StarMalloc: Verifying a Modern, Hardened Memory Allocator

We present StarMalloc, a verified, efficient, security-oriented, and concurrent memory allocator. Using the Steel separation logic framework, we show how to specify and verify a multitude of low-level patterns and delicate security mechanisms, by relying on a combination of dependent types, SMT, and...

Full description

Saved in:
Bibliographic Details
Published in:Proceedings of ACM on programming languages Vol. 8; no. OOPSLA2; pp. 1757 - 1786
Main Authors: Reitz, Antonin, Fromherz, Aymeric, Protzenko, Jonathan
Format: Journal Article
Language:English
Published: New York, NY, USA ACM 08.10.2024
Subjects:
Computer Science
Logic and verification
Programming Languages
Security and privacy
Separation logic
Theory of computation
Formal Verification
Memory Allocators
Separation Logic
CCS Concepts: Theory of computation → Separation logic
Security and privacy → Logic and verification Formal Verification
ISSN:2475-1421, 2475-1421
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:We present StarMalloc, a verified, efficient, security-oriented, and concurrent memory allocator. Using the Steel separation logic framework, we show how to specify and verify a multitude of low-level patterns and delicate security mechanisms, by relying on a combination of dependent types, SMT, and modular abstractions to enable efficient verification. We produce a verified artifact, in C, that implements the entire API surface of an allocator, and as such works as a drop-in replacement for real-world projects, notably the Firefox browser. As part of StarMalloc, we develop several generic datastructures and proof libraries directly reusable in future systems verification projects. We also extend the Steel toolchain to express several low-level idioms that were previously missing. Finally, we show that StarMalloc exhibits competitive performance by evaluating it against 10 state-of-the-art memory allocators, and against a variety of real-world projects, such as Redis, the Lean compiler, and the Z3 SMT solver.
ISSN:2475-1421
2475-1421
DOI:10.1145/3689773