Reversal-Bounded Counter Machines St ephane Demri LSV, CNRS, ENS - PowerPoint PPT Presentation

Reversal-Bounded Counter Machines St´ ephane Demri LSV, CNRS, ENS Cachan Workshop on Logics for Resource-Bounded Agents, Barcelona, August 2015

Overview Presburger Counter Machines Reversal-Bounded Counter Machines Verifying Temporal Properties The Reversal-Boundedness Detection Problem

Presburger Counter Machines

Integer programs I Finite-state automaton with counters interpreted by non-negative integers. x 1 �� x 2 ++ x 1 �� x 2 ++ x 3 == 0 ?

Integer programs I Finite-state automaton with counters interpreted by non-negative integers. x 1 �� x 2 ++ x 1 �� x 2 ++ x 3 == 0 ? I Many applications: I Broadcast protocols, Petri nets, . . . I Programs with pointer variables. [Bouajjani et al., CAV’06] I Replicated finite-state programs. [Kaiser & Kroening & Wahl, CAV’10] I Relationships with data logics. [Boja´ nczyk et al., TOCL 11]

Integer programs I Finite-state automaton with counters interpreted by non-negative integers. x 1 �� x 2 ++ x 1 �� x 2 ++ x 3 == 0 ? I Many applications: I Broadcast protocols, Petri nets, . . . I Programs with pointer variables. [Bouajjani et al., CAV’06] I Replicated finite-state programs. [Kaiser & Kroening & Wahl, CAV’10] I Relationships with data logics. [Boja´ nczyk et al., TOCL 11] I Techniques for model-checking infinite-state systems are required for formal verification. I But, integer programs can simulate Turing machines. I Checking safety or liveness properties is undecidable.

Taming verification of counter machines I Design of subclasses with decidable reachability problems I Vector addition systems ( ⇡ Petri nets) [Kosaraju, STOC’82] I Flat relational counter machines. [Comon & Jurski, CAV’98] I Reversal-bounded counter machines. [Ibarra, JACM 78] I Flat affine counter machines with finite monoids. [Boigelot, PhD 98; Finkel & Leroux, FSTTCS’02] . . .

Taming verification of counter machines I Design of subclasses with decidable reachability problems I Vector addition systems ( ⇡ Petri nets) [Kosaraju, STOC’82] I Flat relational counter machines. [Comon & Jurski, CAV’98] I Reversal-bounded counter machines. [Ibarra, JACM 78] I Flat affine counter machines with finite monoids. [Boigelot, PhD 98; Finkel & Leroux, FSTTCS’02] . . . I Decision procedures I Translation into Presburger arithmetic. [Fribourg & Ols´ en, CONCUR’97; Finkel & Leroux, FSTTCS’02] I Direct analysis on runs. [Rackoff, TCS 78] I Approximating reachability sets. [Karp & Miller, JCSS 69] I Well-structured transition systems. [Finkel & Schnoebelen, TCS 01]

Taming verification of counter machines I Design of subclasses with decidable reachability problems I Vector addition systems ( ⇡ Petri nets) [Kosaraju, STOC’82] I Flat relational counter machines. [Comon & Jurski, CAV’98] I Reversal-bounded counter machines. [Ibarra, JACM 78] I Flat affine counter machines with finite monoids. [Boigelot, PhD 98; Finkel & Leroux, FSTTCS’02] . . . I Decision procedures I Translation into Presburger arithmetic. [Fribourg & Ols´ en, CONCUR’97; Finkel & Leroux, FSTTCS’02] I Direct analysis on runs. [Rackoff, TCS 78] I Approximating reachability sets. [Karp & Miller, JCSS 69] I Well-structured transition systems. [Finkel & Schnoebelen, TCS 01] I Tools: F AST , L ASH , TR E X, FLATA, . . .

A fundamental decidable theory I First-order theory of h N , + , i introduced by Mojzesz Presburger (1929). I Many properties: decidability, quantifier elimination, quantifier-free fragment in NP, . . .

A fundamental decidable theory I First-order theory of h N , + , i introduced by Mojzesz Presburger (1929). I Many properties: decidability, quantifier elimination, quantifier-free fragment in NP, . . . I Terms t = a 1 x 1 + · · · + a n x n + k where a 1 , . . . , a n 2 N , k is in N and the x i ’s are variables. I Presburger formulae: φ ::= t  t 0 | ¬ φ | φ ^ φ | 9 x φ

Presburger arithmetic I Valuation v : VAR ! N + extension to all terms with def v ( a 1 x 1 + · · · + a n x n + k ) = a 1 v ( x 1 ) + · · · + a n v ( x n ) + k

Presburger arithmetic I Valuation v : VAR ! N + extension to all terms with def v ( a 1 x 1 + · · · + a n x n + k ) = a 1 v ( x 1 ) + · · · + a n v ( x n ) + k = t  t 0 iff v ( t )  v ( t 0 ) ; v | = φ ^ φ 0 iff v | I v | = φ 0 , = φ and v | def I v | = 9 x φ , there is n 2 N such that v [ x 7! n ] | = φ .

Presburger arithmetic I Valuation v : VAR ! N + extension to all terms with def v ( a 1 x 1 + · · · + a n x n + k ) = a 1 v ( x 1 ) + · · · + a n v ( x n ) + k = t  t 0 iff v ( t )  v ( t 0 ) ; v | = φ ^ φ 0 iff v | I v | = φ 0 , = φ and v | def I v | = 9 x φ , there is n 2 N such that v [ x 7! n ] | = φ . I Formula φ ( x 1 , . . . , x n ) with n � 1 free variables: = { h v ( x 1 ) , . . . , v ( x n ) i 2 N n : v | def J φ ( x 1 , . . . , x n ) K = φ } . def I φ is satisfiable , there is v such that v | = φ .

