research-article

Open access

Outcome Logic: A Unifying Foundation for Correctness and Incorrectness Reasoning

Authors:

Noam Zilberstein,

Alexandra SilvaAuthors Info & Claims

Proceedings of the ACM on Programming Languages, Volume 7, Issue OOPSLA1

Article No.: 93, Pages 522 - 550

https://doi.org/10.1145/3586045

Published: 06 April 2023 Publication History

Abstract

Program logics for bug-finding (such as the recently introduced Incorrectness Logic) have framed correctness and incorrectness as dual concepts requiring different logical foundations. In this paper, we argue that a single unified theory can be used for both correctness and incorrectness reasoning. We present Outcome Logic (OL), a novel generalization of Hoare Logic that is both monadic (to capture computational effects) and monoidal (to reason about outcomes and reachability). OL expresses true positive bugs, while retaining correctness reasoning abilities as well. To formalize the applicability of OL to both correctness and incorrectness, we prove that any false OL specification can be disproven in OL itself. We also use our framework to reason about new types of incorrectness in nondeterministic and probabilistic programs. Given these advances, we advocate for OL as a new foundational theory of correctness and incorrectness.

References

[1]

Krzysztof R. Apt. 1981. Ten Years of Hoare’s Logic: A Survey–Part I. ACM Trans. Program. Lang. Syst., 3, 4 (1981), oct, 431–483. issn:0164-0925 https://doi.org/10.1145/357146.357150

Digital Library

[2]

Flavio Ascari, Roberto Bruni, and Roberta Gori. 2022. Limits and difficulties in the design of under-approximation abstract domains. In Foundations of Software Science and Computation Structures, Patricia Bouyer and Lutz Schröder (Eds.). Springer International Publishing, Cham. 21–39. isbn:978-3-030-99253-8 https://doi.org/10.1007/978-3-030-99253-8_2

Digital Library

[3]

Gilles Barthe, Thomas Espitau, Marco Gaboardi, Benjamin Grégoire, Justin Hsu, and Pierre-Yves Strub. 2018. An Assertion-Based Program Logic for Probabilistic Programs. In Programming Languages and Systems, Amal Ahmed (Ed.). Springer International Publishing, Cham. 117–144. isbn:978-3-319-89884-1 https://doi.org/10.1007/978-3-319-89884-1_5

[4]

Gilles Barthe, Justin Hsu, and Kevin Liao. 2019. A Probabilistic Separation Logic. Proc. ACM Program. Lang., 4, POPL (2019), Article 55, Dec., 30 pages. https://doi.org/10.1145/3371123

Digital Library

[5]

Kevin Batz, Benjamin Lucien Kaminski, Joost-Pieter Katoen, Christoph Matheja, and Thomas Noll. 2019. Quantitative Separation Logic: A Logic for Reasoning about Probabilistic Pointer Programs. Proc. ACM Program. Lang., 3, POPL (2019), Article 34, Jan, 29 pages. https://doi.org/10.1145/3290347

Digital Library

[6]

Roberto Bruni, Roberto Giacobazzi, Roberta Gori, and Francesco Ranzato. 2021. A Logic for Locally Complete Abstract Interpretations. In 2021 36th Annual ACM/IEEE Symposium on Logic in Computer Science (LICS). 1–13. https://doi.org/10.1109/LICS52264.2021.9470608

Digital Library

[7]

Roberto Bruni, Roberto Giacobazzi, Roberta Gori, and Francesco Ranzato. 2023. A Correctness and Incorrectness Program Logic. J. ACM, feb, issn:0004-5411 https://doi.org/10.1145/3582267 Just Accepted.

