Coverability in 1-VASS with Disequality Tests

1 Introduction

Algorithmic properties of one-counter automata, including reachability, model checking, and equivalence, have been studied by many authors over several decades [2, 3, 4, 5, 6, 7, 8, 10]. The above references are a small subset of the extensive literature on one-counter automata, but they well illustrate that there are many variations on the basic model and that these variations can lead to the model having substantially different algorithmic properties. Particular features mentioned in the references above, driven by applications to automated verification and program analysis, include equality tests, disequality tests, inequality tests, parametric tests, binary updates, polynomial updates, and parametric updates.

Analysing the complexity of reachability in the presence of the features listed above leads to a rich complexity landscape. It is shown in [10] that control-state reachability is decidable in for a “plain vanilla” model of one-counter machine—namely with a counter taking values in the nonnegative integers with operations increment, decrement, and zero testing. Thinking of one-counter automata as one-dimensional vector addition systems with states (1-VASS), it is natural to allow the counter to be updated by adding integer constants in binary. In this case, still with equality tests, control-state reachability becomes -complete [8]. The upper bound here is non-trivial since, due to the binary encoding of integers, a computation that reaches the goal state may have length exponential in the size of the machine. If one enriches the model further by introducing inequality tests (comparing the counter with an integer constant) then control-state reachability becomes -complete [5]. A model of intermediate complexity is one with equality and disequality tests (introduced in [4], with applications to temporal-logic model checking). In this case the complexity of control-state reachability is open (between and ).

In this paper we consider 1-VASS with disequality tests, but no equality tests. Our main result is that the control-state reachability problem in this setting is solvable in polynomial time. This result confirms the intuition that disequality tests are weaker than equality tests. The main technical challenge to obtaining a polynomial-time bound is that a run witnessing that a given control state is reachable may have length exponential in the description of the counter automaton. A standard way to overcome this obstacle in related settings is to show that one may restrict attention to computations that fit a regular pattern (usually in terms of iterating a “small” number of cycles). Here the presence of disequality tests proves to be surprisingly disruptive: it destroys the monotonicity of the transition relation and prevents from freely iterating positive-weight cycles. (For example, the failure of monotonicity means that it is hard to determine whether all configurations in a given initial location are unbounded—see Figure 1—whereas the same problem for 1-VASS without tests is easily seen to be decidable in polynomial time.) Resolving the complexity of reachability for 1-VASS with both equality and disequality tests remains open. We hope that the techniques developed here can help solve this challenging problem.

To complement our main result we show that for 1-VASS without tests, control-state reachability (and hence also boundedness) is decidable in , i.e., the subclass of ¶ consisting of problems solvable in polylogarithmic parallel time. Problems in are in particular solvable in polylogarithmic space. Related to this Rosier and Yen [11] have shown that boundedness for VASS is -complete in case there are absolute bounds on the dimension and bit-size of integer vectors.

Due to constraints on space, most proofs appear in the appendix.

Figure 1: A 1-VASS with disequality tests, derived from a 3-CNF formula

φ

having propositional variables

X_{1}, \dots, X_{m}

and clauses

C_{1}, \dots, C_{n}

. Let

p_{1}, \dots, p_{m}

be the first

m

primes and write

P := p_{1} \dots p_{m}

for their product. Define

v a l : N \times {X_{1}, \dots, X_{m}} \to {0, 1}

v a l (u, X_{i}) = 1

if and only if

p_{i} ∣ u

. We have states

s_{1}, \dots, s_{n}

—one state for each clause—and an initial state

s_{0}

. Suppose that state

s

corresponds to a clause

C

that mentions variables

X_{i_{1}}, X_{i_{2}}, X_{i_{3}}

. Then we place a self-loop on

s

with increment

c_{i} := p_{i_{1}} p_{i_{2}} p_{i_{3}}

and define the domain

D_{s} \subseteq N

of allowable counter values in state

s

to exclude all values

u \in {P, P + 1, \dots, P + p_{i_{1}} p_{i_{2}} p_{i_{3}} - 1}

such that

v a l (u, \cdot)

satisfies the clause

C

. Given

u \in {0, 1, \dots, P - 1}

, the configuration

(s_{0}, u)

is bounded iff

v a l (u, \cdot)

satisfies

φ

. Hence

(s_{0}, u)

is unbounded for all

u \in N

iff

φ

is unsatisfiable (see Appendix A for a complete proof).

