A Decomposition Rule for the Hoare Logic

The Hoare logic introduced by Hoare [3] in 1969 is a good logical system to formalize the meaning of programs and programmin, ?mguages. It can also be used for program verification by band [l] and by computer [4]. There are two types of mechanical program verification. In [4], loop-invariants are given by hand and the consistencies between assertions are proved as theorems by computer. In [2,5,6], attempts have been made to generate loop-invarian t;; automatically, resulting in successful verification of a number of programs being correct and runtime error-free. Mechanical program verification by the Hoare logic has not, however, been very successful since it involves theorem proving, the complexity of which grows rapidly as the length of the program to be proved increases. This article presents a mechanism, called a decomposition rule, which reduces the complexity of theorem proving involved in program verification by the Hoare logic, and also works as a good heuristic for generating a correct postcondition for a program segment. The rule is simple and more specific than those in the references mentioned above, and is easy to use when the precondition for a program segment can be decomposed into several conditions.