Parity to Safety in Polynomial Time for Pushdown and Collapsible Pushdown Systems

05/08/2018 ∙ by Matthew Hague, et al. ∙ TU BRAUNSCHWEIG Universität Saarland Royal Holloway, University of London 0

We give a direct polynomial-time reduction from parity games played over the configuration graphs of collapsible pushdown systems to safety games played over the same class of graphs. That a polynomial-time reduction would exist was known by complexity theory. Coming up with a direct reduction, however, has been an open problem. Our solution to the puzzle brings together a number of techniques for pushdown games and adds three new ones. This work contributes to a recent trend of liveness to safety reductions which allow the advanced state-of-the-art in safety checking to be used for more expressive specifications.



There are no comments yet.


page 1

page 2

page 3

page 4

This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.

1 Introduction

Model-checking games ask whether there is a strategy (or implementation) of a system that can satisfy required properties against an adversary (or environment). They give a natural method for reasoning about systems wrt. popular specification logics such as LTL, CTL, and the -calculus. The simplest specifications are reachability or safety properties, where the system either needs to reach a given good state or avoid a bad state (such as a null-pointer dereference). The most expressive logic typically studied is the -calculus, which subsumes LTL, CTL, and CTL [21]. One can reduce -calculus model checking in polynomial time to the analysis of parity games (op cit.) via a quite natural product of system and formula.

In the finite-state setting, while reachability and safety games can be solved in linear time and space, the best known algorithms for parity games are quasi-polynomial time [8] or quasi-linear space [17, 13]. For infinite-state games described by pushdown systems, or more generally, collapsible pushdown systems, the complexities match: EXPTIME-complete for solving reachability, safety [5, 31], and parity games [31] over pushdown systems, and -EXPTIME-complete for order- collapsible pushdown systems [11, 7, 23, 16].

Pushdown systems are an operational model for programs with (recursive) function calls. In such systems, a configuration has a control state from a finite set and a stack of characters from a finite alphabet (modeling the call stack). Collapsible pushdown systems [16] are an operational model for higher-order recursion as found in most languages (incl. Haskell, JavaScript, Python, C++, Java, …). They have a nested stack-of-stacks (e.g. an order- stack is a stack of stacks) and collapse links which provide access to calling contexts.

Given that safety and parity games over collapsible pushdown systems are complete for the same complexity classes, the problems must be inter-reducible in polynomial-time. However, a direct (without a detour via Turing machines) polynomial-time reduction from parity to safety has been an open problem 

[14]. To see why the reduction is difficult to find, note that a safety game is lost based on a finite prefix of a play while determining the winner of a parity game requires access to the infinitely many elements of a play. Complexity theory tells us that this gap can be bridged by access to the stack, with only polynomial overhead.

Our contribution is such a polynomial-time reduction from parity to safety. From a theoretical standpoint, it explains the matching complexities despite the difference in expressible properties. From a practical standpoint, it may help building model-checking tools for -calculus specifications. Indeed, competitive and highly optimized tools exist for analysing reachability and safety properties of higher-order recursion schemes (HorSat [6, 30, 19] and Preface [27] being the current state-of-the-art), but implementing efficient tools for parity games remains a problem [15, 22]. Having the reduction at hand can allow the use of safety tools for checking parity conditions, suggest the transfer of techniques and optimizations from safety to parity, and inspire new algorithms for parity games. Still, a complexity-theoretic result should only be considered a first step towards practical developments.

Reductions from parity to safety have been explored for the finite-state case by Bernet et al. [1], and for pushdown systems by Fridman and Zimmermann [14]

. We will refer to them as counter reductions, as they use counters to track the occurrences of odd ranks. These existing reductions are not polynomial. Berwanger and Doyen 

[2] showed that counter reductions can be made polynomial in the case of finite-state imperfect-information games.

