Commit 345b8c5b authored by Alexandre Duret-Lutz's avatar Alexandre Duret-Lutz
Browse files

doc: add org-mode documentation for user tools

* doc/org/.gitignore, doc/org/genltl.org, doc/org/ioltl.org,
doc/org/ltl2tgba.org, doc/org/ltl2tgta.org, doc/org/ltlcross.org,
doc/org/ltlfilt.org, doc/org/randltl.org, doc/org/tools.org: New files.
parent 2f5d961d
*.png
err
*.html
*.csv
*.json
scheck.ltl
sum.py
#+TITLE: =genltl=
#+EMAIL spot@lrde.epita.fr
#+OPTIONS: H:2 num:nil toc:t
#+LINK_UP: file:tools.html
This tool generates LTL formulas according to scalable patterns.
These pattern are usually taken from the literature (see the man page
for references). Sometimes the same pattern is given different names
in different papers, so we alias different option names to the same
pattern.
#+BEGIN_SRC sh :results verbatim :exports results
genltl --help | sed -n '/Pattern selection:/,/^$/p' | sed '1d;$d'
#+END_SRC
#+RESULTS:
#+begin_example
--and-f=RANGE, --gh-e=RANGE
F(p1)&F(p2)&...&F(pn)
--and-fg=RANGE FG(p1)&FG(p2)&...&FG(pn)
--and-gf=RANGE, --ccj-phi=RANGE, --gh-c2=RANGE
GF(p1)&GF(p2)&...&GF(pn)
--ccj-alpha=RANGE F(p1&F(p2&F(p3&...F(pn)))) &
F(q1&F(q2&F(q3&...F(qn))))
--ccj-beta=RANGE F(p&X(p&X(p&...X(p)))) & F(q&X(q&X(q&...X(q))))
--ccj-beta-prime=RANGE F(p&(Xp)&(XXp)&...(X...X(p))) &
F(q&(Xq)&(XXq)&...(X...X(q)))
--gh-q=RANGE (F(p1)|G(p2))&(F(p2)|G(p3))&... &(F(pn)|G(p{n+1}))
--gh-r=RANGE (GF(p1)|FG(p2))&(GF(p2)|FG(p3))&...
&(GF(pn)|FG(p{n+1}))
--go-theta=RANGE !((GF(p1)&GF(p2)&...&GF(pn)) -> G(q->F(r)))
--or-fg=RANGE, --ccj-xi=RANGE
FG(p1)|FG(p2)|...|FG(pn)
--or-g=RANGE, --gh-s=RANGE G(p1)|G(p2)|...|G(pn)
--or-gf=RANGE, --gh-c1=RANGE
GF(p1)|GF(p2)|...|GF(pn)
--r-left=RANGE (((p1 R p2) R p3) ... R pn)
--r-right=RANGE (p1 R (p2 R (... R pn)))
--rv-counter=RANGE n-bit counter
--rv-counter-carry=RANGE n-bit counter w/ carry
--rv-counter-carry-linear=RANGE
n-bit counter w/ carry (linear size)
--rv-counter-linear=RANGE n-bit counter (linear size)
--u-left=RANGE, --gh-u=RANGE
(((p1 U p2) U p3) ... U pn)
--u-right=RANGE, --gh-u2=RANGE, --go-phi=RANGE
(p1 U (p2 U (... U pn)))
#+end_example
An example is probably all it takes to explain how this tool works:
#+BEGIN_SRC sh :results verbatim :exports both
genltl --and-gf=1..5 --u-left=1..5
#+END_SRC
#+RESULTS:
#+begin_example
GFp1
GFp1 & GFp2
GFp1 & GFp2 & GFp3
GFp1 & GFp2 & GFp3 & GFp4
GFp1 & GFp2 & GFp3 & GFp4 & GFp5
p1
p1 U p2
(p1 U p2) U p3
((p1 U p2) U p3) U p4
(((p1 U p2) U p3) U p4) U p5
#+end_example
=genltl= supports the [[file:ioltl.org][common option for output of LTL formulas]], so you
may output these pattern for various tools.
