Verified sequential Malloc/Free

We verify the functional correctness of an array-of-bins (segregated free-lists) single-thread malloc/free system with respect to a correctness specification written in separation logic. The memory allocator is written in standard C code compatible with the standard API; the specification is in the Verifiable C program logic, and the proof is done in the Verified Software Toolchain within the Coq proof assistant. Our "resource-aware" specification can guarantee when malloc will successfully return a block, unlike the standard Posix specification that allows malloc to return NULL whenever it wants to. We also prove subsumption (refinement): the resource-aware specification implies a resource-oblivious spec.

[1]  Sophia Drossopoulou,et al.  snmalloc: a message passing allocator , 2019, ISMM.

[2]  Yongwang Zhao,et al.  A Verified Specification of TLSF Memory Management Allocator Using State Monads , 2019, SETTA.

[3]  Yang Liu,et al.  A Formally Verified Buddy Memory Allocation Model , 2019, 2019 24th International Conference on Engineering of Complex Computer Systems (ICECCS).

[4]  Charles Burr Weinstock Dynamic storage allocation techniques. , 1976 .

[5]  Jeehoon Kang,et al.  A formal C memory model supporting integer-pointer casts , 2015, PLDI.

[6]  Zhong Shao,et al.  Certified concurrent abstraction layers , 2018, PLDI.

[7]  David Aspinall,et al.  Heap-Bounded Assembly Language , 2004, Journal of Automated Reasoning.

[8]  Shengyi Wang,et al.  Certifying graph-manipulating C programs via localizations within data structures , 2019, Proc. ACM Program. Lang..

[9]  TuchHarvey Formal Verification of C Systems Code , 2009 .

[10]  Andrew W. Appel,et al.  Verified Correctness and Security of mbedTLS HMAC-DRBG , 2017, CCS.

[11]  GammiePeter,et al.  Relaxing safely: verified on-the-fly garbage collection for x86-TSO , 2015 .

[12]  Andrew W. Appel,et al.  Verified Correctness and Security of OpenSSL HMAC , 2015, USENIX Security Symposium.

[13]  Andrew McCreight,et al.  A certified framework for compiling and executing garbage-collected languages , 2010, ICFP '10.

[14]  Andrew W. Appel,et al.  VST-Floyd: A Separation Logic Tool to Verify Correctness of C Programs , 2018, Journal of Automated Reasoning.

[15]  Derek Dreyer,et al.  RustBelt meets relaxed memory , 2019, Proc. ACM Program. Lang..

[16]  Gavin M. Bierman,et al.  Separation logic and abstraction , 2005, POPL '05.

[17]  Kai Engelhardt,et al.  Relaxing safely: verified on-the-fly garbage collection for x86-TSO , 2015, PLDI.

[18]  Frank Piessens,et al.  VeriFast: A Powerful, Sound, Predictable, Fast Verifier for C and Java , 2011, NASA Formal Methods.

[19]  Harvey Tuch Formal Verification of C Systems Code , 2009, Journal of Automated Reasoning.

[20]  Gilles Barthe,et al.  Precise analysis of memory consumption using program logics , 2005, Third IEEE International Conference on Software Engineering and Formal Methods (SEFM'05).

[21]  Armando Solar-Lezama,et al.  Towards optimization-safe systems: analyzing the impact of undefined behavior , 2013, SOSP.

[22]  Peter W. O'Hearn,et al.  Local Reasoning about Programs that Alter Data Structures , 2001, CSL.

[23]  Andrew W. Appel,et al.  A verified messaging system , 2017, Proc. ACM Program. Lang..

[24]  Yu Guo,et al.  Deep Specifications and Certified Abstraction Layers , 2015, POPL.

[25]  Long Li,et al.  A general framework for certifying garbage collectors and their mutators , 2007, PLDI '07.

[26]  Katerina J. Argyraki,et al.  A Formally Verified NAT , 2017, SIGCOMM.

[27]  Akinori Yonezawa,et al.  Formal Verification of the Heap Manager of an Operating System Using Separation Logic , 2006, ICFEM.

[28]  Zhong Shao,et al.  Building certified concurrent OS kernels , 2019, Commun. ACM.

[29]  Martin Hofmann,et al.  Static prediction of heap space usage for first-order functional programs , 2003, POPL '03.

[30]  Lars Birkedal,et al.  Local reasoning about a copying garbage collector , 2004, POPL '04.

[31]  Bart Jacobs,et al.  Verifying cryptographic protocol implementations that use industrial cryptographic APIs , 2017 .

[32]  Daan Leijen,et al.  Mimalloc: Free List Sharding in Action , 2019, APLAS.

[33]  John Michael Robson,et al.  An Estimate of the Store Size Necessary for Dynamic Storage Allocation , 1971, JACM.

[34]  Andrew W. Appel,et al.  Connecting Higher-Order Separation Logic to a First-Order Outside World , 2020, ESOP.

[35]  Xavier Leroy,et al.  Formal verification of a realistic compiler , 2009, CACM.

[36]  Nikolai Kosmatov,et al.  Frama-C: A software analysis perspective , 2015, Formal Aspects of Computing.

[37]  Andrew W. Appel,et al.  Abstraction and subsumption in modular verification of C programs , 2019, Formal Methods in System Design.

[38]  Michael Norrish,et al.  seL4: formal verification of an OS kernel , 2009, SOSP '09.

[39]  Matthew J. Parkinson,et al.  Explicit Stabilisation for Modular Rely-Guarantee Reasoning , 2010, ESOP.

[40]  Emery D. Berger,et al.  A locality-improving dynamic memory allocator , 2005, MSP '05.

[41]  Martin Hofmann,et al.  Automatic Certification of Heap Consumption , 2004, LPAR.