Decidability and complexity issues for subclasses of counter systems - - PowerPoint PPT Presentation

Decidability and complexity issues for subclasses of counter systems Lecture 2 EXPSPACE-hardness results for VASS Introduction to reversal-bounded CA

St´ ephane Demri demri@lsv.ens-cachan.fr

LSV, ENS Cachan, CNRS, INRIA

Course 2.9 – MPRI – 2010/2011 “Verification of parametrized and dynamic systems”

Plan of the lecture

• Previous lecture: VASS, VAS and the EXPSPACE upper

bound for the covering problem (Rackoff’s proof).

• Today’s lecture:
• EXPSPACE-hardness of decision problems for VASS.
• Introduction to reversal-bounded counter automata.
• Exercises.

2

EXPSPACE-hardness

3

EXPSPACE-hard problems on VASS

• Boundedness problem, covering problem, control state

reachability problem.

• Reduction from the halting problem for 22nK
• bounded

counter automata to control state reachability problem.

• Presentation mainly due to [Esparza, APN 98] from a

result first shown in [Lipton, TR 76].

• Other problems can be shown EXPSPACE-hard with slight

variations: e.g., reachability problem for VASS.

• EXPSPACE-hardness is preserved for the reachability

problem for reversible Petri nets. See e.g. [Cardoza & Lipton & Meyer, STOC’76] In a way, this is the best known lower bound.

4

Main steps of the EXPSPACE-hardness proof

• Step I: From exponential-space Turing machines to

22nK

• bounded counter automata.

(standard in computability theory).

• Step II: From 22n-bounded counter automata to recursive

VASS (main technical part of the lecture).

• Step III: From recursive VASS to VASS.
• Recursive VASS is an intermediate model (a slight variant
• f VASS) that simplifies the presentation of the reduction.

5

From EXPSPACE TM to 22nK

• bounded CA
• Nondeterministic Turing machine M = (Q, q0, Σ, δ, qa):
• Q: set of control states.
• q0: initial state; qa: accepting state.
• Σ: set of tape symbols (including a blank symbol or an end

symbol).

• Transition relation δ : Q × Σ → P(Q ×

moves

• {−1, 0, 1} ×Σ).
• Wlog, we can assume that TM start with an “empty” tape.
• Halting problem for Turing machines is undecidable.

[Turing, 1936]

• Standard counter automaton (Q, n, δ): transitions are of

the form either q

inc(i)

− − → q′ or q

dec(i)

− − → q′ or q

zero(i)

− − − → q′.

6

Simulating a Turing machine (ideas only)

• A Turing machine can be simulated by two stacks: the tape

is cut in half.

• E.g., moving the head left or right is equivalent to popping a

bit from one stack and pushing it onto the other

• A stack over a binary alphabet can be simulated by two
• counters. One counter contains the binary representation
• f the bits on the stack.
• E.g., pushing a one is equivalent to doubling and adding 1,

assuming that in the binary representation the least significant bit is on the top.

• A stack over a binary alphabet of size bounded by 2NK can

be simulated by two 22NK′

• bounded counters.

7

Summary on simulations

• 1-tape TM can be simulated by two stacks in real-time and

linear space.

• 1-stack can be simulated by two counters in space k · 2k·n.

See overview in [van Emde Boas, Hanbdook TCS 1990]

• Consequently, 1-tape TM in space K2nK can be simulated

by 4 counters with values bounded by 22nK′ .

• Two counters suffice to simulate a TM (at the cost of one

more exponential in space) [Minsky, 67].

• We show how to simulate a 22n-bounded CA by a VASS

(using a reduction that is polynomial in n) – Step II.

• Consequently, control state reachability problem for VASS

is EXPSPACE-hard.

8

Intermediate model: recursive VASS

• Recursive VASS is a sequence of labelled commands

l: inc(i) l: dec(i) l: goto l1 (unconditional jump) l: goto l1 or goto l2 (nondeterministic call) l: gosub l1 (subroutine call) l: return (end of subroutine) l: halt

• Recursive VASS are similar to deterministic counter

automata except that

• there are no zero-tests,
• nondeterministic branching is possible,
• there is possibility to transfer control to subroutine.
• Recursive VASS is hierarchical:
• it can be decomposed into a main program that only calls

first-level subroutines,

• subroutines of level i can only call subroutines of level i + 1.

