Understanding and Verifying JavaScript Programs
|
|
- Joy Kelley
- 6 years ago
- Views:
Transcription
1 Understanding and Verifying JavaScript Programs Philippa Gardner Imperial College London LFCS 30th Anniversary 1/31
2 JavaScript at Imperial Philippa Gardner José Fragoso Santos Petar Maksimović Daiva Naudˇziūnienė Azalea Raad Thomas Wood 2/31
3 Mechanised Language Specification Standard ML: formal definition Milner, Harper, MacQueen, Tofte, 1990 and 1997; mechanised definition Lee, Crary, Harper, C: many partial definitions, some mechanised e.g. by Norrish 1998, Leroy 2009; complete mechanised definition Ellison, Rosu, 2012; lots of recent work on C11, e.g. Batty s thesis, Fragments of Java: many partial (large) definitions, first studied by Drossopoulou, Eisenbach, 1997; mechanised definition, Syme, Javascript: complete formal definition of the ECMAScript 3 standard (ES3), Maffeis, Mitchell, Tally, 2008; mechanised definition of ES5, us, 2014; Park, Stefanescu, Rosu, /31
4 JavaScript at Imperial DOM Specification P. Gardner, G. Smith, M. Wheelhouse, U. Zarfaty. Local Hoare Reasoning about the DOM, PODS /31
5 JavaScript at Imperial DOM Specification JSLogic: a program logic for JavaScript P. Gardner, S. Maffeis, G. Smith. Towards a Program Logic for JavaScript, POPL /31
6 JavaScript at Imperial DOM Specification JSLogic: a program logic for JavaScript JSCert: a mechanised specification of ES5 in Coq M. Bodin, A. Charguéraud, D. Filaretti, P. Gardner, S. Maffeis, D. Naudžiūnienė, A. Schmitt, G. Smith. A Trusted Mechanised JavaScript Specification, POPL JSCert JSRef Inria Collaborators JavaScript Test262 A. Schmitt A. Charguéraud M. Bodin 4/31
7 JavaScript at Imperial DOM Specification JSLogic: a program logic for JavaScript JSCert: a mechanised specification of ES5 in Coq JSIL: an intermediate language for JavaScript JSVerify: a verification tool for JavaScript 4/31
8 JavaScript and Verification JavaScript 5/31
9 JavaScript and Verification ECMAScript 5 English Standard Language Libraries How is it organised? Chapters 1-7: Overview, notation, parsing Chapters 8-14: Language constructs Chapter 15: Library functions 6/31
10 JavaScript and Verification ES5 Strict Language Libraries How is it organised? Same as before; strict-only features throughout chapters 8-15 How is it different? Better behavioural properties: lexicographic scoping, mandatory variable declarations, explicit error throwing... 7/31
11 JavaScript and Verification Core ES5 Strict Non-core Libraries What is Core ES5 Strict? All of the language constructs Core library functions Non-core library functions definable using the core language Why the core language? Important for verification 8/31
12 Verifying Core ES5 Strict Core ES5 Strict JSIL: simple intermediate goto language, good for verification, memory model similar to JavaScript Semantics-directed compilation from Core ES5 Strict to JSIL Core library functions implemented in JSIL JSVerify: Smallfoot-like verification tool for JSIL (in future for JavaScript) Core library functions specified and verified using JSVerify 9/31
13 JavaScript vs. JSIL Verification 10/31
14 Incorporating Non-core Libraries Non-core Libraries Axiomatic specification to verify client programs Does not follow the standard, which is operational Justification of specifications Informal appeal to the English standard Reference implementation in JSIL or Core ES5 Strict, following the standard, verified with JSVerify, tested against Test262 Verification of industrial-strength library implementations 11/31
15 Introducing JSIL JSCert Core ES5 Strict Non-core libraries Semantics-directed compilation JSIL 12/31
16 Introducing JSIL JSCert Core ES5 Strict Non-core libraries Semantics-directed compilation JSIL To be implemented Attributes, for-in, getters/setters, the arguments object Some core library functions 12/31
17 The Syntax of JSIL Expressions: e ::= v x e e e typeof (e) v e. o e e. v e base (e) field (e) Commands: c ::= skip x := e x := new () x := [e, e] [e, e] := e delete (e) x := hasfield (e, e) x := protofield (e, e) x := protoobj (e, e) goto i goto [e] i, j x := e(e) with j 13/31
18 The Syntax of JSIL Expressions: e ::= v x e e e typeof (e) v e. o e e. v e base (e) field (e) Commands: c ::= skip x := e x := new () x := [e, e] [e, e] := e delete (e) x := hasfield (e, e) x := protofield (e, e) x := protoobj (e, e) goto i goto [e] i, j x := e(e) with j Extensible objects, dynamic fields 13/31
19 The Syntax of JSIL Expressions: e ::= v x e e e typeof (e) v e. o e e. v e base (e) field (e) Commands: c ::= skip x := e x := new () x := [e, e] [e, e] := e delete (e) x := hasfield (e, e) x := protofield(e, e) x := protoobj(e, e) goto i goto [e] i, j x := e(e) with j Prototype chains 13/31
20 The Syntax of JSIL Expressions: e ::= v x e e e typeof (e) v e. o e e. v e base (e) field (e) Commands: c ::= skip x := e x := new () x := [e, e] [e, e] := e delete (e) x := hasfield (e, e) x := protofield (e, e) x := protoobj (e, e) goto i goto [e] i, j x := e(e) with j Dynamic function choice 13/31
