Reasoning about data repetitions with counter systems S. Demri - - PowerPoint PPT Presentation

Reasoning about data repetitions with counter systems

• S. Demri

Joint work with D. Figueira and M. Praveen Workshop LIA INFINIS, IRIF, Nov. 2016

Logics for Data Words

A fundamental model: data words

◮ Timed words

[Alur & Dill, TCS 94]

a b c a a b 0.3 1 2.3 3.5 3.51

◮ Runs from counter machines

q0 q2 q3 q2 q3 q2 1 2 3 4

◮ Integer arrays

[Habermehl & Iosif & Vojnar, FOSSACS’08]

t[0] t[1] t[2] t[3] t[4] t[5] . . .

◮ Abstract data words

[Bouyer & Petit & Th´ erien, IC 03]

◮ Extension to trees, e.g. data trees for XML documents

[Boja´ nczyk et al., PODS’06; Jurdzi´ nski & Lazi´ c, LICS’07]

Specifying classes of data words

◮ Automata

◮ Register automata

[Kaminski & Francez, TCS 94]

◮ Data automata

[Bouyer & Petit & Th´ erien, IC 03]

◮ EES automata

[Choffrut & Grigorieff, TCS 09]

◮ See the survey

[Segoufin, CSL ’06]

◮ First-order languages

[Boja´ nczyk et al., LICS’06]

◮ Temporal logics

◮ Temporal logic with λ-abstraction [Lisitsa & Potapov, TIME’05] ◮ Freeze LTL

[Demri & Lazi´ c & Nowak, IC 07]

◮ BD-LTL

[Kara & Schwentick & Zeume, FSTTCS’10]

◮ Many other formalisms

◮ Rewriting systems with data

[Bouajjani et al., FCT’07]

◮ Hybrid logics

[Areces & Blackburn & Marx, JSL 01]

◮ Memory logics

[Areces et al., TABLEAUX’09; Mera, PhD thesis 2009]

◮ . . .

A mechanism for handling data

◮ A register can store a data value and equality tests are

performed between registers and current data values.

◮ Storing the value of x in a register:

↓r φ ≈ ∃ yr (yr = x) ∧ φ

◮ Equality test between a register and a value: ↑r ≈ yr = x.

c 4 b 2 a 7 b 5 a 7 c 5 a 4 b 2 d 4

| = ↓r F(a ∧ ↑r ∧ XF ↑r)

◮ Generalisation with memory logics, e.g. memory bags

have operations “register”, “forget” and “erase”.

[Mera, PhD thesis 09]

Ubiquity of the freeze operator

◮ Freeze quantifier in hybrid logics.

[Goranko 94; Blackburn & Seligman, JOLLI 95]

◮ Temporal semantics of imperative programs.

[Manna & Pnueli, 1992]

Program variable x never decreases below its initial value: ∃y (x = y) ∧ G(x ≥ y)

◮ Freeze quantifier in real-time logics.

[Alur & Henzinger, JACM 94]

y · φ(y) binds the variable y to the current time t.

◮ Predicate λ-abstraction.

[Fitting, JLC 02]

y · F P(y)(c): current value of constant c satisfies the predicate P.

Freeze LTL: LTL↓

◮ LTL↓ formulae:

φ ::= a | ↑r | ¬φ | φ ∧ φ | φ ∨ φ | φUφ | Xφ | ↓r φ where a ∈ Σ and r ∈ N+.

◮ Register valuation f: finite partial map from N+ to N. ◮ Models: finite or infinite data words over the alphabet Σ. ◮ Satisfaction relation:

dw, i | =f ↑r

def

⇔ r ∈ dom(f) and f(r) = di dw, i | =f ↓r φ

def

⇔ dw, i | =f[r→di] φ (di: data value at position i)

Complexity of satisfiability problems

◮ Finitary and infinitary satisfiability problem for LTL are

PSPACE-complete. [Sistla & Clarke, JACM 85]

◮ Infinitary satisfiability problem for LTL↓ restricted to X and

F and to a single register is undecidable.

◮ Finitary satisfiability problem for LTL↓ restricted to a single

register is decidable but nonprimitive recursive.

