Bytecode program interpreter apparatus and method with pre-verification of data type restrictions and object initialization
First Claim
1. A method, comprising:
- selectively connecting a computer system via a network to a sending computer to receive from the sending computer a program formed of low-level, stack-oriented, program code;
verifying prior to execution that when an instruction of the program is executed that can be executed along more than one execution path, a number of operands on a stack when arriving at that instruction during execution is identical regardless of the execution path taken to arrive at the instruction, and a type state of the stack when arriving at the instruction during execution of a first execution path that includes the instruction is compatible with a type state of the stack when arriving at the instruction during execution of all other execution paths that include the instruction; and
executing the verified program.
0 Assignments
0 Petitions
Accused Products
Abstract
A program interpreter for computer programs written in a bytecode language, which uses a restricted set of data type specific bytecodes. The interpreter, prior to executing any bytecode program, executes a bytecode program verifier procedure that verifies the integrity of a specified program by identifying any bytecode instruction that would process data of the wrong type for such a bytecode and any bytecode instruction sequences in the specified program that would cause underflow or overflow of the operand stack. If the program verifier finds any instructions that violate predefined stack usage and data type usage restrictions, execution of the program by the interpreter is prevented. After pre-processing of the program by the verifier, if no program faults were found, the interpreter executes the program without performing operand stack overflow and underflow checks and without performing data type checks on operands stored in operand stack. As a result, program execution speed is greatly improved.
133 Citations
172 Claims
-
1. A method, comprising:
-
selectively connecting a computer system via a network to a sending computer to receive from the sending computer a program formed of low-level, stack-oriented, program code;
verifying prior to execution that when an instruction of the program is executed that can be executed along more than one execution path, a number of operands on a stack when arriving at that instruction during execution is identical regardless of the execution path taken to arrive at the instruction, and a type state of the stack when arriving at the instruction during execution of a first execution path that includes the instruction is compatible with a type state of the stack when arriving at the instruction during execution of all other execution paths that include the instruction; and
executing the verified program. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer system, comprising:
-
means for selectively connecting the computer system via a network to a sending computer to receive from the sending computer a program formed of low-level, stack-oriented, program code;
memory for storing the program;
a data processing unit for executing programs stored in the memory;
a program verifier, stored in the memory and executed by the data processing unit, the program verifier including instructions for verifying prior to execution that when an instruction of the program is executed that can be executed along more than one execution path, a number of operands on a stack when arriving at that instruction during execution is identical regardless of the execution path taken to arrive at the instruction, and a type state of the stack when arriving at the instruction during execution of a first execution path that includes the instruction is compatible with a type state of the stack when arriving at the instruction during execution of all other execution paths that include the instruction; and
a program execution module for executing the verified program. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A computer program product for use in conjunction with a computer system, the computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer program mechanism comprising:
-
a program verifier, for analyzing a program formed of low-level, stack-oriented, program code;
the program verifier including instructions for verifying prior to execution of the program that when an instruction of the program is executed that can be executed along more than one execution path, a number of operands on a stack when arriving at that instruction during execution is identical regardless of the execution path taken to arrive at the instruction, and a type state of the stack when arriving at the instruction during execution of a first execution path that includes the instruction is compatible with a type state of the stack when arriving at the instruction during execution of all other execution paths that include the instruction; and
a program execution module for executing the verified program. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 102)
-
-
34. A method comprising:
-
providing a program formed of low-level, stack-oriented, program code; and
making the program available to a computer system via a network;
wherein after the computer system accesses the program, the computer system verifies prior to execution of the program that when an instruction of the program is executed that can be executed along more than one execution path, a number of operands on a stack when arriving at that instruction during execution is identical regardless of the execution path taken to arrive at the instruction, and a type state of the stack when arriving at the instruction during execution of a first execution path that includes the instruction is compatible with a type state of the stack when arriving at the instruction during execution of all other execution paths that include the instruction. - View Dependent Claims (35, 36, 37, 38, 39, 40, 41, 42, 43)
-
-
44. A computer system, comprising:
-
memory for storing a program formed of low-level, stack-oriented, program code;
a data processing unit for executing programs stored in the memory;
