Security properties of typed applets
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A specification of Java loading and bytecode verification
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Type elaboration and subtype completion for Java bytecode
ACM Transactions on Programming Languages and Systems (TOPLAS)
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Java Virtual Machine Specification
Java Virtual Machine Specification
Proving the Soundness of a Java Bytecode Verifier Specification in Isabelle/HOL
TACAS '99 Proceedings of the 5th International Conference on Tools and Algorithms for Construction and Analysis of Systems
A Formal Correspondence between Offensive and Defensive JavaCard Virtual Machines
VMCAI '02 Revised Papers from the Third International Workshop on Verification, Model Checking, and Abstract Interpretation
Java Bytecode Verification: Algorithms and Formalizations
Journal of Automated Reasoning
A Type System for the Java Bytecode Language and Verifier
Journal of Automated Reasoning
Lightweight Bytecode Verification
Journal of Automated Reasoning
Goal-directed weakening of abstract interpretation results
ACM Transactions on Programming Languages and Systems (TOPLAS)
Small witnesses for abstract interpretation-based proofs
ESOP'07 Proceedings of the 16th European conference on Programming
Hi-index | 0.00 |
Lightweight bytecode verification uses stack maps to annotate Java bytecode programs with type information in order to reduce the verification to type checking. This paper describes an improved bytecode analyser together with algorithms for optimizing the stack maps generated. The analyser is simplified in its treatment of base values (keeping only the necessary information to ensure memory safety) and enriched in its representation of interface types, using the Dedekind-MacNeille completion technique. The computed interface information allows to remove the dynamic checks at interface method invocations. We prove the memory safety property guaranteed by the bytecode verifier using an operational semantics whose distinguishing feature is the use of untagged 32-bit values. For bytecode typable without sets of types we show how to prune the fix-point to obtain a stack map that can be checked without computing with sets of interfaces i.e., lightweight verification is not made more complex or costly. Experiments on three substantial test suites show that stack maps can be computed and correctly pruned by an optimized (but incomplete) pruning algorithm.