Note that for the =--lbt= output, each formula is relabeled using
=p0=, =p1=, ... before it is output, when the pattern (like
=--ccj-alpha=) use different names.
# Local variables:
# eval: (setenv "PATH" (concat "../../src/bin" path-separator (getenv "PATH")))
# eval: (org-babel-do-load-languages 'org-babel-load-languages '((sh . t) (dot . t)))
# eval: (setq org-confirm-babel-evaluate nil)
# End:
# LocalWords: genltl num toc LTL scalable SRC sed gh pn fg FG gf qn
# LocalWords: ccj Xp XXp Xq XXq rv GFp lbt
#+TITLE: Common input and output options for LTL/PSL formulas
#+EMAIL spot@lrde.epita.fr
#+OPTIONS: H:2 num:nil toc:t
#+LINK_UP: file:tools.html
Spot supports different syntaxes for LTL/PSL formulas. This pages
document the options, common to all tools where it makes sense, that
are used to specify input and output of formula.
* Common input options
All tools that read LTL/PSL formulas implement the following options:
#+BEGIN_SRC sh :results verbatim :exports results
ltl2tgba --help | sed -n '/Input options:/,/^$/p' | sed '1d;$d'
#+END_SRC
#+RESULTS:
: -f, --formula=STRING process the formula STRING
: -F, --file=FILENAME process each line of FILENAME as a formula
: --lbt-input read all formulas using LBT's prefix syntax
: --lenient parenthesized blocks that cannot be parsed as
: subformulas are considered as atomic properties
=-f= is used to pass one formula one the command line, but this option can
be repeated to pass multiple formulas.
=-F= is used to read formulas from a file (one formula per line).
This option can also be repeated to pass multiple files. If the
filename specified is =-= (as in =-F-=), then formulas are read from
standard input.
** Default parser
Spot's default LTL parser is able to parse the syntaxes of many tools,
such as [[http://spinroot.com][Spin]], [[http://vlsi.colorado.edu/~rbloem/wring.html][Wring]], [[http://goal.im.ntu.edu.tw][Goal]], etc. For instance here are the preferred ways
to express the same formula for different tools.
# <<tab:formula-syntaxes>>
| Tool | Formula |
|--------------+-------------------------|
| Spot | =G(a -> (b R !c))= |
| Spot (UTF-8) | =□(a → (b R c̅))= |
| Spin | =[](a -> (b V !c))= |
| Wring | =G(a=1 -> (b=1 R c=0))= |
| Goal | =G(a --> (b R ~c))= |
Spot's default LTL parser will understand all of them.
For a complete definition of the supported operators, including PSL
operators, please refer to the =doc/tl/tl.pdf= document inside the
Spot distribution.
For Spot, an atomic proposition is any alphanumeric string that does
not start with the (upper case) characters =F=, =G=, or =X=. For
instance =gfa= is an atomic proposition, but =GFa= actually denotes
the LTL formula =G(F(a))=. Any double-quoted string is also
considered to be an atomic proposition, so if =GFa= had to be an
atomic proposition, it could be written
#+HTML: <code>"GFa"</code>
.
These double-quote string also make it possible to embed arbitrarily
complex expressions that represent an atomic proposition that Spot
should not try to interpret. For instance:
: "a < b" U "process[2]@ok"
** Lenient mode
In version 6, Spin extended its syntax to support arbitrary atomic expression
in LTL formulas. The previous formula would be written simply:
: (a < b) U (process[2]@ok)
While Spot cannot read the above syntax by default, it can do it if
you specify the =--lenient= option. (This global option affects all
formulas that are input.)
The same parser is used, however its processing of parenthesis blocks
is different: every time a parenthesis block is scanned, the parser
first tries to recursively parse the block as an LTL/PSL formula, and
if this parsing failed, the block is considered to be an atomic
proposition.
