Abstract
Program correctness and incorrectness are two sides of the same coin. As a programmer, even if you would like to have correctness, you might find yourself spending most of your time reasoning about incorrectness. This includes informal reasoning that people do while looking at or thinking about their code, as well as that supported by automated testing and static analysis tools. This paper describes a simple logic for program incorrectness which is, in a sense, the other side of the coin to Hoare's logic of correctness.
- K. R. Apt. 1981. Ten Years of Hoare’s Logic: A Survey - Part 1. ACM Trans. Program. Lang. Syst. 3, 4 (1981), 431–483.Google Scholar
Digital Library
- K. R. Apt and G. D. Plotkin. 1986. Countable nondeterminism and random assignment. J. ACM 33, 4 (1986), 724–767.Google Scholar
Digital Library
- R.-J. Back and J. von Wright. 1998. Refinement Calculus - A Systematic Introduction. Springer.Google Scholar
- S. Blackshear, B.-Y. Evan Chang, and M. Sridharan. 2013. Thresher: precise refutations for heap reachability. In PLDI.Google Scholar
- S. Blackshear, N. Gorogiannis, P. W. O’Hearn, and I. Sergey. 2018. RacerD: Compositional static race detection. PACMPL 2, OOPSLA (2018), 144:1–144:28.Google Scholar
- S. Brookes and P. W. O’Hearn. 2016. Concurrent separation logic. SIGLOG News 3, 3 (2016), 47–65.Google Scholar
Digital Library
- H. R. Burch, E. M. Clarke, K. L. McMillan, D. L. Dill, and L. J. Hwang. 1992. Symbolic Model Checking: 10ˆ20 States and Beyond. Inf. Comput. 98, 2 (1992), 142–170.Google Scholar
Digital Library
- W. R. Bush, J. D. Pincus, and D. J. Sielaff. 2000. A static analyzer for finding dynamic programming errors. Softw., Pract. Exper. 30, 7 (2000), 775–802.Google Scholar
Digital Library
- C. Cadar and K. Sen. 2013. Symbolic execution for software testing: three decades later. Commun. ACM 56, 2 (2013), 82–90.Google Scholar
Digital Library
- C. Calcagno, D. Distefano, P. W. O’Hearn, and H. Yang. 2011. Compositional Shape Analysis by Means of Bi-Abduction. J. ACM 58, 6 (2011), 26. Preliminary version in POPL’09.Google Scholar
Digital Library
- C. Calcagno, P. W. O’Hearn, and H.Yang. 2007. Local Action and Abstract Separation Logic. In LICS. 366–378.Google Scholar
- K. Claessen and J. Hughes. 2000. QuickCheck: a lightweight tool for random testing of Haskell programs. In ICFP.Google Scholar
- E. Clarke, D. Kroening, and F. Lerda. 2004. A Tool for Checking ANSI-C Programs. In TACAS. 168–176.Google Scholar
- M. Clint and C. A. R. Hoare. 1972. Program Proving: Jumps and Functions. Acta Inf. 1 (1972), 214–224.Google Scholar
Digital Library
- J. Constine. 2013. Facebook acquires assets of UK mobile bug-checking software developer Monoidics. (2013). Techcrunch.Google Scholar
- B. Cook, A. Podelski, and A. Rybalchenko. 2011. Proving program termination. Commun. ACM 54, 5 (2011), 88–98.Google Scholar
Digital Library
- S. A. Cook. 1978. Soundness and Completeness of an Axiom System for Program Verification. SIAM J. Comput. 7, 1 (1978).Google Scholar
Cross Ref
- P. Cousot. 2002. Constructive design of a hierarchy of semantics of a transition system by abstract interpretation. Theor. Comput. Sci. 277, 1-2 (2002), 47–103.Google Scholar
Digital Library