2 Definitions

We write $N$ to denote the set of all nonnegative integers $0, 1, 2, \dots$ In presenting our results we assume familiarity of the reader with basic graph theory and computational complexity.

One-Dimensional Vector Addition Systems with States and Tests.

A 1-VASS with disequality tests is a tuple $V = (Q, D, Δ, w)$ , where $Q$ is a set of states, $D = {D_{q}}_{q \in Q}$ is a collection of cofinite subsets $D_{q} \subseteq N$ , $Δ \subseteq Q \times Q$ is a set of transitions, and $w : Δ \to Z$ is a function that assigns an integer weight to each transition. In the special case that each $D_{q}$ equals $N$ , we simply call $V$ a 1-VASS (and we omit the collection $D$ ).

A configuration of $V$ is a pair $(q, z)$ comprising a state $q \in Q$ and a nonnegative integer $z \in N$ referred to as the counter value. We write $C o n f$ for the set $Q \times N$ of all configurations. We define a partial order on $C o n f$ by $(q, z) \leq (q^{'}, z^{'})$ if and only if $q = q^{'}$ and $z \leq z^{'}$ . A configuration $(q, z)$ is valid if $z \in D_{q}$ .

A path in $V$ is a sequence of states $π = q_{1}, \dots, q_{n}$ such that $(q_{i}, q_{i + 1}) \in Δ$ for all $i \in {1, \dots, n - 1}$ . We sometimes refer to such a path as a $q_{1}$ - $q_{n}$ path. Let $π^{'} = p_{1}, p_{2}, \dots, p_{m}$ be another path such that $q_{n} = p_{1}$ , we define $π_{1} \cdot π_{2} := q_{1}, \dots, q_{n}, p_{2}, \dots, p_{m}$ . Given states $p, q, r$ , a set $P$ of $p$ - $q$ paths, and a set $R$ of $q$ - $r$ paths, we define $P \cdot R := {π \cdot π^{'} ∣ π \in P, π^{'} \in R}$ . The weight of $π$ is defined to be $w e i g h t (π) := \sum_{i = 1}^{n - 1} w (q_{i}, q_{i + 1})$ . A (possibly empty) prefix of $π$ is said to be minimal if it has minimal weight among all prefixes of $π$ . Define $p m i n (π)$ to be the weight of a minimal prefix of $π$ .

A run is a sequence $(q_{1}, z_{1}), \dots, (q_{n}, z_{n})$ of configurations of $V$ such that there is a path $π = q_{1}, \dots, q_{n}$ with $z_{i + 1} = z_{i} + w (q_{i}, q_{i + 1})$ for $i = 1, \dots, n - 1$ . We write $(q_{1}, z_{1}) π \to (q_{n}, z_{n})$ to denote such a run. Observe that runs are not allowed to reach negative counter values. A valid run is a run whose configurations are all valid. Intuitively, a valid run through $q$ can proceed if and only if the current counter value is in $D_{q}$ .

In computational problems all numbers in the description of $V$ are given in binary. Given a state $q$ we represent the cofinite set $D_{q}$ as the complement of an explicitly given subset of $N$ . Given this convention, we can assume without loss of generality that for all states $q$ the set $D_{q}$ is either $N$ or $N ∖ {g}$ for some $g \in N$ ; see Appendix B. For states $q$ with $D_{q} = N ∖ {g}$ , we refer to the single missing value $g$ in the domain as the disequality guard on $q$ .

The Coverability and Unboundedness Problems.

Let $V = (Q, Δ, D, w)$ be a 1-VASS with disequality tests, and let $s$ and $t$ be two distinguished states of $V$ . The Coverability Problem asks whether there exists a valid run in $V$ from $(s, 0)$ to $(t, z)$ for some $z \in N$ (in which case we say that $(s, 0)$ can cover $t$ ). The Unboundedness Problem asks whether the set of configurations reachable from $(s, 0)$ is infinite (in which case we say that $(s, 0)$ is unbounded).

The Coverability problem reduces to the Unboundedness problem by, intuitively, forcing $(t, 0)$ to be unbounded using a positive cycle, and removing all states that cannot reach $t$ in the underlying graph of $V$ . In fact, the following holds.

There is an $\NC2$ -computable many-one reduction from the Coverability Problem to the Unboundedness Problem for 1-VASS with disequality tests.