21 The Syntax of JSIL Expressions: e ::= v x e e e typeof (e) v e. o e e. v e base (e) field (e) Commands: c ::= skip x := e x := new () x := [e, e] [e, e] := e delete (e) x := hasfield (e, e) x := protofield (e, e) x := protoobj (e, e) goto i goto [e] i, j x := e(e) with j Procedures: proc ::= proc m(x){c} 13/31
22 Compiling ES5 Strict to JSIL JavaScript Code Object.prototype.foo = 1; var bar = 2; function f() { this.baz = this.bar + foo; } f.prototype.bar = 3 Three ways of calling f: Function call: f() Method call: this.f() Constructor call: new f() 14/31
23 Compiling Functions Each function translated to a top-level procedure. Global code translated to a special procedure main. No nesting of procedures. Scope and the this object as first two parameters JavaScript Code JSIL Code function f() {... } proc f(x sc, x this ){...} Global code proc main(){...} 15/31
24 Compiling ES5 Strict to JSIL Heap JavaScript Code Object.prototype.foo = 1; var bar = 2; function f() { this.baz = this.bar + foo; } f.prototype.bar = 3 16/31
25 Compiling ES5 Strict to JSIL JavaScript Code Object.prototype.foo = 1; var bar = 2; function f() { this.baz = this.bar + foo; } f.prototype.bar = 3 Heap JSIL Code [l op, foo ] := 1 17/31
26 Compiling ES5 Strict to JSIL JavaScript Code Object.prototype.foo = 1; var bar = 2; function f() { this.baz = this.bar + foo; } f.prototype.bar = 3 Heap JSIL Code [l g, bar ] := 2 18/31
27 Compiling ES5 Strict to JSIL JavaScript Code Object.prototype.foo = 1; var bar = 2; function f() { this.baz = this.bar + foo; } f.prototype.bar = 3 Heap JSIL Code x fp := new() [x := l op x fo := new() [x := f [x := [l g] [x :=... [x fo, prototype ] := x fp [l g, f ] := x fo 19/31
28 Compiling ES5 Strict to JSIL JavaScript Code Object.prototype.foo = 1; var bar = 2; function f() { this.baz = this.bar + foo; } f.prototype.bar = 3 Heap JSIL Code [x fp, bar ] := 3 20/31
29 Constructor call: new f() JavaScript Code Object.prototype.foo = 1; var bar = 2; function f() { this.baz = this.bar + foo; } f.prototype.bar = 3 Heap new f() constructor call JSIL Code x n := new() x fo := [l g, f ] x fp := [x fo, prototype ] [x := x fp x scope := [x x this := x n x f := [x x ret := x f (x scope, x this ) 21/31
30 Constructor call: new f() In this case, the this is bound to the newly created object. this.baz = this.bar + foo 22/31
31 Constructor call: new f() In this case, the this is bound to the newly created object. this.baz = this.bar + foo Step 1 l n. obaz 22/31
32 Constructor call: new f() In this case, the this is bound to the newly created object. this.baz = this.bar + foo Step 1 l n. obaz Step 2 l n. obar 22/31
33 Constructor call: new f() In this case, the this is bound to the newly created object. this.baz = this.bar + foo Step 1 l n. obaz Step 2 l n. obar Step 3 getvalue(l n. obar) 22/31
34 Constructor call: new f() In this case, the this is bound to the newly created object. this.baz = this.bar + foo Step 1 l n. obaz Step 2 l n. obar Step 3 getvalue(l n. obar) Step /31
35 Constructor call: new f() In this case, the this is bound to the newly created object. this.baz = this.bar + foo Step 1 l n. obaz Step 2 l n. obar Step 5 l g. vfoo Step 3 getvalue(l n. obar) Step /31
36 Constructor call: new f() In this case, the this is bound to the newly created object. this.baz = this.bar + foo Step 1 l n. obaz Step 2 l n. obar Step 5 l g. vfoo Step 3 Step 6 getvalue(l n. obar) getvalue(l g. vfoo) Step /31
37 Constructor call: new f() In this case, the this is bound to the newly created object. this.baz = this.bar + foo Step 1 l n. obaz Step 2 l n. obar Step 5 l g. vfoo Step 3 Step 6 getvalue(l n. obar) getvalue(l g. vfoo) Step 4 Step /31
38 Constructor call: new f() In this case, the this is bound to the newly created object. this.baz = this.bar + foo Step 1 l n. obaz Step 2 l n. obar Step 5 l g. vfoo Step 3 Step 6 getvalue(l n. obar) getvalue(l g. vfoo) Step 4 Step Step 8 Step /31
39 Constructor call: new f() In this case, the this is bound to the newly created object. this.baz = this.bar + foo Step 1 l n. obaz Step 2 l n. obar Step 5 l g. vfoo Step 3 Step 6 getvalue(l n. obar) getvalue(l g. vfoo) Step 4 Step Step 8 Step /31
40 Function call: f() For function calls in strict mode, this is bound to undefined. this.baz = this.bar + foo Step 1 Step 2 undefined. obaz undefined. obar Step 3 getvalue(undefined. obar) Step 4 ERROR 23/31
41 Method call: this.f() In this case, this is bound to the global object. this.baz = this.bar + foo Step 1 Step 2 Step 5 l g. obaz l g. obar l g. vfoo Step 3 Step 6 getvalue(l g. obar) getvalue(l g. vfoo) Step 4 Step Step 8 Step /31
42 Trust: Proof and Testing JSCert Core ES5 Strict Non-core libraries Similar heaps. Semantics-directed compilation. Pen-and-paper correctness proof. Extensive testing using the Test262 conformance test suite. JSIL 25/31
43 Testing Methodology and Results ES6 Test tests Considerably better test classification than ES5 Test /31
44 Testing Methodology and Results ES6 Test tests Considerably better test classification than ES5 Test262. ES5 Strict Tests Tests for ES6 features, Annex B, non-strict mode features 26/31
45 Testing Methodology and Results ES6 Test tests Considerably better test classification than ES5 Test262. Tests for ES6 features, Annex B, non-strict mode features ES5 Strict Tests Tests for non-core features Core ES5 Strict 4599 Tests 26/31
