An Executable Formal Semantics of PHP

Filaretti, Daniele; Maffeis, Sergio

doi:10.1007/978-3-662-44202-9_23

Cited by 33 publications

(31 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Both C and PHP have recently been given formal semantics [20,22]. Like the authors of the C and PHP semantics, and many others, we firmly believe that programming languages must have formal semantics.…”

Section: Introductionmentioning

confidence: 80%

K-Java

Bogdanas

Roşu

2015

SIGPLAN Not.

View full text Add to dashboard Cite

This paper presents K-Java, a complete executable formal semantics of Java 1.4. K-Java was extensively tested with a test suite developed alongside the project, following the Test Driven Development methodology. In order to maintain clarity while handling the great size of Java, the semantics was split into two separate definitions -- a static semantics and a dynamic semantics. The output of the static semantics is a preprocessed Java program, which is passed as input to the dynamic semantics for execution. The preprocessed program is a valid Java program, which uses a subset of the features of Java. The semantics is applied to model-check multi-threaded programs. Both the test suite and the static semantics are generic and ready to be used in other Java-related projects.

show abstract

Section: Introductionmentioning

confidence: 80%

K-Java

Bogdanas

Roşu

2015

SIGPLAN Not.

View full text Add to dashboard Cite

show abstract

“…The K denitions of the three languages that we use (i.e., IMP, SIMPLE, and KOOL) have dierent sizes and they capture some essential features that can be found in programming languages today. Besides these examples, our tool can be used for real-life language denitions too (see, for instance, PHP [15]). …”

Section: Kool: Testing Virtual Methods Calls On Listsmentioning

confidence: 99%

“…Our purpose is to automatically generate, from a formal denition of any language, a symbolic semantics capable of symbolically executing programs in that language, and to provide users with means for building their applications on top of our tool. For instance, our symbolic execution was used in combination with the K model-checker for verifying some LTL properties over PHP programs [15]. Formal verication of programs based on deductive methods is also currently being built on top of our tool [21].…”

Section: The Implementation Of the Toolmentioning

confidence: 99%

Symbolic execution based on language transformation

Arusoaie

Lucanu

Rusu

2015

Computer Languages, Systems & Structures

View full text Add to dashboard Cite

International audienceWe propose a language-independent symbolic execution framework for languages endowed with a formal operational semantics based on term rewriting. Starting from a given definition of a language, a new language definition is generated, with the same syntax as the original one, but whose semantical rules are transformed in order to rewrite over logical formulas denoting possibly infinite sets of program states. Then, the symbolic execution of concrete programs is, by definition , the execution of the same programs with the symbolic semantics. We prove that the symbolic execution thus defined has the properties naturally expected from it (with respect to concrete program execution). A prototype implementation of our approach was developed in the K Framework. We demonstrate the tool's genericity by instantiating it on several languages, and illustrate it on the reachability analysis and model checking of several programs

show abstract

“…There are four major large language semantics defined in K so far, which served as a great source of inspiration for our JavaScript semantics: C [15], PHP [16], Python [24], and Java [4]. All these semantics are executable and they have been validated by a large volume of tests, and demonstrated useful through formal analysis tools produced by the K framework, same like our KJS.…”

Section: Other Large Language Semantics In Kmentioning

confidence: 99%

“…Filaretti and Maffeis [16] defined a formal semantics of PHP. Since, unlike for JavaScript, C and Java, there is no official language standard for PHP, they had to heavily rely on testing against the reference implementation.…”

Section: Other Large Language Semantics In Kmentioning

confidence: 99%

KJS: a complete formal semantics of JavaScript

Park

Ștefănescu

Roşu

2015

Proceedings of the 36th ACM SIGPLAN Conference on Programming Language Design and Implementation

View full text Add to dashboard Cite

This paper presents KJS, the most complete and throughly tested formal semantics of JavaScript to date. Being executable, KJS has been tested against the ECMAScript 5.1 conformance test suite, and passes all 2,782 core language tests. Among the existing implementations of JavaScript, only Chrome V8's passes all the tests, and no other semantics passes more than 90%. In addition to a reference implementation for JavaScript, KJS also yields a simple coverage metric for a test suite: the set of semantic rules it exercises. Our semantics revealed that the ECMAScript 5.1 conformance test suite fails to cover several semantic rules. Guided by the semantics, we wrote tests to exercise those rules. The new tests revealed bugs both in production JavaScript engines (Chrome V8, Safari WebKit, Firefox SpiderMonkey) and in other semantics. KJS is symbolically executable, thus it can be used for formal analysis and verification of JavaScript programs. We verified non-trivial programs and found a known security vulnerability.

show abstract

An Executable Formal Semantics of PHP

Cited by 33 publications

References 28 publications

K-Java

K-Java

Symbolic execution based on language transformation

KJS: a complete formal semantics of JavaScript

Contact Info

Product

Resources

About