7 research outputs found
TreatJS: Higher-Order Contracts for JavaScript
TreatJS is a language embedded, higher-order contract system for JavaScript
which enforces contracts by run-time monitoring. Beyond providing the standard
abstractions for building higher-order contracts (base, function, and object
contracts), TreatJS's novel contributions are its guarantee of non-interfering
contract execution, its systematic approach to blame assignment, its support
for contracts in the style of union and intersection types, and its notion of a
parameterized contract scope, which is the building block for composable
run-time generated contracts that generalize dependent function contracts.
TreatJS is implemented as a library so that all aspects of a contract can be
specified using the full JavaScript language. The library relies on JavaScript
proxies to guarantee full interposition for contracts. It further exploits
JavaScript's reflective features to run contracts in a sandbox environment,
which guarantees that the execution of contract code does not modify the
application state. No source code transformation or change in the JavaScript
run-time system is required.
The impact of contracts on execution speed is evaluated using the Google
Octane benchmark.Comment: Technical Repor
Symbolic Solving of Extended Regular Expression Inequalities
This paper presents a new solution to the containment problem for extended
regular expressions that extends basic regular expressions with intersection
and complement operators and consider regular expressions on infinite alphabets
based on potentially infinite character sets. Standard approaches deciding the
containment do not take extended operators or character sets into account. The
algorithm avoids the translation to an expression-equivalent automaton and
provides a purely symbolic term rewriting systems for solving regular
expressions inequalities.
We give a new symbolic decision procedure for the containment problem based
on Brzozowski's regular expression derivatives and Antimirov's rewriting
approach to check containment. We generalize Brzozowski's syntactic derivative
operator to two derivative operators that work with respect to (potentially
infinite) representable character sets.Comment: Technical Repor
A layered JavaScript virtual machine supporting dynamic instrumentation
L’observation de l’exécution d’applications JavaScript est habituellement réalisée en instrumentant une machine virtuelle (MV) industrielle ou en effectuant une traduction source-à -source ad hoc et complexe. Ce mémoire présente une alternative basée sur la superposition de machines virtuelles. Notre approche consiste à faire une traduction source-à -source d’un programme pendant son exécution pour exposer ses opérations de bas niveau au travers d’un modèle objet flexible. Ces opérations de bas niveau peuvent ensuite être redéfinies pendant l’exécution pour pouvoir en faire l’observation. Pour limiter la pénalité en performance introduite, notre approche exploite les opérations rapides originales de la MV sous-jacente, lorsque cela est possible, et applique les techniques de compilation à -la-volée dans la MV superposée. Notre implémentation, Photon, est en moyenne 19% plus rapide qu’un interprète moderne, et entre 19× et 56× plus lente en moyenne que les compilateurs à -la-volée utilisés dans les navigateurs web populaires. Ce mémoire montre donc que la superposition de machines virtuelles est une technique alternative compétitive à la modification d’un interprète moderne pour JavaScript lorsqu’appliqué à l’observation à l’exécution des opérations sur les objets et des appels de fonction.Run-time monitoring of JavaScript applications is typically achieved by instrumenting a production virtual machine or through ad-hoc, complex source-to-source transformations. This dissertation presents an alternative based on virtual machine layering. Our approach performs a dynamic translation of the client program to expose low-level operations through a flexible object model. These low-level operations can then be redefined at run time to monitor the execution. In order to limit the incurred performance overhead, our approach leverages fast operations from the underlying host VM implementation whenever possible, and applies Just-In-Time compilation (JIT) techniques within the added virtual machine layer. Our implementation, Photon, is on average 19% faster than a state-of-the-art interpreter, and between 19× and 56× slower on average than the commercial JIT compilers found in popular web browsers. This dissertation therefore shows that virtual machine layering is a competitive alternative approach to the modification of a production JavaScript interpreter when applied to run-time monitoring of object operations and function calls
Access Permission Contracts for Scripting Languages
International audienceThe ideal software contract fully specifies the behavior of an operation. Often, in particular in the context of scripting languages, a full specification may be cumbersome to state and may not even be desired. In such cases, a partial specification, which describes selected aspects of the behavior, may be used to raise the confidence in an implementation of the operation to a reasonable level.We propose a novel kind of contract for object-based languages that specifies the side effects of an operation with access permissions. An access permission contract uses sets of access paths to express read and write permissions for the properties of the objects accessible from the operation.We specify a monitoring semantics for access permission contracts and implement this semantics in a contract system for JavaScript. We prove soundness and stability of violation under increasing aliasing for our semantics.Applications of access permission contracts include enforcing modularity, test-driven development, program understanding, and regression testing. With respect to testing and understanding, we find that adding access permissions to contracts increases the effectiveness of error detection through contract monitoring by 6-13%