New in spot 1.99.4a (not yet released) Command-line tools: * autfilt has gained a --complement option. It currently works only for deterministic automata. * By default, autfilt does not simplify automata (this has not changed), as if the --low --any options were used. But now, if one of --small, --deterministic, or --any is given, the optimization level automatically defaults to --high (unless specified otherwise). For symmetry, if one of --low, --medium, or --high is given, then the translation intent defaults to --small (unless specified otherwise). * autfilt, dstar2tgba, ltlcross, and ltldo now trust the (supported) automaton properties declared in any HOA file they read. This can be disabled with option --trust-hoa=no. * ltlgrind FILENAME[/COL] is now the same as ltlgrind -F FILENAME[/COL] for consistency with ltlfilt. Library: * Rename dtgba_complement() to dtwa_complement(), rename the header as complement.hh, and restrict the purpose of this function to just complete the automaton and complement its acceptance condition. Any further acceptance condition transformation can be done with to_generalized_buchi() or remove_fin(). * The remove_fin() has learnt how to better deal with automata that are declared as weak. This code was previously in dtgba_complement(). * scc_filter_states() has learnt to remove useless acceptance marks that are on transitions between SCCs, while preserving state-based acceptance. The most visible effect is in the output of "ltl2tgba -s XXXa": it used to have 5 accepting states, it now has only one. (Changing removing acceptance of those 4 states has no effect on the language, but it speedup some algorithms like NDFS-based emptiness checks, as discussed in our Spin'15 paper.) * The HOA parser will diagnose any version that is not v1, unless it looks like a subversion of v1 and no parse error was detected. * The way to pass option to the automaton parser has been changed to make it easier to introduct new options. One such new option is "trust_hoa": when true (the default) supported properties declared in HOA files are trusted even if they cannot be easily be verified. * renamings: ltl_simplifier -> tl_simplifier tgba_statistics::transitions -> twa_statistics::edges tgba_sub_statistics::sub_transitions -> twa_sub_statistics::transitions tgba_run -> twa_run Python: * The minimum supported Python version is now 3.3. * Add bindings for complete() and dtwa_complement() * Formulas now have a custom __format__ function. See https://spot.lrde.epita.fr/tut01.html for examples. * The Debian package is now compiled for all Python3 versions supported by Debian, not just the default one. * Automata now have get_name()/set_name() methods. * spot.postprocess(aut, *options), or aut.postprocess(*options) simplify the use of the spot.postprocessor object. (Just like we have spot.translate() on top of spot.translator().) * spot.automata() and spot.automaton() now have additional optional arguments: - timeout: to restrict the runtime of commands that produce automata - trust_hoa: can be set to False to ignore HOA properties that cannot be easily verified - ignore_abort: can be set to False if you do not want to skip automata ended with --ABORT--. Bugs fixed: * Work around some weird exception raised when using the randltlgenerator under Python 3.5. * Recognize "nullptr" formulas as None in Python. * Fix compilation of bench/stutter/ * Handle saturation of formula reference counts. * Fix typo in the Python code for the CGI server. * "randaut -Q0 1" used to segfault. * "ltlgrind -F FILENAME/COL" did not preserve other CSV columns. * "ltlgrind --help" did not document FORMAT. * unabbreviate could easily use forbidden operators. * "autfilt --is-unambiguous" could fail to detect the nonambiguity of some automata with empty languages. * When parsing long tokens (e.g, state labels representing very large strings) the automaton parser could die with "input buffer overflow, can't enlarge buffer because scanner uses REJECT" New in spot 1.99.4 (2015-10-01) New features: * autfilt's --sat-minimize now takes a "colored" option to constrain all transitions (or states) in the output automaton to belong to exactly one acceptance sets. This is useful when targeting parity acceptance. * autfilt has a new --product-or option. This builds a synchronized product of two (completed of needed) automata in order to recognize the *sum* of their languages. This works by just using the disjunction of their acceptance conditions (with appropriate renumbering of the acceptance sets). For consistency, the --product option (that builds a synchronized product that recognizes the *intersection* of the languages) now also has a --product-and alias. * the parser for ltl2dstar's format has been merged with the parser for the other automata formats. This implies two things: - autfilt and dstar2tgba (despite its name) can now both read automata written in any of the four supported syntaxes (ltl2dstar's, lbtt's, HOA, never claim). - "dstar2tgba some files..." now behaves exactly like "autfilt --tgba --high --small some files...". (But dstar2tgba does not offer all the filtering and transformations options of autfilt.) Major code changes and reorganization: * The class hierarchy for temporal formulas has been entirely rewritten. This change is actually quite massive (~13200 lines removed, ~8200 lines added), and brings some nice benefits: - LTL/PSL formulas are now represented by lightweight formula objects (instead of pointers to children of an abstract formula class) that perform reference counting automatically. - There is no hierachy anymore: all operators are represented by a single type of node in the syntax tree, and an enumerator is used to distinguish between operators. - Visitors have been replaced by member functions such as map() or traverse(), that take a function (usually written as a lambda function) and apply it to the nodes of the tree. - As a consequence, writing algorithms that manipulate formula is more