Video Converter
Audio Converter
Image Converter
PDF Converter
File Compressor
towards demonstrably correct compilation of java bytecode

(TOWARDS) DEMONSTRABLY CORRECT COMPILATION OF JAVA BYTECODE - PowerPoint PPT Presentation

Oct 06, 2023 •251 likes •832 views

(TOWARDS) DEMONSTRABLY CORRECT COMPILATION OF JAVA BYTECODE Michael Leuschel University of Dsseldorf FMCO 2008 Nice Sophia-Antipolis PART 1: BACKGROUND BACKGROUND DeCCo (Demonstrably Correct Compiler) By Susan Stepney, Logica + AWE

  1. (TOWARDS) DEMONSTRABLY CORRECT COMPILATION OF JAVA BYTECODE Michael Leuschel University of Düsseldorf FMCO 2008 Nice Sophia-Antipolis

  2. PART 1: BACKGROUND

  3. BACKGROUND DeCCo (Demonstrably Correct Compiler) By Susan Stepney, Logica + AWE [1992-2001] From: PASP Pascal-like language To: ASP Custom RISC Processor One major step for Hoare’s Grand Challenge

  4. DECCO: PROCESS Z Specification of PASP Z Specification of ASP (+ ASPAL + XASPAL) Translation Rules in Z: PASP → ASP Proven by hand Translated by hand into Prolog DCGT

  5. DECCO: PROCESS Z Specification of PASP Z Specification of ASP (+ ASPAL + XASPAL) Translation Rules in Z: PASP → ASP Proven by hand Translated by hand into Prolog DCGT

  6. “We believe that the methodology provides us with a high level of confidence in the correctness of the embedded software required to drive high integrity controllers.” Source: Decco Website http://www-users.cs.york.ac.uk/~susan/bib/ss/hic.htm

  7. DRAWBACKS tied to PASP, difficult to get PASP programmers proven by hand + translation by hand translation Z → Prolog only correct under certain assumptions Prolog code was hard to maintain, Prolog performance issues, a few bugs Infrastructure DCGT Z Operators

  8. JASP PROJECT Investigate existing Decco system Move from PASP to Java Bytecode Provide recommendations for future developments Adapt existing Decco System for JavaBC ? Move from Prolog to Haskell ? Investigate other alternatives, ...

  9. DECCO COMPILER Z Prolog Model DCGT 1-1 translation of Compiler Translation (+PASP & by hand of ASP) Schemas proven correct by hand Prolog Infrastructure Code (Z Operators,...)

  10. DECCO COMPILER Z Prolog Model DCGT 1-1 translation of Compiler Translation (+PASP & by hand of ASP) Schemas proven correct by hand Prolog Infrastructure Code (Z Operators,...)

  11. DECCO COMPILER Z Prolog Model DCGT 1-1 translation of Compiler Translation (+PASP & by hand of ASP) Schemas proven correct by hand Prolog Infrastructure Code (Z Operators,...)

  12. DECCO COMPILER Z Prolog Model DCGT 1-1 translation of Compiler Translation (+PASP & by hand of ASP) Schemas proven correct by hand Prolog Infrastructure Code (Z Operators,...)

  13. DECCO COMPILER Z Prolog Model DCGT 1-1 translation of Compiler Translation (+PASP & by hand of ASP) Schemas proven correct by hand Prolog Infrastructure Code (Z Operators,...)

  14. THE PROLOG SYSTEM LPA WinProlog: only on Windows, no modules idiosyncratic features were used default mode gives no warnings singleton variables, predicate redefinition, ...