Henceforth, we focus on the complexity of deciding the Unboundedness Problem. In Section 3 we prove that the Unboundedness Problem for 1-VASS with disequality tests is decidable in polynomial time. Since $\NC2⊆\lx@paragraphsign$ , by Lemma 2 we also have that the Coverability Problem in this setting is decidable in polynomial time. In Section 4 we prove that the Unboundedness Problem for 1-VASS (without disequality tests) is in $\NC2$ , and we deduce that the Coverability Problem for 1-VASS is decidable in $\NC2$ .

3 Unboundedness for 1-VASS with Disequality Tests

Fix a $1$ -VASS $V = (Q, D, Δ, w)$ with disequality tests and a distinguished state $s \in Q$ . We are interested in determining whether the configuration $(s, 0)$ is unbounded.

For a (possibly infinite) path $π = q_{1}, q_{2}, \dots$ , denote by $b l o c k e d (π)$ the set of $z \in N$ such that $π$ does not lift to a valid run from the configuration $(q_{1}, z)$ , i.e., the unique induced run either contains a negative counter value or violates a disequality guard.

Example. In Figure 2, since $41$ is the guard on $s_{5}$ the run $(s_{4}, 93), (s_{5}, 41), (s_{6}, 93)$ is not valid and $93 \in b l o c k e d (s_{4}, s_{5}, s_{6})$ . Observe that $b l o c k e d (s_{4}, s_{5}, s_{6}) = [0, 52) \cup {90, 93, 96}$ and $b l o c k e d ((s_{4}, s_{5}, s_{6})^{ω}) = [0, 52) \cup {52 \leq z \leq 96 ∣ z \equiv 0, 3, 6 (mod 9)}$ .

Recall that for a path $π$ , $p m i n (π)$ is the weight of a minimum-weight prefix of $π$ . Let $Q_{+} \subseteq Q$ be the set of states $q \in Q$ such that there is a positive-weight simple cycle on $q$ in the underlying graph of $V$ . For $q \in Q_{+}$ we pick a simple cycle $γ_{q}$ such that $p m i n (γ_{q}) \geq p m i n (γ)$ for any other positive-weight simple cycle $γ$ on $q$ ; write $W_{q}$ for $w e i g h t (γ_{q})$ . Define ${C o n f}_{+} := {(q, z) \in C o n f ∣ q \in Q_{+}, z + p m i n (γ_{q}) \geq 0}$ .

Figure 2: A 1-VASS with disequality tests. Disequality guards are denoted by

\neq

. For example, in state

s_{1}

the set

D_{s_{1}}

N ∖ {60}

, and no run goes through

s_{1}

if its current counter value is

60

Define a path to be primitive if no proper infix is a positive cycle (note though that a primitive path may itself be a positive cycle). We say that a run is primitive if the underlying path is primitive. Observe that if $ρ$ is a valid run, none of whose internal configurations lies in ${C o n f}_{+}$ , then $ρ$ is primitive.

Example. In Figure 2, for $s_{1} \in Q_{+}$ we pick the simple cycle $γ_{s_{1}} = s_{1}, s_{2}, s_{1}$ with $W_{s_{1}} = 6$ . Since $p m i n (γ_{s_{1}}) = 12$ , we have that ${z ∣ (s_{1}, z) \in {C o n f}_{+}} = [12, \infty)$ . Moreover, the path $s_{4}, s_{5}, s_{6}, s_{4}$ is primitive, but $s_{1}, s_{2}, s_{1}, s_{3}$ is not primitive.

A configuration $(s, 0)$ is unbounded if, and only if, $(s, 0)$ can reach an unbounded configuration in ${C o n f}_{+}$ .

In order to decide whether $(s, 0)$ is unbounded, by Proposition 3, it suffices to compute the set of unbounded configurations in ${C o n f}_{+}$ and determine whether $(s, 0)$ can reach this set. Define ${C o n f}_{\infty} \subseteq {C o n f}_{+}$ to be the set of all unbounded configurations in ${C o n f}_{+}$ . Observe that every configuration $(q, z) \in {C o n f}_{+}$ with $z \notin b l o c k e d (γ_{q}^{ω})$ can take the cycle $γ_{q}$ arbitrarily many times and is thus included in ${C o n f}_{\infty}$ . However, even if $z \in b l o c k e d (γ_{q}^{ω})$ , it may still be the case that $(q, z)$ is unbounded, by traversing more complicated paths.