Digital Library

[8]

Cristiano Calcagno, Dino Distefano, Peter O’Hearn, and Hongseok Yang. 2009. Compositional Shape Analysis by Means of Bi-Abduction. In Proceedings of the 36th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL ’09). Association for Computing Machinery, New York, NY, USA. 289–300. https://doi.org/10.1145/1480881.1480917

Digital Library

[9]

Cristiano Calcagno, Dino Distefano, Peter W. O’Hearn, and Hongseok Yang. 2011. Compositional Shape Analysis by Means of Bi-Abduction. J. ACM, 58, 6 (2011), Article 26, Dec, 66 pages. issn:0004-5411 https://doi.org/10.1145/2049697.2049700

Digital Library

[10]

Cristiano Calcagno, Peter W. O’Hearn, and Hongseok Yang. 2007. Local Action and Abstract Separation Logic. In 22nd Annual IEEE Symposium on Logic in Computer Science (LICS 2007). 366–378. https://doi.org/10.1109/LICS.2007.30

Digital Library

[11]

Thibault Dardinier and Peter Müller. 2023. Hyper Hoare Logic: (Dis-)Proving Program Hyperproperties (extended version). https://doi.org/10.48550/ARXIV.2301.10037

[12]

Edsko de Vries and Vasileios Koutavas. 2011. Reverse Hoare Logic. In Software Engineering and Formal Methods, Gilles Barthe, Alberto Pardo, and Gerardo Schneider (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 155–171. isbn:978-3-642-24690-6 https://doi.org/10.1007/978-3-642-24690-6_12

[13]

Jerry den Hartog. 2002. Probabilistic Extensions of Semantical Models. Ph.D. Dissertation. Vrije Universiteit Amsterdam. https://core.ac.uk/reader/15452110

[14]

Edsger W. Dijkstra. 1975. Guarded Commands, Nondeterminacy and Formal Derivation of Programs. Commun. ACM, 18, 8 (1975), Aug, 453–457. issn:0001-0782 https://doi.org/10.1145/360933.360975

Digital Library

[15]

Edsger W. Dijkstra. 1976. A Discipline of Programming. Prentice-Hall. isbn:013215871X

Digital Library

[16]

Simon Docherty. 2019. Bunched logics: a uniform approach. Ph.D. Dissertation. University College London. https://discovery.ucl.ac.uk/id/eprint/10073115/

[17]

Michèle Giry. 1982. A categorical approach to probability theory. In Categorical Aspects of Topology and Analysis, B. Banaschewski (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg. 68–85. isbn:978-3-540-39041-1 https://doi.org/10.1007/BFb0092872

[18]

C. A. R. Hoare. 1969. An Axiomatic Basis for Computer Programming. Commun. ACM, 12, 10 (1969), Oct., 576–580. issn:0001-0782 https://doi.org/10.1145/363235.363259

Digital Library

[19]

C. A. R. Hoare. 1978. Some Properties of Predicate Transformers. J. ACM, 25, 3 (1978), Jul, 461–480. issn:0004-5411 https://doi.org/10.1145/322077.322088

Digital Library

[20]

Ralf Jung, Robbert Krebbers, Jacques-Henri Jourdan, Aleš Bizjak, Lars Birkedal, and Derek Dreyer. 2018. Iris from the ground up: A modular foundation for higher-order concurrent separation logic. Journal of Functional Programming, 28 (2018), https://doi.org/10.1017/S0956796818000151

[21]

Ralf Jung, David Swasey, Filip Sieczkowski, Kasper Svendsen, Aaron Turon, Lars Birkedal, and Derek Dreyer. 2015. Iris: Monoids and Invariants as an Orthogonal Basis for Concurrent Reasoning. In Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL ’15). Association for Computing Machinery, New York, NY, USA. 637–650. isbn:9781450333009 https://doi.org/10.1145/2676726.2676980

Digital Library

[22]

Benjamin Lucien Kaminski. 2019. Advanced weakest precondition calculi for probabilistic programs. RWTH Aachen University. Aachen. https://doi.org/10.18154/RWTH-2019-01829 Veröffentlicht auf dem Publikationsserver der RWTH Aachen University; Dissertation, RWTH Aachen University, 2019.