9

Runs for recursive VASS

1: gosub 4; 2: gosub 4; 3: halt; 4: goto 5 or goto 6; 5: return; 6: return.

1

gosub 4

− − − − → 4

goto 5 or goto 6

− − − − − − − − − → 5

return

− − → 2

gosub 4

− − − − → 4

goto 5 or goto 6

− − − − − − − − − → 6

return

− − → 3

• Vectors of counter values are added too.
• 1,2 and 3 in main program; 4,5 and 6 in subroutine (level

1).

10

From recursive VASS to VASS (“step III”)

• Recursive VASS with n counters and N control states

reduced to a VASS with O(n + N) counters, O(N) control states and updates are reduced to inc(·) and dec(·).

• All commands except subroutine calls and ends of

subroutine have obvious translations.

• We use q −

→ q′ as a shortcut for q

inc(inew)

− − − − → ·

dec(inew)

− − − − → q′ where inew is a dummy counter used for this purpose.

• Indeed, the number of new counters is bounded by twice

the number of gosub instructions.

11

Two counters to encode subroutine call “l: gosub l′”

• Counter il equal to zero by default, but equal to 2 when

entering in the subroutine at l′.

• End of subroutine decrements counter il (to distinguish

distinct subroutine calls to l′).

• Counter i′

l equal to one by default, but decremented to zero

when entering in the subroutine at l′ (no way to enter again to subroutine at l′ before executing next command).

• Executing the command after the command l, decrement

counter il and increment i′

l .

12

Principles for encoding subroutine calls

1: gosub 4; 2: gosub 4; 3: halt; 4: goto 5 or goto 6; 5: return; 6: return. 1 2 3 4 5 6 inc(i1); inc(i1); dec(i′

1)

inc(i2); inc(i2); dec(i′

2)

dec(i1); inc(i′

1)

dec(i2); inc(i′

2)

dec(i1) dec(i2) dec(i1) dec(i2)

13

Logspace reductions

• Halting problem for recursive VASS reduces to control

state reachability problem for VASS.

• Reachability problem for recursive VASS reduces to

reachability problem for VASS.

• Boundedness problem for recursive VASS reduces to

boundedness problem for VASS.

• As an exercise, show these properties when the final

commands are in the main program.

14

Comparison with sequential recursive Petri nets

• See e.g. [Haddad & Poitrenaud, Acta Inf. 07].
• Some common features:

1 Subroutine calls. 2 Reachability problem can be reduced to instances of

reachability for VASS.

3 Reachability problem for SRPN is decidable too !

• Some differences:

1 Each subroutine call starts a new copy of the system with a

fixed initial configuration.

2 Ends of subroutine happen when the current configuration

belongs to a semilinear set.

3 No sharing of counter values.

15

Step II: from 22N-bounded counter automata to recursive VASS

• 22N-bounded deterministic CA S = (Q, n, δ) with |S| in

O(N).

• Deterministic CA:

qh

• r

q q′ inc(i)

• r

q q1 dec(i) q2 zero(i)

• Is there

x ∈ Nn such that (q0, 0) ∗ − → (qh, x)?

• S shall be simulated by a recursive VASS V with O(N)

commands and O(n + N) counters.

• Simulation is based on the following equivalence:
• S halts, i.e. the unique run reaches qh,
• there is a run of V from

0 reaching qh. (i.e., V is nondeterministic)

16

Preliminary remarks

• S has zero-tests whereas the target recursive VASS V has

no zero-tests.

• The control states in Q (from S) are also commands of V

but intermediate commands are introduced to simulate zero-tests and to initialize the counters.

• Maintenance of constraints of the form (j ∈ [0, N]):

x + x = 22j for complement counters x and x.

17

Principles of the simulation

• Each counter i in S is represented by two counters, say i

and the complement counter i such that their sum is maintained equal to 22N.

• Increment on counter i is simulated by incrementing

counter i followed by decrementing counter i. (So, counter i never exceeds 22N.)

• Decrement on counter i is simulated by decrementing

counter i followed by incrementing counter i.

• Zero-test on counter i is simulated by decrementing i by

22N and then incrementing by 22N (to restore the value).

18

Counting until a double-exponential value

• If jth counter can count until K , then the (j + 1)th counter

can count until K 2 by using concentric loops.