Example. In Figure 2, all configurations $(s_{4}, z)$ with $z$ in $N ∖ b l o c k e d ((s_{4}, s_{5}, s_{6})^{ω}) = {52 \leq z \leq 96 ∣ z \equiv̸ 0, 3, 6 (mod 9)} \cup (96, \infty)$ are trivially unbounded and thus included in ${C o n f}_{\infty}$ . It will transpire that ${s_{4}} \times {54, 60, 63, 69} \subseteq {C o n f}_{\infty}$ even though ${54, 60, 63, 69} \in b l o c k e d ((s_{4}, s_{5}, s_{6})^{ω})$ .

In order to reason about the aforementioned complicated paths, we proceed as follows. In Section 3.1 we introduce residue classes and chains, which form a partition of ${C o n f}_{+}$ , and are the building blocks of our analysis. In Section 3.2 we characterize ${C o n f}_{\infty}$ as the limit of an inductive construction. This enables us to reason about the structure of ${C o n f}_{\infty}$ in Section 3.3. Finally, in Section 3.4 we show how to compute ${C o n f}_{\infty}$ and decide unboundedness.

3.1 Residue Classes and Chains

Given $q \in Q_{+}$ and $0 \leq r < W_{q}$ , we call the set of configurations ${(q, z) \in {C o n f}_{+} ∣ z \equiv r (mod W_{q})}$ a $q$ -residue class. We simply speak of a residue class if we do not want to specify the state $q$ . Given a $q$ -residue class $R$ , a set $C \subseteq R$ is called a $q$ -chain if it is a maximal subset of $R$ with the property that every pair of configurations $(q, z), (q, z^{'}) \in C$ with $z < z^{'}$ are connected by a valid run obtained by iterating the cycle $γ_{q}$ . Again, we speak of a chain if we do not want to specify the state $q$ .

Figure 3: We focus on states

s_{1}

s_{4}

, and

s_{10}

in the 1-VASS in Figure 2, each of which lies on a simple positive cycle. We also indicate which counter values prevent taking the associated positive cycle. For example, state

s_{4}

has the simple cycle

γ_{s_{4}}

with

W_{s_{4}} = 9

and taking

γ_{s_{4}}

from

{s_{4}} \times {90, 93, 96}

is not allowed due to disequality guards along

γ_{s_{4}}

. The columns underneath each state represent residue classes of that state in

{C o n f}_{+}

. We colour all unbounded chains in blue and all bounded chains in pink; thus all blue configurations form the set

U_{0}

We draw a distinction between bounded chains and unbounded chains, where a chain is bounded if and only if the associated set of counter values is bounded. An unbounded $q$ -chain $C$ is contained in ${C o n f}_{\infty}$ since the cycle $γ_{q}$ can be taken arbitrarily many times from any configuration in $C$ to yield a valid run.

For each $q$ -residue class $R$ , each guard value $z$ induces at most two bounded chains, namely configurations below $(q, z)$ , and the singleton ${(q, z)}$ (which is vacuously a chain). Since there are at most $| Q |$ guards, each residue class decomposes as a disjoint union of at most $2 | Q |$ bounded chains and a single unbounded chain. Intuitively, within each bounded chain we can iterate the cycle $γ_{q}$ until hitting a guard. We call a residue class $R$ trivial if it consists solely of a single unbounded chain. Note that the union of all bounded $q$ -chains is equal to ${C o n f}_{+} \cap {q} \times b l o c k e d (γ_{q}^{ω})$ .

Example. As indicated in Figure 3 for the running example, the residue classes ${s_{4}} \times (52 + i + 9 N)$ with $i \in {0, 1, 3, 4, 6, 7}$ are indeed trivial, while each residue class ${s_{4}} \times (52 + i + 9 N)$ with $i \in {2, 5, 8}$ consists of two bounded chains ${s_{4}} \times {52 \leq z < 88 + i ∣ z \equiv i (mod 9)}$ and ${s_{4}} \times {88 + i}$ , and a single unbounded chain ${s_{4}} \times (88 + i + 9 N)$ .

