Successfully reported this slideshow.
Upcoming SlideShare
×

# Extending Alloy with Partial Instances.

44 views

Published on

Presenting my paper in ABZ12:
V. Montaghami, and D. Rayside. Extending Alloy with Partial Instances. In Lecture Notes in Computer Science Volume 7316, ABZ12, pp. 122-135.

Published in: Software
• Full Name
Comment goes here.

Are you sure you want to Yes No
• Be the first to comment

• Be the first to like this

### Extending Alloy with Partial Instances.

1. 1. Extending Alloy with Partial Instances Vajih Montaghami Derek Rayside iFM & ABZ 2012
2. 2. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Motivation Alloy’s main deﬁciency as a general- purpose problem description language is its lack of support for partial instances. 2 E.Torlak & D. Jackson 2007 Kodkod:A relational model ﬁnder • Torlak & Jackson added partial instance capability to the Alloy backend (Kodkod) • But they did not extend the Alloy surface syntax to support this new feature
3. 3. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Linked List Example 3 sig Node{ next: lone Node, val: one Int} inst simple { −− introduce three atoms Node = head + middle + tail, −− exact bound for next relation next = head→middle + middle→tail, −− exact bound for val relation val = head→0 + middle→1 + tail→2 } PartialInstanceBlock
4. 4. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Linked List Example 4 sig Node{ next: lone Node, val: one Int} inst single{ Node=n, no next, val=n→0} inst cyclic{ Node=a+b, next=a→b+b→a, val=a→0+b→1}
5. 5. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Syntax by Example inst i { 4, Node = n + m, next includes n→m, val in n→0 + m→1 }{ not m.next = m } run {} for i 5 -- default sig size -- exact bound for sig -- lower bound for relation -- upper bound for relation -- appended fact -- access to atoms
6. 6. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Syntax 6 Fig. 5 Grammar and preliminary type deﬁnitions (a) Grammar ⌅iBlk⇧ := ‘inst’ id (‘extends’ id)? ‘{’ ⌅iSt⇧[,⌅iSt⇧]* ‘}’ (‘{’ ⌅frml⇧ ‘}’)? ⌅iSt⇧ := ⌅n⇧ | ‘exactly’ ⌅n⇧ ⌅var⇧ | ⌅var⇧ ‘=’ ⌅iXpr⇧ | ⌅var⇧ ‘in’ ⌅iXpr⇧ | ⌅var⇧ ‘include’ ⌅iXpr⇧ | ⌅var⇧ ‘include’ ⌅iXpr⇧ ‘moreover’ ⌅iXpr⇧ | ‘no’ ⌅var⇧ ⌅iXpr⇧ := ⌅iXpr⇧ ‘->’ ⌅iXpr⇧ | ⌅iXpr⇧ ‘+’ ⌅iXpr⇧ | ‘(’ ⌅iXpr⇧ ‘)’ | ⌅atm⇧ (b ⌅pr ⌅u ⌅tp ⌅cn ⌅va ⌅at ⌅si ⌅si ⌅n upper and lower bounds
7. 7. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Universe Construction 1. Default number for all sigs 2. Exactly number for speciﬁed sigs 3. Upper (in), lower (includes), and exact (=) bounds for speciﬁed sigs 7 Note: each entity name may occur on the LHS of at most one statement in an inst block.
8. 8. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; File System Example sig File{} sig Dir{contents: set (Dir+File)} pred ﬁleSystem[root:Dir]{ (File+Dir) in root.*contents --isReachable all d: Dir | not (d in d.^contents) --isAcyclic all d: (Dir+File) | #(d.~contents)<2 --One parent } inst i{ File in f0+f1+f2, --upperbound Dir = root+d0+d1, --exactbound contents include root→d0 --lowerbound }{ some d:Dir | d=root and ﬁleSystem[d] } run {} for i 8
9. 9. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Partial Instances in A4.2 By Fact • If inference succeeds: • Kodkod bounds • performs well • If inference fails: • SAT constraints • performs poorly • Non-modular 9 By Constant Function • Inlined as a constant expression • Performs well • Exact bounds only • Non-modular Only possible to express one partial instance
10. 10. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Explicit Partial Instances 1. Expressive • exact, upper, and lower bounds 2. Modular • different instances for different analyses 3. Performant • translated as Kodkod bounds 10
11. 11. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Performance Evaluation • New syntax improves performance. • Experiments: • Micro-benchmark • Refactored a working model 11
12. 12. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Micro-benchmarking 12 one sig S0,S1 extends S{} fact {r=S0→S1+S1→S0} pred f[]{all s:S|S in s.^r} run f By fact sig S {r:S}
13. 13. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Micro-benchmarking 13 one sig S0,S1 extends S{} fact {r=S0→S1+S1→S0} pred f[]{all s:S|S in s.^r} run f By fact By const-Funsig S {r:S} sig S {/* r:S*/} one sig S0,S1 extends S{} fun r[]:S→S {S0→S1+S1→S0} pred f[]{all s:S|S in s.^r} run f
14. 14. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Micro-benchmarking one sig S0,S1 extends S{} fact {r=S0→S1+S1→S0} pred f[]{all s:S|S in s.^r} run f one sig S0,S1 extends S{} fun r[]:S→S {S0→S1+S1→S0} pred f[]{all s:S|S in s.^r} run f inst i {S=S0+S1, r=S0→S1+S1→S0} pred f[]{all s:S|S in s.^r} run f By fact Byinst-Block By const-Fun 14 sig S {r:S} sig S {/* r:S*/}
15. 15. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; No SATVariables S0,..,S74 extends S{} r=S0->S1+...+S73->S74 15 0 2 4 6 8 10 10 20 30 40 50 60 70 GeneratedVariablesBySAT-solver Number of Sigs fact fun inst All approaches produce CNFs with zero variables. This is expected in the function and inst block cases. It occurs in the fact case because Alloy’s bound inference succeeded.
16. 16. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Time Comparison Kodkod Translation Time SAT Solving Time 16 0 100 200 300 400 500 600 700 800 10 20 30 40 50 60 70 TranslationTime(ms)ByKodkod Number of Sigs fact fun inst 0 200 400 600 800 1000 1200 1400 10 20 30 40 50 60 70 SolvingTime(ms)BySAT-solver Number of Sigs fact fun inst fact fun inst
17. 17. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Refactoring a real model 1.1x slower 4x faster 17 Model based on Z spec byY. Cai & K. Sullivan A4.2’ fact A4.2i inst SATVariables 59,953 59,664 SAT Clauses 162,417 162,642 KK Translation Time (ms) 11,188 12,742 SAT Solving Time (ms) 27,730 6,744 as expected
18. 18. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Conclusion The BetaVersion: https://ece.uwaterloo.ca/~vmontagh/alloy/ 18 1. Expressive • Exact, upper, and lower bounds 2. Modular • Instances × analyses 3. Performant • Translated as Kodkod bounds 4. Use-cases (in paper): • Test-Driven Development • Regression Testing • Modelling by Example • Combined Modelling and Meta-Modelling Explicit partial instances