Our solution to the puzzle brings together a number of techniques for pushdown games and contributes three new ones. We first show how to lift the existing counter reductions [1, 14] from first order to higher orders. For this we exploit a rank-awareness property of collapsible pushdown systems [16]. Secondly, we prove the correctness of this lifting by showing that it commutes with a reduction from order- to order- games [31, 16]. The polynomial-time reduction is then a compact encoding of the lifted counter reduction. It uses the ability of higher-order stacks to encode large numbers [7] and the insight that rank counters have a stack-like behavior, even in their compact encoding.

Much recent work verifies liveness properties via reductions to safety  [24, 10, 25, 26, 12] or reachability [20, 4] with promising results. For finite-state generalized parity games, Sohail and Somenzi show that pre-processing via a safety property can reduce the state space that a full parity algorithm needs to explore, giving competitive synthesis results for LTL [29]. In the case of infinite-state systems (including pushdowns), reductions from liveness (but not parity games) have been explored by Biere et al. [3] and Schuppan and Biere [28].

2 Preliminaries

We define games over collapsible pushdown systems (CPDS). For a full introduction see [16]. CPDS are an operational model of functional programs that is equivalent to higher-order recursion schemes (HORS) [16]. Without collapse, they correspond to safe HORS [18].

In the following, let be the set of natural numbers (including ) and denote the set .

2.1 Higher-Order Collapsible Stacks

Higher-order stacks are a nested stack-of-stacks structure whose stack characters are annotated by collapse links that point to a position in the stack. Intuitively, this position is the context in which the character was created. We describe the purpose of collapse links after some basic definitions. [Order- Collapsible Stacks] For , let be a finite set of stack characters together with a partition function111Readers familiar with CPDS may expect links to be pairs and the alphabet not to be partitioned by link order. The partition assumption is oft-used. It is always possible to tag each character with its link order using . Such a partition becomes crucial in Section 4. . An order- stack with up-to order- collapse links is an annotated character . An order- stack with up-to order- collapse links is a non-empty sequence (with ) such that each is an order- stack with up-to order- collapse links. By we denote the set of order- stacks with up-to order- links. In the sequel, we will refer to stacks in as order- stacks. By order- stack we will mean an order- stack with up-to order- links, where will be clear from the context.

Given an order- stack with up-to order- links , we define below the operation to return the topmost element of the topmost order- stack. Note that this element is of order-(). The top of a stack appears leftmost. The operation removes all but the last elements from the topmost order- stack. It does not change the order of the stack and requires .

For technical convenience, we will also define

which, we note, does not extend to or beyond.

The destination of a collapse link on with in a stack is , when defined. When , the link is considered null. We often omit irrelevant collapse links from characters to improve readability.

When is a -stack and is an -stack with , we define as the stack obtained by adding on top of the topmost -stack of . Formally,

When and let be an order- collapsible stack. The destination of the topmost link is . Furthermore, and . Here, .

Operations on Order- Collapsible Stacks

CPDS are programs with a finite control acting on collapsible stacks via the operations:

Operations of order copy the topmost element of the topmost order- stack. Order- push operations push onto the topmost order- stack and annotate it with an order- collapse link. When executed on a stack , the link destination is . A removes the topmost element from the topmost order- stack. The rewrite modifies the topmost stack character while maintaining the link (rewrite must respect the link order). Collapse, when executed on with , pops the topmost order- stack down to the last elements, captured by . Formally, for an order- stack :

  1. .

  2. when , where is the link order,

  3. when ,

  4. when and , and

  5. when and .

Note that since our definition of stacks does not permit empty stacks, is undefined if is empty and is undefined when . Thus, the empty stack cannot be reached using CPDS operations; instead, the offending operation will simply be unavailable. Likewise if a rewrite operation would change the order of the link. Recall Example 2.1 and that . Given the order- link of the topmost stack character , a collapse operation yields . Now . A on this stack results in . We have .

There is a subtlety in the interplay of collapse links and higher-order pushes. For a , links pointing outside of have the same destination in both copies of , while links pointing within point to different sub-stacks.