One of the main ideas in this section is to show that a configuration is unbounded if and only if it can reach an unbounded chain via a valid run whose underlying path $π$ has the form

π = π_{0} \cdot γ_{q_{1}}^{n_{1}} \cdot π_{1} \dots π_{k - 1} \cdot γ_{q_{k}}^{n_{k}} \cdot π_{k},

where $π_{0}, \dots, π_{k}$ are primitive paths and $n_{1}, \dots, n_{k}$ are non-negative integers. Moreover, we give a polynomial bound on the length of the $π_{i}$ and the magnitude of $k$ in terms of the size of the underlying 1-VASS (in general, the exponents $n_{i}$ may be exponential in the size of the 1-VASS). We also show how to detect the existence of such a path in polynomial time.

Recall the structure of $C o n f$ as a partially ordered set. We will use standard order-theoretic terminology and notation to refer to sets of configurations: in particular given sets of configurations $S, S^{'} \subseteq C o n f$ , we say that $S$ is downward closed in $S^{'}$ if for all $(q, z) \in S \cap S^{'}$ and $(q, z^{'}) \in S^{'}$ with $z^{'} \leq z$ , we have $(q, z^{'}) \in S$ .

3.2 Inductive Characterization of ${C o n f}_{\infty}$

We now give an inductive backward-reachability construction of the set of all configurations in ${C o n f}_{+}$ that can reach an unbounded chain. Since unbounded configurations can, in particular, reach unbounded chains, this set is exactly ${C o n f}_{\infty}$ .

In order for our inductive construction to converge in a polynomial number of steps, we essentially consider meta-transitions of the form $γ_{q}^{k} \cdot π$ for $γ_{q}$ a simple cycle, $k \in N$ , and $π$ a primitive path. Formally, we define an increasing sequence $U_{0} \subseteq U_{1} \subseteq U_{2} \subseteq \dots$ of subsets of ${C o n f}_{+}$ such that $⋃_{n \in N} U_{n} = {C o n f}_{\infty}$ . Define $U_{0}$ to be the union of the collection of unbounded chains. Given $n \in N$ we inductively construct $U_{n + 1}$ as follows. First, define $U_{n}^{'} \subseteq {C o n f}_{+}$ as the set of configurations $(q, z) \notin U_{n}$ whose distance to $U_{n}$ is minimal among all configurations in ${C o n f}_{+} ∖ U_{n}$ (here the distance of a configuration $(q, z)$ to $U_{n}$ is the length of the shortest valid run from $(q, z)$ to $U_{n}$ ). Now define $U_{n + 1} \subseteq {C o n f}_{+}$ to be the smallest set such that $U_{n}, U_{n}^{'} \subseteq U_{n + 1}$ and $U_{n + 1} \cap C$ is downward closed in every chain $C$ . Then $⋃_{n \in N} U_{n}$ is the set of configurations in ${C o n f}_{+}$ that can reach an unbounded chain which, as noted above, is equal to ${C o n f}_{\infty}$ .

By definition, a shortest run from a configuration $(q, z) \in U_{n + 1}^{'} ∖ U_{n}$ to $U_{n}$ has no internal configurations in ${C o n f}_{+}$ , and is therefore primitive.

(a) The set

U_{1}

is obtained from

U_{0}

in Figure 3.

(b) The set

U_{2}

Figure 4: The sets

U_{1}

and

U_{2}

of the running example. The blue configurations are in

U_{0}

; green ones are in

U_{1} ∖ U_{0}

; yellow one is in

U_{2} ∖ U_{1}

. The pink configurations are in

{C o n f}_{+} ∖ U_{1}

and

{C o n f}_{+} ∖ U_{2}

, respectively. While computing

U_{1}

, the green configurations

(s_{4}, 63)

and

(s_{4}, 69)

take the primitive path

π = s_{4}, s_{7}, s_{8}, s_{9}, s_{10}

U_{0}

. In all other pink configurations in

s_{4}

-chains, although enabled, the path

π

either hits a guard or ends in

(s_{10}, z) \in {C o n f}_{+} ∖ U_{1}

Example. Figure 3 indicates the set $U_{0}$ for the running example. Note that $U_{0}$ contains all trivial residue classes. Observe that $U_{1}^{'} = {(s_{4}, 63), (s_{4}, 69)}$ ; see Figure 3(a). These two configurations belong to two distinct chains. The downward closure of ${(s_{4}, 63)}$ in its chain is ${s_{4}} \times {54, 63}$ , and the downward closure of ${(s_{4}, 69)}$ in its chain is ${s_{4}} \times {60, 69}$ . We have that $U_{1} = U_{0} \cup ({s_{4}} \times {54, 60, 63, 69})$ . The second iteration to compute $U_{2}$ only adds the configuration $(s_{1}, 12)$ to $U_{1}$ ; see Figure 3(b). The sequence stabilizes in this iteration.

