A type system for object initialization in the Java bytecode language

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

A type system for object initialization in the Java bytecode language

Full text

Pdf (395 KB)

Source

ACM Transactions on Programming Languages and Systems (TOPLAS) archive
Volume 21 , Issue 6 (November 1999) table of contents

Pages: 1196 - 1250

Year of Publication: 1999

ISSN:0164-0925

Authors

Stephen N. Freund	Stanford Univ., Stanford, CA
John C. Mitchell	Stanford Univ., Stanford, CA

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 6, Downloads (12 Months): 59, Citation Count: 21

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/330643.330646 What is a DOI?

ABSTRACT

In the standard Java implementation, a Java language program is compiled to Java bytecode. This bytecode may be sent across the network to another site, where it is then executed by the Java Virtual Machine. Since bytecode may be written by hand, or corrupted during network transmission, the Java Virtual Machine contains a bytecode verifier that performs a number of consistency checks before code is run. These checks include type correctness and, as illus-trated by previous attacks on the Java Virtual Machine, are critical for system security. In order to analyze existing bytecode verifiers and to understand the properties that should be verified, we develop a precise specification of statically correct Java bytecode, in the form of a type system. Our focus in this article is a subset of the bytecode language dealing with object creation and initialization. For this subset, we prove, that, for every Java bytecode program that satisfies our typing constraints, every object is initialized before it is used. The type system is easily combined with a previous system developed by Stata and Abadi for bytecode subroutines. Our analysis of subroutines and object initialization reveals a previously unpub-lished bug in the Sun JDK bytecode verifier.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Ken Arnold , James Gosling, The Java programming language (2nd ed.), ACM Press/Addison-Wesley Publishing Co., New York, NY, 1998
	2	COHEN, R. 1997. Defensive Java virtual machine version 0.5 alpha release. Available via http//www, cli. co m/so ftw are/djvm/in de x. html.
	3	Sophia Drossopoulou , Susan Eisenbach , Sarfraz Khurshid, Is the Java type system sound?, Theory and Practice of Object Systems, v.5 n.1, p.3-24, Jan. 1999 [doi>10.1002/(SICI)1096-9942(199901/03)5:1<3::AID-TAPO2>3.0.CO;2-T]
	4	Drew Dean , Edward W. Felten , Dan S. Wallach , Dirk Balfanz, Java security: Web browsers and beyond, Internet besieged: countering cyberspace scofflaws, ACM Press/Addison-Wesley Publishing Co., New York, NY, 1997
	5	Allen Goldberg, A specification of Java loading and bytecode verification, Proceedings of the 5th ACM conference on Computer and communications security, p.49-58, November 02-05, 1998, San Francisco, California, United States [doi>10.1145/288090.288104]
	6	Masami Hagiya , Akihiko Tozawa, On a New Method for Dataflow Analysis of Java Virtual Machine Subroutines, Proceedings of the 5th International Symposium on Static Analysis, p.17-32, September 14-16, 1998
	7	JONES, M. 1998. The functions of Java bytecode. In Proceedings of the Workshop on the Formal Underpinnings of the Java Paradigm.
	8	Pietro Cenciarelli , Alexander Knapp , Bernhard Reus , Martin Wirsing, An Event-Based Structural Operational Semantics of Multi-Threaded Java, Formal Syntax and Semantics of Java, p.157-200, January 1999
	9	Tim Lindholm , Frank Yellin, Java Virtual Machine Specification, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1999
	10	Greg Morrisett , David Walker , Karl Crary , Neal Glew, From system F to typed assembly language, ACM Transactions on Programming Languages and Systems (TOPLAS), v.21 n.3, p.527-568, May 1999 [doi>10.1145/319301.319345]
	11	Tobias Nipkow , David von Oheimb, Java_light is type-safe—definitely, Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.161-170, January 19-21, 1998, San Diego, California, United States [doi>10.1145/268946.268960]
	12	Robert O'Callahan, A simple, comprehensive type system for Java bytecode subroutines, Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.70-78, January 20-22, 1999, San Antonio, Texas, United States [doi>10.1145/292540.292549]
	13	Joachim Posegga , Harald Vogt, Byte Code Verification for Java Smart Card Based on Model Checking, Proceedings of the 5th European Symposium on Research in Computer Security, p.175-190, September 16-18, 1998
	14	Zhenyu Qian, A Formal Specification of Java Virtual Machine Instructions for Objects, Methods and Subrountines, Formal Syntax and Semantics of Java, p.271-312, January 1999
	15	Raymie Stata , Martin Abadi, A type system for Java bytecode subroutines, ACM Transactions on Programming Languages and Systems (TOPLAS), v.21 n.1, p.90-137, Jan. 1999 [doi>10.1145/314602.314606]
	16	SARASWAT, V. 1997. The Java bytecode verification problem. Available via http://www. research, att.com/-vj.
	17	SIRER, E. G., MCDIRMID, S., AND BERSHAD, B. 1997. Kimera: A Java system architecture. Available via http://kimera.cs.washington.edu.
	18	SYME, D. 1997. Proving Java type soundness. Tech. Rep. 427, Univ. of Cambridge Computer Laboratory.
	19	D. Tarditi , G. Morrisett , P. Cheng , C. Stone , R. Harper , P. Lee, TIL: a type-directed optimizing compiler for ML, ACM SIGPLAN Notices, v.31 n.5, p.181-192, May 1996
	20	Phillip M. Yelland, A compositional account of the Java virtual machine, Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.57-69, January 20-22, 1999, San Antonio, Texas, United States [doi>10.1145/292540.292548]