[Demri & Lazi´ c, TOCL 09]

(nonprimitive recursiveness uses [Schnoebelen, IPL 02])

◮ Finitary satisfiability problem for LTL↓ restricted to F and

◮ to a single register is nonprimitive recursive too. ◮ to two registers is undecidable.

[Figueira & Segoufin, MFCS’09]

A Logic for Repeating Values

Models & basic constraints

◮ σ : [0, ℓ − 1] → (VAR → N), ℓ ≥ 1:

x y . . . z 9 7 9 4 7 8 5 4 7 4 5 4 4 2 2 1 9 8 4 2 4 8 4 2 4 4 . . . . . . . . . . . . . . . . . . . . . . . . . . .

◮ Local constraints:

x ≈ Xy ¬(x ≈ X2y) ¬(z ≈ Xz) ↓x

1 X ↑y 1

¬ ↓x

1 X2 ↑y 1

¬ ↓z

1 X ↑z 1 ◮ Global (repeating) constraints:

x ≈ ⊤?y y ≈ φ?y ↓x

1 XF(⊤∧ ↑y 1)

↓y

1 XF(φ∧ ↑y 1) ◮ + standard LTL operators.

Syntax & semantics

φ ::= x ≈ Xiy | x ≈ φ?y | x ≈ φ?y | φ∧φ | ¬φ | Xφ | φUφ | X−1φ | φSφ σ, i | = x ≈ Xjy iff i + j < |σ| and σ(i)(x) = σ(i + j)(y) σ, i | = x ≈ φ?y iff there exists j such that i < j < |σ|, σ(i)(x) = σ(j)(y) and σ, j | = φ σ, i | = x ≈ φ?y iff there exists j such that i < j < |σ|, σ(i)(x) = σ(j)(y) and σ, j | = φ σ, i | = Xφ iff i + 1 < |σ| and σ, i + 1 | = φ σ, i | = φSφ′ iff there is 0 ≤ j ≤ i such that σ, j | = φ′ and for every j < l ≤ i we have σ, l | = φ.

Related work

◮ Decidability of SAT(LRV⊤) by translation into the

reachability problem for VASS.

[Demri & D’Souza & Gascon, JLC 09]

◮ Satisfiability for FO2 “equivalent” to the reachability

problem for VASS.

[Boja´ nczyk et al., LICS’06]

◮ Satisfiability of basic data LTL “equivalent” to the

reachability problem for VASS.

[Kara & Schwentick & Zeume, FST&TCS’10]

◮ Basic data LTL BD-LTL+ extends LRV and in 2EXPSPACE.

[Decker et al., CONCUR’14]

Repeating Values and Counting

Restricting test formulae to ⊤

◮ There is a polynomial-time reduction from SAT(LRV) into

SAT(LRV≈).

◮ Introduction of variables to eliminate the subformulae of

the form x ≈ ψ?y and ¬(x ≈ ψ?y).

◮ There is a polynomial-time reduction from SAT(LRV≈) to

SAT(LRV⊤).

From satisfiability to reachability

◮ Vector addition systems with states (VASS).

c2++ c1−− c3++ c2++ c1−−

◮ Reachability problem: q0, 0 ∗

− → qf, 0? Control state reachability: q0, 0 ∗ − → qf, x for some x?

◮ φ ∈ LRV⊤ is satisfiable iff q0, 0 ∗

− → qf, 0 in Aφ.

◮ x ≈ ⊤?y ∧ x ≈ ⊤?z ∧ ¬(x ≈ Xy) ∧ ¬(x ≈ Xz) creates

an obligation for the current value of x to appear on y and

• n z.

◮ Increment the counter {y, z}. ◮ Decrement the counter {y, z} when the obligation is

satisfied, even partially.

From reachability to control state reachability

◮ φ ∈ LRV⊤ is satisfiable iff q0, 0 ∗

− → qf, 0 in Aφ. (bookkeepping of obligations)

◮ q0, 0 ∗

− → qf, 0 in Aφ iff q0, 0 ∗ − →gainy qf, 0 in Ainc. (structural properties of Aφ, Ainc slight variant of Aφ)

◮ q0, 0 ∗

− →gainy qf, 0 in Ainc iff qf, 0 ∗ − →lossy q0, 0 in Adec = reverse of Ainc. –by the reverse construction.