3.3 The Structure of ${C o n f}_{\infty}$

In this section we analyze the structure of ${C o n f}_{\infty}$ , based on its inductive characterization. This analysis will be key in obtaining a polynomial-time algorithm to compute ${C o n f}_{\infty}$ .

The guiding intuition is that for all $n$ the set $U_{n}$ is almost upward closed in each residue class $R$ . By this we mean that if $(q, z)$ is the least configuration in $R \cap U_{n}$ , then all but polynomially many configurations of $R$ above $(q, z)$ are also in $U_{n}$ . More specifically, we show that for any bounded chain $C$ in $R$ that lies above $(q, z)$ , although the number of configurations in $C$ may be exponential in $| Q |$ , the size of $C ∖ U_{n}$ is bounded by a polynomial in $| Q |$ . (Note here that the unique unbounded chain in $R$ is contained in $U_{0}$ and hence is contained in $U_{n}$ for all $n \in N$ .) Using this observation, we provide a polynomial bound on the number of iterations until the inductive construction converges. Indeed, in every iteration, unless a fixed point has been reached, there must exist some bounded chain $C$ such that the size of $C ∖ U_{n}$ strictly decreases. After showing that $C ∖ U_{n}$ is of polynomial size, we obtain a polynomial bound on the number of iterations until $U_{n}$ convergence by Remark 3.1.

We start by characterizing the paths between chains. Let $(q, z), (q^{'}, z^{'}) \in {C o n f}_{+}$ and let $(q, z) π \to (q^{'}, z^{'})$ be a (not necessarily valid) run such that $π$ is a primitive path. Then there exists a run $(q, z) π^{'} \to (q^{'}, z^{''})$ of length at most $| Q |^{2} + 2$ such that $(1)$ $p m i n (π^{'}) \geq p m i n (π)$ , $(2)$ $z^{''} \geq z^{'}$ , and $(3)$ the $q^{'}$ -residue class of $(q^{'}, z^{''})$ is either trivial or identical to that of $(q^{'}, z^{'})$ .

Given a $q$ -residue class $R$ , in general $U_{n}$ is not an upward closed subset of $R$ . The following definitions are intended to measure the defect of $U_{n}$ in this regard.

We say that a bounded chain $C$ that is contained in a residue class $R$ is $n$ -active if there exists a configuration in $U_{n} \cap R$ that lies below some configuration in $C$ . Let $C$ be an $n$ -active chain. Recall that $U_{n}$ is downward closed in $C$ and hence $C ∖ U_{n}$ is upward closed in $C$ . Suppose that $C ∖ U_{n}$ is non-empty, write $m_{1} := min {x : (q, x) \in C ∖ U_{n}}$ and $m_{2} := max {x : (q, x) \in C ∖ U_{n}}$ , and define $δ_{n} (C) := {(q, x) \in {C o n f}_{+} : m_{1} \leq x \leq m_{2} and (q, x) \notin U_{n}}$ . Thus $δ_{n} (C)$ contains all configurations in $C ∖ U_{n}$ , as well as all configurations “between” elements of $C ∖ U_{n}$ , apart from those that are themselves in $U_{n}$ . If $C ∖ U_{n} = \emptyset$ then we define $δ_{n} (C) := \emptyset$ . Finally for a residue class $R$ we write

δ_{n} (R) := ⋃ {δ_{n} (C) : C \subseteq R % an n -active chain} .

(1)

For $(q, x_{min})$ the least element in $R \cap U_{n}$ we have that $| {(q, x) \in R ∖ U_{n} : x_{min} \leq x} | \leq | δ_{n} (R) |$ .

Example. In Figure 3(a) consider the $1$ -active chain $C := {54, 63, 72, 81}$ . Since $C ∖ U_{1} = {72, 81}$ we have that $δ_{1} (C) = {72, 75, 78, 81}$ .

For all $n \in N$ and every chain $C$ we have that $| δ_{n} (C) | \leq | Q | \cdot | C ∖ U_{n} |$ .