[] For convenience we use an operation which has no effect on the stack. We can simulate it by where is the topmost character (by the format of rules, below, we will always know the topmost character when applying an operation). Hence, it is not a proof case.

2.2 Collapsible Pushdown Systems and Games

[CPDS] An order- collapsible pushdown system is a tuple given by with a finite set of control states with initial control state , a finite stack alphabet with initial stack character and order function , a function assigning ranks to , and a set of rules. The size is . The remaining entries polynomially depend on and (note that is fixed). We attach ranks to CPDS instead of games as we later need the notion of rank-aware CPDS.

A configuration of a CPDS is a pair with and a stack . We have a transition if there is a rule with and . The initial configuration is where . To begin from another configuration, one can adjust the CPDS rules to build the required stack from the initial configuration. A computation is a sequence of configurations where and for all . Recall, transitions cannot empty a stack or rewrite the order of a link. [Games over CPDS] A game over a CPDS is a tuple , where is a CPDS, is a division of the control states of by owner Elvis () or Agnetha (), and is a winning condition. The size of the game is .

We call a safety game if for all and . It is a parity game if is the set of all sequences such that the smallest infinitely occurring rank is even.

We refer to computations as plays and require them to be infinite. This means every configuration has some successor . This does not lose generality as we can add to the CPDS transitions to a losing (as defined next) sink state (with self-loop) for from any configuration . A play is won by Elvis, if its sequence of ranks satisfies the winning condition, i.e.  Otherwise, Agnetha wins. When a play reaches , then the owner of chooses the rule to apply. A strategy for player is a function that returns an appropriate rule based on the prefix of the play seen so far. A play is according to if for all with we have via rule . The strategy is winning if all plays according to are won by . We say a player wins a game if they have a winning strategy from the initial configuration.

2.3 Rank-Aware Collapsible Pushdown Systems

We will often need to access the smallest rank that was seen in a play since some stack was created. Rank-aware CPDS record precisely this information [16]. We first define -ancestors which, intuitively, give the position in the play where the top order- stack was pushed. Note, in the definition below, the integer is unrelated to the collapse links. [-Ancestor] Let (resp. ). Given a play we attach an integer to every order- stack as follows. In all order- stacks are annotated by . Suppose was obtained from using operation (resp. ). Then the new topmost order- stack in is annotated with . If is obtained via a with , then all annotations on the order- stacks in the copied stack are also copied.

The -ancestor with of is the configuration where is the annotation of the topmost order- stack in . Let and . The link ancestor of is the -ancestor of the -ancestor of . Applying a operation will expose (a copy of) the topmost -stack of the -ancestor. To understand the notion of a link ancestor, remember that executed on a stack whose topmost order- stack is with has the effect of executing several times. The newly exposed topmost -stack is the same that would be exposed if

were applied at the moment the

character was pushed. This exposed stack is the same stack as is topmost on the -ancestor of the -ancestor of . We illustrate this with an example.

Assume some . Now take some containing the stack . Apply a operation to obtain with stack . Note, the topmost has -ancestor .

Now, let and obtain with , which thus contains the stack where the has the -ancestor .

We can now apply again to reach with stack . Note that both copies of have the -ancestor . Moreover, the link ancestor of both is . That is, the -ancestor of the topmost stack of . In particular, applying at results in a configuration with stack , which is the same stack contained in .

In the below, intuitively, the level- rank is the smallest rank seen since the topmost stack was created. Similarly for the link-level rank. Our rank-awareness definition is from [16] but includes level- ranks as well. [Level Rank] For a given play the level- rank with (resp. link-level rank) at a configuration is the smallest rank of a control state in the sequence where is the -ancestor (link ancestor) of .

In the following definition, is a special symbol to be read as link.