  15. JASP CONCLUSIONS Try to automate more of compiler construction Move from Z to B (or other approaches) Automatic Code generation Formal proofs Tool support

  16. PART 2: A LITTLE BACKGROUND ABOUT B

  17. A quick overview of B

  18. B-Method • Invented by Abrial • Successor of Z • Allows to write high-level specifications & code (B0) • Aimed at tool support

  19. B: Logical Predicates

  20. B: SETS {x,y,... | P} set comprehensions (partial list)

  21. B: Relations (partial list)

  22. B: Functions f(x) function application %(x,y,..).(P|E) lambda abstraction

  23. B Development Process Preliminary design Software Consistency requirement B Abstract Model proof specification Detailed design Refinement proof Functional test Consistency B Concrete Model proof Translation Ada code Manual Semi-automatic Automatic Source: Siemens Transportation Systems

  25. ETHZ Southampton Newcastle Aabo Nokia Bosch Siemens Transportation SAP Space Systems Finland

  26. PART 3: COMPILER CONSTRUCTION WITH B

  27. JASP: FIRST EXPERIMENT Small Subset of Java Bytecode no methods, objects, ... istore, iload, iconst, imul, ... Simple model of the processor Three-Address code of Dragon Book LDI, LDM, STM, MUL, ...

  28. MACHINE JavaBC0 SETS Opcodes IDEA CONSTANTS PrgOpcode,PrgArg1,PrgArg2, Exp,StackLayout,BYTE, MAXVAR,VARS,MAXBYTE, PSIZE VARIABLES PC,Stack,Vars, Finished OPERATIONS (StackSize),(StackTop),(NzVarVal), Model JavaBC as B terminate,ex_nop,ex_goto, ex_return,(ex_ifle),(ex_istore), (ex_iconst),(ex_iload),(ex_imul), (ex_iadd),(ex_iinc),current_opcode Model RISC as B REFINES REFINEMENT JavaBCR1 Refine JavaBC into compiled VARIABLES PC,Finished OPERATIONS version StackSize,StackTop,NzVarVal, ex_istore,ex_iconst,ex_iload, ex_imul,ex_iadd,ex_iinc, ex_ifle opcodes translated into RISC INCLUDES MACHINE RISC CONSTANTS correctness established by NrReg,MSize,RBYTE, MAXRBYTE B refinement VARIABLES R,MEM OPERATIONS LDI,LDM,STM, ADD,MUL,SUBT, ISPOS

  29. EXAMPLE BYTECODE 0: iconst_2 1: istore_1 public class Power { 2: iconst_5 public static void main(String args[]) 3: istore_2 { 4: iload_2 int base = 2; 5: istore_3 int exp = 5; 6: iconst_1 int i = exp; 7: istore 4 int res = 1; 9: iload_3 while (i>0) { 10: ifle 25 i--; 13: iinc 3, -1 res = res*base; 16: iload 4 } 18: iload_1 System.out.println(res); 2 19: imul } 20: istore 4 Operand Local } 22: goto 9 Stack Variables 25: return

  30. HOW TO COMPILE How to compile to RISC with limited memory and registers (2) ? Local variables statically known: ok What about the stack ??

  31. STACK LAYOUT 0: iconst_2 1: istore_1 2: iconst_5 3: istore_2 4: iload_2 Every program point: 5: istore_3 6: iconst_1 same stack layout, 7: istore 4 no matter which path 9: iload_3 10: ifle 25 13: iinc 3, -1 16: iload 4 int 18: iload_1 19: imul int 20: istore 4 Operand 22: goto 9 25: return Stack

  32. HOW TO COMPILE Infer stack layout: int int for every program point: size of stack ... upper bound must exist treat like local variables ! imul no need to maintain a stack pointer !! int ...