[23]

Michael J. Kearns and Umesh V. Vazirani. 1994. An Introduction to Computational Learning Theory. MIT Press, Cambridge, MA, USA. isbn:0262111934

Digital Library

[24]

Dexter Kozen. 1979. Semantics of probabilistic programs. In 20th Annual Symposium on Foundations of Computer Science (SFCS ’79). 101–114. https://doi.org/10.1109/SFCS.1979.38

Digital Library

[25]

Dexter Kozen. 1983. A Probabilistic PDL. In Proceedings of the Fifteenth Annual ACM Symposium on Theory of Computing (STOC ’83). Association for Computing Machinery, New York, NY, USA. 291–297. isbn:0897910990 https://doi.org/10.1145/800061.808758

Digital Library

[26]

Dexter Kozen. 1997. Kleene Algebra with Tests. ACM Trans. Program. Lang. Syst., 19, 3 (1997), May, 427–443. issn:0164-0925 https://doi.org/10.1145/256167.256195

Digital Library

[27]

Quang Loc Le, Azalea Raad, Jules Villard, Josh Berdine, Derek Dreyer, and Peter W. O’Hearn. 2022. Finding Real Bugs in Big Programs with Incorrectness Logic. Proc. ACM Program. Lang., 6, OOPSLA1 (2022), Article 81, Apr, 27 pages. https://doi.org/10.1145/3527325

Digital Library

[28]

Sheng Liang, Paul Hudak, and Mark Jones. 1995. Monad Transformers and Modular Interpreters. In Proceedings of the 22nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL ’95). Association for Computing Machinery, New York, NY, USA. 333–343. isbn:0897916921 https://doi.org/10.1145/199448.199528

Digital Library

[29]

Christoph Lüth and Neil Ghani. 2002. Composing Monads Using Coproducts. In Proceedings of the Seventh ACM SIGPLAN International Conference on Functional Programming (ICFP ’02). Association for Computing Machinery, New York, NY, USA. 133–144. isbn:1581134878 https://doi.org/10.1145/581478.581492

Digital Library

[30]

Petar Maksimović, Caroline Cronjäger, Julian Sutherland, Andreas Lööw, Sacha-Élie Ayoun, and Philippa Gardner. 2022. Exact Separation Logic. https://doi.org/10.48550/ARXIV.2208.07200

[31]

Bernhard Möller, Peter O’Hearn, and Tony Hoare. 2021. On Algebra of Program Correctness and & Incorrectness. In Relational and Algebraic Methods in Computer Science: 19th International Conference, RAMiCS 2021, Marseille, France, November 2–5, 2021, Proceedings. Springer-Verlag, Berlin, Heidelberg. 325–343. isbn:978-3-030-88700-1 https://doi.org/10.1007/978-3-030-88701-8_20

Digital Library

[32]

Carroll Morgan, Annabelle McIver, and Karen Seidel. 1996. Probabilistic Predicate Transformers. ACM Trans. Program. Lang. Syst., 18, 3 (1996), may, 325–353. issn:0164-0925 https://doi.org/10.1145/229542.229547

Digital Library

[33]

Peter W. O’Hearn. 2004. Resources, Concurrency and Local Reasoning. In CONCUR 2004 - Concurrency Theory, Philippa Gardner and Nobuko Yoshida (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 49–67. isbn:978-3-540-28644-8 https://doi.org/10.1016/j.tcs.2006.12.035

Digital Library

[34]

Peter W. O’Hearn. 2019. Incorrectness Logic. Proc. ACM Program. Lang., 4, POPL (2019), Article 10, Dec., 32 pages. https://doi.org/10.1145/3371078

Digital Library

[35]

Peter W. O’Hearn and David J. Pym. 1999. The Logic of Bunched Implications. The Bulletin of Symbolic Logic, 5, 2 (1999), 215–244. issn:10798986 http://www.jstor.org/stable/421090

[36]

