a formally verified interpreter for a shell like
play

A Formally Verified Interpreter for a Shell-like Programming - PowerPoint PPT Presentation

Oct 01, 2022 •312 likes •1.27k views

A Formally Verified Interpreter for a Shell-like Programming Language Claude March e Nicolas Jeannerod Ralf Treinen VSTTE, July 22, 2017 Nicolas Jeannerod VSTTE17 July 22, 2017 1 / 36 General goal The CoLiS project. Correctness

  1. A Formally Verified Interpreter for a Shell-like Programming Language Claude March´ e Nicolas Jeannerod Ralf Treinen VSTTE, July 22, 2017 Nicolas Jeannerod VSTTE’17 July 22, 2017 1 / 36

  2. General goal The CoLiS project. “Correctness of Linux Scripts” Goal: Apply verification techniques to shell scripts in the Debian packages set -e eval "if true; then cmd=’echo foo ’; fi" ( cmd="$cmd bar" ) exit 1 | $cmd "$cmd" Nicolas Jeannerod VSTTE’17 July 22, 2017 2 / 36

  3. General goal The CoLiS project. “Correctness of Linux Scripts” Goal: Apply verification techniques to shell scripts in the Debian packages set -e eval "if true; then cmd=’echo foo ’; fi" ( cmd="$cmd bar" ) exit 1 | $cmd "$cmd" Nicolas Jeannerod VSTTE’17 July 22, 2017 2 / 36

  4. General goal The CoLiS project. “Correctness of Linux Scripts” Goal: Apply verification techniques to shell scripts in the Debian packages set -e eval "if true; then cmd=’echo foo ’; fi" ( cmd="$cmd bar" ) exit 1 | $cmd "$cmd" Nicolas Jeannerod VSTTE’17 July 22, 2017 2 / 36

  5. Big picture Nicolas Jeannerod VSTTE’17 July 22, 2017 3 / 36

  6. Big picture Nicolas Jeannerod VSTTE’17 July 22, 2017 3 / 36

  7. Big picture Nicolas Jeannerod VSTTE’17 July 22, 2017 3 / 36

  8. Big picture Nicolas Jeannerod VSTTE’17 July 22, 2017 3 / 36

  9. Big picture Nicolas Jeannerod VSTTE’17 July 22, 2017 3 / 36

  10. Big picture Nicolas Jeannerod VSTTE’17 July 22, 2017 3 / 36

  11. Table of Contents 1. Language CoLiS Mechanised version 2. Sound and complete interpreter Let us see some code Soundness Completeness Looking for a variant... Skeletons Nicolas Jeannerod VSTTE’17 July 22, 2017 4 / 36

  12. Language CoLiS Table of Contents 1. Language CoLiS Mechanised version 2. Sound and complete interpreter Let us see some code Soundness Completeness Looking for a variant... Skeletons Nicolas Jeannerod VSTTE’17 July 22, 2017 5 / 36

  13. Language CoLiS Requirements Intermediate language (not a replacement of Shell); Clean; With formal syntax and semantics; Statically typed: strings and lists; Variables and functions explicitely declared in a header; Dangerous structures made more explicit. However, automatic translation from reasonnable Shell must be possible. Nicolas Jeannerod VSTTE’17 July 22, 2017 6 / 36

  14. Language CoLiS Requirements Intermediate language (not a replacement of Shell); Clean; With formal syntax and semantics; Statically typed: strings and lists; Variables and functions explicitely declared in a header; Dangerous structures made more explicit. However, automatic translation from reasonnable Shell must be possible. Nicolas Jeannerod VSTTE’17 July 22, 2017 6 / 36

  15. Language CoLiS Requirements Intermediate language (not a replacement of Shell); Clean; With formal syntax and semantics; Statically typed: strings and lists; Variables and functions explicitely declared in a header; Dangerous structures made more explicit. However, automatic translation from reasonnable Shell must be possible. Nicolas Jeannerod VSTTE’17 July 22, 2017 6 / 36

  16. Language CoLiS Requirements Intermediate language (not a replacement of Shell); Clean; With formal syntax and semantics; Statically typed: strings and lists; Variables and functions explicitely declared in a header; Dangerous structures made more explicit. However, automatic translation from reasonnable Shell must be possible. Nicolas Jeannerod VSTTE’17 July 22, 2017 6 / 36