For instance =(a U b) U c= will be successfully converted into an LTL
formula with two operators, while parsing =(a + b < 2) U c= will
consider =a + b < 2= as an atomic proposition.
An unfortunate side-effect of =--lenient= parsing is that many syntax
errors will not be caught. Compare the following syntax error:
#+BEGIN_SRC sh :results verbatim :exports code
ltlfilt -f '(a U b U) U c'
#+END_SRC
#+RESULTS:
#+BEGIN_SRC sh :results verbatim :exports results
(ltlfilt -f '(a U b U) U c' 2>&1 | cat) | sed '/^$/d'
#+END_SRC
#+RESULTS:
: >>> (a U b U) U c
: ^
: syntax error, unexpected closing parenthesis
: >>> (a U b U) U c
: ^
: missing right operand for "until operator"
With the same command in =--lenient= mode:
#+BEGIN_SRC sh :results verbatim :exports both
ltlfilt --lenient -f '(a U b U) U c'
#+END_SRC
#+RESULTS:
: "a U b U" U c
Here =a U b U= was taken as an atomic proposition.
** Prefix parser
The prefix syntax used by tools such as [[http://www.tcs.hut.fi/Software/maria/tools/lbt/][LBT]], [[http://www.tcs.hut.fi/Software/lbtt/][LBTT]], or [[http://tcs.legacy.ics.tkk.fi/users/tlatvala/scheck/][scheck]], require
a different parser. For these tools, the above example formula has to
be written =G i p0 V p1 ! p2= (atomic propositions must start with =p=
and be followed by a number). Spot's =--lbt-input= option can be used
to activate the parser for this syntax.
As an extension to LBT's syntax, atomic propositions may also be
double-quoted. In that case they do not have to follow the "=p= +
number" rule.
=--lbt-input= is a global option that affects *all* formulas that are read.
* Common output options
All tools that output LTL/PSL formulas implement the following options:
#+BEGIN_SRC sh :results verbatim :exports results
ltlfilt --help | sed -n '/Output options:/,/^$/p' | sed '1d;$d'
#+END_SRC
#+RESULTS:
: -8, --utf8 output using UTF-8 characters
: -l, --lbt output in LBT's syntax
: -p, --full-parentheses output fully-parenthesized formulas
: -s, --spin output in Spin's syntax
: --spot output in Spot's syntax (default)
: --wring output in Wring's syntax
# LocalWords: syntaxes LTL PSL num toc SRC ltl tgba sed FILENAME
The =--spot=, =--utf-8=, =--spin=, =--wring= select different
output syntax as seen in [[tab:formula-syntaxes][the above table]]. The =-p= option can
be used to request that parenthesis be used at all levels.
Note that by default Spot always output parentheses around operators
such as =U=, because not all tools agree on their associativity. For
instance =a U b U c= is read by Spot as =a U (b U c)= (because =U= is
right-associative in the PSL standard), while Spin (among other tools)
with read it as =(a U b) U c=.
The =--lbt= option request an output in LBT's prefix format, and in
that case discussing associativity and parentheses makes no sense.
# LocalWords: lbt LBT's filename UTF gfa GFa ltlfilt LBTT scheck
# LocalWords: utf associativity
This diff is collapsed.
#+TITLE: =ltl2tgta=
#+EMAIL spot@lrde.epita.fr
#+OPTIONS: H:2 num:nil toc:t
#+LINK_UP: file:tools.html
This tool generates various form of Testing Automata, i.e., automata
that observe the /changes/ of atomic propositions, not their values.
Three types of automata can be output. The only output format
supported currently is [[http://http://www.graphviz.org/][GraphViz]]'s format, with option =-8= to enable
UTF-8 characters as in other tools.
The =--ta= option will translate a formula into Testing Automaton, as
described by [[http://spinroot.com/spin/Workshops/ws06/039.pdf][Geldenhuys and Hansen (Spin'06)]].
Here is the output on =a U Gb= (we omit the call to =dot=, as shown while
discussing [[file:ltl2tgba.org][=ltl2tgba=]]).
