Termination of programs represented as interpreted graphs *

by ZOHAR MANNA**

Carnegie-Mellon University Pittsburgh, Pennsylvania

INTRODUCTION

This work is concerned with the termination problem of interpreted graphs. An interpreted graph can be con-sidered as an abstract model of algorithms; it consists of a directed graph, where:

1. With each vertex v, there is associated a domain Dv ,

and

2. With each arc a leading from vertex v to vertex v', there is associated a total test predicate Pa(Dv ~

{T, F}) and a total function fa(Dv*~Dvl), where Dv* = {xl x E Dv /\ Pa(X) = T}.

Let us represent by a state vector x the current values of the variables during an execution of an inter-preted graph lG. An execution of lG may start from any vertex v with any initial state vector xoE Dv. If during execution we reach vertex v with state vector x, P a (x) represents the condition that arc a (leading from v) may be entered, and fa represents the operation of changing the state vector x to fa (x) when control moves along area. Execution will}:lalt on vertex v, with state vector x, if and only if no predicate on any arc leading from v is true for x. An interpreted graph terminates if and only if all the executions of lG terminate.

Our main result is a sufficient condition for the termination of interpreted graphs defined by means of well-ordered sets. This result has applications in proving the termination of various classes of algorithms.

Floyd ¹ has discussed the use of well-ordered sets for proving the termination of programs.

* This work is based on the author's Ph.D. Thesis.² The work was supported by the Advanced Research Projects Agency of the Office of the Secretary of Defense (SD-146).

** Present address-Computer Science Department, Stanford University, Stanford, California.

83

WELL-ORDERED SETS

A pair (8,

> )

is called an ordered set, provided that 8 is a set and

»

is a relation defined for every pair of distinct elements a and b of 8, and satisfies the following two conditions:

1. If a ~ b, then either a

»

b or b

»

a;

2. If a

»

^{band b}

»

c, then a

»

c (i.e., the relation is transitive) .

A well-ordered set W is an ordered set (8, ») in which every non-empty subset has a first element;

equivalently, in which every decreasing sequence of elements a

»

b

»

c··· has only finitely many elements.

For example,

1. I I + (the set of all non-negative integers) is well-ordered by its natural order, i.e.,

to,

1, 2,3, ... }.

2. In + (the set of all n-tuples of non-negative integers for some fixed n, n ~ 1) is well-ordered by the usual lexicographic order, i.e., (al)~'···' an)

»

(bl, b2, • • • ; bn ) if and only if al = bl, ~ = b2,

ak-l = bk-1, ak

>

bk ^{for some} k, 1 :::; k :::; n.

DIRECTED GRAPHS

A directed graph G (graph, for short) is an ordered triple (V,·L, A) where:

1. V is a non-empty finite set of elements called the vertices of G;

2. L is a non-empty set of elements called the labels of G; and

3. A is a non-empty set of ordered triples (v, l, v') E V X L X V called the arcs of G.

Note that L and A may be infinite sets. If L and A are finite sets, G is called a finite directed graph.

84 Spring Joint Computer Conference, 1970

A finite path of a graph G (path, for short) is a finite sequence of n, n ~ 1, arcs of G of the form:

We say that:

1. The path joins the vertices ViI and Vin+1 and meets the vertices ViI' Vi2' "', Vin^+1'

2. The path is elementary if the vertices ViI' Vi2' ••• , Vin+l are distinct. .

3. The path is a cycle if the vertex ViI coincides with the vertex Vin+l; it is an elementary cycle if in addition the vertices VilJ Vi2' ••• , Vin are distinct.

We define a cut set of a graph G as a set of vertices having the property that every cycle of G meets at least one vertex of the set.

A graph G is said to be strongly connected if there is a path joining any ordered pair of distinct vertices of G.

Let G be a graph (V, L, A ). We define a subgraph GI ⁼ (VI, L, AI) of G as the triple consisting of VI, L and AI, where VI is a subset of V and Al is defined by Al = A

n

(VI X L X VI).

