Deductive Verification of Unmodified Linux Kernel Library Functions
This provides a benchmark for testing deductive verification tools, aiding developers in verifying critical system software like the Linux kernel, though it is incremental as it builds on existing verification methods.
The paper tackled the problem of verifying unmodified Linux kernel library functions using deductive verification, achieving complete proofs for 23 out of 26 functions, with 11 requiring new specification constructs and 2 needing minor code modifications.
This paper presents results from the development and evaluation of a deductive verification benchmark consisting of 26 unmodified Linux kernel library functions implementing conventional memory and string operations. The formal contract of the functions was extracted from their source code and was represented in the form of preconditions and postconditions. The correctness of 23 functions was completely proved using AstraVer toolset, although success for 11 functions was achieved using 2 new specification language constructs. Another 2 functions were proved after a minor modification of their source code, while the final one cannot be completely proved using the existing memory model. The benchmark can be used for the testing and evaluation of deductive verification tools and as a starting point for verifying other parts of the Linux kernel.