a program verifier, stored in the memory and executed by the data processing unit, the program verifier including instructions for verifying, prior to execution, that when an instruction of the program is executed that can be executed along more than one execution path, a number of operands on a stack when arriving at that instruction during execution is identical regardless of the execution path taken to arrive at the instruction, and a type state of the stack when arriving at the instruction during execution of a first execution path that includes the instruction is compatible with a type state of the stack when arriving at the instruction during execution of all other execution paths that include the instruction. - View Dependent Claims (45, 46, 47, 48, 49, 50, 51, 52, 53)
-
-
54. A computer program product for use in conjunction with a computer system, the computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer program mechanism comprising:
a program verifier for analyzing a program formed of low-level, stack-oriented, program code, the program verifier including instructions for verifying at run time, prior to execution, that when an instruction of the program is executed that can be executed along more than one execution path, a number of operands on a stack when arriving at that instruction during execution is identical regardless of the execution path taken to arrive at the instruction, and a type state of the stack when arriving at the instruction during execution of a first execution path that includes the instruction is compatible with a type state of the stack when arriving at the instruction during execution of all other execution paths that include the instruction. - View Dependent Claims (55, 56, 57, 58, 59, 60, 61, 62, 63)
-
64. A method of operating a computer system, comprising:
-
receiving from a source computer a program formed of low-level, stack-oriented, program code;
verifying at run time, prior to execution, that when an instruction of the program is executed that can be executed along more than one execution path, a number of operands on a stack when arriving at that instruction during execution is identical for all execution paths that include the instruction, and a type state of the stack when arriving at the instruction during execution of a first execution path that includes the instruction is compatible with a type state of the stack when arriving at the instruction during execution of all other execution paths that include the instruction; and
executing the verified program. - View Dependent Claims (65, 66, 67, 68, 69, 70, 71, 72, 73, 74)
-
-
75. A computer system, comprising:
-
an interface for receiving a program formed of low-level, stack-oriented, program code;
memory for storing the program;
a data processing unit for executing programs stored in the memory;
a program verifier, stored in the memory and executed by the data processing unit, the program verifier including instructions for verifying prior to execution that when an instruction of the program is executed that can be executed along more than one execution path, a number of operands on a stack when arriving at that instruction during execution is identical regardless of the execution path taken to arrive at the instruction, and a type state of the stack when arriving at the instruction during execution of a first execution path that includes the instruction is compatible with a type state of the stack when arriving at the instruction during execution of all other execution paths that include the instruction; and
a program execution module for executing the verified program. - View Dependent Claims (76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87)
-
-
88. A method of operating a computer system, comprising:
-
providing a program formed of low-level, stack-oriented, program code;
verifying, at run time, that when an instruction of the program is executed that can be executed along more than one execution path, a number of operands on a stack when arriving at that instruction during execution is identical for all execution paths that include the instruction, even when the stack is not empty, and a type state of the stack when arriving at the instruction during execution of a first execution path that includes the instruction is compatible with a type state of the stack when arriving at the instruction during execution of all other execution paths that include the instruction; and
executing the verified program. - View Dependent Claims (89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101)
-
-
103. A method of operating a computer system, comprising:
-
receiving a program formed of low-level, stack-oriented, program code from a server over a network;
determining whether the program successfully completed a verification process, wherein the verification process verifies, prior to execution of the program, that when an instruction of the program is executed that can be executed along more than one execution path, a number of operands on a stack when arriving at that instruction during execution is identical for all execution paths that include the instruction regardless of the execution path taken to arrive at the instruction, and a type state of the stack when arriving at the instruction during execution of a first execution path that includes the instruction is compatible with a type state of the stack when arriving at the instruction during execution of all other execution paths that include the instruction; and
executing or aborting execution of the program based on a result of the determination. - View Dependent Claims (104, 105, 106, 107, 108)
-
-
109. A computer system, comprising:
-
an interface for receiving a program formed of low-level, stack-oriented, program code;
memory for storing the program;
a data processing unit for executing programs stored in the memory;
a first module for determining whether the program successfully completed a verification process, wherein the verification process verifies, prior to execution of the program, that when an instruction of the program is executed that can be executed along more than one execution path, a number of operands on a stack when arriving at that instruction during execution is identical for all execution paths that include the instruction regardless of the execution path taken to arrive at the instruction, and a type state of the stack when arriving at the instruction during execution of a first execution path that includes the instruction is compatible with a type state of the stack when arriving at the instruction during execution of all other execution paths that include the instruction; and