- P. Cousot and R. Cousot. 1977. Abstract Interpretation: A Unified Lattice Model for Static Analysis of Programs by Construction or Approximation of Fixpoints. In POPL. 238–252.Google Scholar
Digital Library
- P. Cousot and R. Cousot. 2001. Compositional Separate Modular Static Analysis of Programs by Abstract Interpretation. In Proceedings of SSGRR.Google Scholar
- P. Cousot, R. Cousot, M. Fähndrich, and F. Logozzo. 2013. Automatic Inference of Necessary Preconditions. In VMCAI.Google Scholar
- E. de Vries and V. Koutavas. 2011. Reverse Hoare Logic. In SEFM. 155–171.Google Scholar
- E. W. Dijkstra. 1976. A Discipline of Programming. Prentice-Hall.Google Scholar
Digital Library
- D. Distefano, M Fahndrich, F Logozzo, and P.W. O’Hearn. 2019. Scaling Static Analyses at Facebook. Commun. ACM 62, 8 (2019).Google Scholar
- R. W. Floyd. 1967. Assigning meanings to programs. In Proc. of the Symposium on Applied Mathematics. 19–32.Google Scholar
Cross Ref
- P. Godefroid. 2007. Compositional dynamic test generation. In POPL. 47–54.Google Scholar
- P. Godefroid, M. Y. Levin, and D. A. Molnar. 2008. Automated Whitebox Fuzz Testing. In NDSS.Google Scholar
- N. Gorogiannis, P. W. O’Hearn, and I. Sergey. 2019. A true positives theorem for a static race detector. POPL (2019).Google Scholar
- A. Gotsman, J. Berdine, and B. Cook. 2011. Precision and the Conjunction Rule in Concurrent Separation Logic. Electr. Notes Theor. Comput. Sci. 276 (2011), 171–190.Google Scholar
Digital Library
- D. Harel. 1979. First-Order Dynamic Logic. Lecture Notes in Computer Science, Vol. 68. Springer.Google Scholar
Cross Ref
- D. Harel. 1980. Proving the Correctness of Regular Deterministic Programs: A Unifying Survey Using Dynamic Logic. Theor. Comput. Sci. 12 (1980), 61–81.Google Scholar
Cross Ref
- D. Harel, J. Tiuryn, and D. Kozen. 2000. Dynamic Logic. MIT Press, Cambridge, MA, USA.Google Scholar
- M. Harman and P. W. O’Hearn. 2018. From Start-ups to Scale-ups: Opportunities and Open Problems for Static and Dynamic Program Analysis. In Source Code Analysis and Manipulation. 1–23.Google Scholar
- I. J. Hayes and C. B. Jones. 2017. A Guide to Rely/Guarantee Thinking. In SETSS. 1–38.Google Scholar
- C. A. R. Hoare. 1969. An Axiomatic Basis for Computer Programming. Commun. ACM 12, 10 (1969), 576–580.Google Scholar
Digital Library
- C. A. R. Hoare. 1978. Some Properties of Predicate Transformers. J. ACM 25, 3 (1978), 461–480.Google Scholar
Digital Library
- T. Hoare, B. Möller, G. Struth, and I. Wehrman. 2011. Concurrent Kleene Algebra and its Foundations. J. Log. Algebr. Program. 80, 6 (2011), 266–296.Google Scholar
Cross Ref
- J. C. King. 1976. Symbolic Execution and Program Testing. Commun. ACM 19, 7 (1976), 385–394.Google Scholar
Digital Library
- D. Kozen. 2000. On Hoare logic and Kleene algebra with tests. ACM Trans. Comput. Log. 1, 1 (2000), 60–76.Google Scholar
Digital Library
- D. Kroening, M. Lewis, and G. Weissenbacher. 2015. Under-approximating loops in C programs for fast counterexample detection. Formal Methods in System Design 47, 1 (2015), 75–92.Google Scholar
Digital Library
- L. Lamport. 1977. Proving the Correctness of Multiprocess Programs. IEEE Trans. Software Eng. 3, 2 (1977), 125–143.Google Scholar
Digital Library
- P. Manolios and R. J. Trefler. 2001. Safety and Liveness in Branching Time. In LICS. 366–374.Google Scholar