46 Testing Methodology and Results ES6 Test tests Considerably better test classification than ES5 Test262. Tests for ES6 features, Annex B, non-strict mode features ES5 Strict Tests Tests for non-core features Core ES5 Strict 4599 Tests Tests for core features still to be implemented Compiler Coverage 2738 Tests 26/31
47 Testing Methodology and Results ES6 Test tests Considerably better test classification than ES5 Test262. Tests for ES6 features, Annex B, non-strict mode features ES5 Strict Tests Tests for non-core features Core ES5 Strict 4599 Tests Tests for core features still to be implemented Tests using non-implemented core features Compiler Coverage Tests 26/31
48 Testing Methodology and Results ES6 Test tests Considerably better test classification than ES5 Test262. Tests for ES6 features, Annex B, non-strict mode features ES5 Strict Tests Tests for non-core features Core ES5 Strict 4599 Tests Tests for core features still to be implemented Tests using non-implemented core features Tests using non-core features Compiler Coverage Tests 26/31
49 Testing Methodology and Results ES6 Test tests Considerably better test classification than ES5 Test262. Tests for ES6 features, Annex B, non-strict mode features ES5 Strict Tests Tests for non-core features Core ES5 Strict 4599 Tests Tests for core features still to be implemented Tests using non-implemented core features Tests using non-core features Compiler Coverage Tests 99.6% success rate, 2378 passes, 10 failures due to parser issues, string/number conversion 26/31
50 JSVerify: a Smallfoot-type Verification Tool for JSIL JSCert Core ES5 Strict Non-core libraries JSIL JSVerify 27/31
51 JSVerify for Internal and Core Functions JSVerify is used to specify and verify our JSIL implementations of the internal and core library functions, such as getvalue. Example: getvalue { x. = L.o Y Π(L :: LS, Y, Z) } getvalue(x) {Precondition ret. = Z} getvalue(l n. obar) 3 28/31
52 JSVerify for Internal and Core Functions JSVerify is used to specify and verify our JSIL implementations of the internal and core library functions, such as getvalue. Example: getvalue { x. = undefined.o Y } getvalue(x) {Precondition ret. = error} getvalue(undefined. obar) ERROR 29/31
53 JSVerify for Non-core Functions JSCert Core ES5 Strict Non-core libraries JSIL JSVerify Axiomatic specifications for non-core functions Reference implementation in JSIL or Core ES5 Strict, following the standard, verified with JSVerify, tested against Test262 30/31
54 JSIL as a Service JSCert Core ES5 Strict DOM Non-core libraries JSIL JSVerify CBMC (Oxford/Amazon) Infer (Facebook) Rosette 31/31
An Infrastructure for Tractable Verification of JavaScript Programs
Imperial College London Department of Computing An Infrastructure for Tractable Verification of JavaScript Programs Daiva Naudžiūnienė September 2017 Supervised by Prof Philippa Gardner Submitted in part
More informationJaVerT: JavaScript Verification Toolchain
1 JaVerT: JavaScript Verification Toolchain JOSÉ FRAGOSO SANTOS, Imperial College London, UK PETAR MAKSIMOVIĆ, Imperial College London, UK and Mathematical Institute SANU, Serbia DAIVA NAUDŽIŪNIENĖ, Imperial
More informationDOM: Specification & Client Reasoning
DOM: Specification & Client Reasoning Azalea Raad José Fragoso Santos Philippa Gardner Imperial College London APLAS 16 23 November 2016 1 Document Object Model (DOM) Cross-platform, language-independent,
More informationJaVerT: JavaScript Verification Toolchain
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 JaVerT: JavaScript Verification Toolchain JOSÉ FRAGOSO SANTOS,
More informationTowards Logic-based Verification of JavaScript Programs
Towards Logic-based Verification of JavaScript Programs José Fragoso Santos 1, Philippa Gardner 1, Petar Maksimović 12, Daiva Naudžiūnienė 1 1 Imperial College London 2 Mathematical Institute of the Serbian
More informationJavaScript: Sort of a Big Deal,
: Sort of a Big Deal, But Sort of Quirky... March 20, 2017 Lisp in C s Clothing (Crockford, 2001) Dynamically Typed: no static type annotations or type checks. C-Like Syntax: curly-braces, for, semicolons,
More informationFeatherweight Firefox
Featherweight Firefox Formalizing the Core of a Web Browser Aaron Bohannon Benjamin Pierce University of Pennsylvania June 24, 2010 1 / 27 Pop Quiz! 2 / 27 Question 1 Assume d is a Document object. var
More informationA Structural Operational Semantics for JavaScript
Dept. of Computer Science, Stanford University Joint work with Sergio Maffeis and John C. Mitchell Outline 1 Motivation Web Security problem Informal and Formal Semantics Related work 2 Formal Semantics
More informationMatching Logic A New Program Verification Approach
Matching Logic A New Program Verification Approach Grigore Rosu and Andrei Stefanescu University of Illinois at Urbana-Champaign (work started in 2009 with Wolfram Schulte at MSR) Usable Verification Relatively
More informationTowards a Program Logic for JavaScript
Towards a Program Logic for JavaScript Philippa Gardner Imperial College London pg@docicacuk Sergio Maffeis Imperial College London maffeis@docicacuk Gareth Smith Imperial College London gds@docicacuk
