A type system for object initialization in the Java bytecode language

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

A type system for object initialization in the Java bytecode language

Full text

Pdf (1.91 MB)

Source

Conference on Object Oriented Programming Systems Languages and Applications archive
Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications table of contents

Vancouver, British Columbia, Canada

Pages: 310 - 327

Year of Publication: 1998

ISBN:1-58113-005-8

Also published in ...

Authors

Stephen N. Freund	Department of Computer Science, Stanford University, Stanford, CA
John C. Mitchell	Department of Computer Science, Stanford University, Stanford, CA

Sponsor

SIGPLAN: ACM Special Interest Group on Programming Languages

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 2, Downloads (12 Months): 22, Citation Count: 21

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/286936.286972 What is a DOI?

ABSTRACT

In the standard Java implementation, a Java language program is compiled to Java bytecode. This bytecode may be sent across the network to another site, where it is then interpreted by the Java Virtual Machine. Since bytecode may be written by hand, or corrupted during network transmission, the Java Virtual Machine contains a bytecode verifier that performs a number of consistency checks before code is interpreted. As illustrated by previous attacks on the Java Virtual Machine, these tests, which include type correctness, are critical for system security. In order to analyze existing bytecode verifiers and to understand the properties that should be verified, we develop a precise specification of statically-correct Java bytecode, in the form of a type system. Our focus in this paper is a subset of the bytecode language dealing with object creation and initialization. For this subset, we prove that for every Java bytecode program that satisfies our typing constraints, every object is initialized before it is used. The type system is easily combined with a previous system developed by Stata and Abadi for bytecode subroutines. Our analysis of subroutines and object initialization reveals a previously unpublished bug in the Sun JDK bytecode verifier.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	AG96	Ken Arnold , James Gosling, The Java programming language (2nd ed.), ACM Press/Addison-Wesley Publishing Co., New York, NY, 1998
	Coh97	Rich Cohen. Defensive Java Virtual Machine Version 0.5 alpha Release. Available from ht tp: / / www. c I i. corn/software / djvm/index, ht m 1, November 1997.
	DE97	S. Drossopoulou and S. Eisenbach. Java is type safe ---probably. In European Conference On Object Oriented Programming, pages 389-418, 1997.
	DFW96	D. Dean , Felten , Wallach, Java Security: From HotJava to Netscape and Beyond, Proceedings of the 1996 IEEE Symposium on Security and Privacy, p.190, May 06-08, 1996
	Gol98	Allen Goldberg, A specification of Java loading and bytecode verification, Proceedings of the 5th ACM conference on Computer and communications security, p.49-58, November 02-05, 1998, San Francisco, California, United States [doi>10.1145/288090.288104]
	HT98	Masami Hagiya and Akihiko Tozawa. On a new method for dataflow analysis of Java Virtual M achi ne subroutines. Available from http://nicosia.is.s.utokyo.ac.j p/members/hagiya.html. A preliminary version appeared in SIG-Notes, PRO-17-3, Information Processing Society of Japan, 1998.
	Lia97	Sheng Liang. personal communication, November 1997.
	LY96	Tim Lindholm , Frank Yellin, Java Virtual Machine Specification, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1999
	MCGW98	Greg Morrisett , David Walker , Karl Crary , Neal Glew, From system F to typed assembly language, Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.85-97, January 19-21, 1998, San Diego, California, United States [doi>10.1145/268946.268954]
	NvO98	Tobias Nipkow , David von Oheimb, Java_light is type-safe—definitely, Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.161-170, January 19-21, 1998, San Diego, California, United States [doi>10.1145/268946.268960]
	PV98	Joachim Posegga , Harald Vogt, Byte Code Verification for Java Smart Card Based on Model Checking, Proceedings of the 5th European Symposium on Research in Computer Security, p.175-190, September 16-18, 1998
	Qia98	Zhenyu Qian, A Formal Specification of Java Virtual Machine Instructions for Objects, Methods and Subrountines, Formal Syntax and Semantics of Java, p.271-312, January 1999
	SA98	Raymie Stata , Martín Abadi, A type system for Java bytecode subroutines, Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.149-160, January 19-21, 1998, San Diego, California, United States [doi>10.1145/268946.268959]
	Sar97	Vijay Saraswat. The Java bytecode verification problem. Available from http://www.research.att.com/'vj, November 1997.
	SMB97	Emin Grin Sirer, Sean McDirmid, and Brian Betshad. Kimera: A java system architecture. Available from http://kimera.cs.washington.edu, November 1997.
	Sym97	Don Syme. Proving Java type soundness. Technical Report 427, University of Cambridge Computer Laboratory Technical Report, 1997.
	TMC+96	D. Tarditi , G. Morrisett , P. Cheng , C. Stone , R. Harper , P. Lee, TIL: a type-directed optimizing compiler for ML, ACM SIGPLAN Notices, v.31 n.5, p.181-192, May 1996