a program execution module for executing or aborting based on a result generated by the first module. - View Dependent Claims (110, 111, 112, 113, 114, 115, 116, 117)
-
-
118. A computer program product for use in conjunction with a computer system, the computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer program mechanism comprising:
-
a first module for determining whether the program successfully completed a verification process, wherein the verification process verifies, prior to execution of the program, that when an instruction of the program is executed that can be executed along more than one execution path, a number of operands on a stack when arriving at that instruction during execution is identical for all execution paths that include the instruction regardless of the execution path taken to arrive at the instruction, and a type state of the stack when arriving at the instruction during execution of a first execution path that includes the instruction is compatible with a type state of the stack when arriving at the instruction during execution of all other execution paths that include the instruction; and
a program execution module for executing or aborting based on a result generated by the first module. - View Dependent Claims (119, 120, 121, 122, 123, 124, 125, 126)
-
-
127. A method of operating a computer system, comprising the steps of:
-
providing a program formed of low-level, stack-oriented, program code;
verifying at run time, prior to execution, that when a loop of the program is executed that, immediately before and after each iteration of the loop, a number of operands on a stack is identical, even when the stack is not empty, and a type state of the stack before a first iteration of the loop is compatible with a type state of the stack after the each iteration of the loop regardless of how many times the loop is executed; and
executing the verified program. - View Dependent Claims (128, 129, 130, 131, 132, 133, 134, 135, 157, 158)
-
-
136. A computer system, comprising:
-
memory for storing a program formed of low-level, stack-oriented, program code;
a data processing unit for executing programs stored in the memory;
a program verifier, stored in the memory and executed by the data processing unit, the program verifier including instructions for verifying prior to execution that when a loop of the program is executed that, immediately before and after each iteration of the loop, a number of operands on a stack is identical, even when the stack is not empty, and a type state of the stack before a first iteration of the loop is compatible with a type state of the stack after the each iteration of the loop regardless of how many times the loop is executed; and
a program execution module for executing the verified program. - View Dependent Claims (137, 138, 139, 140, 141, 142)
-
-
143. A computer program product for use in conjunction with a computer system, the computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer program mechanism comprising:
-
a program verifier, for analyzing a program formed of low-level, stack-oriented, program code;
the program verifier including instructions for verifying prior to execution of the program that when a loop of the program is executed that, immediately before and after each iteration of the loop, a number of operands on a stack is identical, even when the stack is not empty, and a type state of the stack before a first iteration of the loop is compatible with a type state of the stack after the each iteration of the loop regardless of how many times the loop is executed; and
a program execution module for executing the verified program. - View Dependent Claims (144, 145, 146, 147, 148, 149)
-
-
150. A method of operating a computer system, comprising:
-
receiving a program formed of low-level, stack-oriented, program code from a server over a network;
determining whether the program successfully completed a verification process, wherein the verification process verifies, prior to execution of the program, that when a loop of the program is executed that, immediately before and after each iteration of the loop, a number of operands on a stack is identical and a type state of the stack before a first iteration of the loop is compatible with a type state of the stack after the each iteration of the loop regardless of how many times the loop is executed; and
executing or aborting execution of the program based on a result of the determination. - View Dependent Claims (151, 152, 153, 154, 155, 156)
-
-
159. A computer system, comprising:
-
an interface for receiving a program formed of low-level, stack-oriented, program code;
memory for storing the program;
a data processing unit for executing programs stored in the memory;
a first module for determining whether the program successfully completed a verification process, wherein the verification process verifies, prior to execution of the program, that when a loop of the program is executed that, immediately before and after each iteration of the loop, a number of operands on a stack is identical, even when the stack is not empty, and a type state of the stack before a first iteration of the loop is compatible with a type state of the stack after the each iteration of the loop regardless of how many times the loop is executed; and
a program execution module for executing or aborting execution of the program based on a result of the determination. - View Dependent Claims (160, 161, 162, 163, 164, 165)
-
-
166. A computer program product for use in conjunction with a computer system, the computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer program mechanism comprising:
-
a first module for determining whether the program successfully completed a verification process, wherein the verification process verifies, prior to execution of the program, that when a loop of the program is executed that, immediately before and after each iteration of the loop, a number of operands on a stack is identical, even when the stack is not empty, and a type state of the stack before a first iteration of the loop is compatible with a type state of the stack after the each iteration of the loop regardless of how many times the loop is executed; and
a program execution module for executing or aborting execution of the program based on a result of the determination. - View Dependent Claims (167, 168, 169, 170, 171, 172)
-
Specification