More informationLanguage Based isolation of Untrusted JavaScript
Dept. of Computer Science, Stanford University Joint work with Sergio Maffeis (Imperial College London) and John C. Mitchell (Stanford University) Outline 1 Motivation 2 Case Study : FBJS Design Attacks
More informationA Certified JavaScript Interpreter
Martin Bodin 1 & Alan Schmitt 2 1: Projet Celtique, Inria Rennes Bretagne-Atlantique et ENS Lyon martin.bodin@inria.fr 2: Projet Celtique, Inria Rennes Bretagne-Atlantique alan.schmitt@inria.fr Introduction
More informationJavaScript CS 4640 Programming Languages for Web Applications
JavaScript CS 4640 Programming Languages for Web Applications 1 How HTML, CSS, and JS Fit Together {css} javascript() Content layer The HTML gives the page structure and adds semantics Presentation
More informationA Certified JavaScript Interpreter
Martin Bodin, Alan Schmitt To cite this version: Martin Bodin, Alan Schmitt. A Certified JavaScript Interpreter. Damien Pous and Christine Tasson. JFLA - Journées francophones des langages applicatifs,
More informationThe Compiler So Far. CSC 4181 Compiler Construction. Semantic Analysis. Beyond Syntax. Goals of a Semantic Analyzer.
The Compiler So Far CSC 4181 Compiler Construction Scanner - Lexical analysis Detects inputs with illegal tokens e.g.: main 5 (); Parser - Syntactic analysis Detects inputs with ill-formed parse trees
More informationCMSC 330: Organization of Programming Languages
CMSC 330: Organization of Programming Languages Operational Semantics CMSC 330 Summer 2018 1 Formal Semantics of a Prog. Lang. Mathematical description of the meaning of programs written in that language
More informationTypes. Type checking. Why Do We Need Type Systems? Types and Operations. What is a type? Consensus
Types Type checking What is a type? The notion varies from language to language Consensus A set of values A set of operations on those values Classes are one instantiation of the modern notion of type
More informationJavaScript CS 4640 Programming Languages for Web Applications
JavaScript CS 4640 Programming Languages for Web Applications 1 How HTML, CSS, and JS Fit Together {css} javascript() Content layer The HTML gives the page structure and adds semantics Presentation
More informationSemantic Analysis. Outline. The role of semantic analysis in a compiler. Scope. Types. Where we are. The Compiler Front-End
Outline Semantic Analysis The role of semantic analysis in a compiler A laundry list of tasks Scope Static vs. Dynamic scoping Implementation: symbol tables Types Static analyses that detect type errors
More informationChapter 3 (part 3) Describing Syntax and Semantics
Chapter 3 (part 3) Describing Syntax and Semantics Chapter 3 Topics Introduction The General Problem of Describing Syntax Formal Methods of Describing Syntax Attribute Grammars Describing the Meanings
More informationSemantic Analysis. Outline. The role of semantic analysis in a compiler. Scope. Types. Where we are. The Compiler so far
Outline Semantic Analysis The role of semantic analysis in a compiler A laundry list of tasks Scope Static vs. Dynamic scoping Implementation: symbol tables Types Statically vs. Dynamically typed languages
More informationScala, Your Next Programming Language
Scala, Your Next Programming Language (or if it is good enough for Twitter, it is good enough for me) WORLDCOMP 2011 By Dr. Mark C. Lewis Trinity University Disclaimer I am writing a Scala textbook that
More informationCS 242. Fundamentals. Reading: See last slide
CS 242 Fundamentals Reading: See last slide Syntax and Semantics of Programs Syntax The symbols used to write a program Semantics The actions that occur when a program is executed Programming language
More informationTopics Covered Thus Far. CMSC 330: Organization of Programming Languages. Language Features Covered Thus Far. Programming Languages Revisited
CMSC 330: Organization of Programming Languages Type Systems, Names & Binding Topics Covered Thus Far Programming languages Syntax specification Regular expressions Context free grammars Implementation
More informationCS558 Programming Languages. Winter 2013 Lecture 3
CS558 Programming Languages Winter 2013 Lecture 3 1 NAMES AND BINDING One essential part of being a high-level language is having convenient names for things: variables constants types functions etc. classes
More informationThe role of semantic analysis in a compiler
Semantic Analysis Outline The role of semantic analysis in a compiler A laundry list of tasks Scope Static vs. Dynamic scoping Implementation: symbol tables Types Static analyses that detect type errors
More informationInformal Semantics of Data. semantic specification names (identifiers) attributes binding declarations scope rules visibility
Informal Semantics of Data semantic specification names (identifiers) attributes binding declarations scope rules visibility 1 Ways to Specify Semantics Standards Documents (Language Definition) Language
More informationAnatomy of a Compiler. Overview of Semantic Analysis. The Compiler So Far. Why a Separate Semantic Analysis?