friendly, and several algorithms that spanned a few pages have been reduced to a few lines. The page https://spot.lrde.epita.fr/tut03.html illustrates the new interface, in both C++ and Python. * Directories ltlast/, ltlenv/, and ltlvisit/, have been merged into a single tl/ directory (for temporal logic). This is motivated by the fact that these formulas are not restricted to LTL, and by the fact that we no longuer use the "visitor" pattern. * The LTL/PSL parser is now declared in tl/parse.hh (instead of ltlparse/public.hh). * The spot::ltl namespace has been merged with the spot namespace. * The dupexp_dfs() function has been renamed to copy(), and has learned to preserve named states if required. * Atomic propositions can be declared without going through an environment using the spot::formula::ap() static function. They can be registered for an automaton directly using the spot::twa::register_ap() method. The vector of atomic propositions used by an automaton can now be retrieved using the spot::twa::ap() method. New in spot 1.99.3 (2015-08-26) * The CGI script for LTL translation offers a HOA download link for each generated automaton. * The html documentation now includes a HTML copies of the man pages, and HTML copies of the Python notebooks. * scc_filter(aut, true) does not remove Fin marks from rejecting SCCs, but it now does remove Fin marks from transitions between SCCs. * All the unabbreviation functions (unabbreviate_ltl(), unabbreviate_logic(), unabbreviate_wm()) have been merged into a single unabbreviate() function that takes a string representing the list of operators to remove among "eFGiMRW^" where 'e', 'i', and '^' stand respectively for <->, ->, and xor. This feature is also available via ltlfilt --unabbreviate. * In LTL formulas, atomic propositions specified using double-quotes can now include \" and \\. (This is more consistent with the HOA format, which already allows that.) * All the conversion routines that were written specifically for ltl2dstar's output format (DRA->BA & DRA->TGBA) have been ported to the new TωA structure supporting the HOA format. The DRA->TGBA conversion was reimplemented in the previous release, and the DRA->BA conversion has been reimplemented in this release (but it is still restricted to state-based acceptance). All these conversions are called automatically by to_generalized_buchi() or remove_fin() so there should be no need to call them directly. As a consequence: - "autfilt --remove-fin" or "autfilt -B" is better at converting state-based Rabin automata: it will produce a DBA if the input is deterministic and DBA-realizable, but will preserve as much determinism as possible otherwise. - a lot of obsolete code that was here only to support the old conversion routines has been removed. (The number of lines removed by this release is twice the number of lines added.) - ltlcross now uses automata in ltl2dstar's format directly, without converting them to Büchi (this makes the statistics reported in CSV files more relevant). - ltlcross no longer outputs additional columns about the size of the input automaton in the case ltl2dstar's format is used. - ltldo uses results in ltl2dstar's format directly, without converting them to Büchi. - dstar2tgba has been greatly simplified and now uses the same output routines as all the other tools that output automata. This implies a few minor semantic changes, for instance --stats=%A used to output the number of acceptance *pairs* in the input automaton, while it now outputs the number of acceptance sets like in all the other tools. * Bugs fixed - Some acceptance conditions like Fin(0)|Fin(1)|Fin(2)&Inf(3) were not detected as generalized-Rabin. - Unknown arguments for print_hoa() (i.e., option -H in command-line tools) are now diagnosed. - The CGI script for LTL translation now forces transition-based acceptance on WDBA-minimized automata when TGBA is requested. - ltlgrind --help output had some options documented twice, or in the wrong place. - The man page for ltlcross had obsolete examples. - When outputting atomic propositions in double quotes, the escaping routine used by the two styles of LaTeX output was slightly wrong. For instance ^ was incorrectly escaped, and the double quotes where not always properly rendered. - A spurious assertion was triggered by streett_to_generalized_buchi(), but only when compiled in DEBUG mode. - LTL formula rewritten in Spin's syntax no longer have their -> and <-> rewritten away. - Fix some warnings reported by the development version of GCC 6. - The spot.translate() function of the Python binding had a typo preventing the use of 'low'/'medium'/'high' as argument. - Fix spurious failure of uniq.test under different locales. - ltlcross now recovers from out-of-memory errors during state-space products. - bitvect.test was failing on 32bit architectures with assertions enabled because of a bug in the test case. New in spot 1.99.2 (2015-07-18) * The scc_info object, used to build a map of SCCs while gathering additional information, has been simplified and speed up. One test case where ltlcross would take more than 13min (to check the translation of one PSL formula) now takes only 75s. * streett_to_generalized_buchi() is a new function that implements what its name suggests, with some SCC-based optimizations over the naive definition. It is used by the to_generalized_buchi() and remove_fin() functions when the input automaton is a Streett automaton with more than 3 pairs (this threeshold can be changed via the SPOT_STREETT_CONV_MIN environment variable -- see the spot-x(7) man page for details). This is mainly useful to ltlcross, which has to get rid of "Fin" acceptance to perform its checks. As an example, the Streett automaton generatated by ltl2dstar (configured with ltl2tgba) for the formula !