◮ qf, 0 ∗

− →lossy q0, 0 in Adec qf, 0 ∗ − → q0, x in Adec for some x. –losses can be moved to the end.

◮ 2EXPSPACE: control state reachability for VASS is in

EXPSPACE and |Adec| ∈ O(2p(|φ|)) – use of [Rackoff, TCS 78].

Counter systems with chained counters

◮ VASS ≈ FSA with n counters, no zero-tests but increments

and decrements.

◮ Chain system ≈ FSA with n chains of counters of

exponential length and access to counters via pointers. c0 c1 · · · ci−1 ci ci+1 · · · c2N−1 ↑

◮ Updates and guards on transitions (α ∈ [1, n]):

{inc(α), dec(α), next(α), prev(α), first(α)?, first(α)?, last(α)?, last(α)?}

◮ Control-state reachability problem for chain systems is in

• 2EXPSPACE. (EXPSPACE-complete for VASS)

◮ Chain system ≈ VASS with a succinct representation of an

exponential number of counters.

2EXPSPACE lower bound

◮ EXPSPACE-hardness of the control state reachability

problem for VASS.

[Lipton, TR 76]

◮ Reduction from the halting problem for counter automata

with counters bounded doubly exponentially.

◮ CA has zero-tests, VASS has no such tests. ◮ Each counter c in CA is simulated by c, c with the invariant

c + c = 22NK

◮ O(NK) auxiliary counters (22i+1 = 22i × 22i).

◮ 2EXPSPACE-hardness for chain systems by adapting

Lipton’s proof.

◮ O(NK) chains (instead of O(2NK ) counters with VASS). ◮ To factorize the encoding for all counters by just moving

pointers.

SAT(LRV) is 2EXPSPACE-hard (ideas)

◮ Chain system A with n chains of size 2N. ◮ We build a formula over the alphabet of transitions.

(model = accepting run)

◮ Standard counter-blind conditions easily expressible. ◮ Variables x and xα inc, xα dec, xα i for every chain α and for

every i ∈ [1, N].

◮ The values for x and for the xα i ’s determine a counter c in

[0, 2N − 1].

◮ Any two positions have different values of xα inc. ◮ For each position operating on c containing an instruction

‘first(α)?’ , we have c = 0.

◮ For each position operating on c, if it contains an

instruction ‘next(α)’ , then the next position operates on c + 1.

Extensions

Past obligations – PLRV

x y . . . z 9 4 8 5 4 7 4 5 4 4 2 2 1 9 8 7 4 4 8 ⇑ 4 2 4 4 . . . . . . . . . . . . . . . . . . . . . . . .

| = y ≈ ⊤?−1z

◮ There is a polynomial-time reduction from SAT(PLRV) into

SAT(PLRV⊤).

◮ SAT(PLRV⊤) is decidable [Demri & D’Souza & Gascon, JLC 09]. ◮ Polynomial-space reduction from Reach(VASS) into

SAT(PLRV).

◮ Same proof as the one in [Boja´

nczyk et al., LICS’06] for

FO2(∼, <, +1) except that PLRV is used.

Robustness

◮ SATω(LRV) is 2EXPSPACE-complete. ◮ SATω(PLRV) is decidable. ◮ For every k ≥ 1, SAT(LRV⊤ k ) is PSPACE-complete.

(use of Rackoff’s result on the covering problem for VASS)

◮ SAT(LRV1) is 2EXPSPACE-hard. ◮ SAT(LRVvec(X, U)) is undecidable.

σ, i | = (x1, x2) ≈ ϕ?(y1, y2) iff there exists j s.t. i < j < |σ|, σ, j | = ϕ, σ(i)(x1) = σ(j)(y2) & σ(i)(x2) = σ(j)(y2)

Concluding remarks

LRV⊤

k : PSPACE-complete

LRV ≡ LRV⊤ ≡ LRV1 ≡ LRV + {⊕1, . . . , ⊕k} : 2EXPSPACE-complete PLRV ≡ PLRV⊤ ≡ PLRV1≡ Reach(VASS) LRV⊤

vec : undecidable