• O(N) counters allow to count until K 2N.
• Auxiliary counters with values 22α with α ≤ N are needed

and initialized by using concentric loops with 22α−1 × 22α−1 = 22α (details will follow)

19

Simulating the zero-test

• S is deterministic and zero-tests are only performed with

exactly transitions of the form q

zero(i)

− − − → q1 and q

dec(i)

− − → q2 and no other transition starts by the control state q.

• Design of TestN(i, q1, q2) with effect: if counter i has zero

value then goto q1 else goto q2 (no side-effects).

• If counter i is equal to zero then some execution leads to

q1 and no computation leads to q2.

• If counter i is in [1, 22N] then some execution leads to q2

and no computation leads to q1.

• Design of Test′

N(i, q1, q2) with side-effects: after an

execution leading to q1, the values of i and i are swapped.

• TestN(i, q1, q2)

Test′

N(i, continue, q2);

continue: Test′

N(i, q1, q2)

20

Verifying the correctness of TestN

• TestN(i, q1, q2)

Test′

N(i, continue, q2);

continue: Test′

N(i, q1, q2)

• TestN(i, q1, q2) with counter i equal to zero:

[xi = 0, xi = 22N]·

Test′

N(i,continue,q2)

− − − − − − − − − − → continue [xi = 22N, xi = 0]

Test′

N(i,q1,q2)

− − − − − − − → q1 [xi = 0, xi = 22N]

• TestN(i, q1, q2) with counter i different from zero:

[xi = j > 0, xi = 22N − j]·

Test′

N(i,continue,q2)

− − − − − − − − − − → q2 [xi = j, xi = 22N − j]

21

Keypoint in the design of Test′

N(i, q1, q2)

• Since counter i has value in [0, 22N], zero-test on counter i

can be replaced by nondeterministically choosing:

• to decrease counter i by 1, and if we succeed then we

know that counter i is in [1, 22N];

• to decrease i by 22N, and if we succeed then we know that

counter i has value zero.

• We introduce the new counters s0, . . . , sN, s0, . . . , sN such

that the sum of sj and sj is maintained to 22j.

• Auxiliary subroutine by executing Decj(sj) with j ∈ [0, N].
• If sj is strictly smaller than 22j then every execution of

Decj(sj) fails.

• If sj is not strictly smaller than 22j then all terminating

executions has the effect: sj := sj − 22j; sj := sj + 22j.

22

Definition of Test′

N(i, q1, q2)

• Test′

N transfers value of counter i to auxiliary counter sN

(for easier manipulation).

• Test′

N(i, q1, q2) [sN = 0, sN = 22N]

goto nonzero or goto loop; nonzero: dec(i); inc(i); goto q2; loop: dec(i); inc(i); inc(sN); dec(sN); goto exit or goto loop; exit: DecN(sN); goto q1;

• Test′

j (x, q1, q2) [sj = 0, sj = 22j]

goto nonzero or goto loop; nonzero: dec(x); inc(x); goto q2; loop: dec(x); inc(x); inc(sj); dec(sj); goto exit or goto loop; exit: Decj(sj); goto q1;

• Labels occurring in distinct subroutines are distinct.

23

Convention: dealing with arguments

• Recursive VASS do not support procedure calls with

arguments.

• The commands for TestN(i, q1, q2) are parameterized by a

counter, and two control states.

• Number of distinct “procedure calls” TestN(i, q1, q2) is

bounded by the number of transitions of the deterministic CA S.

• Number of distinct “procedure calls” Test′

j (x, q1, q2) is in

O(N) (more details are provided below).

• Procedure call Decj(sj) corresponds to a command “goto

dec

sj j ”.

24

Verifying the correctness of Test′

N

• “No run leads to a control state in q ∈ Q and all the runs

are finite from the current configuration” is represented by: l or (l, x) ∗ − →

• Test′

N(i, q1, q2) [sN = 0, sN = 22N, i ≤ 22N]

goto nonzero or goto loop; nonzero: dec(i); inc(i); goto q2; loop: dec(i); inc(i); inc(sN); dec(sN); goto exit or goto loop; exit: DecN(sN); goto q1;

• [xi = 0] ·

nonzero or goto loop

− − − − − − − − − − − − → nonzero

∗

− → .