  33. INFERRING STACK LAYOUT By abstract interpretation Prolog interpreter for Java BC run it on abstract domain of types {int, ...} [Demo] In Java 6: Stacklayout actually already in class file

  34. TRUSTING STACKLAYOUT INFO Remember: we want formally verified compilation How can we trust the code that computed the stack layout info? We don’t have to ! Build properties of correct stack layout into B formal model Computed stack layout needs to be checked for those properties

  35. Model of Model of Java RISC Bytecode Processor Refines Calls Model of Compiled Java Bytecode

  36. THE B MODEL OF JAVABC PROPERTIES INVARIANT PSIZE : NATURAL1 & PC: 1..PSIZE & PrgOpcode: 1..PSIZE --> Opcodes & Stack: seq(INTEGER) & PrgArg1: 1..PSIZE --> VARS & Vars: VARS +->INTEGER & PrgArg2: 1..PSIZE --> BYTE & Finished: BOOL & ... size(Stack) = StackLayout(PC) StackLayout: 1..PSIZE --> VARS /* for each Program Point: indicate size of stack */ & StackLayout(1) = 0 & /* Initially stack is empty */ ... !pc1.(pc1:1..PSIZE => ((PrgOpcode(pc1)/=goto & PrgOpcode(pc1)/=return) => pc1+1 <= PSIZE )) & !pc2.(pc2:1..PSIZE & PrgOpcode(pc2) = goto => (PrgArg1(pc2):1..PSIZE & StackLayout(PrgArg1(pc2)) = StackLayout(pc2)) ) ...

  37. THE B MODEL OF JAVABC OPERATIONS ex_iload(A1) = PRE PrgOpcode(PC) = iload & A1=PrgArg1(PC) & A1:dom(Vars) THEN AdvancePC || Proven correct: Stack := Stack <- Vars(A1) END; PC remains within program bounds statically computed Stack Layout is always correct if properties satisfied

  38. Quote “Every formal model I have seen, proven or not, which has not been animated contained errors” Christophe Metayer, Systerel (liberal translation from French based on verbal communication)

  39. Quote “Every formal model I have seen, proven or not, which has not been animated contained errors” Christophe Metayer, Systerel (liberal translation from French based on verbal communication)

  40. OUR TOOL Model Checking Languages: B, (LTL, Symmetry) CSP, Z, CSP||B, ... Animation Refinement Checking Used for Industrial Teaching B Applications

  42. Model of Model of Java RISC Bytecode Processor Refines Calls Model of Compiled Java Bytecode

  43. MACHINE RISC CONSTANTS NrReg, /* Number of registers */ MSize, /* Memory Size */ B MODEL RBYTE, MAXRBYTE OF RISC PROPERTIES MAXRBYTE = 31 & /* 127 & */ NrReg:INT & NrReg>1 & MSize:INTEGER & MSize>1 & RBYTE = (-MAXRBYTE-1)..MAXRBYTE & NrReg =2 & MSize = 4*(MAXRBYTE+1)-1 VARIABLES R, /* Register Contents */ MEM /* Memory Contents */ INVARIANT R: 1..NrReg --> INTEGER & MEM: 0..MSize --> INTEGER INITIALISATION R := %x.(x:1..NrReg | 0) || MEM := %y.(y:0..MSize | 0) OPERATIONS LDI(r,imm) = PRE r:1..NrReg & imm:RBYTE THEN R(r) := imm END; LDM(r,mem) = PRE mem:0..MSize & r:1..NrReg THEN R(r) := MEM(mem) END; STM(r,mem) = PRE mem:0..MSize & r:1..NrReg THEN MEM(mem) := R(r) END; ADD(r1,r2,r3) = PRE r1: 1..NrReg & r2: 1..NrReg & r3: 1..NrReg THEN R(r1) := R(r2)+R(r3) END; MUL(r1,r2,r3) = PRE r1: 1..NrReg & r2: 1..NrReg & r3: 1..NrReg THEN R(r1) := R(r2)*R(r3) END; SUBT(r1,r2,r3) = PRE r1: 1..NrReg & r2: 1..NrReg & r3: 1..NrReg THEN R(r1) := R(r2)-R(r3) END; res <-- ISPOS(r) = PRE r:1..NrReg THEN IF R(r)> 0 THEN res := TRUE ELSE res := FALSE END

