits of java bytecode subroutines. In Proceedings of the Formal Underpinnings of Java Workshop at OOPSLA.

Google Scholar

[5]

Freund, S. N. and Mitchell, J. C. 1999a. A formal specification of the Java bytecode language and bytecode verifier. In Proceeings of the ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages & Applications (OOPSLA'99). ACM Press, NY, NY, 147--166.

Digital Library

Google Scholar

[6]

Freund, S. N. and Mitchell, J. C. 1999b. Specification and verification of Java bytecode subroutines and exceptions. Tech. rep. CS-TN-99-91, Stanford University.

Google Scholar

[7]

Freund, S. N. and Mitchell, J. C. 2003. A type system for the Java bytecode language and verifier. J. Automa. Reason. 30, 3-4, 271--321.

Digital Library

Google Scholar

[8]

Gal, A., Probst, C. W., and Franz, M. 2005. Structural encoding of static single assignment form. In Proceedings of the 4th International Workshop on Compiler Optimization Meets Compiler Verification (COCV'05). Elsevier Science Publishers, Amsterdam, The Netherlands.

Google Scholar

[9]

League, C., Trifonov, V., and Shao, Z. 2001. Functional Java Bytecode. In Proceedings of the 5th World Conference on Systemics, Cybernetics, and Informatics Workshop on Intermediate Representation Engineering for the Java Virtual Machine.

Google Scholar

[10]

Leroy, X. 2003. Java bytecode verification: Algorithms and formalizations. J. Automat. Reason. 30, 3/4, 235--269.

Digital Library

Google Scholar

[11]

Lindholm, T. and Yellin, F. 1996. The Java Virtual Machine Specification. Addison Wesley, Reading, MA.

Digital Library

Google Scholar

[12]

Stärk R. and Schmid, J. 2001. Java bytecode verification is not possible (extended abstract). In Proceedings of Eurocast'01 Formal Methods and Tools for Computer Science, R. Moreno-Díaz and A. Quesada-Arencibia, Eds. 232--234.

Google Scholar

[13]

Stärk, R., Schmid, J., and Börger, E. 2001. Java and the Java Virtual Machine: Definition, Verification, Validation. Springer-Verlag, Berlin, Germany.

Digital Library

Google Scholar

[14]

Stata, R. and Abadi, M. 1999. A type system for Java bytecode subroutines. ACM Trans. Program. Lang. Syst. 21, 1, 90--137.

Digital Library

Google Scholar

Cited By

View all

He JXu W(2023)Experimental design and analysis of polyhedral optimization algorithm based on LoongArch64 architectureProceedings of the 2023 2nd International Conference on Algorithms, Data Mining, and Information Technology10.1145/3625403.3626204(212-217)Online publication date: 15-Sep-2023
https://dl.acm.org/doi/10.1145/3625403.3626204
HajiHosseinKhani SLashkari AMizani Oskui A(2023)Unveiling Vulnerable Smart Contracts: Toward Profiling Vulnerable Smart Contracts using Genetic Algorithm and Generating Benchmark DatasetBlockchain: Research and Applications10.1016/j.bcra.2023.100171(100171)Online publication date: Nov-2023
https://doi.org/10.1016/j.bcra.2023.100171
De Francesco NLettieri GMartini L(2019)Using abstract interpretation to add type checking for interfaces in Java bytecode verificationTheoretical Computer Science10.1016/j.tcs.2010.01.026411:22-24(2174-2201)Online publication date: 5-Jan-2019
https://dl.acm.org/doi/10.1016/j.tcs.2010.01.026

Index Terms

Java bytecode verification via static single assignment form
1. General and reference
  1. Cross-computing tools and techniques
    1. Validation
2. Software and its engineering
  1. Software creation and management
    1. Software verification and validation
      1. Empirical software validation
      2. Process validation
  2. Software notations and tools
    1. Compilers

Recommendations

Java Bytecode Verification: Algorithms and Formalizations

Bytecode verification is a crucial security component for Java applets, on the Web and on embedded devices such as smart cards. This paper reviews the various bytecode verification algorithms that have been proposed, recasts them in a common framework ...
Java bytecode specification and verification
SAC '06: Proceedings of the 2006 ACM symposium on Applied computing

We propose a framework for establishing the correctness of untrusted Java bytecode components w.r.t. to complex functional and/or security policies. To this end, we define a bytecode specification language (BCSL) and a weakest precondition calculus for ...
Standard fixpoint iteration for Java bytecode verification

Java bytecode verification forms the basis for Java-based Internet security and needs a rigorous description. One important aspect of bytecode verification is to check if a Java Virtual Machine (JVM) program is statically well-typed. So far, several ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Programming Languages and Systems

ACM Transactions on Programming Languages and Systems Volume 30, Issue 4

July 2008

358 pages

ISSN:0164-0925

EISSN:1558-4593

DOI:10.1145/1377492

Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 August 2008

Accepted: 01 March 2007

Revised: 01 December 2006

Received: 01 September 2006

Published in TOPLAS Volume 30, Issue 4

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Funding Sources

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
764
Total Downloads

Downloads (Last 12 months)58
Downloads (Last 6 weeks)8

Reflects downloads up to 02 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

He JXu W(2023)Experimental design and analysis of polyhedral optimization algorithm based on LoongArch64 architectureProceedings of the 2023 2nd International Conference on Algorithms, Data Mining, and Information Technology10.1145/3625403.3626204(212-217)Online publication date: 15-Sep-2023
https://dl.acm.org/doi/10.1145/3625403.3626204
HajiHosseinKhani SLashkari AMizani Oskui A(2023)Unveiling Vulnerable Smart Contracts: Toward Profiling Vulnerable Smart Contracts using Genetic Algorithm and Generating Benchmark DatasetBlockchain: Research and Applications10.1016/j.bcra.2023.100171(100171)Online publication date: Nov-2023
https://doi.org/10.1016/j.bcra.2023.100171
De Francesco NLettieri GMartini L(2019)Using abstract interpretation to add type checking for interfaces in Java bytecode verificationTheoretical Computer Science10.1016/j.tcs.2010.01.026411:22-24(2174-2201)Online publication date: 5-Jan-2019
https://dl.acm.org/doi/10.1016/j.tcs.2010.01.026

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

References

Cited By

Index Terms

Recommendations

Java Bytecode Verification: Algorithms and Formalizations

Java bytecode specification and verification

Standard fixpoint iteration for Java bytecode verification

Comments

Information

Published In

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Funding Sources

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

PDF

eReader

Login options

Full Access

Share

Share this Publication link

Share on social media

Affiliations