Anatomy of a Compiler Program (character stream) Lexical Analyzer (Scanner) Syntax Analyzer (Parser) Semantic Analysis Parse Tree Intermediate Code Generator Intermediate Code Optimizer Code Generator
More informationType Checking. Outline. General properties of type systems. Types in programming languages. Notation for type rules.
Outline Type Checking General properties of type systems Types in programming languages Notation for type rules Logical rules of inference Common type rules 2 Static Checking Refers to the compile-time
More informationG Programming Languages - Fall 2012
G22.2110-003 Programming Languages - Fall 2012 Lecture 4 Thomas Wies New York University Review Last week Control Structures Selection Loops Adding Invariants Outline Subprograms Calling Sequences Parameter
More informationCMSC 330: Organization of Programming Languages
CMSC 330: Organization of Programming Languages Type Systems, Names and Binding CMSC 330 - Spring 2013 1 Topics Covered Thus Far! Programming languages Ruby OCaml! Syntax specification Regular expressions
More informationProgramming Languages, Summary CSC419; Odelia Schwartz
Programming Languages, Summary CSC419; Odelia Schwartz Chapter 1 Topics Reasons for Studying Concepts of Programming Languages Programming Domains Language Evaluation Criteria Influences on Language Design
More informationOutline. General properties of type systems. Types in programming languages. Notation for type rules. Common type rules. Logical rules of inference
Type Checking Outline General properties of type systems Types in programming languages Notation for type rules Logical rules of inference Common type rules 2 Static Checking Refers to the compile-time
More informationPrinciples of Programming Languages
Principles of Programming Languages Lesson 14 Type Checking Collaboration and Management Dana Fisman www.cs.bgu.ac.il/~ppl172 1 Type Checking We return to the issue of type safety we discussed informally,
More informationThe Compiler So Far. Lexical analysis Detects inputs with illegal tokens. Overview of Semantic Analysis
The Compiler So Far Overview of Semantic Analysis Adapted from Lectures by Profs. Alex Aiken and George Necula (UCB) Lexical analysis Detects inputs with illegal tokens Parsing Detects inputs with ill-formed
More informationCSCE 314 Programming Languages. Type System
CSCE 314 Programming Languages Type System Dr. Hyunyoung Lee 1 Names Names refer to different kinds of entities in programs, such as variables, functions, classes, templates, modules,.... Names can be
More informationIntroduction to JavaScript p. 1 JavaScript Myths p. 2 Versions of JavaScript p. 2 Client-Side JavaScript p. 3 JavaScript in Other Contexts p.
Preface p. xiii Introduction to JavaScript p. 1 JavaScript Myths p. 2 Versions of JavaScript p. 2 Client-Side JavaScript p. 3 JavaScript in Other Contexts p. 5 Client-Side JavaScript: Executable Content
More informationModules, Structs, Hashes, and Operational Semantics
CS 152: Programming Language Paradigms Modules, Structs, Hashes, and Operational Semantics Prof. Tom Austin San José State University Lab Review (in-class) Modules Review Modules from HW 1 (in-class) How
More informationStatic Analysis for JavaScript
Static Analysis for JavaScript Adi Yoga Sidi Prabawa Supervisor: Associate Professor Chin Wei Ngan Department of Computer Science School of Computing National University of Singapore June 30, 2013 Abstract
More informationSEMANTIC ANALYSIS TYPES AND DECLARATIONS
SEMANTIC ANALYSIS CS 403: Type Checking Stefan D. Bruda Winter 2015 Parsing only verifies that the program consists of tokens arranged in a syntactically valid combination now we move to check whether
More informationCompiling Exceptions Correctly
Compiling Exceptions Correctly Graham Hutton and Joel Wright School of Computer Science and IT University of Nottingham, United Kingdom Abstract. Exceptions are an important feature of modern programming
More informationLanguage Based isolation of Untrusted JavaScript
Dept. of Computer Science, Stanford University Joint work with Sergio Maffeis and John C. Mitchell 1 Introduction 2 Existing subsets of JavaScript: FBJS and ADsafe FBJS 08 : Attacks and Challenges ADsafe
More informationThe design of a programming language for provably correct programs: success and failure
The design of a programming language for provably correct programs: success and failure Don Sannella Laboratory for Foundations of Computer Science School of Informatics, University of Edinburgh http://homepages.inf.ed.ac.uk/dts