  44. Model of Model of Java RISC Bytecode Processor Refines Calls Model of Compiled Java Bytecode

Recommend

Compiling Techniques Lecture 10: Introduction to Java ByteCode Christophe Dubach 10 November

Compiling Techniques Lecture 10: Introduction to Java ByteCode Christophe Dubach 10 November

Introduction Java ByteCode Details Compiling Techniques Lecture 10: Introduction to Java ByteCode Christophe Dubach 10 November 2015 Christophe Dubach Compiling Techniques Introduction Java ByteCode Details Coursework: Block and

574 views • 23 slides
Decompiling Boolean Expressions from Java TM Bytecode Mangala Gowri Nanda (IBM-IRL) and S.

Decompiling Boolean Expressions from Java TM Bytecode Mangala Gowri Nanda (IBM-IRL) and S.

Decompiling Boolean Expressions from JavaTM Bytecode Decompiling Boolean Expressions from Java TM Bytecode Mangala Gowri Nanda (IBM-IRL) and S. Arun-Kumar (IIT Delhi) Decompiling Boolean Expressions from JavaTM Bytecode Introduction The

575 views • 37 slides
Migrating to Java 9 Modules @Sander_Mak By Sander Mak Migrating to Java 9 Java 8 java -cp ..

Migrating to Java 9 Modules @Sander_Mak By Sander Mak Migrating to Java 9 Java 8 java -cp ..

Migrating to Java 9 Modules @Sander_Mak By Sander Mak Migrating to Java 9 Java 8 java -cp .. -jar myapp.jar Java 9 java -cp .. -jar myapp.jar Today's journey Running on Java 9 Java 9 modules Migrating to modules Modularising code

853 views • 45 slides
JAVA Java vs. Java Java Language Specification

JAVA Java vs. Java Java Language Specification

BR 10/05 JAVA Java vs. Java Java Language Specification http://java.sun.com/docs/books/jls/second_edition/html/j.title.doc.html Java programming language is compiled into java byte code Java Virtual Machine Specification

1.08k views • 44 slides
JIT Compilation Module Overview JIT Compilation Native vs. Managed Compilation Managed

JIT Compilation Module Overview JIT Compilation Native vs. Managed Compilation Managed

JIT Compilation Module Overview JIT Compilation Native vs. Managed Compilation Managed Execution Phases Assembly Loading &amp; Initialization JIT Compilation JIT Optimizations Whats new in NGEN 4.0? When to use NGEN? 2 Running Code

484 views • 46 slides
Java Comes Home to the Consumer Chet Haase Java SE Client Architect Java Comes Home to the

Java Comes Home to the Consumer Chet Haase Java SE Client Architect Java Comes Home to the

Java Comes Home to the Consumer Chet Haase Java SE Client Architect Java Comes Home to the Consumer Chet Haase Java SE Client Architect Agenda Java SE 6 Update N Java FX JDK7 Agenda Java SE 6 Update N Java FX

657 views • 51 slides
Multi-core in JVM/Java Concurrent programming in java Prior Java 5 Java 5 (2006)

Multi-core in JVM/Java Concurrent programming in java Prior Java 5 Java 5 (2006)

Multi-core in JVM/Java Concurrent programming in java Prior Java 5 Java 5 (2006) Java 7 (2010) Other topics Basic concurrency in Java Java Memory Model describes how threads interact through memory Single thread

816 views • 34 slides
Machine Assisted Reasoning for Multi - Threaded Java Bytecode Mikael Lagerkvist April 2005

Machine Assisted Reasoning for Multi - Threaded Java Bytecode Mikael Lagerkvist April 2005

Background The Semantics of the JVM Examples Conclusion and Further Work Machine Assisted Reasoning for Multi - Threaded Java Bytecode Mikael Lagerkvist April 2005 Mikael Lagerkvist Machine Assisted Reasoning for Java Bytecode Background

