skip to main content
research-article
Open Access

Incorrectness logic

Published:20 December 2019Publication History
Skip Abstract Section

Abstract

Program correctness and incorrectness are two sides of the same coin. As a programmer, even if you would like to have correctness, you might find yourself spending most of your time reasoning about incorrectness. This includes informal reasoning that people do while looking at or thinking about their code, as well as that supported by automated testing and static analysis tools. This paper describes a simple logic for program incorrectness which is, in a sense, the other side of the coin to Hoare's logic of correctness.

References

  1. K. R. Apt. 1981. Ten Years of Hoare’s Logic: A Survey - Part 1. ACM Trans. Program. Lang. Syst. 3, 4 (1981), 431–483.Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. K. R. Apt and G. D. Plotkin. 1986. Countable nondeterminism and random assignment. J. ACM 33, 4 (1986), 724–767.Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. R.-J. Back and J. von Wright. 1998. Refinement Calculus - A Systematic Introduction. Springer.Google ScholarGoogle Scholar
  4. S. Blackshear, B.-Y. Evan Chang, and M. Sridharan. 2013. Thresher: precise refutations for heap reachability. In PLDI.Google ScholarGoogle Scholar
  5. S. Blackshear, N. Gorogiannis, P. W. O’Hearn, and I. Sergey. 2018. RacerD: Compositional static race detection. PACMPL 2, OOPSLA (2018), 144:1–144:28.Google ScholarGoogle Scholar
  6. S. Brookes and P. W. O’Hearn. 2016. Concurrent separation logic. SIGLOG News 3, 3 (2016), 47–65.Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. H. R. Burch, E. M. Clarke, K. L. McMillan, D. L. Dill, and L. J. Hwang. 1992. Symbolic Model Checking: 10ˆ20 States and Beyond. Inf. Comput. 98, 2 (1992), 142–170.Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. W. R. Bush, J. D. Pincus, and D. J. Sielaff. 2000. A static analyzer for finding dynamic programming errors. Softw., Pract. Exper. 30, 7 (2000), 775–802.Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. C. Cadar and K. Sen. 2013. Symbolic execution for software testing: three decades later. Commun. ACM 56, 2 (2013), 82–90.Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. C. Calcagno, D. Distefano, P. W. O’Hearn, and H. Yang. 2011. Compositional Shape Analysis by Means of Bi-Abduction. J. ACM 58, 6 (2011), 26. Preliminary version in POPL’09.Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. C. Calcagno, P. W. O’Hearn, and H.Yang. 2007. Local Action and Abstract Separation Logic. In LICS. 366–378.Google ScholarGoogle Scholar
  12. K. Claessen and J. Hughes. 2000. QuickCheck: a lightweight tool for random testing of Haskell programs. In ICFP.Google ScholarGoogle Scholar
  13. E. Clarke, D. Kroening, and F. Lerda. 2004. A Tool for Checking ANSI-C Programs. In TACAS. 168–176.Google ScholarGoogle Scholar
  14. M. Clint and C. A. R. Hoare. 1972. Program Proving: Jumps and Functions. Acta Inf. 1 (1972), 214–224.Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. J. Constine. 2013. Facebook acquires assets of UK mobile bug-checking software developer Monoidics. (2013). Techcrunch.Google ScholarGoogle Scholar
  16. B. Cook, A. Podelski, and A. Rybalchenko. 2011. Proving program termination. Commun. ACM 54, 5 (2011), 88–98.Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. S. A. Cook. 1978. Soundness and Completeness of an Axiom System for Program Verification. SIAM J. Comput. 7, 1 (1978).Google ScholarGoogle ScholarCross RefCross Ref