((GFa -> GFb) & (GFc -> GFd)) has 4307 states and 14 acceptance sets. The new algorithm can translate it into a TGBA with 9754 states and 7 acceptance sets, while the default approch used for converting any acceptance to TGBA would produce 250967 states and 7 acceptance sets. * Bugs fixed: - p[+][:*2] was not detected as belonging to siPSL. - scc_filter() would incorrectly remove Fin marks from rejecting SCCs. - the libspotltsmin library is installed. - ltlcross and ltldo did not properly quote atomic propositions and temporary file names containing a single-quote. - a missing Python.h is now diagnosed at ./configure time, with the suggestion to either install python3-devel, or run ./configure --disable-python. - Debian packages for libraries have been split from the main Spot package, as per Debian guidelines. New in spot 1.99.1 (2015-06-23) * Major changes motivating the jump in version number - Spot now works with automata that can represent more than generalized Büchi acceptance. Older versions were built around the concept of TGBA (Transition-based Generalized Büchi Automata) while this version now deals with what we call TωA (Transition-based ω-Automata). TωA support arbitrary acceptance conditions specified as a Boolean formula of transition sets that must be visited infinitely often or finitely often. This genericity allows for instance to represent Rabin or Streett automata, as well as some generalized variants of those. - Spot has near complete support for the Hanoi Omega Automata format. http://adl.github.io/hoaf/ This formats supports automata with the generic acceptance condition described above, and has been implemented in a number of third-party tools (see http://adl.github.io/hoaf/support.html) to ease their interactions. The only part of the format not yet implemented in Spot is the support for alternating automata. - Spot is now compiling in C++11 mode. The set of C++11 features we use requires GCC >= 4.8 or Clang >= 3.5. Although GCC 4.8 is more than 2-year old, people with older installations won't be able to install this version of Spot. - As a consequence of the switches to C++11 and to TωA, a lot of the existing C++ interfaces have been renamed, and sometime reworked. This makes this version of Spot not backward compatible with Spot 1.2.x. See below for the most important API changes. Furtheremore, the reason this release is not called Spot 2.0 is that we have more of those changes planned. - Support for Python 2 was dropped. We now support only Python 3.2 or later. The Python bindings have been improved a lot, and include some conveniance functions for better integration with IPython's rich display system. User familiar with IPython's notebook should have a look at the notebook files in wrap/python/tests/*.ipynb * Major news for the command-line tools - The set of tools installed by spot now consists in the following 11 commands. Those marked with a '+' are new in this release. - randltl Generate random LTL/PSL formulas. - ltlfilt Filter and convert LTL/PSL formulas. - genltl Generate LTL formulas from scalable patterns. - ltl2tgba Translate LTL/PSL formulas into Büchi automata. - ltl2tgta Translate LTL/PSL formulas into Testing automata. - ltlcross Cross-compare LTL/PSL-to-Büchi translators. + ltlgrind Mutate LTL/PSL formula. - dstar2tgba Convert deterministic Rabin or Streett automata into Büchi. + randaut Generate random automata. + autfilt Filter and convert automata. + ltldo Run LTL/PSL formulas through other tools. randaut does not need any presentation: it does what you expect. ltlgrind is a new tool that mutates LTL or PSL formulas. If you have a tool that is bogus on some formula that is too large to debug, you can use ltlgrind to generate smaller derived formulas and see if you can reproduce the bug on those. autfilt is a new tool that processes a stream of automata. It allows format conversion, filtering automata based on some properties, and general transformations (e.g., change of acceptance conditions, removal of useless states, product between automata, etc.). ltldo is a new tool that runs LTL/PSL formulas through other tools, but uses Spot's command-line interfaces for specifying input and output. This makes it easier to use third-party tool in a pipe, and it also takes care of some necessary format conversion. - ltl2tgba has a new option, -U, to produce unambiguous automata. In unambiguous automata any word is recognized by at most one accepting run, but there might be several ways to reject a word. This works for LTL and PSL formulas. - ltl2tgba has a new option, -S, to produce generalized-Büchi automata with state-based acceptance. Those are obtained by converting some transition-based GBA into a state-based GBA, so they are usually not as small as one would wish. The same option -S is also supported by autfilt. - ltlcross will work with translator producing automata with any acceptance condition, provided the output is in the HOA format. So it can effectively be used to validate tools producing Rabin or Streett automata. - ltlcross has several new options: --grind attempts to reduce the size of any bogus formula it discovers, while still exhibiting the bug. --ignore-execution-failures ignores cases where a translator exits with a non-zero status. --automata save the produced automata into the CSV or JSON file. Those automata are saved using the HOA format. ltlcross will also output two extra columns in its CSV/JSON output: "ambiguous_aut" and "complete_aut" are Boolean that respectively tells whether the automaton is ambiguous and complete. - "ltlfilt --stutter-invariant" will now work with PSL formulas. The implementation is actually much more efficient than our previous implementation that was only for LTL. - ltlfilt's old -q/--quiet option has been renamed to --ignore-errors. The new -q/--quiet semantic is the same as in grep (and also autfilt): disable all normal input, for situtations where only the exit status matters. - ltlfilt's old -n/--negate option can only be used as --negate now. The short '-n NUM' option is now the same as the new --max-count=N option, for consistency with other tools. - ltlfilt has a new --count option to