Formal Verification of the Heap Manager of an Operating System Using Separation Logic
نویسندگان
چکیده
In order to ensure memory properties of an operating system, it is important to verify the implementation of its heap manager. In the case of an existing operating system, this is a difficult task because the heap manager is usually written in a low-level language that makes use of pointers, and it is usually not written with verification in mind. In this paper, our main contribution is the formal verification of the heap manager of an existing embedded operating system, namely Topsy. For this purpose, we develop in the Coq proof assistant a library for separation logic, an extension of Hoare logic to deal with pointers. Using this library, we were able to verify the C source code of the Topsy heap manager, and to find and correct bugs.
منابع مشابه
A short introduction to two approaches in formal verification of security protocols: model checking and theorem proving
In this paper, we shortly review two formal approaches in verification of security protocols; model checking and theorem proving. Model checking is based on studying the behavior of protocols via generating all different behaviors of a protocol and checking whether the desired goals are satisfied in all instances or not. We investigate Scyther operational semantics as n example of this...
متن کاملA Symbolic Execution Framework with Explicit Heaps and Separation
Program verification of heap properties is challenging. A promising approach is Separation Logic, which supports local reasoning over disjoint portions of the heap. In this paper, we propose a heap constraint language H that explicates the heap and incorporates separation. By explicating the heap, the language is more suitable for automatic symbolic execution. We show that this language can be ...
متن کاملLearning Invariants for Incomplete Heap Verification Engines
Existing learning algorithms for synthesizing invariants for program verification work using concrete counterexamples returned by a verification engine. However, when the verification engine implements incomplete procedures for undecidable logics (such as a rich separation logic), it cannot give concrete counterexamples that a learner can use. We present a new learning framework to synthesize c...
متن کاملTowards Formal Verification of Memory Properties using Separation Logic
With the recent dissemination of embedded systems, it has become important to verifiy low-level software such as specialized operating systems. However, such verifications are notoriously made difficult by complex memory management operations such as pointer arithmetic. As a first step towards the implementation of a verification tool, we show how one can formally verify an important property o...
متن کاملAutomating Separation Logic Using SMT
Separation logic (SL) has gained widespread popularity because of its ability to succinctly express complex invariants of a program’s heap configurations. Several specialized provers have been developed for decidable SL fragments. However, these provers cannot be easily extended or combined with solvers for other theories that are important in program verification, e.g., linear arithmetic. In t...
متن کامل