  18. P. Cousot. 2002. Constructive design of a hierarchy of semantics of a transition system by abstract interpretation. Theor. Comput. Sci. 277, 1-2 (2002), 47–103.Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. P. Cousot and R. Cousot. 1977. Abstract Interpretation: A Unified Lattice Model for Static Analysis of Programs by Construction or Approximation of Fixpoints. In POPL. 238–252.Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. P. Cousot and R. Cousot. 2001. Compositional Separate Modular Static Analysis of Programs by Abstract Interpretation. In Proceedings of SSGRR.Google ScholarGoogle Scholar
  21. P. Cousot, R. Cousot, M. Fähndrich, and F. Logozzo. 2013. Automatic Inference of Necessary Preconditions. In VMCAI.Google ScholarGoogle Scholar
  22. E. de Vries and V. Koutavas. 2011. Reverse Hoare Logic. In SEFM. 155–171.Google ScholarGoogle Scholar
  23. E. W. Dijkstra. 1976. A Discipline of Programming. Prentice-Hall.Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. D. Distefano, M Fahndrich, F Logozzo, and P.W. O’Hearn. 2019. Scaling Static Analyses at Facebook. Commun. ACM 62, 8 (2019).Google ScholarGoogle Scholar
  25. R. W. Floyd. 1967. Assigning meanings to programs. In Proc. of the Symposium on Applied Mathematics. 19–32.Google ScholarGoogle ScholarCross RefCross Ref
  26. P. Godefroid. 2007. Compositional dynamic test generation. In POPL. 47–54.Google ScholarGoogle Scholar
  27. P. Godefroid, M. Y. Levin, and D. A. Molnar. 2008. Automated Whitebox Fuzz Testing. In NDSS.Google ScholarGoogle Scholar
  28. N. Gorogiannis, P. W. O’Hearn, and I. Sergey. 2019. A true positives theorem for a static race detector. POPL (2019).Google ScholarGoogle Scholar
  29. A. Gotsman, J. Berdine, and B. Cook. 2011. Precision and the Conjunction Rule in Concurrent Separation Logic. Electr. Notes Theor. Comput. Sci. 276 (2011), 171–190.Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. D. Harel. 1979. First-Order Dynamic Logic. Lecture Notes in Computer Science, Vol. 68. Springer.Google ScholarGoogle ScholarCross RefCross Ref
  31. D. Harel. 1980. Proving the Correctness of Regular Deterministic Programs: A Unifying Survey Using Dynamic Logic. Theor. Comput. Sci. 12 (1980), 61–81.Google ScholarGoogle ScholarCross RefCross Ref
  32. D. Harel, J. Tiuryn, and D. Kozen. 2000. Dynamic Logic. MIT Press, Cambridge, MA, USA.Google ScholarGoogle Scholar
  33. M. Harman and P. W. O’Hearn. 2018. From Start-ups to Scale-ups: Opportunities and Open Problems for Static and Dynamic Program Analysis. In Source Code Analysis and Manipulation. 1–23.Google ScholarGoogle Scholar
  34. I. J. Hayes and C. B. Jones. 2017. A Guide to Rely/Guarantee Thinking. In SETSS. 1–38.Google ScholarGoogle Scholar
  35. C. A. R. Hoare. 1969. An Axiomatic Basis for Computer Programming. Commun. ACM 12, 10 (1969), 576–580.Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. C. A. R. Hoare. 1978. Some Properties of Predicate Transformers. J. ACM 25, 3 (1978), 461–480.Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. T. Hoare, B. Möller, G. Struth, and I. Wehrman. 2011. Concurrent Kleene Algebra and its Foundations. J. Log. Algebr. Program. 80, 6 (2011), 266–296.Google ScholarGoogle ScholarCross RefCross Ref
  38. J. C. King. 1976. Symbolic Execution and Program Testing. Commun. ACM 19, 7 (1976), 385–394.Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. D. Kozen. 2000. On Hoare logic and Kleene algebra with tests. ACM Trans. Comput. Log. 1, 1 (2000), 60–76.Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. D. Kroening, M. Lewis, and G. Weissenbacher. 2015. Under-approximating loops in C programs for fast counterexample detection. Formal Methods in System Design 47, 1 (2015), 75–92.Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. L. Lamport. 1977. Proving the Correctness of Multiprocess Programs. IEEE Trans. Software Eng. 3, 2 (1977), 125–143.Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. P. Manolios and R. J. Trefler. 2001. Safety and Liveness in Branching Time. In LICS. 366–374.Google ScholarGoogle Scholar
