A Formally Verified Interpreter for a Shell-Like Programming Language

Jeannerod, Nicolas; Marché, Claude; Treinen, Ralf

doi:10.1007/978-3-319-72308-2_1

Cited by 8 publications

(12 citation statements)

References 10 publications

(6 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Indeed, we believe the complexity of symbolic execution tools for complex languages relies more on the complexity of data, which must be handled by the constraints and not the symbolic engine itself. Second, as a matter of fact, we recently finish to transfer the correctness properties and proof techniques developed in this article to the CoLiS language [8]. The CoLiS language is an intermediate language for a subset of the POSIX shell language with formally defined and easily understandable semantics.…”

Section: Conclusion Related Work and Future Workmentioning

confidence: 99%

Ghost Code in Action: Automated Verification of a Symbolic Interpreter

Becker

Marché

2020

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Symbolic execution is a basic concept for the static analysis of programs. It amounts to representing sets of concrete program states as a logical formula relating the program variables, and interpreting sets of executions as a transformation of that formula. We are interested in formalising the correctness of a symbolic interpreter engine, expressed by an over-approximation property stating that symbolic execution covers all concrete executions, and an under-approximation property stating that no useless symbolic states are generated. Our formalisation is tailored for automated verification, that is the automated discharge of verification conditions to SMT solvers. To achieve this level of automation, we appropriately annotate the code of the symbolic interpreter with an original use of both ghost data and ghost statements.

show abstract

Section: Conclusion Related Work and Future Workmentioning

confidence: 99%

Ghost Code in Action: Automated Verification of a Symbolic Interpreter

Becker

Marché

2020

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…The CoLiS language. It was first presented in 2017 [23]. Its design aims to avoid some pitfalls of the shell, and to make explicit the dangerous constructions we cannot eliminate.…”

Section: Front-endmentioning

confidence: 99%

“…For this case study, we improved the language proposed formerly [23] to increase the number of analysed Debian maintainer scripts. First, we added a number of constructs to the language.…”

Section: Front-endmentioning

confidence: 99%

“…First, we added a number of constructs to the language. Second, we provide a formal semantics for the new constructs and we align the previous semantics [23] to the one of the Posix shell for a few other constructs. These changes and a complete description of the current CoLiS language are described in a technical report [6].…”

Section: Front-endmentioning

confidence: 99%

“…Its formal specifications (preconditions and post-conditions) state the soundness of the interpreter, i.e., that any result corresponds to the formal semantics with unbounded number of loop iterations and unbounded nested function calls. The specifications are checked using automated theorem provers [23].…”

Section: Front-endmentioning

confidence: 99%

See 2 more Smart Citations

Analysing installation scenarios of Debian packages

Becker

Jeannerod

Marché

et al. 2020

Tools and Algorithms for the Construction and Analysis of Systems

Self Cite

View full text Add to dashboard Cite

The Debian distribution includes more than 28 thousand maintainer scripts, almost all of them are written in Posix shell. These scripts are executed with root privileges at installation, update, and removal of a package, which make them critical for system maintenance. While Debian policy provides guidance for package maintainers producing the scripts, few tools exist to check the compliance of a script to it. We report on the application of a formal verification approach based on symbolic execution to find violations of some non-trivial properties required by Debian policy in maintainer scripts. We present our methodology and give an overview of our toolchain. We obtained promising results: our toolchain is effective in analysing a large set of Debian maintainer scripts and it pointed out over 150 policy violations that lead to reports (more than half already fixed) on the Debian Bug Tracking system.

show abstract