More informationFoundations. Yu Zhang. Acknowledgement: modified from Stanford CS242
Spring 2013 Foundations Yu Zhang Acknowledgement: modified from Stanford CS242 https://courseware.stanford.edu/pg/courses/317431/ Course web site: http://staff.ustc.edu.cn/~yuzhang/fpl Reading Concepts
More informationAdam Chlipala University of California, Berkeley ICFP 2006
Modular Development of Certified Program Verifiers with a Proof Assistant Adam Chlipala University of California, Berkeley ICFP 2006 1 Who Watches the Watcher? Program Verifier Might want to ensure: Memory
More informationJavaScript. Training Offer for JavaScript Introduction JavaScript. JavaScript Objects
JavaScript CAC Noida is an ISO 9001:2015 certified training center with professional experience that dates back to 2005. The vision is to provide professional education merging corporate culture globally
More informationPrinciples of Programming Languages
Principles of Programming Languages www.cs.bgu.ac.il/~ppl172 Collaboration and Management Dana Fisman Lesson 2 - Types with TypeScript 1 Types What are types in programming languages? What types are you
More informationType Inference Systems. Type Judgments. Deriving a Type Judgment. Deriving a Judgment. Hypothetical Type Judgments CS412/CS413
Type Inference Systems CS412/CS413 Introduction to Compilers Tim Teitelbaum Type inference systems define types for all legal programs in a language Type inference systems are to type-checking: As regular
More informationVerified compilers. Guest lecture for Compiler Construction, Spring Magnus Myréen. Chalmers University of Technology
Guest lecture for Compiler Construction, Spring 2015 Verified compilers Magnus Myréen Chalmers University of Technology Mentions joint work with Ramana Kumar, Michael Norrish, Scott Owens and many more
More informationG Programming Languages - Fall 2012
G22.2110-003 Programming Languages - Fall 2012 Lecture 2 Thomas Wies New York University Review Last week Programming Languages Overview Syntax and Semantics Grammars and Regular Expressions High-level
More informationMatching Logic. Grigore Rosu University of Illinois at Urbana-Champaign
Matching Logic Grigore Rosu University of Illinois at Urbana-Champaign Joint work with Andrei Stefanescu and Chucky Ellison. Started with Wolfram Schulte at Microsoft Research in 2009 Question could it
More informationClosures. Mooly Sagiv. Michael Clarkson, Cornell CS 3110 Data Structures and Functional Programming
Closures Mooly Sagiv Michael Clarkson, Cornell CS 3110 Data Structures and Functional Programming Summary 1. Predictive Parsing 2. Large Step Operational Semantics (Natural) 3. Small Step Operational Semantics
More informationITT8060 Advanced Programming
ITT8060 Advanced Programming In F# Juhan Ernits Welcome to Advanced Programming (in F#)! Teachers: Juhan Ernits Hendrik Maarand Course web page http://courses.cs.ttu.ee/pages/itt8060 Contact: juhan.ernits@ttu.ee
More informationClock-directed Modular Code-generation for Synchronous Data-flow Languages
1 Clock-directed Modular Code-generation for Synchronous Data-flow Languages Dariusz Biernacki Univ. of Worclaw (Poland) Jean-Louis Colaço Prover Technologies (France) Grégoire Hamon The MathWorks (USA)
More information1. true / false By a compiler we mean a program that translates to code that will run natively on some machine.
1. true / false By a compiler we mean a program that translates to code that will run natively on some machine. 2. true / false ML can be compiled. 3. true / false FORTRAN can reasonably be considered
More informationG Programming Languages Spring 2010 Lecture 4. Robert Grimm, New York University
G22.2110-001 Programming Languages Spring 2010 Lecture 4 Robert Grimm, New York University 1 Review Last week Control Structures Selection Loops 2 Outline Subprograms Calling Sequences Parameter Passing
More informationIntermediate Code Generation
Intermediate Code Generation In the analysis-synthesis model of a compiler, the front end analyzes a source program and creates an intermediate representation, from which the back end generates target
More informationJavaScript: the language of browser interactions. Claudia Hauff TI1506: Web and Database Technology
JavaScript: the language of browser interactions Claudia Hauff TI1506: Web and Database Technology ti1506-ewi@tudelft.nl Densest Web lecture of this course. Coding takes time. Be friendly with Codecademy
More informationThe course is supplemented by numerous hands-on labs that help attendees reinforce their theoretical knowledge of the learned material.