  17. Language CoLiS A glimpse of the language var fruits : list var fruit : string var line : string begin fruits="banana apple .." fruits ::= [ ’banana ’ ; ’apple ’ ; .. ] { pipe for fruit in $fruits for fruit in [fruits] do do echo "$fruit" call [ ’echo ’ ; {fruit} ] ; done done } | { into while read line while call [ ’read ’ ; ’line ’ ] do do echo "- $line" call [ ’echo ’ ; {’- ’ , line} ] ; done end } end Nicolas Jeannerod VSTTE’17 July 22, 2017 7 / 36

  18. Language CoLiS A glimpse of the language var fruits : list var fruit : string var line : string begin fruits="banana apple .." fruits ::= [ ’banana ’ ; ’apple ’ ; .. ] { pipe for fruit in $fruits for fruit in [fruits] do do echo "$fruit" call [ ’echo ’ ; {fruit} ] ; done done } | { into while read line while call [ ’read ’ ; ’line ’ ] do do echo "- $line" call [ ’echo ’ ; {’- ’ , line} ] ; done end } end Nicolas Jeannerod VSTTE’17 July 22, 2017 7 / 36

  19. Language CoLiS How behaviours are handled n n e l r r e t t a s u u e e u e i e i t l s x x s t u t u r a a l E E l T e e F F r a r a R T R T F F Normal Pipe Normal Exception Sequence Test Success Failure Exception Function call Success Failure Success Failure Exception Subprocess Success Failure Success Failure Success Failure Nicolas Jeannerod VSTTE’17 July 22, 2017 8 / 36

  20. Language CoLiS Interactions between Do-While and Fatal DoWhile-Test-Fatal t 1 / Γ ⇓ σ 1 ⋆ True / Γ 1 t 2 / Γ 1 ⇓ σ 2 ⋆ Fatal / Γ 2 do t 1 while t 2 / Γ ⇓ σ 1 σ 2 ⋆ True / Γ 2 DoWhile-Body-Fatal t 1 / Γ ⇓ σ 1 ⋆ Fatal / Γ 1 do t 1 while t 2 / Γ ⇓ σ 1 ⋆ Fatal / Γ 1 Nicolas Jeannerod VSTTE’17 July 22, 2017 9 / 36

  21. Language CoLiS Interactions between Do-While and Fatal DoWhile-Test-Fatal t 1 / Γ ⇓ σ 1 ⋆ True / Γ 1 t 2 / Γ 1 ⇓ σ 2 ⋆ Fatal / Γ 2 do t 1 while t 2 / Γ ⇓ σ 1 σ 2 ⋆ True / Γ 2 DoWhile-Body-Fatal t 1 / Γ ⇓ σ 1 ⋆ Fatal / Γ 1 do t 1 while t 2 / Γ ⇓ σ 1 ⋆ Fatal / Γ 1 Nicolas Jeannerod VSTTE’17 July 22, 2017 9 / 36

  22. Language Mechanised version Table of Contents 1. Language CoLiS Mechanised version 2. Sound and complete interpreter Let us see some code Soundness Completeness Looking for a variant... Skeletons Nicolas Jeannerod VSTTE’17 July 22, 2017 10 / 36

  23. Language Mechanised version Why3 Deductive verification platform; WhyML: language for both specification and programming; Standard library: integer arithmetic, boolean operations, maps, etc.; Native support of imperative features: references, exceptions, while and for loops; Proof obligations are given to external theorem provers; Possibility to extract WhyML code to OCaml. Nicolas Jeannerod VSTTE’17 July 22, 2017 11 / 36

  24. Language Mechanised version Why3 Deductive verification platform; WhyML: language for both specification and programming; Standard library: integer arithmetic, boolean operations, maps, etc.; Native support of imperative features: references, exceptions, while and for loops; Proof obligations are given to external theorem provers; Possibility to extract WhyML code to OCaml. Nicolas Jeannerod VSTTE’17 July 22, 2017 11 / 36

  25. Language Mechanised version Why3 Deductive verification platform; WhyML: language for both specification and programming; Standard library: integer arithmetic, boolean operations, maps, etc.; Native support of imperative features: references, exceptions, while and for loops; Proof obligations are given to external theorem provers; Possibility to extract WhyML code to OCaml. Nicolas Jeannerod VSTTE’17 July 22, 2017 11 / 36

