Towards efficient and verified virtual machines for dynamic languages

The prevalence of dynamic languages is not commensurate with the security guarantees provided by their execution mechanisms. Consider, for example, the ubiquitous case of JavaScript: it runs everywhere and its complex just-in-time compilers produce code that is fast and, unfortunately, sometimes incorrect. We present an Isabelle/HOL formalization of an alternative execution model---optimizing interpreters---and mechanically verify its correctness. Specifically, we formalize advanced speculative optimizations similar to those used in just-in-time compilers and prove semantics preservation. As a result, our formalization provides a path towards unifying vital performance requirements with desirable security guarantees.

[1]  Milo M. K. Martin,et al.  Formalizing the LLVM intermediate representation for verified program transformations , 2012, POPL '12.

[2]  Xavier Leroy,et al.  A simple, verified validator for software pipelining , 2010, POPL '10.

[3]  Urs Hölzle,et al.  Optimizing dynamically-dispatched calls with run-time type feedback , 1994, PLDI '94.

[4]  L. Peter Deutsch,et al.  Efficient implementation of the smalltalk-80 system , 1984, POPL.

[5]  Andreas Lochbihler,et al.  Verifying a Compiler for Java Threads , 2010, ESOP.

[6]  Conrad Watt,et al.  Mechanising and verifying the WebAssembly specification , 2018, CPP.

[7]  Alec Wolman,et al.  The structure and performance of interpreters , 1996, ASPLOS VII.

[8]  Ramana Kumar,et al.  CakeML: a verified implementation of ML , 2014, POPL.

[9]  Jean-Baptiste Tristan,et al.  Formal verification of translation validators , 2009, POPL.

[10]  David Gregg,et al.  The Structure and Performance of Efficient Interpreters , 2003, J. Instr. Level Parallelism.

[11]  Christian Wimmer,et al.  One VM to rule them all , 2013, Onward!.

[12]  Andreas Lochbihler Jinja with Threads , 2007, Arch. Formal Proofs.

[13]  Clemens Ballarin Locales: A Module System for Mathematical Theories , 2013, Journal of Automated Reasoning.

[14]  Stefan Brunthaler,et al.  Efficient interpretation using quickening , 2010, DLS '10.

[15]  Egon Börger,et al.  Java and the Java Virtual Machine: Definition, Verification, Validation , 2001 .

[16]  John Aycock,et al.  A brief history of just-in-time , 2003, CSUR.

[17]  Stefan Brunthaler Virtual-Machine Abstraction and Optimization Techniques , 2009, Electron. Notes Theor. Comput. Sci..

[18]  Xavier Leroy,et al.  Java bytecode verification : algorithms and formalizations Xavier Leroy INRIA Rocquencourt and Trusted Logic , 2003 .

[19]  Sorin Lerner,et al.  Bringing extensibility to verified compilers , 2010, PLDI '10.

[20]  Christian Wimmer,et al.  Practical partial evaluation for high-performance dynamic language runtimes , 2017, PLDI.

[21]  David A. Padua,et al.  Optimizing R VM: Allocation Removal and Path Length Reduction via Interpreter-level Specialization , 2014, CGO '14.

[22]  Arthur Charguéraud,et al.  A trusted mechanised JavaScript specification , 2014, POPL.

[23]  Tobias Nipkow,et al.  Jinja is not Java , 2005, Arch. Formal Proofs.

[24]  Martin Desharnais A Generic Framework for Verified Compilers , 2020, Arch. Formal Proofs.

[25]  Xavier Leroy,et al.  Formal Verification of a C Compiler Front-End , 2006, FM.

[26]  Gerhard Goos,et al.  Verification of Compilers , 1999, Correct System Design.

[27]  Andreas Lochbihler,et al.  Animating the Formalised Semantics of a Java-Like Language , 2011, ITP.

[28]  Xavier Leroy,et al.  Validating Register Allocation and Spilling , 2010, CC.

[29]  Scott B. Baden High Performance Storage Reclamation in an Object-Based Memory System , 1982 .

[30]  Xuejun Yang,et al.  Finding and understanding bugs in C compilers , 2011, PLDI '11.

[31]  Andreas Lochbihler,et al.  Java and the Java Memory Model - A Unified, Machine-Checked Formalisation , 2012, ESOP.

[32]  Tobias Nipkow,et al.  A machine-checked model for a Java-like language, virtual machine, and compiler , 2006, TOPL.

[33]  Craig Chambers,et al.  Optimizing Dynamically-Typed Object-Oriented Languages With Polymorphic Inline Caches , 1991, ECOOP.

[34]  Andreas Lochbihler Type Safe Nondeterminism ñ A Formal Semantics of Java Threads , 2007 .

[35]  Ernst-Rüdiger Olderog,et al.  Provably Correct Systems , 1994, NASA Monographs in Systems and Software Engineering.

[36]  Jan Vitek,et al.  Correctness of speculative optimizations with dynamic deoptimization , 2017, Proc. ACM Program. Lang..

[37]  Xavier Leroy,et al.  Verified validation of lazy code motion , 2009, PLDI '09.

[38]  Stefan Brunthaler,et al.  Inline Caching Meets Quickening , 2010, ECOOP.

[39]  Magnus O. Myreen Verified just-in-time compiler on x86 , 2010, POPL '10.

[40]  Xavier Leroy,et al.  A Formally Verified Compiler Back-end , 2009, Journal of Automated Reasoning.