StarMalloc: Verifying a Modern, Hardened Memory Allocator

被引:1
作者
Reitz, Antonin [1 ]
Fromherz, Aymeric [1 ]
Protzenko, Jonathan [2 ]
机构
[1] Inria, Paris, France
[2] Microsoft Azure Res, Redmond, CA USA
来源
PROCEEDINGS OF THE ACM ON PROGRAMMING LANGUAGES-PACMPL | 2024年 / 8卷 / OOPSLA2期
关键词
Formal Verification; Separation Logic; Memory Allocators; VERIFICATION;
D O I
10.1145/3689773
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
We present StarMalloc, a verified, efficient, security-oriented, and concurrent memory allocator. Using the Steel separation logic framework, we show how to specify and verify a multitude of low-level patterns and delicate security mechanisms, by relying on a combination of dependent types, SMT, and modular abstractions to enable efficient verification. We produce a verified artifact, in C, that implements the entire API surface of an allocator, and as such works as a drop-in replacement for real-world projects, notably the Firefox browser. As part of StarMalloc, we develop several generic datastructures and proof libraries directly reusable in future systems verification projects. We also extend the Steel toolchain to express several low-level idioms that were previously missing. Finally, we show that StarMalloc exhibits competitive performance by evaluating it against 10 state-of-the-art memory allocators, and against a variety of real-world projects, such as Redis, the Lean compiler, and the Z3 SMT solver.
引用
收藏
页数:30
相关论文
共 97 条
[1]  
[Anonymous], 2019, A proactive approach to more secure code
[2]  
[Anonymous], 1999, INT STANDARD ISOIEC
[3]  
[Anonymous], 2013, Cve details: The ultimate security vulnerability datasource
[4]  
[Anonymous], 54. Instituto Nacional de Estatistica-Conta Satelite da Saude 2020. Lisboa: INE, 2021. Available (only in Portuguese) at: https://www.ine.pt/xportal/xmain?xpidINExpgidine_cnacionais2010b2016contextocsselTabtab3perfil392023991INST391970297xlangen. Reporting to Table E.4.2.1.1-Current expenditure on health by function of care and financing agent and memory items (current prices). Provisory values for 2019.
[5]   Verified Sequential Malloc/Free [J].
Appel, Andrew W. ;
Naumann, David A. .
PROCEEDINGS OF THE 2020 ACM SIGPLAN INTERNATIONAL SYMPOSIUM ON MEMORY MANAGEMENT, ISMM 2020, 2020, :48-59
[6]  
Appel AW, 2011, LECT NOTES COMPUT SC, V6602, P1, DOI 10.1007/978-3-642-19718-5_1
[7]  
Berger ED, 2006, ACM SIGPLAN NOTICES, V41, P158, DOI 10.1145/1133981.1134000
[8]  
Berger Emery D., 2012, Software Needs Seatbelts and Airbags: Finding and Fixing Bugs in Deployed Software is Difficult and Time-Consuming. Here Are Some Alternatives, DOI 10.11452330667.2330683
[9]  
Bosamiya J, 2022, PROCEEDINGS OF THE 31ST USENIX SECURITY SYMPOSIUM, P1975
[10]   Idris, a general-purpose dependently typed programming language: Design and implementation [J].
Brady, Edwin .
JOURNAL OF FUNCTIONAL PROGRAMMING, 2013, 23 (05) :552-593
12345678910