[Rank-Aware] A rank-aware CPDS is a CPDS over stack characters , where is taken from a finite set and function has type (with the highest rank of a state in ). The requirement is that in all computations of the CPDS all configurations with top-of-stack character satisfy

Below, we slightly generalize a lemma from [16] to include safety games and level- ranks. Intuitively, we can obtain rank-awareness by keeping track of the required information in the stack characters and control states. [Rank-Aware] Given a parity (resp. safety) game over CPDS of order-, one can construct in polynomial time a rank-aware CPDS of the same order and a parity (resp. safety) game over such that Elvis wins the game over iff he wins the game over . Note, the number of functions is exponential in . However, since is fixed the construction is polynomial. In the sequel, we will assume that all CPDS are rank-aware.

3 Main Result and Proof Outline

In the following sections, we define a reduction which takes a parity game over a CPDS and returns a safety game of the same order. The main result follows. [From Parity to Safety, Efficient] Given a parity game , wins iff he wins . is polynomially large and computable in time polynomial in the size of . We outline how to define and prove it correct. First, we give a function reducing an order- parity game to an equivalent order- safety game. It extends Fridman and Zimmermann’s reduction [14] from first order to higher orders. In the finite-state setting, a related reduction appeared already in [1]. The idea is to count in the stack characters the occurrences of odd ranks. Elvis has to keep the counter values below , a threshold that is a parameter of the reduction. For completeness, this threshold has to be -fold exponential in the size of . Let and . We have the following lemma. [From Parity to Safety, Inefficient] Given a parity game played over an order- CPDS, there is a bound for some polynomial so that for all Elvis wins iff he wins the safety game . The size of is not polynomial, even for constant . The next step is to give an efficient reduction producing a safety game equivalent to . In particular can be computed in time polynomial only in the size of , not in . Thus, we can define from the main theorem to be .

Technically, relies on the insight that counter increments as performed by follow a stack discipline. Incrementing the th counter resets all counters for to zero. The upper bound combines this with the fact that collapsible pushdown systems can encode large counters [7]. The second step is summarized as follows. [From Inefficient to Efficient] Elvis wins iff he wins . Moreover, is polynomial-time computable. It should be clear that the above lemmas, once proven, yield the main theorem. For the equivalence stated there, note that is equivalent to the game by Lemma 3. This game, in turn, is equivalent to by Lemma 3.

The proof of Lemma 3 will be direct and is given in Section 7. We explain the proof of Lemma 3 here, which relies on a third reduction. We define a function called that takes an order- parity or safety game and produces an equivalent order-() parity or safety game. The reduction already appears in [16], and generalizes the one from [31]. Let

The proof of Lemma 3 chases the diagram below. We rely on the observation that the games and are equivalent, as stated in Lemma 3. The proof of Lemma 3 needs the reductions and can be found in Section 6. The commutativity argument yields the following proof, almost in category-theoretic style.

[ vs. ] Given and a parity game over an order- CPDS, Elvis wins iff Elvis wins .

Proof of Lemma 3.

We induct on the order. At order-, the result is due to Fridman and Zimmerman [14]. For the induction, without the bound, at order-, take a winning strategy for Elvis in . By [16], he has a winning strategy in . By induction, Elvis has a winning strategy in and by Lemma 3 also in when is suitably large. Finally, again by [16], Elvis can win . I.e., we chase the diagram above from to to to and then up to . To prove the opposite direction, simply follow the path in reverse.

We obtain the required bound in Appendix B. Intuitively, we have an exponential bound at order- by Fridman and Zimmerman. Thus, assume by induction we have a -fold exponential bound for order-. From an order- system we obtain an exponentially large order- system for which an -fold exponential bound is therefore needed. ∎

In Sections 4 and 5, we define and , and show Lemma 3 in Section 6. The reduction is defined in Section 7, which also sketches the proof of Lemma 3.

4 Order Reduction

We recall the reduction of [16] from order- to order- parity games. This reduction also works for safety games. It is a natural extension of Carayol et al. [9] for higher-order pushdown systems without collapse, which extended Walukiewicz’s reduction of pushdown parity games to finite-state parity games [31]. Due to space constraints, we only give the intuition here. It is useful when explaining the motivation behind the constructions in our parity to safety reduction. The full construction is in Appendix C.