count the number of matching automata. - ltlfilt has a new --exclusive-ap option to constrain formulas based on a list of mutually exclusive atomic propositions. - ltlfilt has a new option --define to be used in conjunction with --relabel or --relabel-bool to print the mapping between old and new labels. - all tools that produce formulas or automata now have an --output (a.k.a. -o) option to redirect that output to a file instead of standard output. The name of this file can be constructed using the same %-escape sequences that are available for --stats or --format. - all tools that output formulas have a -0 option to separate formulas with \0. This helps in conjunction with xargs -0. - all tools that output automata have a --check option that request extra checks to be performed on the output to fill in properties values for the HOA format. This options implies -H for HOA output. For instance ltl2tgba -H 'formula' will declare the output automaton as 'stutter-invariant' only if the formula is syntactically stutter-invariant (e.g., in LTL\X). With ltl2tgba --check 'formula' additional checks will be performed, and the automaton will be accurately marked as either 'stutter-invariant' or 'stutter-sensitive'. Another check performed by --check is testing whether the automaton is unambiguous. - ltlcross (and ltldo) have a list of hard-coded shorthands for some existing tools. So for instance running 'ltlcross spin ...' is the same as running 'ltlcross "spin -f %s>%N" ...'. This feature is much more useful for ltldo. - For options that take an output filename (i.e., ltlcross's --save-bogus, --grind, --csv, --json) you can force the file to be opened in append mode (instead of being truncated) by by prefixing the filename with ">>". For instance --save-bogus=">>bugs.ltl" will append to the end of the file. * Other noteworthy news - The web site moved to http://spot.lrde.epita.fr/. - We now have Debian packages. See http://spot.lrde.epita.fr/install.html - The documentation now includes some simple code examples for both Python and C++. (This is still a work in progress.) - The curstomized version of BuDDy (libbdd) used by Spot has be renamed as (libbddx) to avoid issues with copies of BuDDy already installed on the system. - There is a parser for the HOA format (http://adl.github.io/hoaf/) available as a spot::automaton_stream_parser object or spot::parse_aut() function. The former version is able to parse a stream of automata in order to do batch processing. This format can be output by all tools (since Spot 1.2.5) using the --hoa option, and it can be read by autfilt (by default) and ltlcross (using the %H specifier). The current implementation does not support alternation. Multiple initial states are converted into an extra initial state; complemented acceptance sets Inf(!x) are converted to Inf(x); explicit or implicit labels can be used; aliases are supported; "--ABORT--" can be used in a stream. - The above HOA parser can also parse never claims, and LBTT automata, so the never claim parser and the LBTT parser have been removed. This implies that autfilt can input a mix of HOA, never claims, and LBTT automata. ltlcross also use the same parser for all these output, and the old %T and %N specifiers have been deprecated and replaced by %O (for output). - While not all algorithms in the library are able to work with any acceptance condition supported by the HOA format, the following two new functions mitigate that: - remove_fin() takes a TωA whose accepting condition uses Fin(x) primitive, and produces an equivalent TωA without Fin(x): i.e., the output acceptance is a disjunction of generalized Büchi acceptance. This type of acceptance is supported by SCC-based emptiness-check, for instance. - similarly, to_tgba() converts any TωA into an automaton with generalized-Büchi acceptance. - randomize() is a new algorithm that randomly reorders the states and transitions of an automaton. It can be used from the command-line using "autfilt --randomize". - the interface in iface/dve2 has been renamed to iface/ltsmin because it can now interface the dynamic libraries created either by Divine (as patched by the LTSmin group) or by Spins (the LTSmin compiler for Promela). - LTL/PSL formulas can include /* comments */. - PSL SEREs support a new operator [:*i..j], the iterated fusion. [:*i..j] is to the fusion operator ':' what [*i..j] is to the concatenation operator ';'. For instance (a*;b)[:*3] is the same as (a*;b):(a*;b):(a*;b). The operator [:+], is syntactic sugar for [:*1..], and corresponds to the operator ⊕ introduced by Dax et al. (ATVA'09). - GraphViz output now uses an horizontal layout by default, and also use circular states (unless the automaton has more than 100 states, or uses named-states). The --dot option of the various command-line tools takes an optional parameter to fine-tune the GraphViz output (including vertical layout, forced circular or elliptic states, named automata, SCC information, ordered transitions, and different ways to colorize the acceptance sets). The environment variables SPOT_DOTDEFAULT and SPOT_DOTEXTRA can also be used to respectively provide a default argument to --dot, and add extra attributes to the output graph. - Never claims can now be output in the style used by Spin since version 6.2.4 (i.e., using do..od instead of if..fi, and with atomic statements for terminal acceptance). The default output is still the old one for compatibility with existing tools. The new style can be requested from command-line tools using option --spin=6 (or -s6 for short). - Support for building unambiguous automata. ltl_to_tgba() has a new options to produce unambiguous TGBA (used by ltl2tgba -U as discussed above). The function is_unambiguous() will check whether an automaton is unambigous, and this is used by autfilt --is-unmabiguous. - The SAT-based minimization algorithm for deterministic automata has been updated to work with ω-Automaton with any acceptance. The input and the output