Lincoln Land Community College Capital City Training Center 130 West Mason Springfield, IL 62702 217-782-7436 www.llcc.edu/cctc WA2442 Introduction to JavaScript Objectives This intensive training course
More informationSE352b: Roadmap. SE352b Software Engineering Design Tools. W3: Programming Paradigms
SE352b Software Engineering Design Tools W3: Programming Paradigms Feb. 3, 2005 SE352b, ECE,UWO, Hamada Ghenniwa SE352b: Roadmap CASE Tools: Introduction System Programming Tools Programming Paradigms
More informationSeparation Logic Tutorial
Separation Logic Tutorial (To appear in Proceedings of ICLP 08) Peter O Hearn Queen Mary, University of London Separation logic is an extension of Hoare s logic for reasoning about programs that manipulate
More informationSemantics-Based Program Verifiers for All Languages
Language-independent Semantics-Based Program Verifiers for All Languages Andrei Stefanescu Daejun Park Shijiao Yuwen Yilong Li Grigore Rosu Nov 2, 2016 @ OOPSLA 16 Problems with state-of-the-art verifiers
More informationStatic Semantics. Winter /3/ Hal Perkins & UW CSE I-1
CSE 401 Compilers Static Semantics Hal Perkins Winter 2009 2/3/2009 2002-09 Hal Perkins & UW CSE I-1 Agenda Static semantics Types Symbol tables General ideas for now; details later for MiniJava project
More informationUsing Scala for building DSL s
Using Scala for building DSL s Abhijit Sharma Innovation Lab, BMC Software 1 What is a DSL? Domain Specific Language Appropriate abstraction level for domain - uses precise concepts and semantics of domain
More informationINF5750. Introduction to JavaScript and Node.js
INF5750 Introduction to JavaScript and Node.js Outline Introduction to JavaScript Language basics Introduction to Node.js Tips and tools for working with JS and Node.js What is JavaScript? Built as scripting
More informationCompiler Theory. (Semantic Analysis and Run-Time Environments)
Compiler Theory (Semantic Analysis and Run-Time Environments) 005 Semantic Actions A compiler must do more than recognise whether a sentence belongs to the language of a grammar it must do something useful
More informationDEFINING A LANGUAGE. Robert Harper. Friday, April 27, 12
DEFINING A LANGUAGE Robert Harper ACKNOWLEDGEMENTS I am honored to have had the privilege of working with Robin on the development of Standard ML. It is also a pleasure to thank my collaborators, Karl
More informationVerification of an ML compiler. Lecture 3: Closures, closure conversion and call optimisations
Verification of an ML compiler Lecture 3: Closures, closure conversion and call optimisations Marktoberdorf Summer School MOD 2017 Magnus O. Myreen, Chalmers University of Technology Implementing the ML
More informationCompiler Construction
Compiler Construction Thomas Noll Software Modeling and Verification Group RWTH Aachen University https://moves.rwth-aachen.de/teaching/ss-17/cc/ Generation of Intermediate Code Conceptual Structure of
More informationA Program Logic for JavaScript
A Program Logic for JavaScript Anonymous Author Anonymous Institution anon@ymous Abstract JavaScript has become the de-facto language for client-side web programming The inherent dynamic nature of the
More informationADsafety. Type-based Verification of JavaScript Sandboxing. Joe Gibbs Politz Spiridon Aristides Eliopoulos Arjun Guha Shriram Krishnamurthi
ADsafety Type-based Verification of JavaScript Sandboxing Joe Gibbs Politz Spiridon Aristides Eliopoulos Arjun Guha Shriram Krishnamurthi 1 2 3 third-party ad third-party ad 4 Who is running code in your
More informationFormal Semantics of Programming Languages
Formal Semantics of Programming Languages Mooly Sagiv Reference: Semantics with Applications Chapter 2 H. Nielson and F. Nielson http://www.daimi.au.dk/~bra8130/wiley_book/wiley.html Benefits of formal
More informationSemantic Analysis. Lecture 9. February 7, 2018
Semantic Analysis Lecture 9 February 7, 2018 Midterm 1 Compiler Stages 12 / 14 COOL Programming 10 / 12 Regular Languages 26 / 30 Context-free Languages 17 / 21 Parsing 20 / 23 Extra Credit 4 / 6 Average
More informationA New Verified Compiler Backend for CakeML. Yong Kiam Tan* Magnus O. Myreen Ramana Kumar Anthony Fox Scott Owens Michael Norrish
A New Verified Compiler Backend for CakeML Yong Kiam Tan* Magnus O. Myreen Ramana Kumar Anthony Fox Scott Owens Michael Norrish 1 CakeML Has: references, modules, signatures, datatypes, exceptions,...
More informationIntroduction to SML Getting Started
Introduction to SML Getting Started Michael R. Hansen mrh@imm.dtu.dk Informatics and Mathematical Modelling Technical University of Denmark c Michael R. Hansen, Fall 2004 p.1/15 Background Standard Meta
More informationCompiler Construction
Compiler Construction Thomas Noll Software Modeling and Verification Group RWTH Aachen University https://moves.rwth-aachen.de/teaching/ss-17/cc/ Generation of Intermediate Code Outline of Lecture 15 Generation
More informationFormal Semantics of Programming Languages
Formal Semantics of Programming Languages Mooly Sagiv Reference: Semantics with Applications Chapter 2 H. Nielson and F. Nielson http://www.daimi.au.dk/~bra8130/wiley_book/wiley.html Benefits of formal
More informationCSCI-GA Scripting Languages
CSCI-GA.3033.003 Scripting Languages 12/02/2013 OCaml 1 Acknowledgement The material on these slides is based on notes provided by Dexter Kozen. 2 About OCaml A functional programming language All computation
More informationCSCI 3155: Principles of Programming Languages Exam preparation #1 2007
CSCI 3155: Principles of Programming Languages Exam preparation #1 2007 Exercise 1. Consider the if-then-else construct of Pascal, as in the following example: IF 1 = 2 THEN PRINT X ELSE PRINT Y (a) Assume
More informationCS 415 Midterm Exam Spring 2002
CS 415 Midterm Exam Spring 2002 Name KEY Email Address Student ID # Pledge: This exam is closed note, closed book. Good Luck! Score Fortran Algol 60 Compilation Names, Bindings, Scope Functional Programming
More information5. Semantic Analysis!
5. Semantic Analysis! Prof. O. Nierstrasz! Thanks to Jens Palsberg and Tony Hosking for their kind permission to reuse and adapt the CS132 and CS502 lecture notes.! http://www.cs.ucla.edu/~palsberg/! http://www.cs.purdue.edu/homes/hosking/!
