Verifying heap-manipulating programs with unknown procedure calls

Abstract

Verification of programs with invocations to unknown procedures is a practical problem, because in many scenarios not all codes of programs to be verified are available. Those unknown calls also pose a challenge for their verification. This paper addresses this problem with an attempt to verify the full functional correctness of such programs using pointer-based data structures. Provided with a Hoare-style specification {Φ pr } prog {Φ po } where program prog contains calls to some unknown procedure unknown, we infer a specification mspec u for unknown from the calling contexts, such that the problem of verifying prog can be safely reduced to the problem of proving that the procedure unknown (once its code is available) meets the derived specification mspec u . The expected specification mspec u for the unknown procedure unknown is automatically calculated using an abduction-based shape analysis specifically designed for a combined abstract domain. We have also done some experiments to validate the viability of our approach. © 2010 Springer-Verlag Berlin Heidelberg.