acceptance can be different, so for instance it is possible to create a minimal deterministic Streett automaton starting from a deterministic Rabin automaton. This functionnality is available via autfilt's --sat-minimize option. See doc/userdoc/satmin.html for details. - The on-line interface at http://spot.lrde.epita.fr/trans.html can be used to check stutter-invariance of any LTL/PSL formula. - The on-line interface will work around atomic propositions not supported by ltl3ba. (E.g. you can now translate F(A) or G("foo < bar").) * Noteworthy code changes - Boost is not used anymore. - Automata are now manipulated exclusively via shared pointers. - Most of what was called tgba_something is now called twa_something, unless it is really meant to work only for TGBA. This includes functions, classes, file, and directory names. For instance the class tgba originally defined in tgba/tgba.hh, has been replaced by the class twa defined in twa/twa.hh. - the tgba_explicit class has been completely replaced by a more efficient twa_graph class. Many of the algorithms that were written against the abstract tgba (now twa) interface have been rewritten using twa_graph instances as input and output, making the code a lot simpler. - The tgba_succ_iterator (now twa_succ_iterator) interface has changed. Methods next(), and first() should now return a bool indicating whether the current iteration is valid. - The twa base class has a new method, release_iter(), that can be called to give a used iterator back to its automaton. This iterator is then stored in a protected member, iter_cache_, and all implementations of succ_iter() can be updated to recycle iter_cache_ (if available) instead of allocating a new iterator. - The tgba (now called twa) base class has a new method, succ(), to support C++11' range-based for loop, and hide all the above change. Instead of the following syntax: tgba_succ_iterator* i = aut->succ_iter(s); for (i->first(); !i->done(); i->next()) { // use i->current_state() // i->current_condition() // i->current_acceptance_conditions() } delete i; We now prefer: for (auto i: aut->succ(s)) { // use i->current_state() // i->current_condition() // i->current_acceptance_conditions() } And the above syntax is really just syntactic suggar for twa_succ_iterator* i = aut->succ_iter(s); if (i->first()) do { // use i->current_state() // i->current_condition() // i->current_acceptance_conditions() } while (i->next()); aut->release_iter(i); // allow the automaton to recycle the iterator Where the virtual calls to done() and delete have been avoided. - twa::succ_iter() now takes only one argument. The optional global_state and global_automaton arguments have been removed. - The following methods have been removed from the TGBA interface and all their subclasses: - tgba::support_variables() - tgba::compute_support_variables() - tgba::all_acceptance_conditions() // use acc().accepting(...) - tgba::neg_acceptance_conditions() - tgba::number_of_acceptance_conditions() // use acc().num_sets() - Membership to acceptance sets are now stored using bit sets, currently limited to 32 bits. Each TωA has a acc() method that returns a reference to an acceptance object (of type spot::acc_cond), able to operate on acceptance marks (spot::acc_cond::mark_t). Instead of writing code like i->current_acceptance_conditions() == aut->all_acceptance_conditions() we now write aut->acc().accepting(i->current_acceptance_conditions()) (Note that for accepting(x) to return something meaningful, x should be a set of acceptance sets visitied infinitely often. So let's imagine that in the above example i is looking at a self-loop.) Similarly, aut->number_of_acceptance_conditions() is now aut->acc().num_sets() - All functions used for printing LTL/PSL formulas or automata have been renamed to print_something(). Likewise the various parsers should be called parse_something() (they haven't yet all been renamed). - All test suites under src/ have been merged into a single one in src/tests/. The testing tool that was called src/tgbatest/ltl2tgba has been renamed as src/tests/ikwiad (short for "I Know What I Am Doing") so that users should be less tempted to use it instead of src/bin/ltl2tgba. * Removed features - The long unused interface to GreatSPN (or rather, interface to a non-public, customized version of GreatSPN) has been removed. As a consequence, we could get rid of many cruft in the implementation of Couvreur's FM'99 emptiness check. - Support for symbolic, BDD-encoded TGBAs has been removed. This includes the tgba_bdd_concrete class and associated supporting classes, as well as the ltl_to_tgba_lacim() LTL translation algorithm. Historically, this TGBA implementation and LTL translation were the first to be implemented in Spot (by mistake!) and this resulted in many bad design decisions. In practice they were of no use as we only work with explicit automata (i.e. not symbolic) in Spot, and those produced by these techniques are simply too big. - All support for ELTL, i.e., LTL logic extended with operators represented by automata has been removed. It was never used in practice because it had no practical user interface, and the translation was a purely-based BDD encoding producing huge automata (when viewed explictely), using the above and non longuer supported tgba_bdd_concrete class. - Our implementation of the Kupferman-Vardi complementation has been removed: it was unused in practice beause of the size of the automata built, and it did not survive the conversion of acceptance sets from BDDs to bitsets. - The unused implementation of state-based alternating Büchi automata has been removed. - Input and output in the old, Spot-specific, text format for TGBA, has been fully removed. We now use HOA everywhere. (In case you have a file in this format, install Spot 1.2.6 and use "src/tgbatest/ltl2tgba -H -X file" to convert the file to HOA.) New in spot 1.2.6 (2014-12-06) * New features: - ltlcross --verbose is a new option to see what is