General correctness: A unification of partial and total correctness

Summary General correctness, which subsumes partial and total correctness, is defined for both weakest preconditions and strongest postconditions. Healthiness properties for general-correctness predicate transformers are more uniform and complete than those for partial- and total-correctness systems. In fact, the healthiness properties for partial and total correctness are simple restrictions of those for general correctness. General correctness allows simple formulations of the connections between weakest and strongest postconditions and between the notions of weakest precondition under the demonic and angelic interpretations of nondeterminism. A problem that plagues sp-sp(P, C) is undefined if execution of C begun in some state of P may not terminate — disappears with the generalization.This paper is a study of some simple theory underlying predicate transformer semantics, and as yet has little bearing on current programming practices. The theory uses a relational model of programs.This work was supported by the National Science Foundation under grant MCS-81-03605 and by the second author's Guggenheim Fellowship. This paper is based on the first author's Ph.D. thesis at Cornell.