More informationFreePascal changes: user documentation
FreePascal changes: user documentation Table of Contents Jochem Berndsen February 2007 1Introduction...1 2Accepted syntax...2 Declarations...2 Statements...3 Class invariants...3 3Semantics...3 Definitions,
More informationA Type System for Functional Traversal-Based Aspects
A Type System for Functional Traversal-Based Aspects Bryan Chadwick College of Computer & Information Science Northeastern University, 360 Huntington Avenue Boston, Massachusetts 02115 USA chadwick@ccs.neu.edu
More informationApplication: Programming Language Semantics
Chapter 8 Application: Programming Language Semantics Prof. Dr. K. Madlener: Specification and Verification in Higher Order Logic 527 Introduction to Programming Language Semantics Programming Language
More informationK and Matching Logic
K and Matching Logic Grigore Rosu University of Illinois at Urbana-Champaign Joint work with the FSL group at UIUC (USA) and the FMSE group at UAIC (Romania) Question could it be that, after 40 years of
More informationLectures 20, 21: Axiomatic Semantics
Lectures 20, 21: Axiomatic Semantics Polyvios Pratikakis Computer Science Department, University of Crete Type Systems and Static Analysis Based on slides by George Necula Pratikakis (CSD) Axiomatic Semantics
More informationA Structural Operational Semantics for JavaScript
Dept. of Computer Science, Stanford University 1 Need for a Formal Semantics? 2 Structural Operational Semantics for IMP Formalizing the program state Semantic Rules Formal properties 3 Structural Operational
More informationCompilers. Type checking. Yannis Smaragdakis, U. Athens (original slides by Sam
Compilers Type checking Yannis Smaragdakis, U. Athens (original slides by Sam Guyer@Tufts) Summary of parsing Parsing A solid foundation: context-free grammars A simple parser: LL(1) A more powerful parser:
More informationCompiler Construction
Compiler Construction Lecture 15: Code Generation I (Intermediate Code) Thomas Noll Lehrstuhl für Informatik 2 (Software Modeling and Verification) noll@cs.rwth-aachen.de http://moves.rwth-aachen.de/teaching/ss-14/cc14/
More informationLast name:... First name:... Department (if not D-INFK):...
Concepts of Object-Oriented Programming AS 2016 Concepts of Object-Oriented Programming Midterm Examination 11.11.2016 Prof. Dr. Peter Müller Last name:................................. First name:.................................
More informationFrom Hoare Logic to Matching Logic Reachability. Grigore Rosu and Andrei Stefanescu University of Illinois, USA
From Hoare Logic to Matching Logic Reachability Grigore Rosu and Andrei Stefanescu University of Illinois, USA Matching Logic Reachability - Goal - Language independent program verification framework Derives
More informationZ Notation. June 21, 2018
Z Notation June 21, 2018 1 Definitions There are many different ways to introduce an object in a Z specification: declarations, abbreviations, axiomatic definitions, and free types. Keep in mind that the
More informationAn Extensible Programming Language for Verified Systems Software. Adam Chlipala MIT CSAIL WG 2.16 meeting, 2012
An Extensible Programming Language for Verified Systems Software Adam Chlipala MIT CSAIL WG 2.16 meeting, 2012 The status quo in computer system design DOM JS API Web page Network JS API CPU Timer interrupts
More informationCompiler Construction
Compiler Construction Thomas Noll Software Modeling and Verification Group RWTH Aachen University https://moves.rwth-aachen.de/teaching/ws-1819/cc/ Generation of Intermediate Code Outline of Lecture 15
More informationCSE 413 Languages & Implementation. Hal Perkins Winter 2019 Structs, Implementing Languages (credits: Dan Grossman, CSE 341)
CSE 413 Languages & Implementation Hal Perkins Winter 2019 Structs, Implementing Languages (credits: Dan Grossman, CSE 341) 1 Goals Representing programs as data Racket structs as a better way to represent
More information5. Semantic Analysis. Mircea Lungu Oscar Nierstrasz
5. Semantic Analysis Mircea Lungu Oscar Nierstrasz Thanks to Jens Palsberg and Tony Hosking for their kind permission to reuse and adapt the CS132 and CS502 lecture notes. http://www.cs.ucla.edu/~palsberg/
More informationB l o c k B i n d i n g s
1 Block Bindings Traditionally, the way variable declarations work has been one tricky part of programming in JavaScript. In most C-based languages, variables (more formally known as bindings, as a name
More informationCompiler Construction
Compiler Construction Lecture 15: Code Generation I (Intermediate Code) Thomas Noll Lehrstuhl für Informatik 2 (Software Modeling and Verification) noll@cs.rwth-aachen.de http://moves.rwth-aachen.de/teaching/ss-14/cc14/
More informationCS 4240: Compilers and Interpreters Project Phase 1: Scanner and Parser Due Date: October 4 th 2015 (11:59 pm) (via T-square)
CS 4240: Compilers and Interpreters Project Phase 1: Scanner and Parser Due Date: October 4 th 2015 (11:59 pm) (via T-square) Introduction This semester, through a project split into 3 phases, we are going
More informationAn Overview to Compiler Design. 2008/2/14 \course\cpeg421-08s\topic-1a.ppt 1
An Overview to Compiler Design 2008/2/14 \course\cpeg421-08s\topic-1a.ppt 1 Outline An Overview of Compiler Structure Front End Middle End Back End 2008/2/14 \course\cpeg421-08s\topic-1a.ppt 2 Reading
More information