#+BEGIN_SRC sh :results verbatim :exports code
ltl2tgta --ta --multiple-init 'a U Gb'
#+END_SRC
#+RESULTS:
#+begin_example
digraph G {
-1 [label="", style=invis, height=0]
-1 -> 1 [label="a & b"]
-2 [label="", style=invis, height=0]
-2 -> 2 [label="a & !b"]
-3 [label="", style=invis, height=0]
-3 -> 3 [label="b & !a"]
1 [label="0\na & b",shape=box]
1 -> 3 [label="{a}\n"]
1 -> 2 [label="{b}\n"]
1 -> 4 [label="{a}\n"]
2 [label="1\na & !b"]
2 -> 1 [label="{b}\n"]
2 -> 3 [label="{a, b}\n"]
3 [label="2\nb & !a",shape=box]
3 -> 4 [label="{a}\n"]
4 [label="3",peripheries=2,shape=box]
4 -> 4 [label="{a}\n{Acc[1]}"]
}
#+end_example
#+NAME: augb-ta
#+BEGIN_SRC sh :results verbatim :exports none
ltl2tgta --ta --multiple-init 'a U Gb' | sed 's/\\/\\\\/'
#+END_SRC
#+RESULTS: augb-ta
#+begin_example
digraph G {
-1 [label="", style=invis, height=0]
-1 -> 1 [label="a & !b"]
-2 [label="", style=invis, height=0]
-2 -> 2 [label="b & !a"]
-3 [label="", style=invis, height=0]
-3 -> 3 [label="a & b"]
1 [label="2\\na & !b"]
1 -> 3 [label="{b}\\n"]
1 -> 2 [label="{a, b}\\n"]
2 [label="0\\nb & !a",shape=box]
2 -> 4 [label="{a}\\n"]
3 [label="1\\na & b",shape=box]
3 -> 2 [label="{a}\\n"]
3 -> 1 [label="{b}\\n"]
3 -> 4 [label="{a}\\n"]
4 [label="3",peripheries=2,shape=box]
4 -> 4 [label="{a}\\n{Acc[1]}"]
}
#+end_example
#+BEGIN_SRC dot :file augb-ta.png :cmdline -Tpng :var txt=augb-ta :exports results
$txt
#+END_SRC
#+RESULTS:
[[file:augb-ta.png]]
As always, the labels of the states have no influence on the language
recognized by the automaton. This automaton has three possible
initial states. The initial state should be chosen depending on the
initial valuation of =a= and =b= in the system to be synchronized with
this testing automaton. For instance if =a= is true and =b= false in
the initial state, the testing automaton should start in the state
pointed to by the initial arrow labeled =a & !b=. In the rest of the
testing automaton, the transitions are labeled by the sets of atomic
propositions that should change in the system for the testing
automaton to progress. States with a double enclosure are Büchi
accepting, meaning that any execution that visits one of these states
is accepting. All states have an implicit self-loop labeled by ={}=:
if the system progress without changing the value of =a= and =b=, the
testing automaton remains in the same state. Rectangle states are
livelock-accepting: any execution of the system that get stuck into
one of these state is accepting.
Without the =--multiple-init= option, a fake initial state is added.
This is the default since it often makes the result more readable.