• [xi > 0] ·

nonzero or goto loop

− − − − − − − − − − − − → nonzero

dec(i); inc(i); goto q2

− − − − − − − − − − − − → q2.

25

Verifying the correctness of Test′

N

with xi = 0

• Test′

N(i, q1, q2) [sN = 0, sN = 22N, i ≤ 22N]

goto nonzero or goto loop; nonzero: dec(i); inc(i); goto q2; loop: dec(i); inc(i); inc(sN); dec(sN); goto exit or goto loop; exit: DecN(sN); goto q1; ·

∗

− →

<22N times

• loop

∗

− → · · · ∗ − → loop

dec(i)... loop

− − − − − − → exit − → decsN

N ∗

− → ·

∗

− →

=22N times

• loop

∗

− → · · · ∗ − → loop

dec(i)... loop

− − − − − − → exit

DecN(sN); goto q1

− − − − − − − − − − → q1 ·

∗

− →

=22N +1 times

• loop

∗

− → · · · ∗ − → loop ∗ − → and · − → nonzero

∗

− →

26

Decrementing sj by 22j

• Dec0(s0): dec(s0); inc(s0); dec(s0); inc(s0); return.
• 22j+1 = (22j)2 = 22j × 22j.
• Decj+1(sj+1):

[yj = zj = 22j, yj = zj = 0] New counters!

• uterloop: dec(yj); inc(yj);

innerloop: dec(zj); inc(zj); dec(sj+1); inc(sj+1); Test′

j (zj, innerexit, innerloop);

innerexit: Test′

j (yj, outerexit, outerloop);

• uterexit: return
• No swap of the values yj and yj (and zj and zj).
• Again, it assumes some properties on counter values, e.g.

yj = 22j.

27

No swap of the values zj and zj

[yj = zj = 22j, yj = zj = 0]

• uterloop: dec(yj); inc(yj);

innerloop: dec(zj); inc(zj); dec(sj+1); inc(sj+1); Test′

j (zj, innerexit, innerloop);

innerexit: Test′

j (yj, outerexit, outerloop);

• uterexit: return

[zj = 22j, zj = 0] ∗ − → [zj = 0]

Test′

j (zj,innerexit,innerloop)

− − − − − − − − − − − − − − − → [zj = 22j, zj = 0] innerexit

Test′

j (yj,outerexit,outerloop)

− − − − − − − − − − − − − − − → outerloop

dec(yj);inc(yj)

− − − − − − − → [zj = 22j, zj = 0] innerloop · · · [zj = 22j, zj = 0, yj = 0]

Test′

j (yj,outerexit,outerloop)

− − − − − − − − − − − − − − − → outerexit

return

− − → [yj = zj = 22j, yj = zj = 0]

28

Counter values after the initialization phase

• Counters 1, . . . , n, s0, . . . , sN have value zero.
• Counters 1, . . . , n have value 22N.
• Counter sj has value 22j (j ∈ [0, N]).
• Counters yj and zj have value 22j (j ∈ [0, N]).
• Counters y1, . . . , yN, z1, . . . , zN have value zero.
• Initial values of all counters are zero.
• 1, . . . , n, 1, . . . , n.
• y0, . . . , yN, z0, . . . , zN, y0, . . . , yN, z0, . . . , zN.
• s0, . . . , sN, s0, . . . , sN.

29

Initialization phase in V

• All successful executions of the program Incj(x1, . . . , xm)

have effect x1 := x1 + 22j; · · · ; xm := xm + 22j.

• A careful ordering in the initialization phase:

Inc0(s0, y0, z0); Inc1(s1, y1, z1); . . . IncN−1(sN−1, yN−1, zN−1, ); IncN(sN, 1, . . . , n).

• After the initialization phase:
• sj = zj = yj = 22j, sj = zj = yj = 0,
• 1 = · · · = n = 22N,

30

Dependencies & Hypotheses

Test′

N [sN = 0, sN = 22N]

DecN [yN−1 = zN−1 = 22N−1, yN−1 = zN−1 = 0] IncN [yN−1 = zN−1 = 22N−1, yN−1 = zN−1 = 0] Test′

N−1 [sN−1 = 0, sN−1 = 22N−1]

DecN−1 [yN−2 = zN−2 = 22N−2, yN−2 = zN−2 = 0] IncN−1 [yN−2 = zN−2 = 22N−2, yN−2 = zN−2 = 0] Test′

N−2 [sN−2 = 0, sN−2 = 22N−2]

. . .

