Formal Verification of the Heap Manager of an Operating System Using Separation Logic

  • Nicolas Marti
  • Reynald Affeldt
  • Akinori Yonezawa
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4260)


In order to ensure memory properties of an operating system, it is important to verify the implementation of its heap manager. In the case of an existing operating system, this is a difficult task because the heap manager is usually written in a low-level language that makes use of pointers, and it is usually not written with verification in mind. In this paper, our main contribution is the formal verification of the heap manager of an existing embedded operating system, namely Topsy. For this purpose, we develop in the Coq proof assistant a library for separation logic, an extension of Hoare logic to deal with pointers. Using this library, we were able to verify the C source code of the Topsy heap manager, and to find and correct bugs.


Memory Block Symbolic Execution Proof Assistant Allocation Function Separation Logic 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Reynolds, J.C.: Separation Logic: A Logic for Shared Mutable Data Structures. In: 17th IEEE Symposium on Logic in Computer Science (LICS 2002). Invited lecture, pp. 55–74 (2002)Google Scholar
  2. 2.
    Ruf, L., et al.: TOPSY – A Teachable Operating System,
  3. 3.
    Ruf, L., Jeker, C., Lutz, B., Plattner, B.: Topsy v3: A NodeOS For Network Processors. In: 2nd International Workshop on Active Network Technologies and Applications (ANTA) (2003)Google Scholar
  4. 4.
    Various contributors. The Coq Proof assistant,
  5. 5.
    Marti, N., Affeldt, R., Yonezawa, A.: Towards Formal Verification of Memory Properties using Separation Logic. In: 22nd Workshop of the Japan Society for Software Science and Technology, JSSST (2005)Google Scholar
  6. 6.
    Affeldt, R., Marti, N.: Towards Formal Verification of Memory Properties using Separation Logic. Online CVS,
  7. 7.
    Yu, D., Hamid, N.A., Shao, Z.: Building Certified Libraries for PCC: Dynamic Storage Allocation. Science of Computer Programming 50(1-3), 101–127 (2004)zbMATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Weber, T.: Towards Mechanized Program Verification with Separation Logic. In: Marcinkowski, J., Tarlecki, A. (eds.) CSL 2004. LNCS, vol. 3210, pp. 250–264. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  9. 9.
    Berdine, J., Calcagno, C., O’Hearn, P.W.: A Decidable Fragment of Separation Logic. In: Lodaya, K., Mahajan, M. (eds.) FSTTCS 2004. LNCS, vol. 3328, pp. 97–109. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  10. 10.
    Berdine, J., Calcagno, C., O’Hearn, P.W.: Symbolic Execution with Separation Logic. In: Yi, K. (ed.) APLAS 2005. LNCS, vol. 3780, pp. 52–68. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Schirmer, N.: A Verification Environment for Sequential Imperative Programs in Isabelle/HOL. In: Baader, F., Voronkov, A. (eds.) LPAR 2004. LNCS, vol. 3452, pp. 398–414. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  12. 12.
    Mehta, F., Nipkow, T.: Proving Pointer Programs in Higher-Order Logic. Information and Computation 199, 200–227 (2005)zbMATHCrossRefMathSciNetGoogle Scholar
  13. 13.
    Tuch, H., Klein, G.: A Unified Memory Model for Pointers. In: Sutcliffe, G., Voronkov, A. (eds.) LPAR 2005. LNCS, vol. 3835, pp. 474–488. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  14. 14.
    Filliâtre, J.-C.: Multi-Prover Verification of C Programs. In: Davies, J., Schulte, W., Barnett, M. (eds.) ICFEM 2004. LNCS, vol. 3308, pp. 15–29. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  15. 15.
    Hubert, T., Marché, C.: A case study of C source code verification: the Schorr-Waite algorithm. In: 3rd IEEE International Conference on Software Engineering and Formal Methods (SEFM 2005) (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Nicolas Marti
    • 1
  • Reynald Affeldt
    • 2
  • Akinori Yonezawa
    • 1
    • 2
  1. 1.Department of Computer ScienceUniversity of Tokyo 
  2. 2.Research Center for Information SecurityNational Institute of Advanced Industrial Science and Technology 

Personalised recommendations