423 views • 30 slides
The Java Virtual Machine The Java Virtual Machine interpret compile Native Binary Code Michael

The Java Virtual Machine The Java Virtual Machine interpret compile Native Binary Code Michael

Virtual Machines in Compilation Virtual Machines in Compilation Abstract Syntax Tree compile Compilation 2007 Compilation 2007 Virtual Machine Code The Java Virtual Machine The Java Virtual Machine interpret compile Native Binary Code

544 views • 11 slides
Lab 2 discussion Last Time Debugging Its a science use experiments to refine

Lab 2 discussion Last Time Debugging Its a science use experiments to refine

size= 64 correct= 0 size= 73 correct= 0 Shuying Liang size= 107 correct= 1 size= 107 correct= 0 size= 108 correct= 0 size= 108 correct= 1 Please do not handin a .doc file, a .zip file, a .tar file, size= 111 correct= 1 size=

431 views • 7 slides
Java Java Basics Java Program Statements Java Review Conditional statements

Java Java Basics Java Program Statements Java Review Conditional statements

Java Java Basics Java Program Statements Java Review Conditional statements Repetition statements (loops) Writing Classes in Java Selim Aksoy Class definitions Bilkent University Encapsulation and Java modifiers

351 views • 11 slides
Specification language and WP calculus for Java Bytecode. joint work in progress Mariela

Specification language and WP calculus for Java Bytecode. joint work in progress Mariela

Specification language and WP calculus for Java Bytecode. joint work in progress Mariela Pavlova, Lilian Burdy INRIA Sophia-Antipolis spopS p. 1 Motivation Proof Carrying ByteCode Proof obligations. What is the language in which

447 views • 31 slides
The Java Virtual Machine Martin Schberl Overview Review Java/JVM JVM Bytecodes

The Java Virtual Machine Martin Schberl Overview Review Java/JVM JVM Bytecodes

The Java Virtual Machine Martin Schberl Overview Review Java/JVM JVM Bytecodes Bytecode examples Class information Parameter passing On projects JVMHW The Java virtual machine 2 Java System Overview JVMHW The Java

691 views • 46 slides
Model Checking Java Programs (Java PathFinder) Slides partially compiled from the NASA

Model Checking Java Programs (Java PathFinder) Slides partially compiled from the NASA

Model Checking Java Programs (Java PathFinder) Slides partially compiled from the NASA JavaPathFinder project and E. Clarkes course material Java PathFinder JPF is an explicit state software model checker for Java bytecode JPF is a Java

889 views • 35 slides
Demonstrably doing accountability in e-health: practical processes and tools Peter Leonard

Demonstrably doing accountability in e-health: practical processes and tools Peter Leonard

October 2019 Demonstrably doing accountability in e-health: practical processes and tools Peter Leonard Principal, Data Synergies Pty Limited Professor of Practice, UNSW Business School 1 2 2 Source: Peter Cullen and Information

490 views • 19 slides
1 Java compilation model Java bytecode format void spin () { int i; for (i = 0; i &lt; 100;

1 Java compilation model Java bytecode format void spin () { int i; for (i = 0; i &lt; 100;

The Java programming environment Introduction to JVM Based on material produced by Bill Venners 1 2 The Java platform The role of the virtual machime byte code generated by the Java front-end is an intermediate representation (IR)

838 views • 3 slides
Summer School Overview Day 0: R bootcamp Day 1: Workflow, Google App Engine Day 2:

Summer School Overview Day 0: R bootcamp Day 1: Workflow, Google App Engine Day 2:

Summer School Overview Day 0: R bootcamp Day 1: Workflow, Google App Engine Day 2: Online Experiments Day 3: Data wrangling, visualization Day 4: Statistics, Probabilistic models Day 5: Experience sampling Packages and

756 views • 55 slides
Hangman Game Simple design exercise similar to what you will do for your CS102 project (and