A subgraph GI = (VI, L, AI) of G is said to be a strongly connected component of G if:

1. GI is strongly connected, and

2. For all subsets V2 C V such that V2 ~ VI and V 2 ::) VI, the subgr;ph G2 = (V2' L, A 2) ^{is not} strongly connected.

A tree T == (V, L, A, r) is a directed graph (V, L, A) with a distinguished root rE V, such that for every V E V (v ~ r) there is at least one path joining rand v. * INTERPRETED GRAPHS

An interpreted graph 1G consists of a directed graph (V, L, A), where

1. With each vertex vE V, there is associated a domain Dv , and

2. With each arc a = (v, l, v') E A, there is associated a total test predicate P a which maps Dv into {T, F}, and a total function fa which maps Dv* into DV^{1 ,} where Dv* ⁼ {x

I

x E Dv /\ Pa(X) ⁼ T}.

Let (vo, xo) E V X D Vo be an arbitrary pair of an interpreted graph 1G. A (vo, xo)-execution sequence of

* Note that the standard definition of a tree has the restriction that for every vE V (v ¢ r) there must be exactly one path joining r and v.

1G is a (finite or infinite) sequence of the form

leo) l(I) l(2)

(v(O), x(O))~(v(I), x(I))~(V(2\ X(2))~ ••• , where

1. v(j) E V, l(j) ELand xU) E DvW for all j ~ 0;

2. (v(O), x(O)) is (vo, xo);

l(j) . . . ,

3. If (v(j), x(j))~(v()+l), X(J+I)) IS III the sequence, then there exists an arc a = (v(j), lW, V(Hl)) E A such that P aXU) = T and fax(j) = X(Hl);

4. If the sequence is finite and the last pair in the se-quence is (v(n), x(n)), then for all arcs a E A leading from v(n): P ax(n) = F.

The definition of an interpreted graph 1G allows the existence of a vertex vE V, an xEDv, and two distinct arcs a, bE A leading from v-such that both Pax = T and PbX = T, i.e., the predicates on all arcs leading from the vertex V are not necessarily mutually exclusive. It follows that for the fixed pair (vo, xo) E VXDvo, there may exist many distinct (vo, xo)-execution sequences of 1G. For this reason, the execution process of an interpreted graph, starting with the pair (vo, xo), is best described by a tree.

The execution tree T(vo, xo) of 1G is the tree (V', L,A', (vo, xo)), where:

1. The set of vertices V'is the set of all pairs (v, x) E V X Dv occurring in some (vo, xo)-execution se-quence of 1G.

2. L is the set of labels of 1G;

3. The set of arcs A' is the set of all triples ((v, x), l, (v', y)) E V' X L X V', such that (v, x) ~ (v', y) occurs in some (vo, xo)-execution sequence of 1G; and 4. (vo, xo) E V'is the_ root vertex of the tree.

Example

Let us consider the interpreted graph 1G* (Figure 1), where DV1 · = DV2 = {the integers}. There are three

Q

Figure I-The interpreted graph fG*

£

Termination of Programs Represented as Interpreted Graphs 85

(VI, -4)-execution sequences of IG*, namely

and

4 (V2' 2) ~ (VI, -1) 4 (V2, 1) ~ (VI, 0).

The execution tree T(vI,-4) of IG* is presented in Figure 2.

TER1VIINATION OF INTERPRETED GRAPHS Definition

An interpreted graph is said to terminate if all its execution sequences are finite, i.e., for every pair

(Vo, xo) E V X Dvo all the (vo, xo) -execution sequences are finite.