#+BEGIN_SRC sh :results verbatim :exports code
ltl2tgta --ta 'a U Gb'
#+END_SRC
#+RESULTS:
#+begin_example
digraph G {
0 [label="", style=invis, height=0]
0 -> 1
1 [label=init]
1 -> 2 [label="b & !a\n"]
1 -> 3 [label="a & b\n"]
1 -> 4 [label="a & !b\n"]
2 [label="2",shape=box]
2 -> 5 [label="{a}\n"]
3 [label="3",shape=box]
3 -> 5 [label="{a}\n"]
3 -> 2 [label="{a}\n"]
3 -> 4 [label="{b}\n"]
4 [label="1"]
4 -> 3 [label="{b}\n"]
4 -> 2 [label="{a, b}\n"]
5 [label="4",peripheries=2,shape=box]
5 -> 5 [label="{a}\n{Acc[1]}"]
}
#+end_example
#+NAME: augb-ta2
#+BEGIN_SRC sh :results verbatim :exports none
ltl2tgta --ta 'a U Gb' | sed 's/\\/\\\\/'
#+END_SRC
#+RESULTS: augb-ta2
#+begin_example
digraph G {
0 [label="", style=invis, height=0]
0 -> 1
1 [label=init]
1 -> 2 [label="b & !a\\n"]
1 -> 3 [label="a & b\\n"]
1 -> 4 [label="a & !b\\n"]
2 [label="2",shape=box]
2 -> 5 [label="{a}\\n"]
3 [label="3",shape=box]
3 -> 2 [label="{a}\\n"]
3 -> 4 [label="{b}\\n"]
3 -> 5 [label="{a}\\n"]
4 [label="1"]
4 -> 3 [label="{b}\\n"]
4 -> 2 [label="{a, b}\\n"]
5 [label="4",peripheries=2,shape=box]
5 -> 5 [label="{a}\\n{Acc[1]}"]
}
#+end_example
#+BEGIN_SRC dot :file augb-ta2.png :cmdline -Tpng :var txt=augb-ta2 :exports results
$txt
#+END_SRC
#+RESULTS:
[[file:augb-ta2.png]]
The =--gba= option can be used to request a Generalized Testing
Automaton, i.e., a Testing Automaton with Generalized Büchi
acceptance. In that case double-enclosures are not used anymore, and
Büchi accepting transitions are marked with the same ={Acc[x],Acc[y]}=
notation used in TGBA.
#+BEGIN_SRC sh :results verbatim :exports code
ltl2tgta --gta 'GFa & GFb'
#+END_SRC
#+RESULTS:
#+begin_example
digraph G {
0 [label="", style=invis, height=0]
0 -> 1
1 [label=init]
1 -> 2 [label="a & b\n"]
1 -> 3 [label="b & !a\n"]
1 -> 4 [label="a & !b\n"]
1 -> 5 [label="!b & !a\n"]
2 [label="1",shape=box]
2 -> 3 [label="{a}\n{Acc[b], Acc[a]}"]
2 -> 4 [label="{b}\n{Acc[b], Acc[a]}"]
2 -> 5 [label="{a, b}\n{Acc[b], Acc[a]}"]
3 [label="4"]
3 -> 2 [label="{a}\n{Acc[b]}"]
3 -> 4 [label="{a, b}\n{Acc[b]}"]
3 -> 5 [label="{b}\n{Acc[b]}"]
4 [label="2"]
4 -> 2 [label="{b}\n{Acc[a]}"]
4 -> 3 [label="{a, b}\n{Acc[a]}"]
4 -> 5 [label="{a}\n{Acc[a]}"]
5 [label="3"]
5 -> 2 [label="{a, b}\n"]
5 -> 3 [label="{b}\n"]
5 -> 4 [label="{a}\n"]
}
#+end_example
#+NAME: gfagfb-gta
#+BEGIN_SRC sh :results verbatim :exports none
ltl2tgta --gta 'GFa & GFb' | sed 's/\\/\\\\/'
#+END_SRC
#+RESULTS: gfagfb-gta
#+begin_example
digraph G {
0 [label="", style=invis, height=0]
0 -> 1
1 [label=init]
1 -> 2 [label="a & b\\n"]
1 -> 3 [label="b & !a\\n"]
1 -> 4 [label="a & !b\\n"]
1 -> 5 [label="!b & !a\\n"]
2 [label="1",shape=box]
2 -> 3 [label="{a}\\n{Acc[b], Acc[a]}"]
2 -> 4 [label="{b}\\n{Acc[b], Acc[a]}"]
2 -> 5 [label="{a, b}\\n{Acc[b], Acc[a]}"]
3 [label="4"]
3 -> 2 [label="{a}\\n{Acc[b]}"]
3 -> 4 [label="{a, b}\\n{Acc[b]}"]
3 -> 5 [label="{b}\\n{Acc[b]}"]
4 [label="2"]
4 -> 2 [label="{b}\\n{Acc[a]}"]
4 -> 3 [label="{a, b}\\n{Acc[a]}"]
4 -> 5 [label="{a}\\n{Acc[a]}"]
5 [label="3"]
5 -> 2 [label="{a, b}\\n"]
5 -> 3 [label="{b}\\n"]
5 -> 4 [label="{a}\\n"]
}
#+end_example
#+BEGIN_SRC dot :file gfagfb-gta.png :cmdline -Tpng :var txt=gfagfb-gta :exports results
$txt
#+END_SRC
#+RESULTS:
[[file:gfagfb-gta.png]]
The interpretation is similar to that of the TA. Execution that
stutter in a livelock-accepting (square) state are accepting as well
as execution that visit the =Acc[a]= and =Acc[b]= acceptance sets
infinitely often. Those acceptance sets are carried by transitions,
as in TGBAs.