  26. Language Mechanised version Why3 Deductive verification platform; WhyML: language for both specification and programming; Standard library: integer arithmetic, boolean operations, maps, etc.; Native support of imperative features: references, exceptions, while and for loops; Proof obligations are given to external theorem provers; Possibility to extract WhyML code to OCaml. Nicolas Jeannerod VSTTE’17 July 22, 2017 11 / 36

  27. Language Mechanised version Why3 Deductive verification platform; WhyML: language for both specification and programming; Standard library: integer arithmetic, boolean operations, maps, etc.; Native support of imperative features: references, exceptions, while and for loops; Proof obligations are given to external theorem provers; Possibility to extract WhyML code to OCaml. Nicolas Jeannerod VSTTE’17 July 22, 2017 11 / 36

  28. Language Mechanised version Why3 Deductive verification platform; WhyML: language for both specification and programming; Standard library: integer arithmetic, boolean operations, maps, etc.; Native support of imperative features: references, exceptions, while and for loops; Proof obligations are given to external theorem provers; Possibility to extract WhyML code to OCaml. Nicolas Jeannerod VSTTE’17 July 22, 2017 11 / 36

  29. Language Mechanised version Syntax type term = | TTrue with sexpr = list sfrag | TFalse | TFatal with sfrag = | TReturn term | SLiteral string | TExit term | SVar svar | TAsString svar sexpr | SArg int | TAsList lvar lexpr | SProcess term | TSeq term term | TIf term term term with lexpr = list lfrag | TFor svar lexpr term | TDoWhile term term with lfrag = | TProcess term | LSingleton sexpr | TCall lexpr | LSplit sexpr | TShift | LVar lvar | TPipe term term Nicolas Jeannerod VSTTE’17 July 22, 2017 12 / 36

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A Formally Verified Interpreter for a Shell-like Programming Language Claude March e Nicolas

A Formally Verified Interpreter for a Shell-like Programming Language Claude March e Nicolas

A Formally Verified Interpreter for a Shell-like Programming Language Claude March e Nicolas Jeannerod Ralf Treinen Vals seminar, July 7, 2017 Nicolas Jeannerod VALS Seminar July 7, 2017 1 / 61 The CoLiS project Correctness of Linux

1.59k views • 140 slides
Cache Storage Channels Alias-driven Attacks Formally Verified Platforms Formally Verified

Cache Storage Channels Alias-driven Attacks Formally Verified Platforms Formally Verified

Roberto Guanciale Mads Dam Hamed Nemati Christoph Baumann Cache Storage Channels Alias-driven Attacks Formally Verified Platforms Formally Verified Platforms Caches Excluded Formally Verified from the analysis Platforms Caches Excluded

675 views • 64 slides
Formally verified constraint solvers Catherine Dubois 1 Sourour Elloumi 1 Arnaud Gotlieb 2 1.

Formally verified constraint solvers Catherine Dubois 1 Sourour Elloumi 1 Arnaud Gotlieb 2 1.

Formally verified constraint solvers Catherine Dubois 1 Sourour Elloumi 1 Arnaud Gotlieb 2 1. CEDRIC-ENSIIE, Evry, France 2. Certus V&V Center, SIMULA RESEARCH LAB., Lysaker, Norway Dagstuhl Seminar 15381 1 / 23 Formally verified

501 views • 28 slides
C Shell CIS 218 C Shell overview Csh (new version tchs) is a command language interpreter

C Shell CIS 218 C Shell overview Csh (new version tchs) is a command language interpreter

C Shell CIS 218 C Shell overview Csh (new version tchs) is a command language interpreter developed under BSD UNIX. It incorporates features of other shells and a history mechanism. Tcsh development is currently maintained by tcsh.org.

737 views • 25 slides
Formally Verified Cryptographic Web Applications J. Protzenko et al. MSR + INRIA Verified

Formally Verified Cryptographic Web Applications J. Protzenko et al. MSR + INRIA Verified

Formally Verified Cryptographic Web Applications J. Protzenko et al. MSR + INRIA Verified Cryptographic Web Applications in WASM May. 22 st , 2019 1 / 22 in WebAssembly Jonathan Protzenko Microsoft Research Benjamin Beurdouche INRIA

1.5k views • 57 slides
A Formally Verified Quadratic Unification Algorithm J.-L. Ruiz-Reina, J.-A. Alonso, M.-J. Hidalgo

A Formally Verified Quadratic Unification Algorithm J.-L. Ruiz-Reina, J.-A. Alonso, M.-J. Hidalgo

