Complexity of Well-Quasi-Orderings and Well-Structured Transition - PowerPoint PPT Presentation

Complexity of Well-Quasi-Orderings and Well-Structured Transition Systems Part IV: Complexity of WSTS Verification Philippe Schnoebelen LSV, CNRS & ENS Cachan + Oxford 1-year visitor Oxford Dept. Comp. Sci, Mar. 9th, 2012

Part IV.a: Upper Bounds via the Length-Function Theorem 2/23

I F YOU MISSED PART III def L A , g ( n ) = length of longest controlled bad sequence x 0 , x 1 ,..., x L over def ⇔ | x i | � g i ( n ) ) WQO A (where “controlled” Length Function Theorem. if g is a smooth control function in F γ and A is an exponential WQO such that o ( A ) < ω β + 1 then L A , g is: – in F β if γ < ω � β , – in F γ + β if γ � 2 and β < ω In a nutshell: in F m for N m , in F ω m − 1 for Γ ∗ m , in F ω ω m for ( N m ) ∗ , etc., where Ackermann’s function is in F ω (See [Schmitz & Schnoebelen, 2011] for all details) 3/23

C OUNTER M ACHINES Finite state control + finite number of “counters” (say m ) + simple instructions and tests c 1 1 c 1 ++ c 2 >0? c 2 -- c 3 =0? ℓ 0 ℓ 1 ℓ 2 ℓ 3 c 2 4 c 3 0 Operational semantics: def = Loc × N C = { s , t ,... } , e.g., s 0 = ( ℓ 0 , 1 , 4 , 0 ) – Configurations: Conf – Steps: ( ℓ 0 , 1 , 4 , 0 ) − → ( ℓ 1 , 2 , 4 , 0 ) − → ( ℓ 2 , 2 , 3 , 0 ) − → ( ℓ 3 , 2 , 3 , 0 ) − → ··· A well-known model, Turing-powerful as soon as there are 2 counters 4/23

C OUNTER M ACHINES Finite state control + finite number of “counters” (say m ) + simple instructions and tests c 1 1 c 1 ++ c 2 >0? c 2 -- c 3 =0? ℓ 0 ℓ 1 ℓ 2 ℓ 3 c 2 4 c 3 0 Operational semantics: def = Loc × N C = { s , t ,... } , e.g., s 0 = ( ℓ 0 , 1 , 4 , 0 ) – Configurations: Conf – Steps: ( ℓ 0 , 1 , 4 , 0 ) − → ( ℓ 1 , 2 , 4 , 0 ) − → ( ℓ 2 , 2 , 3 , 0 ) − → ( ℓ 3 , 2 , 3 , 0 ) − → ··· A well-known model, Turing-powerful as soon as there are 2 counters 4/23

LCM = L OSSY COUNTER MACHINES LCM = Counter machines with unreliability: “counters decrease nondeterministically” (Weaker) computational model useful, e.g., for logics like XPath or LTL+data Semantics. Reliable steps: s − → rel t as above def ⇔ s � s ′ − → rel t ′ � t for some s ′ and t ′ Lossy steps: s − → t where s = ( ℓ , a 1 ,..., a m ) � ( ℓ ′ , b 1 ,..., b m ) = s ′ def ⇔ ℓ = ℓ ′ ∧ a 1 � b 1 ∧ ... ∧ a m � b m I.e., ( Conf , � ) = ( Loc , Id ) × ( N , � ) × ··· × ( N , � ) hence is WQO Prop. [Monotony] s + → t implies s ′ + → t ′ for all s ′ � s and t ′ � t − − 5/23

LCM = L OSSY COUNTER MACHINES LCM = Counter machines with unreliability: “counters decrease nondeterministically” (Weaker) computational model useful, e.g., for logics like XPath or LTL+data Semantics. Reliable steps: s − → rel t as above def ⇔ s � s ′ − → rel t ′ � t for some s ′ and t ′ Lossy steps: s − → t where s = ( ℓ , a 1 ,..., a m ) � ( ℓ ′ , b 1 ,..., b m ) = s ′ def ⇔ ℓ = ℓ ′ ∧ a 1 � b 1 ∧ ... ∧ a m � b m I.e., ( Conf , � ) = ( Loc , Id ) × ( N , � ) × ··· × ( N , � ) hence is WQO Prop. [Monotony] s + → t implies s ′ + → t ′ for all s ′ � s and t ′ � t − − 5/23

LCM = L OSSY COUNTER MACHINES LCM = Counter machines with unreliability: “counters decrease nondeterministically” (Weaker) computational model useful, e.g., for logics like XPath or LTL+data Semantics. Reliable steps: s − → rel t as above def ⇔ s � s ′ − → rel t ′ � t for some s ′ and t ′ Lossy steps: s − → t where s = ( ℓ , a 1 ,..., a m ) � ( ℓ ′ , b 1 ,..., b m ) = s ′ def ⇔ ℓ = ℓ ′ ∧ a 1 � b 1 ∧ ... ∧ a m � b m I.e., ( Conf , � ) = ( Loc , Id ) × ( N , � ) × ··· × ( N , � ) hence is WQO Prop. [Monotony] s + → t implies s ′ + → t ′ for all s ′ � s and t ′ � t − − 5/23