Test′

1 [s1 = 0, s1 = 221]

Dec0

31

Incj(x1, . . . , xm)

• Inc0(x1, . . . , xm): inc(x1); inc(x1); · · · ; inc(xm); inc(xm);
• 22j+1 = (22j)2 = 22j × 22j.
• Incj+1(x1, . . . , xm):

[yj = zj = 22j, yj = zj = 0]

• uterloop: dec(yj); inc(yj);

innerloop: dec(zj); inc(zj); inc(x1); · · · ; inc(xm); Test′

j (zj, innerexit, innerloop);

innerexit: Test′

j (yj, outerexit, outerloop);

• uterexit: . . .
• Again, no swaps of the values yj and yj (and zj and zj).
• As in Decj(sj), in Incj+1(x1, . . . , xm) there is a unique run

leading to outerexit.

32

All in a row! (or how to eliminate Incj)

Inc0(s0, y0, z0); Inc1(s1, y1, z1); . . . IncN−1(sN−1, yN−1, zN−1, ); IncN(sN, 1, . . . , n). l0: inc(s0); inc(s0); inc(y0); inc(y0); inc(z0); inc(z0);

• uterloop1: dec(y0); inc(y0);

innerloop1: dec(z0); inc(z0); inc(s1); inc(y1); inc(z1); Test′

0(z0, innerexit1, innerloop1);

innerexit1: Test′

0(y0, outerloop2, outerloop1);

• uterloop2: dec(y1); inc(y1);

innerloop2: dec(z1); inc(z1); inc(s2); inc(y2); inc(z2); Test′

1(z1, innerexit2, innerloop2);

innerexit2: Test′

1(y1, outerloop3, outerloop2);

. . . innerloopN: dec(zN−1); inc(zN−1); inc(sN); inc(1); inc(n); Test′

N−1(zN−1, innerexitN, innerloopN);

innerexitN: Test′

N−1(yN−1, q0, outerloopN);

33

Control graph

• Recursive VASS is well-structured:
• Test′

N < DecN < Test′ N−1 < · · · < Dec2 < Test′ 1.

• IncN < Test′

N−1, . . . , Inc1 < Test′ 0.

• Number of levels in O(N).
• Length of the initialization phase in O(N).

34

Size of the program

• 22N-bounded deterministic CA S = (Q, n, δ)

(card(δ) ≤ 2 × card(Q)).

• Recursive VASS:
• Number of commands: O(card(Q) + N).

(Dec1(s1), . . . ,DecN(sN),Inc0, . . . , IncN)

• Number of counters: (2 × n) + (3 × 2 × N).

(. . . , i, i, . . . , yj, yj, zj, zj, sj, sj, . . . )

• VASS:
• Number of control states: O(card(Q) + N).
• Number of counters: O(n + N + card(Q)).

35

Correctness of the reduction

• If (q0,

x0) − → (q1, x1) − → · · · − → (qK, xK ) is the unique run of length K + 1 in S from 0, then there is a run in V of the form

initialization phase

• (l0,

0) ∗ − → (q0, x′

0) ∗

− → (q1, x′

1) ∗

− → · · · ∗ − → (qK , x′

K )

such that the restriction of x′

i to the n first counters is

precisely xi (counter values ≤ 22N).

• Choices for nondeterministic calls are easy to make.

(unique ways to succeed for Decj(sj), Incj and Test′

N calls)

• Consequently, if (q0,

0) ∗ − → (qh, ·), then (l0, 0) ∗ − → (qh, ·).

36

Correctness of the reduction (II)

• If there is a run in V of the form

initialization phase

• (l0,

0) ∗ − → (q0, x′

0) ∗

− → (q1, x′

1) ∗

− → · · · ∗ − → (qK , x′

K )

then there is a run in S of the form (q0, x0) − → (q1, x1) − → · · · − → (qK, xK ) such that the restriction of x′

i to the n first counters is

precisely xi.

• Consequently, if (l0,

0) ∗ − → (qh, ·), then (q0, 0) ∗ − → (qh, ·).

37

Consequences

• Control state reachability problem for is EXPSPACE-hard.

