JBMC: A Bounded Model Checking Tool for Java Bytecode

TL;DR

JBMC is an open-source bounded model checking tool that verifies Java bytecode for runtime errors and security issues using SAT/SMT solvers, supporting bug finding, property checking, and program synthesis.

Contribution

This paper introduces JBMC, a novel bounded model checker for Java bytecode that integrates an operational model of Java libraries and advanced string solving techniques.

Findings

Successfully verifies Java bytecode for various runtime errors.

Supports bug detection, property verification, and security vulnerability analysis.

Provides a detailed architecture and theoretical foundation of JBMC.

Abstract

JBMC is an open-source SAT- and SMT-based bounded model checking tool for verifying Java bytecode. JBMC relies on an operational model of the Java libraries, which conservatively approximates their semantics, to verify assertion violations, array out-of-bounds, unintended arithmetic overflows, and other kinds of functional and runtime errors in Java bytecode. JBMC can be used to either falsify properties or prove program correctness if an upper bound on the depth of the state-space is known. Practical applications of JBMC include but are not limited to bug finding, property checking, test input generation, detection of security vulnerabilities, and program synthesis. Here we provide a detailed description of JBMC's architecture and its functionalities, including an in-depth discussion of its background theories and underlying technologies, including a state-of-the-art string solver to ensure safety and security of Java bytecode.