Bounded Multipushdown Systemskshitij/publications/BD-csr13-slides.pdfStep 1: From MC to REP:...
29
Bounded Multipushdown Systems Complexity analyis of temporal model-checking problems Kshitij Bansal 1 , St´ ephane Demri 1,2 1 New York University 2 CNRS June 29, 2013 CSR, Yekaterinburg, Russia
Transcript of Bounded Multipushdown Systemskshitij/publications/BD-csr13-slides.pdfStep 1: From MC to REP:...
-
Bounded Multipushdown SystemsComplexity analyis of temporal model-checking problems
Kshitij Bansal1, Stéphane Demri1,2
1New York University 2CNRS
June 29, 2013CSR, Yekaterinburg, Russia
-
Pushdown systems
q0 q1
q2
P = (Q,N, Γ,∆), such that:
I Q is a non-empty finite set of states,I Γ is the finite stack alphabetI ∆ is the transition relation.
E.g. q0(a,push(b))−−−−−−−→ q1 ∈ ∆
-
Multipushdown systems
q0 q1
q2
1 2 3
P = (Q,N, Γ,∆1, . . . ,∆N), for some N ≥ 1 such that:I Q is a non-empty finite set of states,I Γ is the finite stack alphabetI for every s ∈ [N], ∆s is the transition relation acting on the
s-th stack.
E.g. q0(a,push(b))−−−−−−−→ q1 ∈ ∆1
-
Multipushdown systems: runs
Configuration: c = (q,w1,w2, . . .wN).Run: Sequence of configurations: c0 → c1 → . . . such thatconsecutive configurations respect transition relation.
Example of run.q1��→1
q2a�→2
q1aa→1
q1aba→1
q1aaa→2
q1aab→1
q1ab→1
q1�b
Natural for modeling stack behavior of concurrent programs.
-
What do we know?
Problem (REACH)
input: a multipushdown system, an initial state q0 and finalconfiguration c
question: Is there a run from (q0, (�)N) →∗ c ?
Theorem [Minsky’67]With just two stacks, the reachability problem is undecidable.
Theorem e.g. [Schwoon ’02]With one stack, polynomial time procedure for reachability.
This talkRestrictions of multipushdown systems in other directions to regaindecidability and understand complexity.
-
Restrictions on runs
Divide runs into “phases”. Ask if there is a run with finite numberof “phases” that satisfy.
I Context bounded (B-REACH): phase ≡ all operations only onone stackq1�
�→1
q2a�→2
q1aa→1
q1aba→1
q1aaa→2
q1aab→1
q1ab→1
q1�b· ·
I Phase bounded (PB-REACH): phase ≡ all pop operations onone stack
I Ordered pushdown systems (OB-REACH): operations only on“first” non-empty stack
Note: runs can be infinite, more general than considering bound onlength of runs
-
Restrictions on runs
Divide runs into “phases”. Ask if there is a run with finite numberof “phases” that satisfy.
I Context bounded (B-REACH): phase ≡ all operations only onone stackq1�
�→1
q2a�→2
q1aa→1
q1aba→1
q1aaa→2
q1aab→1
q1ab→1
q1�b· ·
I Phase bounded (PB-REACH): phase ≡ all pop operations onone stack
I Ordered pushdown systems (OB-REACH): operations only on“first” non-empty stack
Note: runs can be infinite, more general than considering bound onlength of runs
-
More expressive properties of runs
Problem (Repeated reachability)
input: (P, q0,F ) : P multi-pushdown system, q0 ∈ Q initalstate, and F is a Büchi acceptance set.
question: ∃ infinite run ρ from(q0, (�)
N)
such that a qf ∈ F isrepeated infinitely often?
Problem (Model checking)
input: (P, q0, φ) where P is a multi-pushdown system, q0initial state, φ a formula specifying property on runs,
question: ∃ infinite run ρ from(q0, (�)
N)
such that ρ |= φ?
-
More expressive properties of runs
Problem (Repeated reachability)
input: (P, q0,F ) : P multi-pushdown system, q0 ∈ Q initalstate, and F is a Büchi acceptance set.
question: ∃ infinite run ρ from(q0, (�)
N)
such that a qf ∈ F isrepeated infinitely often?
Problem (Model checking)
input: (P, q0, φ) where P is a multi-pushdown system, q0initial state, φ a formula specifying property on runs,
question: ∃ infinite run ρ from(q0, (�)
N)
such that ρ |= φ?
