1 / 36

Expand, Enlarge, and Check for Branching Vector Addition Systems

Expand, Enlarge, and Check for Branching Vector Addition Systems. Rupak Majumdar Zilong Wang. MPI-SWS. MPI-SWS. Branching Vector Addition Systems(BVAS). A generalization of vector addition systems (VAS ) A very expressive concurrency model spawn and wait

viho
Download Presentation

Expand, Enlarge, and Check for Branching Vector Addition Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Expand, Enlarge, and Check for Branching Vector Addition Systems Rupak Majumdar Zilong Wang MPI-SWS MPI-SWS

  2. Branching Vector Addition Systems(BVAS) • A generalization of vector addition systems (VAS) • A very expressive concurrency model • spawn and wait • asynchronous programming • Program safety coverability problem for BVAS

  3. Coverability Results 2EXPTIME-complete[Demri et al. 09]Nondeterministically guess a doubly exponential covering tree EXPSPACE-complete [Lipton 76, Rackoff 78]Nondeterministically guess a doubly exponential covering path • Backward reachability [Abdulla et al. 96] • [2EXPTIME: Bozzelli & Ganty 11] • Expand, Enlarge, and Check (EEC) [Geeraerts et al. 04][complexity unknown]

  4. Coverability Results 2EXPTIME-complete[Demri et al. 09]Nondeterministically guess a doubly exponential covering tree EXPSPACE-complete [Lipton 76, Rackoff 78]Nondeterministically guess a doubly exponential covering path • Backward reachability [Abdulla et al. 96] • [2EXPTIME: Bozzelli & Ganty 11] • EEC EEC [2EXPTIME] [EXPSPACE]

  5. Outline • Recap of EEC for VAS • Complexity analysis of EEC for VAS • Generalized to EEC for BVAS • Experimental results of EEC for BVAS

  6. Vector Addition System (VAS) • VAS • is the dimension of vectors • is the initial vector • is a finite set of unary rules

  7. Derivation initialvector unary rules dim (1, 2) (1, 2) + (2, -1) = (3, 1) (2, -1) (3, 1) (-1, -1) (3, 1) + (-1, -1) = (2, 0) (2, 0) (-1, -1) derives (1, -1)

  8. Coverability Problem is a covering(derivation) of if derives a vector such that Given a VAS and a target , is there a covering derivation of in ?

  9. EEC for VAS

  10. Truncated and Extended Derivations w.r.t a bound If a number > , truncate it to Normal Truncated ( = 2) Extended ( = 2) If a number > , extend it to

  11. EEC for VAS Yes Cover No Yes Uncover No

  12. Soundness and Completeness [Geeraerts et al. 04]

  13. Complexity Analysis

  14. EEC for VAS How many iterations are required for termination? Finite graph reachability. Size of the graph is Yes Cover No Yes Uncover No Finite graph reachability. Size of the graph is

  15. Definitions • Given a VAS and a vector , define • input size : number of bits required to encode and in binary • : the absolute value of the smallest negative integer in (i.e. the maximal decrease in one step of a derivation) • : the greatest integer in

  16. Lemmas Lemma 1 [Rackoff 78, Demri et al. 09]: If there is a covering derivation of , there is one whose length is at most Lemma 2: For all , if there is a covering extended derivation of , there is one whose length is at most

  17. Theorem Theorem 1: EEC for VAS terminates in iterations Pf: Let We show: If is coverable, there is a covering truncated derivation If is uncoverable, there is no covering extended derivation

  18. Proof of Claim 1 If is coverable, there is a covering truncated derivation No truncation in By Lemma 1:

  19. Proof of Claim 1 If is coverable, there is a covering truncated derivation There is a truncation in By Lemma 1:

  20. Theorem Theorem 1: EEC for VAS terminates in iterations Pf: Let We show: If is coverable, there is a covering truncated derivation If is uncoverable, there is no covering extended derivation ✓

  21. Proof of Claim 2 If is uncoverable, there is no covering extended derivation No extension in By Lemma 2:

  22. Proof of Claim 2 If is uncoverable, there is no covering extended derivation There is an extension in By Lemma 2:

  23. Theorem Theorem 1: EEC for VAS terminates in iterations Pf: Let We show: If is coverable, there is a covering truncated derivation If is uncoverable, there is no covering extended derivation ✓ ✓

  24. Theorem 1: EEC for VAS terminates in iterations Theorem 2: EEC for VAS is in EXPSPACE • Pf: • By Theorem 1, = • Each iteration solves two finite graph reachabilityproblems • Each graph has at most or nodes , which is • Finite graph reachability problem is in NLOGSPACE

  25. Branching Vector Addition System

  26. BVAS • BVAS • is the dimension of vectors • is a finite set of axioms • is a finite set of unary rules • is a finite set of binary rules

  27. Derivation binary rule dim axioms unary rules (3, 2) (0, 1) (1, 0) (0, 2) (4, 2) (0, 3) (0, -4) (0,3)+(4,2)+(0,-4)=(4, 1) (1, 0) (5, 1) (0, 1) (0, -4) derives (5, 1) (5, -2)

  28. Coverability Problem is a covering(derivation) of if derives a vector such that Given a BVAS and a target , is there a covering derivation of in ?

  29. EEC for BVAS These are trees Yes Cover No Yes Uncover No

  30. Theorems about EEC for BVAS Theorem 4: EEC for BVAS terminates in iterations Theorem 5: EEC for BVAS is in 2EXPTIME

  31. Implementation and Experimental Results

  32. Single-wait Programs [Bouajjani & Emmi 12] • A function can • call unboundedly many asynchronous functions running in parallel • wait till the first return value comes back • State reachability  BVAS coverability

  33. DNS lookup dns_server(Name) { ... // do something else do { post r0 <- lookup Name (fun ret->Result=ret); } while(*) ... // do something else ewaitr0; assert(is_valid_ip(Result)); ... // do something else } • Asynchronously make unboundedly many lookups • wait till the first return value that comes back. Can this assertion fail? lookup(Name) { // lookup() returns ip ... while(true) { allocate(Buf); post r1 <- server1 Name (fun ret->Buf=ret);//server1 returns err or ip post r1 <- server2 Name (fun ret->Buf=ret);//server2 returns err or ip ... // do something else ewait r1; if (Buf == err) { free(Buf); } return Buf; } } • Ask two remote servers for an ip address • wait for the first return value continue;

  34. Experimental Results

  35. Summary 2EXPTIME-complete[Demri et al. 09]Nondeterministically guess a doubly exponential covering tree EXPSPACE-complete [Lipton 76, Rackoff 78]Nondeterministically guess a doubly exponential covering path • Backward reachability [Abdulla et al. 96] • [2EXPTIME: Bozelli & Ganty 11] • EEC EEC [2EXPTIME] [EXPSPACE]

  36. Questions? www.mpi-sws.org/~zilong

More Related