being done * Bug fixes: - Remove one incorrect simplification rule for PSL discovered via checks on random formulaes. (The bug was very unlikely to trigger on non-random formulas, because it requires a SERE with an entire subexpression that is unsatisfiable.) - When the automaton resulting from the translation of a positive formula is deterministic, ltlcross will compute its complement to perform additional checks against other translations of the positive formula. The same procedure should be performed with automata obtained from negated formulas, but because of a typo this was not the case. - the neverclaim parser will now diagnose redefinitions of state labels. - the acceptance specification in the HOA format output have been adjusted to match recent changes in the format specifications. - atomic propositions are correctly escaped in the HOA output. - the build rules for documentation have been made compatible with version 8.0 of Org-mode. (This was only a problem if you build from the git repository, or if you want to edit the documentation.) - recent to changes to libstd++ (as shipped by g++ 4.9.2) have demonstrated that the order of transitions output by the LTL->TGBA translation used to be dependent on the implementation of the STL. This is now fixed. - some developpement version of libstd++ had a bug (PR 63698) in the assignment of std::set, and that was triggered in two places in Spot. The workaround (not assigning sets) is actually more efficient, so we can consider it as a bug fix, even though libstd++ has also been fixed. - all parsers would report wrong line numbers while processing files with DOS style newlines. - add support for SWIG 3.0. New in spot 1.2.5 (2014-08-21) * New features: - The online ltl2tgba translator will automatically attempt to parse a formula using LBT's syntax if it cannot parse it using the normal infix syntax. It also has an option to display formulas using LBT's syntax. - ltl2tgba and dstar2tgba have a new experimental option --hoaf to output automata in the Hanoï Omega Automaton Format whose current draft is at http://adl.github.io/hoaf/ The corresponding C++ function is spot::hoaf_reachable() in tgbaalgos/hoaf.hh. - 'randltl 4' is now a shorthand for 'randltl p0 p1 p2 p3'. - ltlcross has a new option --save-bogus=FILENAME to save any formula for which a problem (other than timeout) was detected during translation or using the resulting automatas. * Documentation: - The man page for ltl2tgba has some new notes and references about TGBA and about monitors. * Bug fixes: - Fix incorrect simplification of promises in the translation of the M operator (you may suffer from the bug even if you do not use this operator as some LTL patterns are automatically reduced to it). - Fix simplification of bounded repetition in SERE formulas. - Fix incorrect translation of PSL formulas of the form !{f} where f is unsatisifable. A similar bug was fixed for {f} in Spot 1.1.4, but for some reason it was not fixed for !{f}. - Fix parsing of neverclaims produced by Modella. - Fix a memory leak in the little-used conversion from transition-based alternating automata to tgba. - Fix a harmless uninitialized read in BuDDy. - When writing to the terminal, ltlcross used to display each formula in bright white, to make them stand out. It turns out this was actually hiding the formulas for people using a terminal with white background... This version displays formula in bright blue instead. - 'randltl -n -1 --seed 0' and 'randltl -n -1 --seed 1' used to generate nearly the same list of formulas, shifted by one, because the PRNG write reset with an incremented seed between each output formula. The PRNG is now reset only once. New in spot 1.2.4 (2014-05-15) * New features: - "-B -x degen-lskip" can be used to disable level-skipping in the degeralization procedure called by ltl2tgba and dstar2tgba. This is mostly meant for running experiments. - "-B -x degen-lcache=N" can be used to experiment with different type of level caching during degeneralization. * Bug fixes: - Change the Python bindings to make them compatible with Swig 3.0. - "ltl2tgta --ta" could crash in certain conditions due to the introduction of a simulation-based reduction after degeneralization. - Fix four incorrect formula-simplification rules, three were related to the factorization of Boolean subformulas in operands of the non-length-matching "&" SERE operator, and a fourth one could only be enabled by explicitely passing the favor_event_univ option to the simplifier (not the default). - Fix incorrect translation of the fusion operator (":") in SERE such as {xx;1}:yy[*] where the left operand has 1 as tail. New in spot 1.2.3 (2014-02-11) * New features: - The SPOT_SATLOG environment variable can be set to a filename to obtain statistics about the different iterations of the SAT-based minimization. For an example, see http://spot.lrde.epita.fr/satmin.html - The bench/dtgbasat/ benchmark has been updated to use SPOT_SATLOG and record more statistics. - The default value for the SPOT_SATSOLVER environment variable has been changed to "glucose -verb=0 -model %I >%O". This assumes that glucose 3.0 is installed. For older versions of glucose, remove the "-model" option. * Bug fixes: - More fixes for Python 3 compatibility. - Fix calculation of length_boolone(), were 'Xa|b|c' was considered as length 6 instead of 4 (because it is 'Xa|(b|a)' were (b|a) is Boolean). - Fix Clang-3.5 warnings. - randltl -S did not honor --boolean-priorities. - randltl had trouble generating formulas when all unary, or all binary/n-ary operators were disabled. - Fix spurious testsuite failure when using Pandas 0.13. - Add the time spent in child processes when measuring time with the timer class. - Fix determinism of the SAT-based minimization encoding. (It would sometimes produce different equivalent automata, because of a different encoding order.) - If the SAT-based minimization is asked for a 10-state automaton and returns a 6-state automaton, do