Semantically based axiomatics

Abstract

This paper discusses some fundamental issues related to the construction of semantically based axiomatic proof systems for reasoning about program behavior. We survey foundational work in this area, especially early work of Hoare and Cook on while-programs, and we try to pinpoint the principal ideas contained in this work and to suggest criteria for an appropriate generalization (faithful to these ideas) to a wider variety of programming languages. We argue that the adoption of a mathematically clean semantic model should lead to a natural choice of assertion language(s) for expressing properties of program terms, and to syntax-directed proof systems with clear and simple rules for program constructs. Hoare's ideas suggest that in principle syntax-directed reasoning is possible for all syntactic categories (declarations, commands, even expressions) and all semantic attributes (partial correctness of commands, aliasing properties of declarations, L- or R-values of expressions, proper use of variables, and so on). Semantic insights may also influence assertion language design by suggesting the need for certain logical connectives at the assertion level. This point is obscured by the fact that Hoare's logic for while-programs needed no assertion connectives (although of course the usual logical connectives are permitted inside pre- and post-conditions), but an application of our method to a class of parallel programming languages brings out the idea well: semantic analysis suggests the use of conjunctions at the assertion level. We argue that this method can lead to proof systems which avoid certain inelegant features of some earlier systems: specifically, we avoid the need for “extralogical” and “non-compositional” notions such as interference checks and auxiliary variables. We also discuss the author's applications of these techniques to other programming languages, and point to some future research directions continuing this work. Although we do not have a completely satisfactory general theory of semantically based axiomatization, and consequently some of our techniques may seem rather ad hoc to the reader, we hope that our ideas have some merit.