Hangman Game Simple design exercise similar to what you will do for your CS102 project (and

Hangman Game Simple design exercise similar to what you will do for your CS102 project (and what happens in industry!) Project Stages: Requirements, User Interface (UI), Detailed Design, Implementation, Testing,

180 views • 13 slides
I ODIAS TODAI INSTITUTES FOR ADVANCED STUDY

I ODIAS TODAI INSTITUTES FOR ADVANCED STUDY

I ODIAS TODAI INSTITUTES FOR ADVANCED STUDY Kavli Institute for the

261 views • 22 slides
Data-Intensive Distributed Computing CS 431/631 451/651 (Fall 2019) Part 1: MapReduce Algorithm

Data-Intensive Distributed Computing CS 431/631 451/651 (Fall 2019) Part 1: MapReduce Algorithm

Data-Intensive Distributed Computing CS 431/631 451/651 (Fall 2019) Part 1: MapReduce Algorithm Design (2/4) Ali Abedi These slides are available at https://www.student.cs.uwaterloo.ca/~cs451/ This work is licensed under a Creative Commons

682 views • 50 slides
A MICROKERNEL-BASED OPERATING SYSTEM FOR EXASCALE COMPUTING Amnon Barak Hebrew University

A MICROKERNEL-BASED OPERATING SYSTEM FOR EXASCALE COMPUTING Amnon Barak Hebrew University

The Hebrew University of Jerusalem A MICROKERNEL-BASED OPERATING SYSTEM FOR EXASCALE COMPUTING Amnon Barak Hebrew University Jerusalem (HUJI) Hermann Hrtig TU Dresden, Operating Systems Group (TUDOS) Wolfgang Nagel TU Dresden, Center

1.05k views • 51 slides
Visiting a Neighbor Experience what Jesus experience Between Bethany and Jerusalem The Temple

Visiting a Neighbor Experience what Jesus experience Between Bethany and Jerusalem The Temple

Introduction Visiting a Neighbor Experience what Jesus experience Between Bethany and Jerusalem The Temple Mount The Temple Mount keywordsuggest.org http://www.thebiblejourney.org The Parable 1 The Landowner 2 The Vineyard 3 The Wicked

481 views • 16 slides
This Weeks Sermon Rejoice Nehemiah 12:27-43 Context/Recap They were just in mourning

This Weeks Sermon Rejoice Nehemiah 12:27-43 Context/Recap They were just in mourning

This Weeks Sermon Rejoice Nehemiah 12:27-43 Context/Recap They were just in mourning They were just in mourning They were remembering what God had done for their people over the centuries Nehemiah 12:27-43 27 At the dedication of the

535 views • 32 slides
DO NOT WEEP FOR ME; WEEP FOR YOURSELVES AND FOR YOUR CHILDREN Luke 11:50 Therefore this

DO NOT WEEP FOR ME; WEEP FOR YOURSELVES AND FOR YOUR CHILDREN Luke 11:50 Therefore this

DO NOT WEEP FOR ME; WEEP FOR YOURSELVES AND FOR YOUR CHILDREN Luke 11:50 Therefore this generation will be held responsible for the blood of all the prophets DO NOT WEEP FOR ME; WEEP FOR YOURSELVES AND FOR YOUR CHILDREN Luke 11:50

964 views • 8 slides

More recommend

Explore More Topics

Stay informed with curated content and fresh updates.

animals pets art culture automotive transportation business finance computer internet construction architecture education-career electronics communication

Logo Sambuz

Unleash a World of Digital Possibilities—Browse, Share, and Explore Content Without Boundaries

Useful Links

About Us Privacy Services FAQ's Contact

Newsletter

Stay Informed & Inspired—Subscribe for the Latest Updates, Tips, and Exclusive Content Directly to Your Inbox.

Mail Us

mail@sambuz.com

2026 SAMBUZ, All right reserved.