TL;DR
This paper develops a deductive verification benchmark for Linux kernel functions, successfully proving correctness for most functions using AstraVer, and introduces new specification constructs to enhance verification capabilities.
Contribution
It presents a novel benchmark of unmodified Linux kernel functions with formal contracts and demonstrates the effectiveness of AstraVer in verifying them, including new specification constructs.
Findings
23 functions were fully proved using AstraVer
11 functions required new specification language constructs
2 functions were proved after minor source code modifications
Abstract
This paper presents results from the development and evaluation of a deductive verification benchmark consisting of 26 unmodified Linux kernel library functions implementing conventional memory and string operations. The formal contract of the functions was extracted from their source code and was represented in the form of preconditions and postconditions. The correctness of 23 functions was completely proved using AstraVer toolset, although success for 11 functions was achieved using 2 new specification language constructs. Another 2 functions were proved after a minor modification of their source code, while the final one cannot be completely proved using the existing memory model. The benchmark can be used for the testing and evaluation of deductive verification tools and as a starting point for verifying other parts of the Linux kernel.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