We now come to the central technical part of the paper, controlling the growth of $δ_{n} (R)$ as a function of $n$ :

There exists a polynomial ${p o l y}_{2}$ such that for each residue class $R$ and all $n \in N$ we have $| δ_{n + 1} (R) | \leq max {| δ_{n} (R^{'}) | : R^{'} a residue class} + {p o l y}_{2} (| Q |)$ if $R$ contains a chain that is $(n + 1)$ -active but not $n$ -active.

Before proceeding to prove Lemma 3.3, we demonstrate the underlying intuition. Consider a configuration $(q, z) \in R \cap U_{n}^{'}$ that has a primitive path $π$ to a configuration $(q^{'}, z^{'}) \in U_{n - 1}$ . To prove Lemma 3.3, we argue that $π$ lifts to a valid run from a “dense” subset of configurations in ${(q, z^{''}) \in R : z^{''} \geq z}$ . There are two main cases in this argument based on whether one of the larger configurations in the chain induces a valid run ending in a trivial residue class.

Example. The first case occurs in obtaining $U_{1}$ from $U_{0}$ in the running example; see Figure 3(a). Consider the $s_{4}$ -chain $C := {54, 63, 72, 81}$ . The primitive path $s_{4}, s_{7}, s_{8}, s_{9}, s_{10}$ from the largest configuration $(s_{4}, 81)$ in $C$ leads to a non-trivial $s_{10}$ -residue class (out of $U_{0}$ ). However, one among the $n$ -next largest configurations in $C$ , for $n = | b l o c k e d (s_{4}, s_{7}, s_{8}, s_{9}, s_{10}) | \cdot | Q |$ , lifts to a valid run to a trivial $s_{10}$ -residue class. In the example, this is the case for $(s_{4}, 63)$ . The second case occurs in obtaining $U_{2}$ from $U_{1}$ in the running example; see Figure 3(b). Consider the $s_{1}$ -chain $C^{'} := {12, 18, 24, \dots, 54}$ . The primitive path $s_{1}, s_{3}, s_{4}$ , from none of the configurations in this chain, ends in a trivial $s_{4}$ -residue class. However, we provide a subtle argument to bound $| C^{'} ∖ U_{2} |$ with $| δ_{1} (C) | + {p o l y}_{2} (| Q |)$ .

Proof of Lemma 3.3.

Pick the minimal element $(q, z_{0}) \in R \cap U_{n + 1}^{'}$ . Moreover, let $(q^{'}, z^{'}) \in U_{n}$ and $(q, z_{0}) π \to (q^{'}, z^{'})$ be such that $π$ is a shortest run from $(q, z_{0})$ to $U_{n}$ . By Remark 3.2, $π$ is a primitive path. By Proposition 3.3 there is a run $(q, z_{0}) π^{'} \to (q^{'}, z^{''})$ , for some $z^{''} \geq z^{'}$ , such that $π^{'}$ has length at most $| Q |^{2} + 2$ , and the residue class $R^{'}$ of $(q^{'}, z^{''})$ is either trivial or the same as the residue class of $(q^{'}, z^{'})$ . (Note that we do not claim that $(q^{'}, z^{''}) \in U_{n}$ , nor that $π^{'}$ lifts to a valid run.) We now identify two cases according to the order of $W_{q}$ in the group $Z / Z W_{q^{'}}$ of integers modulo $W_{q^{'}}$ , which is $\frac{W_{q^{'}}}{gcd (W_{q}, W_{q^{'}})}$ . Recall that this quantity is the smallest $c \in N$ such that $W_{q} \cdot c \equiv 0 (mod W_{q^{'}})$ .

Case (i): $\frac{W_{q^{'}}}{gcd (W_{q}, W_{q^{'}})} > | Q |$ . We first show that $| C ∖ U_{n + 1} | \leq (| Q |^{2} + 2) (| Q | + 1)$ for every $(n + 1)$ -active chain $C$ in $R$ .

Let $C$ be an $(n + 1)$ -active chain of $R$ and suppose for a contradiction that $| C ∖ U_{n + 1} | > (| Q |^{2} + 2) (| Q | + 1)$ . Since $C$ is $(n + 1)$ -active, for every configuration $(q, z) \in C ∖ U_{n + 1}$ we have $z \geq z_{0}$ . Further, since $p m i n (π^{'}) + z_{0} \geq 0$ , $π^{'}$ can only be blocked on a configuration due to a violation of a disequality guard. Since the length of $π^{'}$ is at most $| Q |^{2} + 2$ , it follows that at most $| Q |^{2} + 2$ elements of $C ∖ U_{n + 1}$ lie in $b l o c k e d (π^{'})$ .