A Formally Verified Quadratic Unification Algorithm J.-L. Ruiz-Reina, J.-A. Alonso, M.-J. Hidalgo and F .-J. Mart n-Mateos Computational Logic Group Dept. of Computer Science and Artificial Intelligence University of Seville A Formally

356 views • 32 slides
Towards Formally Verified Theorem Provers Ramana Kumar Computer Laboratory, University of

Towards Formally Verified Theorem Provers Ramana Kumar Computer Laboratory, University of

Towards Formally Verified Theorem Provers Ramana Kumar Computer Laboratory, University of Cambridge Twenty Years of the QED Manifesto Vienna Summer of Logic, 2014 HOL Verified Goals of the Project An implementation of HOL Light 1. that runs

428 views • 13 slides
What is Bash Shell Scripting? A shell script is a script written for the shell, or command

What is Bash Shell Scripting? A shell script is a script written for the shell, or command

What is Bash Shell Scripting? A shell script is a script written for the shell, or command line interpreter, of an operating system. The shell is often considered a simple domain-specific programming language . Typical operations

802 views • 15 slides
VigNAT: A Formally Verified NAT Arseniy Zaostrovnykh, Solal Pirelli, Luis Pedrosa, Katerina

VigNAT: A Formally Verified NAT Arseniy Zaostrovnykh, Solal Pirelli, Luis Pedrosa, Katerina

VigNAT: A Formally Verified NAT Arseniy Zaostrovnykh, Solal Pirelli, Luis Pedrosa, Katerina Argyraki, George Candea Formally verify a stateful NF with competitive performance and reasonable human effort 2 Formally verify a stateful NF with

836 views • 81 slides
Formally Verified Differential Dynamic Logic (in Isabelle/HOL and Coq) Brandon Bohrer ,

Formally Verified Differential Dynamic Logic (in Isabelle/HOL and Coq) Brandon Bohrer ,

Formally Verified Differential Dynamic Logic (in Isabelle/HOL and Coq) Brandon Bohrer , Vincent Rahli, Ivana Vukotic, Marcus Vlp, Andr Platzer Thanks to: Johannes Hlzl, Fabian Immler, Tobias Nipkow, et. al. + Coquelicot team

540 views • 38 slides
A Formally Verified Symmetry Breaking Tool for SAT David E. Narv aez den9562@rit.edu

A Formally Verified Symmetry Breaking Tool for SAT David E. Narv aez den9562@rit.edu

A Formally Verified Symmetry Breaking Tool for SAT David E. Narv aez den9562@rit.edu Rochester Institute of Technology Rochester, NY, USA FMCAD-18 Student Forum David E. Narv aez (RIT) Formally Verified Symmetry Breaking Tool FMCAD-18

215 views • 6 slides
Towards an Open-Source, Formally-Verified Secure Processor Srini Devadas Massachusetts

Towards an Open-Source, Formally-Verified Secure Processor Srini Devadas Massachusetts

Towards an Open-Source, Formally-Verified Secure Processor Srini Devadas Massachusetts Institute of Technology Architectural Isolation of Processes Fundamental to maintaining correctness and privacy! 2 Performance Dictates

959 views • 43 slides
The Formally Verified seL4 Microkernel High-Assurance Foundation for MCS Gernot Heiser |

The Formally Verified seL4 Microkernel High-Assurance Foundation for MCS Gernot Heiser |

The Formally Verified seL4 Microkernel High-Assurance Foundation for MCS Gernot Heiser | gernot.heiser@data61.csiro.au | @GernotHeiser RTCSA Keynote, Aug20 https://trustworthy.systems What Is Needed For Mixed-Criticality? During a

539 views • 29 slides
Towards A Formally Verified Network-on-Chip Tom van den Broek 1 Julien Schmaltz 12 1 Institute for

Towards A Formally Verified Network-on-Chip Tom van den Broek 1 Julien Schmaltz 12 1 Institute for

Towards A Formally Verified Network-on-Chip Tom van den Broek 1 Julien Schmaltz 12 1 Institute for Computing and Information Sciences Radboud University Nijmegen The Netherlands 2 School of Computer Science Open University The Netherlands

778 views • 62 slides
Mo Most staf afa a Z. Ali Z. Ali mzali@just.edu.jo 1-1 The Bourne Again Shell The

Mo Most staf afa a Z. Ali Z. Ali mzali@just.edu.jo 1-1 The Bourne Again Shell The