Notations

Let ex

=

(al,~,···J aq), where aj = (vCi), l(j),

vCiH» E A for 1 ~ j ~ q, be any path of an interpreted graph. Then let

1. fa(x) stand for faq(· •• (fa2( fal (x) )) ••• ), and 2. Pa(X) stand for

x EDv(1) 1\ Pal (X)

q

1\ 1\ P aj (faj_l(faj_2(···(fa2(fal(X»)) ••• )))

j=2

Theorem 1

Le;t IG be an interpreted graph. If there exist:

1. A cut set V* of the vertices V of IG, and 2. For every vertex ^V E V*, a well-ordered set Wv

(Sv,

>

v) and a total function Fv which maps Dv into Sv,

such that,

3. For every cycle ex of IG:

l(1) l(2) l(q-l) l(q)

V(1)~V(2)._~V(3) ••• v(q-IL-~v(q)~v(l)

(where ^vel) E V* and ^V(k) ~ vel) for alII

<

^{k ~ q),}

and for every x such that Pa(X) = T:

Fv(l) (x)

>

v(I)Fv(l) (fa (X») then IG terminates.*

Proof

Proof by contradiction.

Let us assume that IG does not terminate, i.e., there exists an infinite execution sequence "I in IG,

leo) l(1) l(2)

"I: (v(O), x(O» ~ (v(l), X(l» - - * (V(2), X(2» - - * .••.

Let ^"I' be the infinite path

ZOO) ZU) l~)

"I': v(0)--*V(I)--*V(2)~ • •••

Since IG, by definition, contains a finite set of vertices, and V*' is a cut set, it follows that there

* In Manna² it is proved, by the use of Konig's Infinity Lemma, that if IG consists of a finite directed graph, then this is also a necessary condition for the termination of IG.

86 Spring Joint Computer Conference, 1970

exists a vertex v* E V* that occurs infinitely many times in "I'.

Let vent), v(n2), vena), ••• (0 ^~ nj

<

njH for j ^~ 1) be the infinite, sequence of all occurrences of the vertex v* in "I'. Therefore, the infinite execution sequence "I

can be written as

leo) l(nl)

"I: (v(O), x(O») - - - t ••• (v(nl), x(nl») ~ •••

Then, by condition (3) it follows that

i.e., there is an infinite decreasing sequence in Wv

*.

But this contradicts the fact that W ^v

*

is a well-ordered

set. q.e.d.

The following corollaries follow directly from Theo-rem'1.

Corollary 1

Let IG be an interpreted graph. If there exist:

1. A cut set V* of the vertices V of IG, 2. A well-ordered set W = (8,

>-),

and

3. For every vert ax v E V*, a total function Fv that maps Dv into S,

such that

4. For every elementary path a of IG:

l(O l(2) l(q-l)

V(1)~V(2)~V(3) ••• V(q-I)~V(q)

(where v(l), v(q) E V* and v(j)

E

^V* for all j, 1

<

j

<

q), and for every x such that Pa(X) = T:

Fv(I)(X)

>-

Fv(q) (fa(x), then IG terminates.

Corollary 2

Let IG be an interpreted graph, which has a vertex v* common to all its (elementary) cycles.

If there exist a well-ordered set W = (S,

>-)

and a total function F which 'maps Dv

*

into S, such that for every elementary cycle a: v* ~ ••• ~ v* and for every x such that Pa(X) = T: F(x)

>-

^F(fa(x),

then IG terminates.

Definition

Let IG be an interpreted graph constructed from the directed graph G.

Then a strongly connected component IG' of IG con-sists of a strongly connected component G' =

(V', L, A') of G, where,

1. With each vertex v E V', there is associated the do-main Dv of IG and

2. With each arc a E A', there is associated the test predicate Pa and the function fa of IG.

Theorem 2

An interpreted graph I G terminates if and only if all its strongly connected components terminate.

Proof

(=}) Follows directly from the definition of termina-tion of interpreted graphs.

(¢=) Proof by contradiction.

Let us assume that IG does not terminate, i.e., there exists an infinite execution sequence "I in IG,

leO) l(O l(2)

"I: (v(O), x(O») ~ (V(l), X(l») ~ (V(2), X(2») - - - t •••.

Let "I' be the infinite path lro) lO) l~)

"I': vro)~V(1)~V(2)~ •••.

Since IG, by definition, contains a finite set of vertices, it follows that there exist finitely many vertices of G that meet "I' only a finite number of times.