Recall that $C ∖ U_{n + 1}$ is upward closed in $C$ , so by the assumption that $| C ∖ U_{n + 1} | > (| Q |^{2} + 2) (| Q | + 1)$ , there exists a set $S := {(q, z_{1} + i W_{q}) : 0 \leq i \leq | Q |}$ of $| Q | + 1$ “consecutive” elements of $C ∖ U_{n + 1}$ , for some $z_{1}$ , such that no element of $S$ lies in $b l o c k e d (π^{'})$ . Then $π^{'}$ lifts to a valid run from each element of $S$ . Moreover, since the order of $W_{q}$ in $Z / Z W_{q^{'}}$ is assumed to be greater than $| Q |$ , the images of the elements of $S$ , after following $π^{'}$ , lie in pairwise distinct $q^{'}$ -residue classes. But the number of non-trivial $q^{'}$ -residue classes is at most $| Q |$ and hence some configuration in $S$ has a run over $π^{'}$ to a trivial $q^{'}$ -residue class and hence to $U_{n}$ . But then such a configuration lies in $U_{n + 1}$ , which is a contradiction.

We conclude that $| C ∖ U_{n + 1} | \leq (| Q |^{2} + 2) (| Q | + 1)$ for every $(n + 1)$ -active chain $C$ in $R$ . But then $| δ_{n + 1} (C) | \leq | Q | (| Q |^{2} + 2) (| Q | + 1)$ by Lemma 3.3. Finally, since $R$ comprises at most $2 | Q |$ bounded chains by Remark 3.1, we have that $| δ_{n + 1} (R) | \leq 2 | Q |^{2} (| Q |^{2} + 2) (| Q | + 1)$ .

Case (ii): $\frac{W_{q^{'}}}{gcd (W_{q}, W_{q^{'}})} \leq | Q |$ . For the residue classes $R$ and $R^{'}$ as above, define an injective partial mapping $Φ : δ_{n + 1} (R) \to δ_{n} (R^{'})$ by $Φ (q, x) = (q^{'}, x^{'})$ if and only if $x^{'} = x + w e i g h t (π^{'})$ and

Coverability in 1-VASS with Disequality Tests

Authors

Reachability in Two-Dimensional Vector Addition Systems with States: One Test is for Free

Reachability for Branching Concurrent Stochastic Games

Alleviating State-space Explosion in Component-based Systems with Distributed, Parallel Reachability Analysis Algorithm

Reachability in High Treewidth Graphs

Minkowski Sum of Polytopes Defined by Their Vertices

On the Decidability of Reachability in Linear Time-Invariant Systems

VASS reachability in three steps

1 Introduction

2 Definitions

One-Dimensional Vector Addition Systems with States and Tests.

The Coverability and Unboundedness Problems.

3 Unboundedness for 1-VASS with Disequality Tests

3.1 Residue Classes and Chains

3.2 Inductive Characterization of ${C o n f}_{\infty}$

3.3 The Structure of ${C o n f}_{\infty}$

Proof of Lemma 3.3.

Coverability in 1-VASS with Disequality Tests

Authors

Related Research

Reachability in Two-Dimensional Vector Addition Systems with States: One Test is for Free

Reachability for Branching Concurrent Stochastic Games

Alleviating State-space Explosion in Component-based Systems with Distributed, Parallel Reachability Analysis Algorithm

Reachability in High Treewidth Graphs

Minkowski Sum of Polytopes Defined by Their Vertices

On the Decidability of Reachability in Linear Time-Invariant Systems

VASS reachability in three steps

This week in AI

1 Introduction

2 Definitions

One-Dimensional Vector Addition Systems with States and Tests.

The Coverability and Unboundedness Problems.

3 Unboundedness for 1-VASS with Disequality Tests

3.1 Residue Classes and Chains

3.2 Inductive Characterization of Conf∞

3.3 The Structure of Conf∞

Proof of Lemma 3.3.

3.2 Inductive Characterization of ${C o n f}_{\infty}$

3.3 The Structure of ${C o n f}_{\infty}$