CITED BY 21

	Raymie Stata , Martin Abadi, A type system for Java bytecode subroutines, ACM Transactions on Programming Languages and Systems (TOPLAS), v.21 n.1, p.90-137, Jan. 1999
	Stephen N. Freund , John C. Mitchell, A formal framework for the Java bytecode language and verifier, ACM SIGPLAN Notices, v.34 n.10, p.147-166, Oct. 1999
	Robert O'Callahan, A simple, comprehensive type system for Java bytecode subroutines, Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.70-78, January 20-22, 1999, San Antonio, Texas, United States
	Emin Gün Sirer , Robert Grimm , Arthur J. Gregory , Brian N. Bershad, Design and implementation of a distributed virtual machine for networked computers, ACM SIGOPS Operating Systems Review, v.33 n.5, p.202-216, Dec. 1999
	P. Bieber , J. Cazin , P. Girard , J.-L. Lanet , V. Wiels , G. Zanon, Checking secure interactions of smart card applets: extended version, Journal of Computer Security, v.10 n.4, p.369-398, December 2002
	Todd B. Knoblock , Jakob Rehof, Type elaboration and subtype completion for Java bytecode, Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.228-242, January 19-21, 2000, Boston, MA, USA
	Hongwei Xi , Songtao Xia, Towards array bound check elimination in Java ^TM virtual machine language, Proceedings of the 1999 conference of the Centre for Advanced Studies on Collaborative research, p.14, November 08-11, 1999, Mississauga, Ontario, Canada
	Emin Gün Sirer , Brian N. Bershad, Using production grammars in software testing, ACM SIGPLAN Notices, v.35 n.1, p.1-13, Jan. 2000
	Stéphane Doyon , Mourad Debbabi, Verifying object initialization in the Java bytecode language, Proceedings of the 2000 ACM symposium on Applied computing, p.821-830, March 2000, Como, Italy
	Todd B. Knoblock , Jakob Rehof, Type elaboration and subtype completion for Java bytecode, ACM Transactions on Programming Languages and Systems (TOPLAS), v.23 n.2, p.243-272, March 2001
	Gerwin Klein , Tobias Nipkow, Verified bytecode verifiers, Theoretical Computer Science, v.298 n.3, p.583-626, 11 April 2003
	Cosimo Laneve, A type system for JVM threads, Theoretical Computer Science, v.290 n.1, p.741-778, 1 January 2003
	G. Klein , M. Wildmoser, Verified Bytecode Subroutines, Journal of Automated Reasoning, v.30 n.3-4, p.363-398, 2003
	Egon Börger , Wolfram Schulte, A Practical Method for Specification and Analysis of Exception Handling-A Java/JVM Case Study, IEEE Transactions on Software Engineering, v.26 n.9, p.872-887, September 2000
	Antoine Requet, A B model for ensuring soundness of a large subset of the java card virtual machine, Science of Computer Programming, v.46 n.3, p.283-306, March 2003
	Akihiko Tozawa , Masami Hagiya, Formalization and Analysis of Class Loading in Java, Higher-Order and Symbolic Computation, v.15 n.1, p.7-55, March 2002
	Pieter H. Hartel , Luc Moreau, Formalizing the safety of Java, the Java virtual machine, and Java card, ACM Computing Surveys (CSUR), v.33 n.4, p.517-558, December 2001
	Zhenyu Qian, Standard fixpoint iteration for Java bytecode verification, ACM Transactions on Programming Languages and Systems (TOPLAS), v.22 n.4, p.638-672, July 2000
	Emin Gün Sirer , Brian N. Bershad, Using production grammars in software testing, Proceedings of the 2nd conference on Conference on Domain-Specific Languages, p.1-1, October 03-05, 1999, Austin, Texas
	Greg Morrisett , Karl Crary , Neal Glew , David Walker, Stack-based typed assembly language, Journal of Functional Programming, v.12 n.1, p.43-88, January 2002
	Sunae Seo , Youil Kim , Hyun-Goo Kang , Taisook Han, A Static Bug Detector for Uninitialized Field References in Java Programs, IEICE - Transactions on Information and Systems, v.E90-D n.10, p.1663-1671, October 2007