A General Proof Rule for Procedures in Predicate Transformer Semantics

Abstract

Given a general definition of the procedure call based on the substitution rule for assignment, a general proof rule is derived for procedures with unrestricted value, result, and value- result parameters, and global variables in the body of the procedure. It is then extended for recursive procedures. Assuming that it has been proved that the body establishes a certain postcondition I, the "intention," for a certain precondition J, the proof rule permitting to determine under which conditions a certain procedure call establishes the post condition E, the "extension", is based on finding an "adaptation" A , a s weak as possible, such that A ~ I -- E ( E ' is derived from E by some substitution of parameter variables.) It is preferable, but not essential, that the body be "transparent " for the value parameters, i.e . , that the value parameters are not changed by the body.