Peter W. O’Hearn, John C. Reynolds, and Hongseok Yang. 2001. Local Reasoning about Programs That Alter Data Structures. In Proceedings of the 15th International Workshop on Computer Science Logic (CSL ’01). Springer-Verlag, Berlin, Heidelberg. 1–19. isbn:3540425543 https://doi.org/10.1007/3-540-44802-0_1

[37]

Benjamin C. Pierce. 1991. Basic Category Theory for Computer Scientists. MIT Press. https://doi.org/10.7551/mitpress/1524.001.0001

[38]

Azalea Raad, Josh Berdine, Hoang-Hai Dang, Derek Dreyer, Peter O’Hearn, and Jules Villard. 2020. Local Reasoning About the Presence of Bugs: Incorrectness Separation Logic. In Computer Aided Verification, Shuvendu K. Lahiri and Chao Wang (Eds.). Springer International Publishing, Cham. 225–252. isbn:978-3-030-53291-8 https://doi.org/10.1007/978-3-030-53291-8_14

Digital Library

[39]

Azalea Raad, Josh Berdine, Derek Dreyer, and Peter W. O’Hearn. 2022. Concurrent Incorrectness Separation Logic. Proc. ACM Program. Lang., 6, POPL (2022), Article 34, Jan, 29 pages. https://doi.org/10.1145/3498695

Digital Library

[40]

Robert Rand and Steve Zdancewic. 2015. VPHL: A Verified Partial-Correctness Logic for Probabilistic Programs. In Electronic Notes in Theoretical Computer Science. 319, 351–367. issn:1571-0661 https://doi.org/10.1016/j.entcs.2015.12.021 The 31st Conference on the Mathematical Foundations of Programming Semantics (MFPS XXXI).

Digital Library

[41]

J.C. Reynolds. 2002. Separation logic: a logic for shared mutable data structures. In Proceedings 17th Annual IEEE Symposium on Logic in Computer Science. 55–74. https://doi.org/10.1109/LICS.2002.1029817

[42]

Joseph Tassarotti and Robert Harper. 2019. A Separation Logic for Concurrent Randomized Programs. Proc. ACM Program. Lang., 3, POPL (2019), Article 64, Jan, 30 pages. https://doi.org/10.1145/3290377

Digital Library

[43]

Hongseok Yang. 2001. Local Reasoning for Stateful Programs. Ph.D. Dissertation. USA. isbn:049335008X https://dl.acm.org/doi/10.5555/933728

[44]

Cheng Zhang, Arthur Azevedo de Amorim, and Marco Gaboardi. 2022. On Incorrectness Logic and Kleene Algebra with Top and Tests. Proc. ACM Program. Lang., 6, POPL (2022), Article 29, jan, 30 pages. https://doi.org/10.1145/3498690

Digital Library

[45]

Linpeng Zhang and Benjamin Lucien Kaminski. 2022. Quantitative Strongest Post: A Calculus for Reasoning about the Flow of Quantitative Information. Proc. ACM Program. Lang., 6, OOPSLA1 (2022), Article 87, apr, 29 pages. https://doi.org/10.1145/3527331

Digital Library

[46]

Noam Zilberstein, Derek Dreyer, and Alexandra Silva. 2023. Outcome Logic: A Unifying Foundation of Correctness and Incorrectness Reasoning (Full Version). https://doi.org/10.48550/arXiv.2303.03111

Cited By

Dardinier TMüller P(2024)Hyper Hoare Logic: (Dis-)Proving Program HyperpropertiesProceedings of the ACM on Programming Languages10.1145/36564378:PLDI(1485-1509)Online publication date: 20-Jun-2024
https://dl.acm.org/doi/10.1145/3656437
Zilberstein NSaliling ASilva A(2024)Outcome Separation Logic: Local Reasoning for Correctness and Incorrectness with Computational EffectsProceedings of the ACM on Programming Languages10.1145/36498218:OOPSLA1(276-304)Online publication date: 29-Apr-2024
https://dl.acm.org/doi/10.1145/3649821
Ramsay SWalpole C(2024)Ill-Typed Programs Don’t EvaluateProceedings of the ACM on Programming Languages10.1145/36329098:POPL(2010-2040)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3632909
Show More Cited By

