Modular Verification of SPARCv8 Code

  • Junpeng Zha
  • Xinyu FengEmail author
  • Lei Qiao
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11275)


Inline assembly code is common in system software to interact with the underlying hardware platforms. Safety and correctness of the assembly code is crucial to guarantee the safety of the whole system. In this paper we propose a practical Hoare-style program logic for verifying SPARC assembly code. The logic supports modular reasoning about the main features of SPARCv8 ISA, including delayed control transfers, delayed writes to special registers, and register windows. We have applied it to verify the main body of a context switch routine in a realistic embedded OS kernel. All of the formalization and proofs have been mechanized in Coq.


  1. 1.
    Program logic for SPARCv8 implementation in Coq (project code).
  2. 2.
  3. 3.
    Appel, A.W.: Foundational proof-carrying code. In: Proceedings of 16th Annual IEEE Symposium on Logic in Computer Science, pp. 85–97, January 1998Google Scholar
  4. 4.
    Berdine, J., Calcagno, C., O’Hearn, P.W.: Smallfoot: modular automatic assertion checking with separation logic. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2005. LNCS, vol. 4111, pp. 115–137. Springer, Heidelberg (2006). Scholar
  5. 5.
    Berdine, J., Calcagno, C., O’Hearn, P.W.: Symbolic execution with separation logic. In: Yi, K. (ed.) APLAS 2005. LNCS, vol. 3780, pp. 52–68. Springer, Heidelberg (2005). Scholar
  6. 6.
    Feng, X., Ni, Z., Shao, Z., Guo, Y.: An open framework for foundational proof-carrying code. In: TLDI, pp. 67–78 (2007)Google Scholar
  7. 7.
    Feng, X., Shao, Z., Vaynberg, A., Xiang, S., Ni, Z.: Modular verification of assembly code with stack-based control abstractions. In: PLDI, June 2006Google Scholar
  8. 8.
    Gu, R., et al.: Deep specifications and certified abstraction layers. In: POPL, pp. 595–608, January 2015CrossRefGoogle Scholar
  9. 9.
    Klein, G., et al.: seL4: formal verification of an OS kernel. In: SOSP, pp. 207–220, October 2009Google Scholar
  10. 10.
    Morrisett, G.: TALx86: a realistic typed assembly language. In: 1999 ACM SIGPLAN Workshop on Compiler Support for System Software, pp. 25–35, May 1996Google Scholar
  11. 11.
    Morrisett, G., Walker, D., Crary, K., Glew, N.: From system F to typed assembly language. In: POPL, pp. 85–97, January 1998Google Scholar
  12. 12.
    Myreen, M.O., Gordon, M.J.C.: Hoare logic for realistically modelled machine code. In: Grumberg, O., Huth, M. (eds.) TACAS 2007. LNCS, vol. 4424, pp. 568–582. Springer, Heidelberg (2007). Scholar
  13. 13.
    Necula, G.C., Lee, P.: Safe kernel extensions without run-time checking. In: Proceedings of 2nd USENIX Symposium on Operating System Design and Implementation, pp. 229–243 (1996)Google Scholar
  14. 14.
    Ni, Z., Shao, Z.: Certified assembly programming with embedded code pointers. In: POPL, pp. 320–333 (2006)CrossRefGoogle Scholar
  15. 15.
    Ni, Z., Yu, D., Shao, Z.: Using XCAP to certify realistic systems code: machine context management. In: Schneider, K., Brandt, J. (eds.) TPHOLs 2007. LNCS, vol. 4732, pp. 189–206. Springer, Heidelberg (2007). Scholar
  16. 16.
    Tan, G., Appel, A.W.: A compositional logic for control flow. In: Emerson, E.A., Namjoshi, K.S. (eds.) VMCAI 2006. LNCS, vol. 3855, pp. 80–94. Springer, Heidelberg (2005). Scholar
  17. 17.
    Wang, J., Fu, M., Qiao, L., Feng, X.: Formalizing SPARCv8 instruction set architecture in Coq. In: Larsen, K.G., Sokolsky, O., Wang, J. (eds.) SETTA 2017. LNCS, vol. 10606, pp. 300–316. Springer, Cham (2017). Scholar
  18. 18.
    Xu, F., Fu, M., Feng, X., Zhang, X., Zhang, H., Li, Z.: A practical verification framework for preemptive OS kernels. In: Chaudhuri, S., Farzan, A. (eds.) CAV 2016. LNCS, vol. 9780, pp. 59–79. Springer, Cham (2016). Scholar
  19. 19.
    Yang, J., Hawblitzel, C.: Safe to the last instruction: automated verification of a type-safe operating system. In: PLDI, pp. 99–110 (2010)Google Scholar
  20. 20.
    Yu, D., Nadeem, A.H., Shao, Z.: Building certified libraries for PCC: dynamic storage allocation. Sci. Comput. Program. 50(1–3), 101–127 (2004)MathSciNetCrossRefGoogle Scholar
  21. 21.
    Hou, Z., Sanan, D., Tiu, A., Liu, Y., Hoa, K.C.: An executable formalisation of the SPARCv8 instruction set architecture: a case study for the LEON3 processor. In: Fitzgerald, J., Heitmeyer, C., Gnesi, S., Philippou, A. (eds.) FM 2016. LNCS, vol. 9995, pp. 388–405. Springer, Cham (2016). Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.University of Science and Technology of ChinaHefeiChina
  2. 2.State Key Laboratory for Novel Software TechnologyNanjing UniversityNanjingChina
  3. 3.Beijing Institute of Control EngineeringBeijingChina

Personalised recommendations