Let v(nl ), v(n2 ), ••• , v(nq) (0 ~ nj

<

njH for 1 ~ j

<

q) be the list of their occurrences in "I"

It follows that all the vertices v(j) (j

>

nq ) of ^"I' are in some strongly connected component G' of G.

This implies that there exists a strongly connected component IG' of IG such that the infinite subse-quence of "I:

is an infinite execution sequence of IG', i.e., IG' does not terminate. Contradiction. q.e.d.

APPLICATIONS

The results of the preceding section can be used for proving termination of various classes of algorithms.

In this section we shall illustrate the use of the results for proving termination of programs and re-cursively defined functions.

Termination of Programs Represented as Interpreted Graphs 87

r.: -,D-D· , _____ J akk~

yes

{

(lsksn-1) --Q2: 1\ (2sisn + 1)

1\ (i, k,n integers)

i_i+l

1\ (2sisn) --Q3: 1\ (k + b:jsn + 1)

{

(l~k~n-1)

1\ (i, j, k,n integers)

Figure 3-A program for evaluating a determinant I aijl of order n, n 2:: 1, by Gaussian elimination

Example 1:

Consider the program (Figure 3)

*

for evaluating a determinant

I

aij

I

of order n, n ~ 1, by Gaussian elimination.

**

Here n is an integer constant , (a··) tJ 1<' .< -t.J-n

a r.eal array, D a real variable, and i, j, k integer varIables. We want to show that the program terminates for every positive integer n.

Since neither D nor any aij occurs in a test box or affects the value of any variable that occurs in a test box, it is clear that by erasing the three assignments, denoted by dashed boxes in Figure 3, we do not change the termination properties of the program.

One can verify easily that the set of predicates attached to the test boxes of the flowchart is a valid

* Ignorefor a moment the predicates qr, q2 and qa associated with the test boxes.

** We consider the division operator over the real domain as a total function. (Interpret, for example, r /0 as r /10-¹⁰ for every real r.)

0, j, k)+-O + 1, j, k)

d

(i, j, k)-(i, j -1, k)

e

+ - - - - 0 : { U~ ks n)

1 A (k, n integers)

a

(i, j, k)-(k + 1, j, k)

!

^{A A USkSn_l) (i, (2s k, is n +} nintegers) ¹⁾

0, j, k)-O, n, k)

{

USkSn_u A (2sisn) A (k:s j S n)

A (i, j, k, n integers)

Figure 4-The interpreted graph fGl

interpretation with respect to the initial predicate "n positive integer"; i.e., starting with any initial positive integer n, whenever the flow of control through the flowchart reaches the test box Bi the current values of the variables satisfy the predicate ^qi (see Floyd^1).

Let us construct now, from the .reduced program (Figure 3 without the dashed boxes), the appropriate interpreted graph 1G1 (Figure 4), such that each vertex ^Vi, 1 ~ i ~ 3, of Figure 4 corresponds to the test box Bi of Figure 3, and its domain Di is exactly the valid interpretation qi. Note that we have used Theorem 2 here, since we consider only the strongly connected component of our graph.

It is clear that, if the interpreted graph 1G1 termi-nates, then the given program terminates for every positive integer n. But the termination of 1G1 follows from Corollary 1, where

V* = {2, 3} is the cut set, W = 13+ is the well-ordered set, F2(i, j, k) = (n - 1 - k, n

+

^{1 -} i, n

+

¹⁾

is the mapping of D2 into W, and F3(i, j, k) (n - 1 - k, n

+

1 - i, j)

is the mapping of D3 into W.

88 Spring Joint Computer Conference, 1970

(x, y)- (rem(y, x), x)

a

(Xs y) A (rem(y, x) " 0) x>y

Figure 5-The interpreted graph IG2

Example 2:

Consider the function gcd(x, y) (McCarthy3).

gcd(x, y) computes the greatest common divisor of x and y (where x and yare positive integers), and is defined recursively using the Euclidean Algorithm by gcd(x, y)

=

^if x

>

y then gcd(y, x)

else if rem(y, x) = 0 then x

else gcd (rem (y, x), x), where rem(u, v) is the remainder of u/v.