-
What kind of properties?
Properties
I Current state?
I Current thread?
I Current stack operation – push, pop etc.
I Current stack contents? In particular, we consider regularityconstraints. [Esparza, Kučera, S. Schwoon ’01](given automata A over Σ and stack s: is the content ofstack s accepted by A).
When in the run?
I LTL operators: next, until, finally etc.I Call and returns: “when the function returns”, “the function
that called”. [Alur, Etessami, Madhusudan ’04]I parameterized by stack.
-
What kind of properties?
Properties
I Current state?
I Current thread?
I Current stack operation – push, pop etc.
I Current stack contents? In particular, we consider regularityconstraints. [Esparza, Kučera, S. Schwoon ’01]
(given automata A over Σ and stack s: is the content ofstack s accepted by A).
When in the run?
I LTL operators: next, until, finally etc.I Call and returns: “when the function returns”, “the function
that called”. [Alur, Etessami, Madhusudan ’04]I parameterized by stack.
-
What kind of properties?
Properties
I Current state?
I Current thread?
I Current stack operation – push, pop etc.
I Current stack contents? In particular, we consider regularityconstraints. [Esparza, Kučera, S. Schwoon ’01](given automata A over Σ and stack s: is the content ofstack s accepted by A).
When in the run?
I LTL operators: next, until, finally etc.I Call and returns: “when the function returns”, “the function
that called”. [Alur, Etessami, Madhusudan ’04]I parameterized by stack.
-
What kind of properties?
Properties
I Current state?
I Current thread?
I Current stack operation – push, pop etc.
I Current stack contents? In particular, we consider regularityconstraints. [Esparza, Kučera, S. Schwoon ’01](given automata A over Σ and stack s: is the content ofstack s accepted by A).
When in the run?
I LTL operators: next, until, finally etc.I Call and returns: “when the function returns”, “the function
that called”. [Alur, Etessami, Madhusudan ’04]I parameterized by stack.
-
Multi-CaRetreg : A logic of calls and returns for multiplestacks with regularity constraints
φ := q | s | in(s,A) | call | return | internal| Xφ | φUφ | Xasφ | φUasφ | Xcsφ | φUcsφ| φ ∨ φ | ¬φ
where s ∈ [N], q ∈ Q.
ρ, t |= q iff state at position t is qρ, t |= s iff active thread at t is sρ, t |= in(s,A) iff w ts ∈ L(A)ρ, t |= Xabstracts φ iff ρ,Nextabstract,sρ (t) |= φ
Nextabstract,sρ (t) is defined as next position when the same stackactive within the same call.
-
Example
Xabstract1
Xabstract1 Xabstract1 : undefined
Xabstract1
Xabstract1 in(1,A) =⇒ in(1,A)
Can be used to express other related operators, like:
I Xsφ ≡ (¬sU(s ∧ φ)),I Xaφ ≡ (
∧s(s ⇒ Xasφ)),
I φ1Uaφ2 ≡ (
∧s(s ⇒ φ1Uasφ2)).
-
Example
Xabstract1
Xabstract1 Xabstract1 : undefined
Xabstract1
Xabstract1 in(1,A) =⇒ in(1,A)
Can be used to express other related operators, like:
I Xsφ ≡ (¬sU(s ∧ φ)),I Xaφ ≡ (
∧s(s ⇒ Xasφ)),
I φ1Uaφ2 ≡ (
∧s(s ⇒ φ1Uasφ2)).
-
Example
Xabstract1
Xabstract1 Xabstract1 : undefined
Xabstract1
Xabstract1 in(1,A) =⇒ in(1,A)
Can be used to express other related operators, like:
I Xsφ ≡ (¬sU(s ∧ φ)),I Xaφ ≡ (
∧s(s ⇒ Xasφ)),
I φ1Uaφ2 ≡ (
∧s(s ⇒ φ1Uasφ2)).
-
What was known?
Reach Rep LTL (Multi)CaRet
One stack P P ExpTime ExpTime-complete -complete
k-context* NP ExpTime ExpTime ExpTimebounded -comp (this paper)
*k part of input, encoded in unary
Step 1
Step 2
-
What is now known?
Reach Rep LTL (Multi)CaRet
One stack P P ExpTime ExpTime-complete -complete
k-context* NP ExpTime ExpTime ExpTimebounded -comp (this paper)
*k part of input, encoded in unary
Step 1
Step 2
-
What is now known?