Given an order- CPDS and a game we define an order- game over a CPDS . The order- CPDS simulates . The key operations are , , with , and when the link is order-. We say these operations are order-. The remaining operations are simulated directly on the stack of .

There is no on an order- stack. Instead, observe that if the stack is before the operation, it will return to after the corresponding (should it occur). Thus, we simulate by splitting the play into two branches. The first simulates the play between the and corresponding . The second simulates the play after the .

Instead of applying a

operation, Elvis makes a claim about the control states the play may pop to. Also necessary is information about the smallest rank seen in the play to the pop. This claim is recorded as a vector of sets of control states

which is held in the current control state. Each is a potential future of the play, meaning that the pushed stack may be popped to and the minimum rank seen since the push could be . Because Elvis does not have full control of the game, he cannot give a single control state and rank: Agnetha may force him to any of a number of situations.

Once this guess has been made, Agnetha chooses whether to simulate the first play (between the push and the pop) or the second (after the pop). In the first case, is stored in the control state. Then, when the pop occurs, Elvis wins if the destination control state is in where is the minimum rank seen (his claim was correct). In the second case, Agnetha picks a rank and moves the play directly to some control state in . This move has rank (as the minimum rank seen needs to contribute to the parity/safety condition). In both cases, the topmost order- stack does not change (as it would be the same in both plays).

To simulate a with and a corresponding we observe that the stack reached after the collapse is the same as that after a applied directly. Thus, the simulation is similar. To simulate the play up to the collapse, the current target set is stored with the new stack character . Then Elvis wins if a move performs a to a control state , where is the smallest rank seen since the order- stack, that was topmost at the moment of the original , was pushed. To simulate the play after the collapse, we can simulate a as above.

5 Counter Reduction

We reduce parity to safety games, generalizing Fridman and Zimmermann [14] which extended Bernet et al. [1]. This reduction is not polynomial and we show in Section 7 how to achieve the desired complexity. Correctness is Lemma 3 (From Parity to Safety, Inefficient).

We give the intuition here, with the detailed definition of appearing in Appendix D. The reduction maintains a counter for each odd rank, which can take any value between and . We also detail the counters below as they are needed in Section 7.

The insight of Bernet et al. is that, in a finite-state parity game of states, if Agnetha can force the play to pass through some odd rank for times without visiting a state of lower rank in between, then some state of rank is visited twice. Since parity games permit positional winning strategies, Agnetha can repeat the play from ad infinitum. Thus, the smallest infinitely occurring rank must be , and Agnetha wins the game.

Thus, Elvis plays a safety game: he must avoid visiting an odd rank too many times without a smaller rank being seen. In the safety game, counters

are added to the states, one for each odd rank. When a rank is seen, then, if it is odd, is incremented. Moreover, whether is odd or even, all counters for are reset to .

As the number of configurations is infinite, Bernet’s insight does not immediately generalize to pushdown games. However, Fridman and Zimmermann observed that, from Walukiewicz [31], a pushdown parity game can be reduced to a finite-state parity game (of exponential size) as described in the previous section. This finite-state parity game can be further reduced to a safety game with the addition of counters. Their contribution is then to transfer back the counters to the pushdown game, with the following reasoning.

Recall, a push move at is translated into a branch from a corresponding state in the finite-state game. There are several moves from , some of them simulate the push, the remaining moves simulate the play after the corresponding pop. When augmented with counters the states take the form . We see that, when simulating the pop in the finite-state game, the counter values are the same as in the moment when the push is simulated. That is, if we lift the counter construction to the pushdown game, after each pop move we need to reset the counters to their values at the corresponding push. Thus we store the counter values on the stack. For example, for a configuration where the current top of stack is and the current counter values are , the counter values at the moment when was first pushed are stored on the stack as .