Finally, the default is to output a Transition-based Generalized
Testing Automaton [fn:topnoc]. In TGTAs, the stuttering states are
made explicit with ={}= self-loops. Since these self-loop can be in
acceptance sets, livelock acceptance states are no longer needed.
#+BEGIN_SRC sh :results verbatim :exports code
ltl2tgta 'GFa & GFb'
#+END_SRC
#+RESULTS:
#+begin_example
digraph G {
0 [label="", style=invis, height=0]
0 -> 1
1 [label=init]
1 -> 2 [label="a & b\n"]
1 -> 3 [label="b & !a\n"]
1 -> 4 [label="a & !b\n"]
1 -> 5 [label="!b & !a\n"]
2 [label="3"]
2 -> 3 [label="{a}\n{Acc[b], Acc[a]}"]
2 -> 4 [label="{b}\n{Acc[b], Acc[a]}"]
2 -> 5 [label="{a, b}\n{Acc[b], Acc[a]}"]
2 -> 2 [label="{}\n{Acc[b], Acc[a]}"]
3 [label="4"]
3 -> 2 [label="{a}\n{Acc[b]}"]
3 -> 4 [label="{a, b}\n{Acc[b]}"]
3 -> 5 [label="{b}\n{Acc[b]}"]
3 -> 3 [label="{}\n"]
4 [label="2"]
4 -> 2 [label="{b}\n{Acc[a]}"]
4 -> 3 [label="{a, b}\n{Acc[a]}"]
4 -> 5 [label="{a}\n{Acc[a]}"]
4 -> 4 [label="{}\n"]
5 [label="1"]
5 -> 2 [label="{a, b}\n"]
5 -> 3 [label="{b}\n"]
5 -> 4 [label="{a}\n"]
5 -> 5 [label="{}\n"]
}
#+end_example
#+NAME: gfagfb-tgta
#+BEGIN_SRC sh :results verbatim :exports none
ltl2tgta 'GFa & GFb' | sed 's/\\/\\\\/'
#+END_SRC
#+RESULTS: gfagfb-tgta
#+begin_example
digraph G {
0 [label="", style=invis, height=0]
0 -> 1
1 [label=init]
1 -> 2 [label="a & b\\n"]
1 -> 3 [label="b & !a\\n"]
1 -> 4 [label="a & !b\\n"]
1 -> 5 [label="!b & !a\\n"]
2 [label="1"]
2 -> 3 [label="{a}\\n{Acc[b], Acc[a]}"]
2 -> 4 [label="{b}\\n{Acc[b], Acc[a]}"]
2 -> 5 [label="{a, b}\\n{Acc[b], Acc[a]}"]
2 -> 2 [label="{}\\n{Acc[b], Acc[a]}"]
3 [label="4"]
3 -> 2 [label="{a}\\n{Acc[b]}"]
3 -> 4 [label="{a, b}\\n{Acc[b]}"]
3 -> 5 [label="{b}\\n{Acc[b]}"]
3 -> 3 [label="{}\\n"]
4 [label="3"]
4 -> 2 [label="{b}\\n{Acc[a]}"]
4 -> 3 [label="{a, b}\\n{Acc[a]}"]
4 -> 5 [label="{a}\\n{Acc[a]}"]
4 -> 4 [label="{}\\n"]
5 [label="2"]
5 -> 2 [label="{a, b}\\n"]
5 -> 3 [label="{b}\\n"]
5 -> 4 [label="{a}\\n"]
5 -> 5 [label="{}\\n"]
}
#+end_example
#+BEGIN_SRC dot :file gfagfb-tgta.png :cmdline -Tpng :var txt=gfagfb-tgta :exports results
$txt
#+END_SRC
#+RESULTS:
[[file:gfagfb-tgta.png]]
[fn:topnoc]: This new class of automaton, as well as the
implementation of the previous testing automata classes, is part of
Ala Eddine BEN SALEM's PhD work, and should appear in a future edition
of ToPNoC (LNCS 7400).