- S. McPeak, C.-H. Gros, and M. K. Ramanathan. 2013. Scalable and incremental software bug detection. In ESEC/FSE.Google Scholar
- T. Nipkow. 2002. Hoare Logics in Isabelle/HOL. In Proof and System-Reliability, H. Schwichtenberg and R. Steinbrüggen (Eds.). Kluwer, 341–367.Google Scholar
- P. W. O’Hearn. 2018. Continuous Reasoning: Scaling the impact of formal methods. In LICS. 13–25.Google Scholar
Digital Library
- P. W. O’Hearn. 2019. Separation logic. Commun. ACM 62, 2 (2019), 86–95.Google Scholar
Digital Library
- Aleph One. 1996. Smashing the Stack for Fun and Profit. Phrack 7, 49 (November 1996).Google Scholar
- A. Pnueli. 1981. The temporal semantics of concurrent programs. (1981). Theoretical Computer Science, 13(1), 45–60.Google Scholar
Cross Ref
- R. Potvin and J. Levenberg. 2016. Why Google Stores Billions of Lines of Code in a Single Repository. Commun. ACM 59 (2016).Google Scholar
- F. Ranzato. 2013. Complete Abstractions Everywhere. In VMCAI. 15–26.Google Scholar
- T. W. Reps, S. Horwitz, and S. Sagiv. 1995. Precise Interprocedural Dataflow Analysis via Graph Reachability. In POPL.Google Scholar
- J. C. Reynolds. 2002. Separation Logic: A Logic for Shared Mutable Data Structures. In LICS. 55–74.Google Scholar
- X. Rival. 2005. Understanding the Origin of Alarms in Astrée. In SAS. 303–319.Google Scholar
- P. Rümmer and M. A. Shah. 2007. Proving Programs Incorrect Using a Sequent Calculus for Java Dynamic Logic. In TAP.Google Scholar
- J. F. Santos, P. Maksimovic, G. Sampaio, and P. Gardner. 2019. JaVerT 2.0: Compositional symbolic execution for JavaScript. PACMPL 3, POPL (2019), 66:1–66:31.Google Scholar
- D. A. Schmidt. 2007. A calculus of logical relations for over- and underapproximating static analyses. Sci. Comput. Program. 64, 1 (2007), 29–53.Google Scholar
Digital Library
- A. Stoughton. 1988. Substitution Revisited. Theor. Comput. Sci. 59 (1988), 317–325.Google Scholar
Digital Library
- A. M. Turing. 1949. Checking a Large Routine. In Report of a Conference on High Speed Automatic Calculating Machines, Univ. Math. Lab., Cambridge. 67–69.Google Scholar
- H. Yang. 2001. Local Reasoning for Stateful Programs. Ph.D. Dissertation. University of Illinois.Google Scholar
Index Terms
Incorrectness logic
Recommendations
A Correctness and Incorrectness Program Logic
Abstract interpretation is a well-known and extensively used method to extract over-approximate program invariants by a sound program analysis algorithm. Soundness means that no program errors are lost and it is, in principle, guaranteed by construction. ...
Outcome Logic: A Unifying Foundation for Correctness and Incorrectness Reasoning
Program logics for bug-finding (such as the recently introduced Incorrectness Logic) have framed correctness and incorrectness as dual concepts requiring different logical foundations. In this paper, we argue that a single unified theory can be used ...
The Ins and Outs of the Probabilistic Model Checker MRMC
QEST '09: Proceedings of the 2009 Sixth International Conference on the Quantitative Evaluation of SystemsThe Markov Reward Model Checker (MRMC) is a software toolfor verifying properties over probabilistic models.It supports PCTL and CSL model checking, and their rewardextensions.Distinguishing features of MRMC are its support for computing time- and ...






Comments