not ask for a 9-state automaton in the next iteration... - Fix some compilation issue with the version of Apple's Clang that is installed with MacOS X 10.9. - Fix VPATH builds when building from the git repository. - Fix UP links in the html documentation for command-line tools. New in spot 1.2.2 (2014-01-24) * Bug fixes: - Fix compilation *and* behavior of bitvectors on 32-bit architectures. - Fix some compilation errors observed using the antique G++ 4.0.1. - Fix compatibility with Python 3 in the test suite. - Fix a couple of new clang warnings (like "unused private member"). - Add some missing #includes that are not included indirectly when the C++ compiler is in C++11 mode. - Fix detection of numbers that are too large in the ELTL parser. - Fix a memory leak in the ELTL parser, and avoid some unnecessary calls to strlen() at the same time. New in spot 1.2.1 (2013-12-11) * New features: - commands for translators specified to ltlcross can now be given "short names" to be used in the CSV or JSON output. For instance ltlcross '{small} ltl2tgba -s --small %f >%N' ... will run the command "ltl2tgba -s --small %f >%N", but only print "small" in output files. - ltlcross' CSV and JSON output now contains two additional columns: exit_status and exit_code, used to report failures of the translator. If the translation failed, only the time is reported, and the rest of the statistics, which are missing, area left empty (in CVS) or null (in JSON). A new option, --omit-missing can be used to remove lines for failed translations, and remove these two columns. - if ltlcross is used with --products=+5 instead of --products=5 then the stastics for each of the five products will be output separately instead of being averaged. - if ltlcross is used with tools that produce deterministic Streett or Rabin automata (as specified with %D), then the statistics output in CSV or JSON will have some extra columns to report the size of these input automata before ltlcross converts them into TGBA to perform its regular checks. - ltlfilt, ltl2tgba, ltl2tgta, and ltlcross can now read formulas from CSV files. Use option -F FILE/COL to read formulas from column COL of FILE. Use -F FILE/-COL if the first line of FILE be ignored. - when ltlfilt processes formulas from a CSV file, it will output each CSV line whose formula matches the given constraints, with the rewriten formula. The new escape sequence %< (text in columns before the formula) and %> (text after) can be used with the --format option to alter this output. - ltlfile, genltl, randltl, and ltl2tgba have a --csv-escape option to help escape formulas in CSV files. - Please check http://spot.lrde.epita.fr/csv.html for some discussion and examples of the last few features. * Bug fixes: - ltlcross' CSV output has been changed to be more RFC 4180 compliant: it no longuer output useless cosmetic spaces, and use double-quotes with proper escaping for strings. The only RFC 4180 rule that it does not follow is that it will terminate lines with \n instead of \r\n because the latter cause issues with a couple of tools. - ltlcross failed to report missing input or output escape sequences on all but the first configured translator. New in spot 1.2 (2013-10-01) * Changes to command-line tools: - ltlcross has a new option --color to color its output. It is enabled by default when the output is a terminal. - ltlcross will give an example of infinite word accepted by the two automata when the product between a positive automaton and a negative automaton is non-empty. - ltlcross can now read the Rabin and Streett automata output by ltl2dstar. This type of output should be specified using '%D': ltlcross 'ltl2dstar --ltl2nba=spin:path/to/ltl2tgba@-s %L %D' However because Spot only supports Büchi acceptance, these Rabin and Streett automata are immediately converted to TGBAs before further processing by ltlcross. This is still interesting to search for bugs in translators to Rabin or Streett automata, but the statistics (of the resulting TGBAs) might not be very relevant. - When ltlcross obtains a deterministic automaton from a translator it will now complement this automaton to perform additional intersection checks. This is complementation is done only for deterministic automata (because that is cheap) and can be disabled with --no-complement. - To help with debugging problems detected by ltlcross, the environment variables SPOT_TMPDIR and SPOT_TMPKEEP control where temporary files are created and if they should be erased. Read the man page of ltlcross for details. - There is a new command, named dstar2tgba, that converts a deterministic Rabin or Streett automaton (expressed in the output format of ltl2dstar) into a TGBA, BA or Monitor. In the case of Rabin acceptance, the conversion will output a deterministic Büchi automaton if one such automaton exist. Even if no such automaton exists, the conversion will actually preserves the determinism of any SCC that can be kept deterministic. In the case of Streett acceptance, the conversion produces non-deterministic Büchi automata with Generalized acceptance. These are then degeneralized if requested. See http://spot.lrde.epita.fr/dstar2tgba.html for some examples, and the man page for more reference. - The %S escape sequence used by ltl2tgba --stats to display the number of SCCs in the output automaton has been renamed to %c. This makes it more homogeneous with the --stats option of the new dstar2tgba command. Additionally, the %p escape can now be used to show whether the output automaton is complete, and the %r escape will give the number of seconds spent building the output automaton (excluding the time spent parsing the input). - ltl2tgba, ltl2tgta, and dstar2tgba have a --complete option to output complete automata. - ltl2tgba, ltl2tgta, and dstar2tgba can use a SAT-solver to minimize deterministic automata. Doing so is only needed on properties that are stronger than obligations (for obligations our WDBA-minimization procedure will return