(even if only update coefficients in −1, 0 and 1 are used.)

• EXPSPACE-hardness holds true with binary and unary

encodings.

• Covering problem for VASS/VAS is EXPSPACE-hard.
• Reachability problem for VASS is EXPSPACE-hard:
• In V, add a copy of qh, say q′

h, such that all counters can be

decremented from q′

h and nothing else can be done.

• Equivalences between

1

(q0, 0)

∗

− → (qh, ·) in S,

2

(l0, 0)

∗

− → (qh, ·) in V,

3

(l0, 0)

∗

− → (q′

h,

0) in V,

4

corresponding reachability question in the VASS counterpart

• f V.
• Best known upper bound is nonprimitive recursive.

38

Boundedness problem is EXPSPACE-hard too !

• If ρ = (q0,

x0) − → · · · (qK−1,

• xK−1) −

→ (qK, xK ) in S and ρ′ = (l0, 0) ∗ − → (q0, x′

0) · · · (qK−1,

• x′

K−1) wrong choice

− − − − − − − → · in V then (l0, 0) ∗ − → (q0, x′

0) · · · (qK−1,

• x′

K−1) wrong choice

− − − − − − − → · ∗ − →

• Boundedness for VASS is EXPSPACE-hard:
• In S, qh executes the halting instruction.
• In V, add a copy of qh, say q′

h, with a self-loop incrementing

a new counter.

• Equivalences between

1

(q0, 0)

∗

− → (qh, ·) in S,

2

(l0, 0)

∗

− → (q′

h, ·) in V,

3

(l0, 0) is unbounded in V,

4

corresponding question in the VASS counterpart of V.

• Unboundedness problem for VASS is coEXPSPACE-hard

and coEXPSPACE = EXPSPACE.

• Boundedness problem for VASS is in EXPSPACE.

[Rackoff, TCS 78]

39

Complexity characterizations

• Control state reachability problem for VASS is

EXPSPACE-complete.

• Boundedness problem for VASS is EXPSPACE-complete.
• Reachability problem for VASS is EXPSPACE-hard.
• Reachability problem for VASS is decidable.

[Mayr, STOC’81; Kosaraju, STOC’82; Leroux, POPL ’11] No known primitive recursive decision procedure.

40

Reversal-Bounded Counter Automata

41

Standard counter automata

• Standard counter automaton (Q, n, δ): transitions are of

the form either q

inc(i)

− − → q′ or q

dec(i)

− − → q′ or q

zero(i)

− − − → q′ where

• inc(i) is a shortcut for (x′

i = xi + 1) ∧ ( j=i x′ j = xj),

• dec(i) is a shortcut for (x′

i = xi − 1) ∧ ( j=i x′ j = xj),

• zero(i) is a shortcut for (xi = 0) ∧ (

j x′ j = xj).

• Minsky machines are standard counter automata.
• Succinct counter automaton (Q, n, δ): transitions of the

form either q

add( b)

− − − → q′ with b ∈ Zn or q

zero( b′)

− − − → q′ with

• b′ ∈ {0, 1}n (simultaneous zero-tests).

42

Reversals

• 6 phases, 3 biphases, and 5 reversals.
• Initialized CA (S, (q,

x)) is r-reversal-bounded

def

⇔ every run from (q, x) has strictly less than r + 1 reversals. [Ibarra, JACM 78]

• S is uniformly reversal-bounded

def

⇔ there is r such that every initialized CA defined from S is r-reversal-bounded.

43

Definition

• Standard CA S = (Q, n, δ).
• Succinct CA Srb = (Q′, 2n, δ′) such that n new counters in

Srb count the number of reversals for each counter from S.

• Q′ = Q × {DEC, INC}n.
• (q,
• mode)

ϕ′

− → (q′,

• mode

′) ∈ δ′

def

⇔ there is q

ϕ

− → q′ ∈ δ such that if ϕ does not deal with the jth counter, then

• mode(j) =
• mode

′(j) and . . .