Decision procedures and tools I Quantifier elimination and refinements [Cooper, ML 72; Reddy & Loveland, STOC’78] I Tools dealing with quantifier-free PA, full PA or quantifier elimination: Z3, CVC4, Alt-Ergo, Yices2, Omega test.

Decision procedures and tools I Quantifier elimination and refinements [Cooper, ML 72; Reddy & Loveland, STOC’78] I Tools dealing with quantifier-free PA, full PA or quantifier elimination: Z3, CVC4, Alt-Ergo, Yices2, Omega test. I Automata-based approach. [B¨ uchi, ZML 60; Boudet & Comon, CAAP’96] I Automata-based tools for Presburger arithmetic: LIRA, suite of libraries TAPAS, MONA, and LASH.

Presburger counter machines I Presburger counter machine M = h Q , T , C i : I Q is a nonempty finite set of control states. I C is a finite set counters { x 1 , . . . , x d } for some d � 1, I d � 1 is the dimension. I T = finite set of transitions of the form t = h q , φ , q 0 i where q , q 0 2 Q and φ is a Presburger formula with free variables x 1 , . . . , x d , x 0 1 , . . . , x 0 d . inc ( 1 ) dec ( 1 ) inc ( 2 ) inc ( 2 ) zero ( 1 ) q 2 q 4 q 6 zero ( 2 ) inc ( 1 ) x 1 = 3x 3 9 z x 1 = 2z dec ( 1 ) q 1 q 10 q 11 q 8 q 9 inc ( 1 ) inc ( 2 ) zero ( 1 ) inc ( 2 ) inc ( 2 ) inc ( 1 ) zero ( 2 ) q 3 q 5 q 7 inc ( 2 ) dec ( 2 ) inc ( 1 ) I Configuration h q , x i 2 S = Q ⇥ N d .

Transition system T ( C ) I Transition system T ( C ) = h S , � !i : def I h q , x i � ! h q 0 , x 0 i , there is t = h q , φ , q 0 i such that v [ x x , x 0 x 0 ] | = φ dec ( x ) q 2 dec ( x ) zero ( x ) inc ( x ) q 1 q 3 h q 1 , 0 i h q 1 , 1 i h q 1 , 2 i h q 1 , 3 i h q 1 , 4 i h q 2 , 0 i h q 2 , 1 i h q 2 , 2 i h q 2 , 3 i h q 3 , 0 i ⇤ � ! : reflexive and transitive closure of � ! . I

Decision problems I Reachability problem: Input: PCM C , h q 0 , x 0 i and h q f , x f i . Question: h q 0 , x 0 i ⇤ � ! h q f , x f i ?

Decision problems I Reachability problem: Input: PCM C , h q 0 , x 0 i and h q f , x f i . Question: h q 0 , x 0 i ⇤ � ! h q f , x f i ? I Control state reachability problem: Input: PCM C , h q 0 , x 0 i and q f . Question: 9 x f h q 0 , x 0 i ⇤ � ! h q f , x f i ?

Decision problems I Reachability problem: Input: PCM C , h q 0 , x 0 i and h q f , x f i . Question: h q 0 , x 0 i ⇤ � ! h q f , x f i ? I Control state reachability problem: Input: PCM C , h q 0 , x 0 i and q f . Question: 9 x f h q 0 , x 0 i ⇤ � ! h q f , x f i ? I Control state repeated reachability problem: Input: PCM C , h q 0 , x 0 i and q f . Question: is there an infinite run starting from h q 0 , x 0 i such that the control state q f is repeated infinitely often?

Subclasses of Presburger counter machines φ g ^ φ u ! q 0 2 T s.t. I Counter machines (CM): transitions q � � � I φ g is a Boolean combination of atomic formulae of the form x � k , I φ u = V i = x i + b ( i ) where b 2 Z d . i 2 [ 1 , d ] x 0 I Minsky machines are counter machines. I Vector addition systems with states (VASS): all the >^ φ u ! q 0 . transitions are of the form q � � ( ⇡ Minsky machines without tests)

Reversal-bounded counter machines I Reversal: Alternation from nonincreasing mode to nondecreasing mode and vice-versa. � � � � � � � � � � � � � � � � I Sequence with 3 reversals: 001122333444433322233344445555554 I A run is r -reversal-bounded whenever the number of reversals of each counter is less or equal to r .

Semilinearity I Let h M , h q 0 , x 0 ii be r -reversal-bounded for some r � 0. For each control state q f , the set R = { y 2 N d : 9 run h q 0 , x 0 i ⇤ � ! h q f , y i } is effectively semilinear [Ibarra, JACM 78] . I I.e., one can compute effectively a Presburger formula φ such that J φ K = R .

Semilinearity I Let h M , h q 0 , x 0 ii be r -reversal-bounded for some r � 0. For each control state q f , the set R = { y 2 N d : 9 run h q 0 , x 0 i ⇤ � ! h q f , y i } is effectively semilinear [Ibarra, JACM 78] . I I.e., one can compute effectively a Presburger formula φ such that J φ K = R . I The reachability problem with bounded number of reversals: Input: CM M , h q , x i , h q 0 , x 0 i and r � 0. Question: Is there a run h q , x i ⇤ ! h q 0 , x 0 i s.t. each � counter performs during the run a number of reversals bounded by r ? I The problem is decidable (add tuples in the control states to count the numbers of reversals).