This reasoning generalizes to any order . We store the counter values on the stack so that, when a operation occurs, we can retrieve the counter values at the corresponding , and similarly for . Note also that, when reducing from order- to order-, any branch corresponding to a play after a pop passes through a rank which is the smallest rank seen between the push and pop. Thus, in the safety game, after each pop or collapse we need to update the counter values using . Hence we require a rank-aware CPDS.

Let be the maximum rank, and, for convenience, assume it is odd. We maintain a vector of counters , one for each odd rank, stored in the stack alphabet as described above. We update these counters with operations that exist for all (including the even ranks). Operation resets the counters with to zero. If is odd, it moreover increments . If the bound is exceeded, an overflow occurs. Formally, if is odd and . Otherwise, where for each

6 Equivalence Result

We need equivalence of and for Lemma 3. The argument is that the two CPDS only differ in order of the components of their control states and stack characters. A subtlety is that when is applied first, the contents of are not control states of , but control states of . However, the additional information in the control states after has to be consistent with , which means we can directly translate between guesses over states in the original CPDS, and those over states of the CPDS after the counter reduction. The details are in Appendix E.

7 Polynomial Reduction

For a game over an order- CPDS, the counters in the game blow up by an -fold exponential factor. To avoid this we use the stack-like behaviour of the counters and a result due to Cachat and Walukiewicz [7], showing how to encode large counter values into the stack of a CPDS with only polynomial overhead (in fact, collapse is not needed).

7.1 Counter Encoding

Cachat and Walukiewicz propose a binary encoding that is nested in the sense that a bit is augmented by its position, and the position is (recursively) encoded in the same way. For example, number stored with bits is represented by . Since four bits are required to index bits, we encode position as . Finally, position of this encoding stored as . The players compete to (dis)prove that the indexing is done properly.

Formally we introduce distinct alphabets to encode counters for all odd ranks :

Here, is a polynomially-large set of characters for the indexing. The set are the bits to encode numbers. Let be the union of all .

The values of the counters are stored on the order- stack, with the least-significant bit topmost. The indices appear before each bit character. E.g., value for counter stored with five bits yields a sequence from . Actually, the encoding will always use all bits, which means its length will be -fold exponential.

Cachat and Walukiewicz provide game constructions to assert properties of the counter encodings. For this, play moves to a dedicated control state, from which Elvis wins iff the counters have the specified property. In [7], Elvis plays a reachability game from the dedicated state. We need the dual, with inverted state ownership and a safety winning condition, where the target state of the (former) reachability game has rank . Elvis’s goal will be to prove the encoding wrong (it violates a property) by means of safety, Agnetha tries to build up the counters correctly and, if asked, demonstrate correctness using reachability.

For all properties, the counter to be checked must appear directly on the top of the stack (topmost on the topmost order- stack). If any character outside is found, Agnetha loses. When two counters are compared, the first counter must appear directly at the top of the stack, while the second may be separated from the first by any sequence of characters from outside (these can be popped away). The first character found from begins the next encoding. Agnetha loses the game if none is found. The required properties are listed below.

  • Encoding Check (): For each rank , we have a control state . Agnetha can win the safety game from only if the topmost sequence of characters from is a correct encoding of a counter, in that all indices are present and correct.

  • Equals Check (): For each , we have a control state , from which Agnetha can win only if the topmost sequence of characters from is identical to the next topmost sequence of -characters. I.e., the two topmost th counter encodings are equal.

  • Counter Increment: Cachat and Walukiewicz do not define increment but it can be done via the basic rules of binary addition. We force Agnetha to increment the counter by first using to remove characters from until is found. Then, Agnetha must rewrite the to . Agnetha then performs as many operations as she wishes, where . Next, Elvis can accept this rewriting by continuing with the game, or challenge it by moving to . This ensures that Agnetha has put enough characters on the stack (with correct indexing) to restore the number to its full length.

In this encoding one can only increment the topmost counter on the stack. That is, to increment a counter, all counters above it must be erased. Fortunately, resets to zero all counters for ranks , meaning the counter updates follow a stack-like discipline. This enables the encoding to work. To store a character with counter values from the counter reduction with we store the character on top and beneath we encode , then and so on down to .

