1.6 Behavioral Equivalence

2

• Two very important concepts in the study and analysis of programs– Equivalence between programs– Congruence between statements

– Replacing statements and programs

3

•Consider the two programs: P1::[ out x:integer where x=0 l0: x:=1 :l0’ ]

P2::[ out x:integer where x=0 local t:integer where t=0 l0: t:=1 :l0’ l1: x:=t :l1’ ]

4

• Computation generated by P1 – <{l0},0>,<{l0’,1}>,<{l0’},1>, …

• Computation generated by P2 – <{l0},0,0>,<{l1},0,1>,<{l1’},1,1>,<{l1’},1,1}>,…

• Computations contain too much distinguishing information, irrelevant to the correctness of the program, like – Control variable – Local variables

5

•Observable variables: O a subset of state variables – Usually input or output variables – Control variables are never observable

• Label renaming =>equivalent programs

6

• We define the observable state corresponding to s, denoted by s|O, to be the restriction of s to just the observable variables O.

• Thus, s|O is an interpretation of O that coincides with s on all the variables in O.

7

• Given a computation

• σ :s0, s1, …

• We define the observable behavior corresponding to َ� to be the sequence

• َ�σ o : s0 |O, s1 |O, …

8

• For P1 and P2, and O={x}, observable behaviors:

•σ1O َ: َ<0>, َ<1>, َ<1>, َ…

•σ2O َ: َ<0>, َ<0>, َ<1>, َ<1>, َ…

9

Reduced behavior

• The reduced behavior σr َ

– relative َto َO,– corresponding َto َa َcomputation َσ, َ

is َthe َsequence َobtained َfrom َσ َby َthe َfollowing َtransformations:

• Replace َeach َstate َsi َby َits َobservable َpart َsi|O

• Omit َfrom َthe َsequence َeach َobservable َstate َthat َis َidentical َto َits َpredecessor َbut َnot َidentical َto َall َof َits َsuccessors.– Not َto َdelete َthe َinfinite َsuffix.

10

• Applying َthese َtransformations َto َthe َcomputations َσ1 َ َand َσ2

• or َjust َthe َsecond َtransformation َto َσ2

O

•σ1r َ: َ<0>, َ<1>, َ<1>, َ…

•σ2r َ: َ<0>, َ<1>, َ<1>, َ…

11

Equivalence of transition systems

• For a basic transition system P, we denote by R(P) the set of all reduced behaviors generated by P.

• Let P1 and P2 be two basic transition systems • and O subsetof Π1 intersect Π2 be a set of variables

(observable variables for both systems).• The systems P1 and P2 are defined to be

equivalent (relative to O), denoted by P1~P2, if R(P1)=R(P2).

12

• Which is equivalent to which?

• Q1::[out x: integer where x=0; x:=2]• Q2::[out x: integer where x=0; x:=1; x:=x+1]• Q3::[out x: integer where x=0; [local t: integer;

t:=1; x:=t+1]]

• Observable set?

13

• Congruence between statements – To explain the meaning of a statement S by

another more familiar statement S’, that is congruent to S (perform the same task as S), but may be more efficient.

14

Congruence of statements

• Consider the two statements:

• T1::[x:=1;x:=2]

• T2::[x:=1;x:=x+1]

Viewing them as the bodies of programs, they are equivalent:

• P1::[out x: integer where x=0;T1]

• P2::[out x: integer where x=0;T2]

15

• Our expectation about equivalent statements is that they are completely interchangeable: the behavior of a program containing T1 will not change when we replace an occurrence of T1 with T2.

16

Consider Q1 and Q2:

• Q1:: [out x: integer where x=0;[T1 || x:=0]]

• Q2:: [out x: integer where x=0;[T2 || x:=0]]

• Are they equivalent?

Obtain the set of reduced behaviors of Q1 and Q2.

17

• Let P[S] be a program context, which is a program in which statement variable S appears as one of the statements.

• For example: Q[S]:: [out x: integer where x=0;[S|| x:=0]]

• Let programs P[S1] and P[S2] be the programs obtained by replacing statement variable S with the concrete statements S1 and S2, respectively.

• Statements S1 and S2 are defined to be congruent, denoted by S1~S2, if P[S1]~P[S2] for every program context P[S].

18

examples

• Commutativity– Selection and cooperation constructions are

commutative.• [S1 or S2] ~ [S2 or S1]• [S1 || S2] ~[S2 || S1]

• Associativity– Concatenation, selection, and cooperation

constructions are all associative.• [S1;[S2;S3]] ~ [[S1;S2];S3]~[S1;S2;S3]• For or and ||

19

• S~ [S; skip]

What about:• S1 :: [await x]• S2 :: [skip; m: await x] ?

Consider:P[S]:: [out x: boolean where x=F l0: [S or [await !x]]; l1: x:=T :l1’]

20

• P[S2] may deadlock, while P[S1] may not.

21

• await c ~ while !c do skip

• Implementing await by busy waiting

• Problem 1.3

22

Implementation versus emulation

• Replacement of two programs may be desirable, for example in the case that one is expressed in terms of high-level constructs that are not directly available on a considered machine.

• There are two possible relations;– Emulation – implementation

23

• P2 emulates P1 if they are equivalent, i.e., if their sets of reduced behaviors are equal (a symmetric relation).

• P2 implements P1 if the set of reduced behaviors of P2 is a subset of the set of reduced behaviors of P1.

24

Example:

P1::[ out x, y: integer where x=0, y=0

loop forever do

[x:=x+1 or y:=y+1]]

P2::[ out x, y: integer where x=0, y=0

loop forever do

[x:=x+1 ; y:=y+1]]

25

• Emulation and implementation relations between statements:– The statement S2 emulates statement S1 if

P[S2] emulates P[S1] for every program context P[S].

– S2 emulates S1 iff S2 is congruent to S1.– The statement S2 implements statement S1

if P[S2] implements P[S1] for every program context P[S].

26

• What are the relations?– While !c do skip ?? await c– x:=x+1 ?? [[x:=x+1] or [y:=y+1]]– S2= await x ?? S1=[await x] or [await y]– S3=await (x or y) ?? S1=[await x] or [await y]

27

An example to compare S1 and S2 and S3:

[local x,y : boolean where x=F, y=T

out z: integer where z=0

S; z:=1]

28

1.7 Grouped Statements

• In our text language, an atomic step (corresponding to a single transition taken in a computation),

consists of the execution of at most one statement of the program.

29

• We define a class of statements as elementary statements.

• These statements can be grouped together.• The elementary statements:

– Skip, assignment, and await statements – If S, S1, …, Sk are elementary statements, then so are:

• When c do S• If c then S1 else S2• [S1 or … or Sk]• [S1; …; Sk]

– Any statement containing: cooperation or a while statement is not elementary.

30

• If S is an elementary statement, then <S> is a grouped statement.

• Example: <y:=y-1; await y=0; y:=1>

• Execution of this grouped statement calls for the uninterrupted and successful execution of the three statements participating in the group in succession.

• This grouped statement is congruent to the statement await y=1

• This interpretation implies that execution of a grouped statement cannot be started unless its successful termination is guaranteed.

31

The transition associated with a grouped statement

• Product of transitions– Let and be two transitions.– Product of and , denoted by o , is

• s”

32

1.8 Semaphore Statement

33

1.9 Region statement

34

1.10 Mode 3: Message-Passing Text

35

1.11 Model 4: Petri Nets