Consider the problem of equivalence checking two terminating sequential programs $P$ and $P'$ with the same input signatures and return statements. Two programs are equivalent if for all inputs ($args$) they terminate with the same return value $ret$ and contain the same heap values ($mem$).
One approach is to model both programs as transitions systems and check that $P$ and $P'$ are bisimilar. As bisimilarity is often too strong to capture some programs that are equivalent (often the case for program transformations that require reordering), various approaches try to instead show a weaker notion of bisimilarity for proving program equivalence ([1],[2],[3]).
Another approach for checking program equivalence is to construct the product program $PP' = P;P'$ where all state variables in $P'$ are primed and return statements from $P$ and $P'$ are composed into tuples. For equivalence we can check for the validity of the hoare triple $\{args=args' \land mem=mem'\} PP' \{ret=ret' \land mem=mem'\}$. If loops are involved, we would generate inductive loop invariants that are strong enough to imply the post-condition. No transition system or notion of bisimilarity is needed here.
My questions:
- What literature discusses this second (hoare logic + product program) approach?
- Why is it less commonly used compared to the bisimulation method?
[1] https://people.eecs.berkeley.edu/~necula/Papers/tv_pldi00.pdf
[2] https://dl.acm.org/doi/pdf/10.1145/3445814.3446751
[3] https://theory.stanford.edu/~aiken/publications/papers/pldi19.pdf