7.2 The Simulation

The following definition is completed in the following sections. Correctness is stated in Lemma 3 (From Inefficient to Efficient). The proof is formally detailed in Appendix F.

[] Given a parity game over the order- CPDS and a bound -fold exponential in the size of the game, we define the safety game where . The missing components are defined below.

We aim to simulate compactly. This simulation is move-by-move, as follows.

A of a character with counter values with (where the max-rank is ) is simulated by first pushing a special character to save the link (with ). Then, since the counter values are a copy of the preceding counter values on the stack, Agnetha pushes an encoding for using after which Elvis can accept the encoding, check that it is a proper encoding using , or check that it is a faithful copy of the preceding value of using . We do this for all odd ranks through to . Then the only move is to push with .

Each and , with , is simulated directly by the same operation. For a we (deterministically) remove all topmost characters (using ) up to and including the first (for some ). We simulate like , but we apply to .

A that does not change the counters can be simulated by rewriting the topmost character. If is applied, we force Agnetha to play as follows. If is even, Agnetha removes the counters for . She replaces them with zero values by pushing characters from . After each counter is rewritten, Elvis can accept the encoding, or challenge it with . Finally, is pushed onto the stack. If is odd, the counters for are removed as before. Then we do an increment as described above, with Elvis losing if the increment fails. Note, it fails only if there is no in the encoding, which means the counter is at its maximum value and there is an overflow (indicating Elvis loses the parity game). If it succeeds, zero values for the counters and are pushed to the stack as before.

Control States and Alphabet

We define the control states with and as well as the alphabet. First,

where is the maximum rank. The set is the control states of the Cachat-Walukiewicz games implementing and . The size is polynomial in . We have

to control the simulation of the operations as sketched above. We describe the states below.

The states in have the same rank and owner as in the Cachat-Walukiewicz games (more precisely the dual, see above). All other states have rank except which has rank . It (resp. ) is the losing sink for Elvis (resp. Agnetha). The states in are used as in to directly simulate . The owners are as in .

A state begins an application of . The top-of-stack character is saved by moving to . The owner of these states does not matter, we give them to Agnetha. In , the stack is popped down to the counter for . If is odd, the least significant zero is set to one. Then, control moves to . In , zero counters for ranks and above are pushed to the stack, followed by a push of and a return to control state . The state is owned by Agnetha. The state is used by Elvis to accept or challenge that the encoding has been re-established completely. It is owned by Elvis.

The controls copy the counters for ranks and above (the current values) and push the copies to the stack, followed by a push of and a return to control state . The state is owned by Agnetha. After this phase, the play moves to where Elvis can accept or test whether the copy has been done correctly. This state is owned by Elvis.

The controls and where are used to execute a or . For the latter, we pop to the next character, perform the collapse and record that the th counter needs to be incremented. In case the collapse is not possible (because it would empty the stack) play may also move to a sink state that is losing for the player who instigated the collapse. The case of pops . The owner in each case is as they will avoid moving to their (losing) sink state if the or is possible.

The alphabet and initial control state and stack character are

The alphabet is extended by the characters required for the counter and link encodings. Recall that is the union of the counter alphabets, which are of polynomial size. We use for the link characters. We assign and for all other .

The task of the initial state and initial stack character is to establish the encoding of in and then move to the initial state of . With the above description, will establish zeros in all counters (from to ), push the initial character of the given game, and move to state . The initial character is the correct bottom element for the encoding of .


The rules of follow and maintain the counters. contains (only) the following rules. First, we have which are the (dual of the) rules of Cachat and Walukiewicz implementing and . The rules simulating the operations appear below. Note, pop and collapse use rank-awareness. We give the increment and copy rules after the basic operations.

  • Order- push: when .

  • Character push: when and .

  • Rewrite: when .

  • Pop (): when and