Verifying a Compiler for Java Threads

A verified compiler is an integral part of every security infrastructure. Previous work has come up with formal semantics for sequential and concurrent variants of Java and has proven the correctness of compilers for the sequential part. This paper presents a rigorous formalisation (in the proof assistant Isabelle/HOL) of concurrent Java source and byte code together with an executable compiler and its correctness proof. It guarantees that the generated byte code shows exactly the same observable behaviour as the semantics for the multithreaded source code.

[1]  Andreas Lochbihler Jinja with Threads , 2007, Arch. Formal Proofs.

[2]  Mourad Debbabi,et al.  A Dynamic Operational Semantics for JVML , 2007, J. Object Technol..

[3]  Robin Milner,et al.  A Modal Characterisation of Observable Machine-Behaviour , 1981, CAAP.

[4]  Tobias Nipkow,et al.  A Proof Assistant for Higher-Order Logic , 2002 .

[5]  Guy L. Steele,et al.  Java(TM) Language Specification, The (3rd Edition) (Java (Addison-Wesley)) , 2005 .

[6]  Xavier Leroy,et al.  Formal certification of a compiler back-end or: programming a compiler with a proof assistant , 2006, POPL '06.

[7]  Dirk Carsten Leinenbach,et al.  Compiler verification in the context of pervasive system verification , 2008 .

[8]  Tobias Nipkow Java Bytecode Verification , 2004, Journal of Automated Reasoning.

[9]  Jan Vitek,et al.  ECOOP 2008 - Object-Oriented Programming, 22nd European Conference, Paphos, Cyprus, July 7-11, 2008, Proceedings , 2008, ECOOP.

[10]  Marieke Huisman,et al.  BicolanoMT: a Formalization of Multi-Threaded Java at Bytecode Level 1 , 2008 .

[11]  Tobias Nipkow,et al.  A machine-checked model for a Java-like language, virtual machine, and compiler , 2006, TOPL.

[12]  Prof. Dr. Robert F. Stärk,et al.  Java and the Java Virtual Machine , 2001, Springer Berlin Heidelberg.

[13]  S. Griffis EDITOR , 1997, Journal of Navigation.

[14]  David Aspinall,et al.  On Validity of Program Transformations in the Java Memory Model , 2008, ECOOP.

[15]  Xavier Leroy,et al.  A Formally Verified Compiler Back-end , 2009, Journal of Automated Reasoning.

[16]  Stephen N. Freund,et al.  Types for atomicity: Static checking and inference for Java , 2008, TOPL.

[17]  Mikael Rittri,et al.  Proving the correctness of a virtual machine by a bisimulation , 1988 .

[18]  W. Marsden I and J , 2012 .

[19]  Gregor Snelting,et al.  On PDG-based noninterference and its modular proof , 2009, PLAS '09.

[20]  Maulik A. Dave,et al.  Compiler verification: a bibliography , 2003, SOEN.

[21]  Xavier Leroy,et al.  Formal verification of a realistic compiler , 2009, CACM.

[22]  Frank Yellin,et al.  The Java Virtual Machine Specification , 1996 .

[23]  Gregor Snelting,et al.  Flow-sensitive, context-sensitive, and object-sensitive information flow control based on program dependence graphs , 2009, International Journal of Information Security.

[24]  Martin Wirsing,et al.  Formal Syntax and Semantics of Java , 1999 .

[25]  David Aspinall,et al.  Formalising Java's Data Race Free Guarantee , 2007, TPHOLs.

[26]  Andreas Lochbihler Type Safe Nondeterminism ñ A Formal Semantics of Java Threads , 2007 .

[27]  Hanbing Liu,et al.  Executable JVM model for analytical reasoning: A study , 2005, Sci. Comput. Program..

[28]  Egon Börger,et al.  Java and the Java Virtual Machine: Definition, Verification, Validation , 2001 .

[29]  Robin Milner,et al.  Communication and concurrency , 1989, PHI Series in computer science.

[30]  Mitchell Wand,et al.  Compiler correctness for parallel languages , 1995, FPCA '95.

[31]  Luca Aceto,et al.  Axiomatizing Prefix Iteration with Silent Steps , 1995 .

[32]  Jim Alves-Foss,et al.  Formal Syntax and Semantics of Java , 2002, Lecture Notes in Computer Science.

[33]  Guy L. Steele,et al.  The Java Language Specification , 1996 .

[34]  Jan A. Bergstra,et al.  Failures without chaos: a new process semantics for fair abstraction , 1987, Formal Description of Programming Concepts.