CITED BY 21

	Andrew D. Gordon , Don Syme, Typing a multi-language intermediate code, ACM SIGPLAN Notices, v.36 n.3, p.248-260, March 2001
	Atsushi Igarashi , Naoki Kobayashi, Resource usage analysis, ACM SIGPLAN Notices, v.37 n.1, p.331-342, Jan. 2002
	Tomoyuki Higuchi , Atsushi Ohori, Java bytecode as a typed term calculus, Proceedings of the 4th ACM SIGPLAN international conference on Principles and practice of declarative programming, p.201-211, October 06-08, 2002, Pittsburgh, PA, USA
	Tatsurou Sekiguchi , Takahiro Sakamoto , Akinori Yonezawa, Portable implementation of continuation operators in imperative languages by exception handling, Advances in exception handling techniques, Springer-Verlag New York, Inc., New York, NY, 2001
	Xavier Leroy, Bytecode verification on Java smart cards, Software—Practice & Experience, v.32 n.4, p.319-340, 10 April 2002
	Xavier Leroy, Java Bytecode Verification: Algorithms and Formalizations, Journal of Automated Reasoning, v.30 n.3-4, p.235-269, 2003
	G. Klein , M. Wildmoser, Verified Bytecode Subroutines, Journal of Automated Reasoning, v.30 n.3-4, p.363-398, 2003
	Atsushi Igarashi , Naoki Kobayashi, A generic type system for the Pi-calculus, Theoretical Computer Science, v.311 n.1-3, p.121-163, 23 January 2004
	Stephen N. Freund , John C. Mitchell, A Type System for the Java Bytecode Language and Verifier, Journal of Automated Reasoning, v.30 n.3-4, p.271-321, 2003
	Naoki Kobayashi, Time regions and effects for resource usage analysis, ACM SIGPLAN Notices, v.38 n.3, March 2003
	Robert F. Stärk , Joachim Schmid, Completeness of a Bytecode Verifier and a Certifying Java-to-JVM Compiler, Journal of Automated Reasoning, v.30 n.3-4, p.323-361, 2003
	David Basin , Stefan Friedrich , Marek Gawkowski, Bytecode Verification by Model Checking, Journal of Automated Reasoning, v.30 n.3-4, p.399-444, 2003
	Atsushi Igarashi , Naoki Kobayashi, Resource usage analysis, ACM Transactions on Programming Languages and Systems (TOPLAS), v.27 n.2, p.264-313, March 2005
	Futoshi Iwama , Atsushi Igarashi , Naoki Kobayashi, Resource usage analysis for a functional language with exceptions, Proceedings of the 2006 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation, January 09-10, 2006, Charleston, South Carolina
	C. Bernardeschi , N. De Francesco , G. Lettieri , L. Martini , P. Masci, Decomposing bytecode verification by abstract interpretation, ACM Transactions on Programming Languages and Systems (TOPLAS), v.31 n.1, p.1-63, December 2008
	Pieter H. Hartel , Luc Moreau, Formalizing the safety of Java, the Java virtual machine, and Java card, ACM Computing Surveys (CSUR), v.33 n.4, p.517-558, December 2001
	Tomoyuki Higuchi , Atsushi Ohori, A static type system for JVM access control, ACM Transactions on Programming Languages and Systems (TOPLAS), v.29 n.1, p.4-es, January 2007
	Christian Skalka, Type safe dynamic linking for JVM access control, Proceedings of the 9th ACM SIGPLAN international symposium on Principles and practice of declarative programming, July 14-16, 2007, Wroclaw, Poland
	Philip W. L. Fong, Reasoning about safety properties in a JVM-like environment, Science of Computer Programming, v.67 n.2-3, p.278-300, July, 2007
	Pratibha Permandla , Michael Roberson , Chandrasekhar Boyapati, A type system for preventing data races and deadlocks in the java virtual machine language: 1, ACM SIGPLAN Notices, v.42 n.7, July 2007
	Nicu G. Fruja, Towards proving type safety of .NET CIL, Science of Computer Programming, v.72 n.3, p.176-219, August, 2008