Index Terms

Outcome Logic: A Unifying Foundation for Correctness and Incorrectness Reasoning
1. Theory of computation
  1. Logic
  2. Semantics and reasoning
    1. Program reasoning
      1. Program specifications

Recommendations

A Correctness and Incorrectness Program Logic
Abstract interpretation is a well-known and extensively used method to extract over-approximate program invariants by a sound program analysis algorithm. Soundness means that no program errors are lost and it is, in principle, guaranteed by construction. ...
Concurrent incorrectness separation logic

Incorrectness separation logic (ISL) was recently introduced as a theory of under-approximate reasoning, with the goal of proving that compositional bug catchers find actual bugs. However, ISL only considers sequential programs. Here, we develop ...
Substructural logic and partial correctness

We formulate a noncommutative sequent calculus for partial correctness that subsumes propositional Hoare Logic. Partial correctness assertions are represented by intuitionistic linear implication. We prove soundness and completeness over relational and ...

Comments

Information & Contributors

Information

Published In

cover image Proceedings of the ACM on Programming Languages

Proceedings of the ACM on Programming Languages Volume 7, Issue OOPSLA1

April 2023

901 pages

EISSN:2475-1421

DOI:10.1145/3554309

Editor:
Michael Hicks
Amazon, USA

Issue’s Table of Contents

Copyright © 2023 Owner/Author.

This work is licensed under a Creative Commons Attribution 4.0 International License.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 April 2023

Published in PACMPL Volume 7, Issue OOPSLA1

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
1,039
Total Downloads

Downloads (Last 12 months)778
Downloads (Last 6 weeks)92

Reflects downloads up to 13 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Dardinier TMüller P(2024)Hyper Hoare Logic: (Dis-)Proving Program HyperpropertiesProceedings of the ACM on Programming Languages10.1145/36564378:PLDI(1485-1509)Online publication date: 20-Jun-2024
https://dl.acm.org/doi/10.1145/3656437
Zilberstein NSaliling ASilva A(2024)Outcome Separation Logic: Local Reasoning for Correctness and Incorrectness with Computational EffectsProceedings of the ACM on Programming Languages10.1145/36498218:OOPSLA1(276-304)Online publication date: 29-Apr-2024
https://dl.acm.org/doi/10.1145/3649821
Ramsay SWalpole C(2024)Ill-Typed Programs Don’t EvaluateProceedings of the ACM on Programming Languages10.1145/36329098:POPL(2010-2040)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3632909
Cousot P(2024)Calculational Design of [In]Correctness Transformational Program Logics by Abstract InterpretationProceedings of the ACM on Programming Languages10.1145/36328498:POPL(175-208)Online publication date: 5-Jan-2024
https://dl.acm.org/doi/10.1145/3632849
Lesani M(2024)Vulnerability Flow Type Systems2024 IEEE Security and Privacy Workshops (SPW)10.1109/SPW63631.2024.00020(157-168)Online publication date: 23-May-2024
https://doi.org/10.1109/SPW63631.2024.00020
Beutner R(2024)Automated Software Verification of HyperlivenessTools and Algorithms for the Construction and Analysis of Systems10.1007/978-3-031-57249-4_10(196-216)Online publication date: 6-Apr-2024
https://dl.acm.org/doi/10.1007/978-3-031-57249-4_10
Kondratyev D(2023)Logic for reasoning about bugs in loops over data sequences (IFIL)Modeling and Analysis of Information Systems10.18255/1818-1015-2023-3-214-23330:3(214-233)Online publication date: 17-Sep-2023
https://doi.org/10.18255/1818-1015-2023-3-214-233

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Media

Figures

Other

Tables

View Issue’s Table of Contents