Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Extending Alloy with Partial Instances.

44 views

Published on

Presenting my paper in ABZ12:
V. Montaghami, and D. Rayside. Extending Alloy with Partial Instances. In Lecture Notes in Computer Science Volume 7316, ABZ12, pp. 122-135.

Published in: Software
  • Be the first to comment

  • Be the first to like this

Extending Alloy with Partial Instances.

  1. 1. Extending Alloy with Partial Instances Vajih Montaghami Derek Rayside iFM & ABZ 2012
  2. 2. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Motivation Alloy’s main deficiency as a general- purpose problem description language is its lack of support for partial instances. 2 E.Torlak & D. Jackson 2007 Kodkod:A relational model finder • Torlak & Jackson added partial instance capability to the Alloy backend (Kodkod) • But they did not extend the Alloy surface syntax to support this new feature
  3. 3. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Linked List Example 3 sig Node{ next: lone Node, val: one Int} inst simple { −− introduce three atoms Node = head + middle + tail, −− exact bound for next relation next = head→middle + middle→tail, −− exact bound for val relation val = head→0 + middle→1 + tail→2 } PartialInstanceBlock
  4. 4. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Linked List Example 4 sig Node{ next: lone Node, val: one Int} inst single{ Node=n, no next, val=n→0} inst cyclic{ Node=a+b, next=a→b+b→a, val=a→0+b→1}
  5. 5. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Syntax by Example inst i { 4, Node = n + m, next includes n→m, val in n→0 + m→1 }{ not m.next = m } run {} for i 5 -- default sig size -- exact bound for sig -- lower bound for relation -- upper bound for relation -- appended fact -- access to atoms
  6. 6. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Syntax 6 Fig. 5 Grammar and preliminary type definitions (a) Grammar ⌅iBlk⇧ := ‘inst’ id (‘extends’ id)? ‘{’ ⌅iSt⇧[,⌅iSt⇧]* ‘}’ (‘{’ ⌅frml⇧ ‘}’)? ⌅iSt⇧ := ⌅n⇧ | ‘exactly’ ⌅n⇧ ⌅var⇧ | ⌅var⇧ ‘=’ ⌅iXpr⇧ | ⌅var⇧ ‘in’ ⌅iXpr⇧ | ⌅var⇧ ‘include’ ⌅iXpr⇧ | ⌅var⇧ ‘include’ ⌅iXpr⇧ ‘moreover’ ⌅iXpr⇧ | ‘no’ ⌅var⇧ ⌅iXpr⇧ := ⌅iXpr⇧ ‘->’ ⌅iXpr⇧ | ⌅iXpr⇧ ‘+’ ⌅iXpr⇧ | ‘(’ ⌅iXpr⇧ ‘)’ | ⌅atm⇧ (b ⌅pr ⌅u ⌅tp ⌅cn ⌅va ⌅at ⌅si ⌅si ⌅n upper and lower bounds
  7. 7. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Universe Construction 1. Default number for all sigs 2. Exactly number for specified sigs 3. Upper (in), lower (includes), and exact (=) bounds for specified sigs 7 Note: each entity name may occur on the LHS of at most one statement in an inst block.
  8. 8. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; File System Example sig File{} sig Dir{contents: set (Dir+File)} pred fileSystem[root:Dir]{ (File+Dir) in root.*contents --isReachable all d: Dir | not (d in d.^contents) --isAcyclic all d: (Dir+File) | #(d.~contents)<2 --One parent } inst i{ File in f0+f1+f2, --upperbound Dir = root+d0+d1, --exactbound contents include root→d0 --lowerbound }{ some d:Dir | d=root and fileSystem[d] } run {} for i 8
  9. 9. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Partial Instances in A4.2 By Fact • If inference succeeds: • Kodkod bounds • performs well • If inference fails: • SAT constraints • performs poorly • Non-modular 9 By Constant Function • Inlined as a constant expression • Performs well • Exact bounds only • Non-modular Only possible to express one partial instance
  10. 10. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Explicit Partial Instances 1. Expressive • exact, upper, and lower bounds 2. Modular • different instances for different analyses 3. Performant • translated as Kodkod bounds 10
  11. 11. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Performance Evaluation • New syntax improves performance. • Experiments: • Micro-benchmark • Refactored a working model 11
  12. 12. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Micro-benchmarking 12 one sig S0,S1 extends S{} fact {r=S0→S1+S1→S0} pred f[]{all s:S|S in s.^r} run f By fact sig S {r:S}
  13. 13. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Micro-benchmarking 13 one sig S0,S1 extends S{} fact {r=S0→S1+S1→S0} pred f[]{all s:S|S in s.^r} run f By fact By const-Funsig S {r:S} sig S {/* r:S*/} one sig S0,S1 extends S{} fun r[]:S→S {S0→S1+S1→S0} pred f[]{all s:S|S in s.^r} run f
  14. 14. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Micro-benchmarking one sig S0,S1 extends S{} fact {r=S0→S1+S1→S0} pred f[]{all s:S|S in s.^r} run f one sig S0,S1 extends S{} fun r[]:S→S {S0→S1+S1→S0} pred f[]{all s:S|S in s.^r} run f inst i {S=S0+S1, r=S0→S1+S1→S0} pred f[]{all s:S|S in s.^r} run f By fact Byinst-Block By const-Fun 14 sig S {r:S} sig S {/* r:S*/}
  15. 15. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; No SATVariables S0,..,S74 extends S{} r=S0->S1+...+S73->S74 15 0 2 4 6 8 10 10 20 30 40 50 60 70 GeneratedVariablesBySAT-solver Number of Sigs fact fun inst All approaches produce CNFs with zero variables. This is expected in the function and inst block cases. It occurs in the fact case because Alloy’s bound inference succeeded.
  16. 16. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Time Comparison Kodkod Translation Time SAT Solving Time 16 0 100 200 300 400 500 600 700 800 10 20 30 40 50 60 70 TranslationTime(ms)ByKodkod Number of Sigs fact fun inst 0 200 400 600 800 1000 1200 1400 10 20 30 40 50 60 70 SolvingTime(ms)BySAT-solver Number of Sigs fact fun inst fact fun inst
  17. 17. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Refactoring a real model 1.1x slower 4x faster 17 Model based on Z spec byY. Cai & K. Sullivan A4.2’ fact A4.2i inst SATVariables 59,953 59,664 SAT Clauses 162,417 162,642 KK Translation Time (ms) 11,188 12,742 SAT Solving Time (ms) 27,730 6,744 as expected
  18. 18. Extending Alloy with Partial Instances V. Montaghami; D. Rayside; Conclusion The BetaVersion: https://ece.uwaterloo.ca/~vmontagh/alloy/ 18 1. Expressive • Exact, upper, and lower bounds 2. Modular • Instances × analyses 3. Performant • Translated as Kodkod bounds 4. Use-cases (in paper): • Test-Driven Development • Regression Testing • Modelling by Example • Combined Modelling and Meta-Modelling Explicit partial instances

×