D ECIDING T ERMINATION FOR LCM’ S (Non-)Termination. There is an infinite run s init = s 0 − → s 1 − → s 2 ··· iff there is a loop s init = s 0 − → s n = s k → ··· − → s k − → ··· − Hence termination is co-r.e. for LCM’s Furthermore. There is a loop from s init iff there is a loop that is a bad sequence (until s n − 1 ) Proof. Assume a length- n loop has an increasing pair s i � s j for i < j < n . Then we obtain a shorter loop by replacing s j − 1 − → s j by → s ′ s j − 1 − j = s i . Thus the shortest loop has no increasing pair Furthermore. Since necessarily s − → t implies | t | � | s | + 1 , any run is Succ -controlled Hence n � L A , Succ ( | s init | ) for A ≡ Loc × N | C | ≡ N m × | Loc | . Cor. Termination of LCM’s can be decided with complexity in F ω , and in F m when we fix | C | = m 6/23

D ECIDING T ERMINATION FOR LCM’ S (Non-)Termination. There is an infinite run s init = s 0 − → s 1 − → s 2 ··· iff there is a loop s init = s 0 − → s n = s k → ··· − → s k − → ··· − Hence termination is co-r.e. for LCM’s Furthermore. There is a loop from s init iff there is a loop that is a bad sequence (until s n − 1 ) Proof. Assume a length- n loop has an increasing pair s i � s j for i < j < n . Then we obtain a shorter loop by replacing s j − 1 − → s j by → s ′ s j − 1 − j = s i . Thus the shortest loop has no increasing pair Furthermore. Since necessarily s − → t implies | t | � | s | + 1 , any run is Succ -controlled Hence n � L A , Succ ( | s init | ) for A ≡ Loc × N | C | ≡ N m × | Loc | . Cor. Termination of LCM’s can be decided with complexity in F ω , and in F m when we fix | C | = m 6/23

D ECIDING T ERMINATION FOR LCM’ S (Non-)Termination. There is an infinite run s init = s 0 − → s 1 − → s 2 ··· iff there is a loop s init = s 0 − → s n = s k → ··· − → s k − → ··· − Hence termination is co-r.e. for LCM’s Furthermore. There is a loop from s init iff there is a loop that is a bad sequence (until s n − 1 ) Proof. Assume a length- n loop has an increasing pair s i � s j for i < j < n . Then we obtain a shorter loop by replacing s j − 1 − → s j by → s ′ s j − 1 − j = s i . Thus the shortest loop has no increasing pair Furthermore. Since necessarily s − → t implies | t | � | s | + 1 , any run is Succ -controlled Hence n � L A , Succ ( | s init | ) for A ≡ Loc × N | C | ≡ N m × | Loc | . Cor. Termination of LCM’s can be decided with complexity in F ω , and in F m when we fix | C | = m 6/23

D ECIDING T ERMINATION FOR LCM’ S (Non-)Termination. There is an infinite run s init = s 0 − → s 1 − → s 2 ··· iff there is a loop s init = s 0 − → s n = s k → ··· − → s k − → ··· − Hence termination is co-r.e. for LCM’s Furthermore. There is a loop from s init iff there is a loop that is a bad sequence (until s n − 1 ) Proof. Assume a length- n loop has an increasing pair s i � s j for i < j < n . Then we obtain a shorter loop by replacing s j − 1 − → s j by → s ′ s j − 1 − j = s i . Thus the shortest loop has no increasing pair Furthermore. Since necessarily s − → t implies | t | � | s | + 1 , any run is Succ -controlled Hence n � L A , Succ ( | s init | ) for A ≡ Loc × N | C | ≡ N m × | Loc | . Cor. Termination of LCM’s can be decided with complexity in F ω , and in F m when we fix | C | = m 6/23

D ECIDING R EACHABILITY FOR LCM’ S Same ideas work for reachability: “is there a run from s init to s goal ?” Proof. if a run s init = s 0 − → s 1 − → ··· − → s n = s goal has a decreasing pair s i � s j for 0 < i < j it can be shortened as s 0 − → ··· − → s i − 1 − → s j − → ··· − → s n Cor. If s goal can be reached from s init , this can be achieved via a run that is a (reversed) bad sequence But. How is the reversed run g -controlled for some g ? Prop. In the smallest run, | s i | � | s i + 1 | + 1 for all 0 < i < n Cor. Reachability in LCM’s can be decided with complexity in F ω , or F m (same as Termination) Nb. generic technique extends to other problems/models 7/23

D ECIDING R EACHABILITY FOR LCM’ S Same ideas work for reachability: “is there a run from s init to s goal ?” Proof. if a run s init = s 0 − → s 1 − → ··· − → s n = s goal has a decreasing pair s i � s j for 0 < i < j it can be shortened as s 0 − → ··· − → s i − 1 − → s j − → ··· − → s n Cor. If s goal can be reached from s init , this can be achieved via a run that is a (reversed) bad sequence But. How is the reversed run g -controlled for some g ? Prop. In the smallest run, | s i | � | s i + 1 | + 1 for all 0 < i < n Cor. Reachability in LCM’s can be decided with complexity in F ω , or F m (same as Termination) Nb. generic technique extends to other problems/models 7/23