Fall 2009 Lecture 9 Operating Systems: Configuration & Use CIS345 T HE B OURNE A GAIN S HELL Mo Most staf afa a Z. Ali Z. Ali mzali@just.edu.jo 1-1 The Bourne Again Shell The Bourne Again Shell is a command interpreter and high-

1.59k views • 134 slides
A Formally Verified Compiler for Lustre Timothy Bourke 1 , 2 Llio Brun 1 , 2 Pierre-variste

A Formally Verified Compiler for Lustre Timothy Bourke 1 , 2 Llio Brun 1 , 2 Pierre-variste

A Formally Verified Compiler for Lustre Timothy Bourke 1 , 2 Llio Brun 1 , 2 Pierre-variste Dagand 4 , 3 , 1 Xavier Leroy 1 Marc Pouzet 4 , 2 , 1 Lionel Rieg 5 , 6 1. Inria Paris 2. DI, cole normale suprieure 3. CNRS 4. Univ. Pierre et

1.15k views • 96 slides
Foundations of AI Planning in the situation calculus 1 3 . Planning STRIPS formalism

Foundations of AI Planning in the situation calculus 1 3 . Planning STRIPS formalism

Contents Planning vs. problem solving Foundations of AI Planning in the situation calculus 1 3 . Planning STRIPS formalism Non-linear planning The POP algorithm Solving Logically Specified Problems Graphplan

272 views • 14 slides
Strings III Warmup: Write a function called total_seconds that takes one string argument. This

Strings III Warmup: Write a function called total_seconds that takes one string argument. This

Strings III Warmup: Write a function called total_seconds that takes one string argument. This argument will be a string of the form "M:SS" where M is a number of minutes (a single digit) and SS is a number of seconds (2 digits).

584 views • 24 slides
Lecture 1 Getting Started with Python INSTRUCTOR Sharanya Jayaraman PhD Candidate in

Lecture 1 Getting Started with Python INSTRUCTOR Sharanya Jayaraman PhD Candidate in

Lecture 1 Getting Started with Python INSTRUCTOR Sharanya Jayaraman PhD Candidate in Computer Science Research Interests: High Performance Computing Numerical Methods Computer Architecture Other Interests: Movies

625 views • 50 slides
Great Theoretical Ideas in Computer Science Uncountability and Uncomputability January 29th, 2015

Great Theoretical Ideas in Computer Science Uncountability and Uncomputability January 29th, 2015

15-251 Great Theoretical Ideas in Computer Science Uncountability and Uncomputability January 29th, 2015 Our heros for this lecture father of set theory father of computer science 1845-1918 1912-1954 Uncountability Uncomputability Our

1.12k views • 79 slides
PHP OpenKnowTech & CC ICT-SUD An introduction to the language (PHP 5)... in fact just the

PHP OpenKnowTech & CC ICT-SUD An introduction to the language (PHP 5)... in fact just the

PHP OpenKnowTech & CC ICT-SUD An introduction to the language (PHP 5)... in fact just the theory needed to fully understand the presented code examples. PHP vs others Cons: inconsistencies in naming and syntax not a pure object

874 views • 74 slides
Learning R via Python ...or the other way around Drew Conway Dept. of Politics - NYU January 7,

Learning R via Python ...or the other way around Drew Conway Dept. of Politics - NYU January 7,

Learning R via Python ...or the other way around Drew Conway Dept. of Politics - NYU January 7, 2010 Introduction Review of Python Similar Data Structures Example - Testing a Prime Bridging the Gap with RPy2 Python Resources What Well

694 views • 41 slides
Lets keep the intro short Modern data mining: process immense amount

Lets keep the intro short Modern data mining: process immense amount

MapReduce and Hadoop Debapriyo Majumdar Data Mining Fall 2014 Indian Statistical Institute Kolkata November 10, 2014 Lets keep the intro short Modern data mining: process immense amount of data

382 views • 26 slides
Planning Some material taken from D. Lin, J-C Latombe 1 Logical Agents Reasoning [Ch 6]

Planning Some material taken from D. Lin, J-C Latombe 1 Logical Agents Reasoning [Ch 6]

RN, Chapter 11 Planning Some material taken from D. Lin, J-C Latombe 1 Logical Agents Reasoning [Ch 6] Propositional Logic [Ch 7] Predicate Calculus Representation [Ch 8] Inference [Ch 9] Implemented Systems [Ch 10]

678 views • 66 slides

More recommend