Reach Rep LTL (Multi)CaRet
One stack P P ExpTime ExpTime-complete -complete
k-context* NP ExpTime ExpTime ExpTimebounded -comp (this paper)
*k part of input, encoded in unary
Step 1
Step 2
-
Step 1: From Model-checking to Repeated reachability
P( Q , Γ , . . . ), φ
P̂( Q̂ , Γ̂ , . . . ), F
P has a run satisfying φ iff P̂ has a run with states in F infinitelyoften. (Büchi acceptance)
How?
I Simulate original system
I Keep extra information to verify satisfaction of formula.
What all information?
-
Step 1: From Model-checking to Repeated reachability
P( Q , Γ , . . . ), φ
P̂( Q × “extra” , Γ × “extra” , . . . ), F
P has a run satisfying φ iff P̂ has a run with states in F infinitelyoften. (Büchi acceptance)How?
I Simulate original system
I Keep extra information to verify satisfaction of formula.
What all information?
-
Step 1: From Model-checking to Repeated reachability
P( Q , Γ , . . . ), φ
P̂( Q × “extra” , Γ × “extra” , . . . ), F
P has a run satisfying φ iff P̂ has a run with states in F infinitelyoften. (Büchi acceptance)How?
I Simulate original system
I Keep extra information to verify satisfaction of formula.
What all information?
-
Step 1: From MC to REP: high-level details
In particular we track,
1. In state, about truth value of each subformula (Fischer-Ladnerclosure for LTL): but for each stack separately.
2. In stack, information about call and returns (CaRet).
3. In state, whether stack will ever be active again.
4. In state and stack, automata for satisfaction of regularityconstraint.
-
Step 1: From MC to REP: Upshot
MC (P, φ) REP(P̂,F)
size: |P|+ |φ| size: O(2p(|P|,|φ|))∃ρ |= φ ⇐⇒ ∃ accepting ρ̂
Operation on stacks, stack order as well as actions are preserved:
k-bounded ⇐⇒ k-boundedk-phase bounded ⇐⇒ k-phase-bounded�-bounded ⇐⇒ �-bounded
-
Step 2: Bounded repeated reachability: from N to 1 stacks
LemmaBREP can be solved in time O(|P|k+1 × p(k , |P|)) for somepolynomial p(·, ·).
At heart of complexity analysis of this step, two main ideas:
I For a pushdown system P, post∗(regular set of configurations)is regular. Also: can be done polynomial time, size of newautomata only additive in |P|. [Bouajjani, Esparza, Maler ’97]
I Repeated reachability for 1-stack is in P.[Boujanni, Esparza, Maler ’97]
Connect above two ideas by guessing context-switches andintermediate states.
-
Other restrictions
Rep Reach Multi-CaRetMC
One stack P ExpTime (CaRet)
k-Context bounded* ExpTime ExpTime-complete -complete
k-Phase bounded* 2-ExpTime 2-ExpTime
Order-bounded 2-ExpTime 2-ExpTime(2ETime-hard) (2ETime-hard)
*k part of input, encoded in unary. For binary encoding, 2ExpTime (resp.
3ExpTime) upper bound for context-bounded (resp. phase-bounded) MC.
Step 1: same analysis
Step 2: [Atig, Bollig, Habermehl ’08] for PBMC, [Atig ’10]for OBMP.
-
Related work
M. Atig, A. Bouajjani, K. N. Kumar, and P. Saivasan.Linear-time model-checking for multithreaded programs underscope-bounding.In ATVA’12, volume 7561 of LNCS, Springer.
S. La Torre and M. Napoli.A temporal logic for multi-threaded programs.In TCS’12, volume 7604 of LNCS, Springer.
P. Madhusudan and G. Parlato.The tree width of auxiliary storage.In POPL’11, pages 283–294. ACM.
B. Bollig, D. Kuske, and R. Mennicke.The complexity of model-checking multi-stack systems.In LICS’13.
-
Conclusion
I ExpTime bound for k-bounded runs, Multi-CaRet operators,regularity constraints on stacks. Matches hardness result forsingle-stack LTL model checking.
I Approaches to unificationI Classes of notions of boundedness (e.g., tree-width bounded).I Classes of logical operators (e.g., specifiable using classes of
MSO formulas).