# Local variables:
# eval: (setenv "PATH" (concat "../../src/bin" path-separator (getenv "PATH")))
# eval: (org-babel-do-load-languages 'org-babel-load-languages '((sh . t) (dot . t)))
# eval: (setq org-confirm-babel-evaluate nil)
# End:
# LocalWords: ltl tgta num toc Automata automata GraphViz UTF Gb na
# LocalWords: Geldenhuys tgba SRC init invis nb Acc augb sed png fn
# LocalWords: cmdline Tpng txt Büchi livelock gba gta GFa GFb TGTAs
# LocalWords: gfagfb topnoc Eddine SALEM's ToPNoC LNCS eval setenv
# LocalWords: concat getenv setq
#+TITLE: =ltlcross=
#+EMAIL spot@lrde.epita.fr
#+OPTIONS: H:2 num:nil toc:t
#+LINK_UP: file:tools.html
=ltlcross= is a tool for cross-comparing the output of LTL-to-Büchi
translators. It is actually a Spot-based clone of [[http://www.tcs.hut.fi/Software/lbtt/][LBTT]], the
/LTL-to-Büchi Translator Testbench/, that essentially performs the
same sanity checks.
The main motivations for rewriting this tool were:
- support for PSL formulas in addition to LTL
- more statistics (like counting the number of logical transitions
represented by each physical edge), output in a format that
can be more easily be post-processed,
- more precise time measurement (LBTT was only precise to
1/100 of a second, reporting most times as "0.00s").
Although =ltlcross= performs the same sanity checks as LBTT, it does
not implement any of the interactive features of LBTT. Essentially
=ltlcross= will report problems, but you will be on your own to
investigate and fix them.
The core of =ltlcross= is a loop that does the following steps:
- Input a formula
- Translate the formula and its negation using each configured translator.
If there are 3 translators, the positive and negative translations
will be denoted =P0=, =N0=, =P1=, =N1=, =P2=, =N2=.
- Build the products of these automata with a random state-space (the same
state-space for all translations).
- Perform sanity checks between all these automata to detect any problem.
- Gather statistics if requested.
* Formula selection
Formulas to translate should be specified using the [[file:ioltl.org][common input options]].
Standard input is read if no =-f= or =-F= option is given.
* Configuring translators
Each translator should be specified as a string that use some of the
following character sequences:
#+BEGIN_SRC sh :results verbatim :exports results
ltlcross --help | sed -n '/character sequences:/,/^$/p' | sed '1d;$d'
#+END_SRC
#+RESULTS:
: %f,%s,%l,%w the formula as a (quoted) string in Spot, Spin,
: LBT, or Wring's syntax
: %F,%S,%L,%W the formula as a file in Spot, Spin, LBT, or
: Wring's syntax
: %N,%T the output automaton as a Never claim, or in
: LBTT's format
For instance here is how we could cross-compare the never claims
output by =spin= and =ltl2tgba= for the formulas =GFa= and =X(a U b)=.