44

. . . for every i ∈ [1, n], one of the conditions below is satisfied:

• ϕ = zero(i),
• mode(i) =
• mode

′(i),

ϕ′ = ϕ ∧

j∈[1,n] x′ n+j = xn+j,

• ϕ = dec(i),
• mode(i) =
• mode

′(i) = DEC and

ϕ′ = ϕ ∧

j∈[1,n] x′ n+j = xn+j,

• ϕ = dec(i),
• mode(i) = INC,
• mode

′(i) = DEC and

ϕ′ = ϕ ∧ (x′

n+i = xn+i + 1) ∧

• j∈[1,n]\{i}

x′

n+j = xn+j,

• ϕ = inc(i),
• mode(i) =
• mode

′(i) = INC and

ϕ′ = ϕ ∧

j∈[1,n] x′ n+j = xn+j,

• ϕ = inc(i),
• mode(i) = DEC,
• mode

′(i) = INC and

ϕ′ = ϕ ∧ (x′

n+i = xn+i + 1) ∧

• j∈[1,n]\{i}

x′

n+j = xn+j.

45

Reversal-boundedness

• (S, (q,

x)) is reversal-bounded

def

⇔ for i ∈ [n + 1, 2n], { y(i) : ∃ run (qrb, xrb) ∗ − → (q′, y) in Srb} is finite with

1 qrb = (q,

INC) ( INC ∈ {INC, DEC}n),

2

xrb restricted to the n first counters is x,

3

xrb restricted to the n last counters is 0.

• When r ≥ max({

y(i) : ∃ run (qrb, xrb) ∗ − → (q′, y) in Srb} : i ∈ [n + 1, 2n]), (S, (q, x)) is said to be r-reversal-bounded.

• A CA S is uniformly reversal-bounded iff there is r ≥ 0

such that for every initial configuration, the initialized CA is r-reversal-bounded.

46

q1 q2 q3 q4 q5 q6 q7 q8 q9 q10 q11 inc(1) inc(2) inc(2) inc(1) zero(1) zero(2) inc(1) inc(2) inc(1) inc(2) dec(1) inc(1) zero(2) zero(1) inc(1) inc(2) dec(1) dec(2) inc(2) inc(1) Is (S, (q1, 0)) reversal-bounded?

47

Conclusion

• Today’s lecture:
• EXPSPACE-hard reachability problems fo VASS.
• Introduction to reversal-bounded counter automata.
• Next lecture:
• Proof for effective semilinearity of reachability sets.
• Variants.
• Repeated reachability and related logical problems.

48

Exercises about the EXPSPACE-hardness proof

1 Show that the termination problem for VASS is

EXPSPACE-hard.

2 Show that the control state repeated reachability problem

for VASS is EXPSPACE-hard.

49

• Exo. 3

A set X ⊆ Nn is upward closed

def

⇔ for all x, y ∈ Nn, x ∈ X and x y imply y ∈ X.

• 1. Given a VASS V = (Q, n, δ) and q ∈ Q, show that the set

{ x ∈ Nn : (V, (q, x)) is not RB} is upward closed.

• 2. Show that the set

{ x ∈ Nn : (V, (q, x)) is RB} is semilinear.

• 3. Suggest a proof strategy to show that the above set is

effectively semilinear, i.e. one can effectively compute a Presburger formula ϕ from V and q such that REL(ϕ) = { x ∈ Nn : (V, (q, x)) is RB}.

50

• Exo. 4

q1 q2 q3 q4 q5 q6 q7 q8 q9 q10 q11 inc(1) inc(2) inc(2) inc(1) zero(1) zero(2) inc(1) inc(2) inc(1) inc(2) dec(1) inc(1) zero(2) zero(1) inc(1) inc(2) dec(1) dec(2) inc(2) inc(1)

• 1. For which q, every (S, (q,

x)) is reversal-bounded?

• 2. Let

x ∈ N2 and ϕ be the Presburger formula ϕ = (x1 ≥ 2 ∧ x2 ≥ 1 + x(2) ∧ (x2 − x(2)) + 1 ≥ x1)∨ (x2 ≥ 2 ∧ x1 ≥ 1 + x(1) ∧ (x1 − x(1)) + 1 ≥ x2) Show that REL(ϕ) is equal to { y ∈ N2 : (q1, x) ∗ − → (q9, y)}.

51

• 3. Find a Presburger formula ϕ′ such that

REL(ϕ′) = { y ∈ N2 : (q1, 0) ∗ − → (q6, y)}.

• 4. Show that for every q, {

x ∈ N2 : (S, (q, x)) is RB} is semilinear.

52