  43. S. McPeak, C.-H. Gros, and M. K. Ramanathan. 2013. Scalable and incremental software bug detection. In ESEC/FSE.Google ScholarGoogle Scholar
  44. T. Nipkow. 2002. Hoare Logics in Isabelle/HOL. In Proof and System-Reliability, H. Schwichtenberg and R. Steinbrüggen (Eds.). Kluwer, 341–367.Google ScholarGoogle Scholar
  45. P. W. O’Hearn. 2018. Continuous Reasoning: Scaling the impact of formal methods. In LICS. 13–25.Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. P. W. O’Hearn. 2019. Separation logic. Commun. ACM 62, 2 (2019), 86–95.Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. Aleph One. 1996. Smashing the Stack for Fun and Profit. Phrack 7, 49 (November 1996).Google ScholarGoogle Scholar
  48. A. Pnueli. 1981. The temporal semantics of concurrent programs. (1981). Theoretical Computer Science, 13(1), 45–60.Google ScholarGoogle ScholarCross RefCross Ref
  49. R. Potvin and J. Levenberg. 2016. Why Google Stores Billions of Lines of Code in a Single Repository. Commun. ACM 59 (2016).Google ScholarGoogle Scholar
  50. F. Ranzato. 2013. Complete Abstractions Everywhere. In VMCAI. 15–26.Google ScholarGoogle Scholar
  51. T. W. Reps, S. Horwitz, and S. Sagiv. 1995. Precise Interprocedural Dataflow Analysis via Graph Reachability. In POPL.Google ScholarGoogle Scholar
  52. J. C. Reynolds. 2002. Separation Logic: A Logic for Shared Mutable Data Structures. In LICS. 55–74.Google ScholarGoogle Scholar
  53. X. Rival. 2005. Understanding the Origin of Alarms in Astrée. In SAS. 303–319.Google ScholarGoogle Scholar
  54. P. Rümmer and M. A. Shah. 2007. Proving Programs Incorrect Using a Sequent Calculus for Java Dynamic Logic. In TAP.Google ScholarGoogle Scholar
  55. J. F. Santos, P. Maksimovic, G. Sampaio, and P. Gardner. 2019. JaVerT 2.0: Compositional symbolic execution for JavaScript. PACMPL 3, POPL (2019), 66:1–66:31.Google ScholarGoogle Scholar
  56. D. A. Schmidt. 2007. A calculus of logical relations for over- and underapproximating static analyses. Sci. Comput. Program. 64, 1 (2007), 29–53.Google ScholarGoogle ScholarDigital LibraryDigital Library
  57. A. Stoughton. 1988. Substitution Revisited. Theor. Comput. Sci. 59 (1988), 317–325.Google ScholarGoogle ScholarDigital LibraryDigital Library
  58. A. M. Turing. 1949. Checking a Large Routine. In Report of a Conference on High Speed Automatic Calculating Machines, Univ. Math. Lab., Cambridge. 67–69.Google ScholarGoogle Scholar
  59. H. Yang. 2001. Local Reasoning for Stateful Programs. Ph.D. Dissertation. University of Illinois.Google ScholarGoogle Scholar

Index Terms

  1. Incorrectness logic

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    • Published in

      cover image Proceedings of the ACM on Programming Languages
      Proceedings of the ACM on Programming Languages  Volume 4, Issue POPL
      January 2020
      1984 pages
      EISSN:2475-1421
      DOI:10.1145/3377388
      Issue’s Table of Contents

      Copyright © 2019 Owner/Author

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      • Published: 20 December 2019
      Published in pacmpl Volume 4, Issue POPL

      Permissions

      Request permissions about this article.

      Request Permissions

      Check for updates

      Author Tags

      Qualifiers

      • research-article

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!