We want to show that for every pair (x, y) of posi-tive integers, the recursive process for computing gcd(x, y) terminates.

Consider the interpreted graph 1G2 (Figure 5) where D = {positive integers} X {positive integers}.

By considering the vertex v as representing the start of the computation of gcd, it follows that the recursive process for computing gcd(x, y) terminates for every pair of positive integers (x, y) , if and only if the inter-preted graph 1G2 terminates.

Since 1G2 consists only of one vertex, we may use

x=t:o"y=o

Figure 6-The interpreted graph IG3

(./2)

Figure 7(a)-The execution tree T(v, (1,2)) (b)-The real execution tree of A(l, 2)

Corollary 2 to show its termination. So, let W

= /

1+

be the well-ordered set, and F(x, yj = rem(y, x) the mapping of D into W. Since*

1. Pa(x, y) = T =>(x, y) E D /\ (x

>

y)

=>(rem(y, x) = y)

/\ (y

>

rem(x, y) ~ 0)

=> rem(y, x)

>

rem(x, y)

=> F(x, y)

>

F(y, x), and 2. P{J(x, y) = T => (rem(y, x), x) E D

=> rem(y, x)

>

rem (x, rem(y, x))

=> F(x, y)

>

F(rem(y, x), x), it follows by Corollary 2 that the interpreted graph 1G2

terminates, which implies the desired result.

* Note that for every non-negative integer x, and for every positive z: z > rem(x,z) ~ O.

Termination of Programs Represented as Interpreted Graphs 89

Example 3:

Ackermann's function A (x, y), where x and yare non-negative integers, is defined recursively by:

A (0, y)

=

y

+

¹

A(x

+

1,0) = A(x, 1)

A(x

+

^1,

y +

¹⁾

=

A (x, A(x

+

^1,

y».

We want to show that for every pair (x, y) of non-negative integers, the recursive process for computing A ^{(x, y)} terminates.

Let us consider the interpreted graph 1Gs (Figure 6), where D

=

{non-negative integers} X {non-negative integers}. The arc a represents infinitely many arcs ao, ai, a2, ••• leading from vertex v to vertex v and with each ,arc ai, i ~ 0, there is associated the test predicate x ~ 0 /\ y ~ 0 and the function (x, y) f - (x - 1, i).

In other words, 'any' represents all the non-negative integers and therefore includes all possible values of A(x

+

1, y). It follows that, for every pair (x, y) of non-negative integers, the execution tree T(v, (x,

y»

^of

1Gs (i.e., execution starts from v with (x,

y»

^contains

the real execution tree of A (x, y) as a "subtree". This is illustrated in Figure 7 for A (1, 2).

This implies that if the interpreted graph 1Gs

termites, then the recursive process for computing A(x, y) terminates (for every pair (x, y) of non-negative

integers). But the termination of the interpreted graph follows clearly from Corollary 2, where

W = 12+ is the well-ordered set,and F(x, y) = (x, y) is the mapping of D into W.

ACKNOWLEDGMENTS

I am indebted to Robert W. Floyd for his help and encouragement ,throughout this research. I am also grateful to Stephen Ness for his detailed reading of the manuscript.

REFERENCES

1 R W FLOYD

Assigning meaning to programs

Proceedings of Symposia in Applied Mathematics American Mathematical Society Vol 19 pp 19-32 1967

2 Z MANNA

Termination of algorithms

PhD Thesis Computer Science Department Carnegie-Mellon University April 1968

3 J ,McCARTHY

Recursive functions of symbolic expressions and their computation by machine part I

Communications of the ACM Vol 3 No 4 pp 184-195 April 1960

A planarity algorithm based on the

Im Dokument SPRI NG JOI NT COMPUTER CONFERENCE (Seite 91-99)