a minimimal deterministic automaton more efficiently) and is disabled by default. See the spot-x(7) man page for documentation about the related options: sat-minimize, sat-states, sat-acc, state-based. See also http://spot.lrde.epita.fr/satmin.html for some examples. - ltlfilt, genltl, and randltl now have a --latex option to output formulas in a way that its easier to embed in a LaTeX document. Each operator is output as a command such as \U, \F, etc. doc/tl/spotltl.sty gives one possible definition for each macro. - ltlfilt, genltl, and randltl have a new --format option to indicate how to present the output formula, possibly with information about the input. - ltlfilt as a new option, --relabel-bool, to abstract independent Boolean subformulae as if they were atomic propositions. For instance "a & GF(c | d) & b & X(c | d)" would be rewritten as "p0 & GF(p1) & Xp1". * New functions and classes in the library: - dtba_sat_synthetize(): Use a SAT-solver to build an equivalent deterministic TBA with a fixed number of states. - dtba_sat_minimize(), dtba_sat_minimize_dichotomy(): Iterate dtba_sat_synthetize() to reduce the number of states of a TBA. - dtgba_sat_synthetize(), dtgba_sat_minimize(), dtgba_sat_minimize_dichotomy(): Likewise, for deterministic TGBA. - is_complete(): Check whether a TGBA is complete. - tgba_complete(): Complete an automaton by adding a sink state if needed. - dtgba_complement(): Complement a deterministic TGBA. - satsolver(): Run an (external) SAT solver, honoring the SPOT_SATSOLVER environment variable if set. - tba_determinize(): Run a power-set construction, and attempt to fix the acceptance simulation to build a deterministic TBA. - dstar_parse(): Read a Streett or Rabin automaton in ltl2dstar's format. Note that this format allows only deterministic automata. - nra_to_nba(): Convert a (possibly non-deterministic) Rabin automaton to a non-deterministic Büchi automaton. - dra_to_ba(): Convert a deterministic Rabin automaton to a Büchi automaton, preserving acceptance in all SCCs where this is possible. - nsa_to_tgba(): Convert a (possibly non-deterministic) Streett automaton to a non-deterministic TGBA. - dstar_to_tgba(): Convert any automaton returned by dstar_parse() into a TGBA. - build_tgba_mask_keep(): Build a masked TGBA that shows only a subset of states of another TGBA. - build_tgba_mask_ignore(): Build a masked TGBA that ignore a subset of states of another TGBA. - class tgba_proxy: Helps writing on-the-fly algorithms that delegate most of their methods to the original automaton. - class bitvect: A dynamic bit vector implementation. - class word: An infinite word, stored as prefix + cycle, with a simplify() methods to simplify cycle and prefix in obvious ways. - class temporary_file: A temporary file. Can be instanciated with create_tmp_file() or create_open_tmpfile(). - count_state(): Return the number of states of a TGBA. Implement a couple of specializations for classes where is can be know without exploration. - to_latex_string(): Output a formula using LaTeX syntax. - relabel_bse(): Relabeling of Boolean Sub-Expressions. Implements ltlfilt's --relabel-bool option describe above. * Noteworthy internal changes: - When minimize_obligation() is not given the formula associated to the input automaton, but that automaton is deterministic, it can still attempt to call minimize_wdba() and check the correcteness using dtgba_complement(). This allows dstar2tgba to apply WDBA-minimization on deterministic Rabin automata. - tgba_reachable_iterator_depth_first has been redesigned to effectively perform a DFS. As a consequence, it does not inherit from tgba_reachable_iterator anymore. - postproc::set_pref() was used to accept an argument among Any, Small or Deterministic. These can now be combined with Complete as Any|Complete, Small|Complete, or Deterministic|Complete. - operands of n-ary operators (like & and |) are now ordered so that Boolean terms come first. This speeds up syntactic implication checks slightly. Also, literals are now sorted using strverscmp(), so that p5 comes before p12. - Syntactic implication checks have been generalized slightly (for instance 'a & b & F(a & b)' is now reduced to 'a & b' while it was not changed in previous versions). - All the parsers implemented in Spot now use the same type to store locations. - Cleanup of exported symbols All symbols in the library now have hidden visibility on ELF systems. Public classes and functions have been marked explicitely for export with the SPOT_API macro. During this massive update, some of functions that should not have been made public in the first place have been moved away so that they can only be used from the library. Some old of unused functions have been removed. removed: - class loopless_modular_mixed_radix_gray_code hidden: - class acc_compl - class acceptance_convertor - class bdd_allocator - class free_list * Bug fixes: - Degeneralization was not indempotant on automata with an accepting initial state that was on a cycle, but without self-loop. - Configuring with --enable-optimization would reset the value of CXXFLAGS. New in spot 1.1.4 (2013-07-29) * Bug fixes: - The parser for neverclaim, updated in 1.1.3, would fail to parse guards of the form (a) || (b) output by ltl2ba or ltl3ba, and would only understand ((a) || (b)). - When used from ltlcross, the same parser would fail to parse further neverclaims after the first failure. - Add a missing newline in some error message of ltlcross. - Expressions like {SERE} were wrongly translated and simplified for SEREs that accept the empty word: they were wrongly reduced to true. Simplification and translation rules have been fixed, and the doc/tl/tl.pdf specifications have been updated to better explain that {SERE} has the semantics of a closure operator that is not exactly what one could expect after reading the PSL standard. - Various typos. New in spot 1.1.3 (2013-07-09) * New feature: - The neverclaim parser now understands the new style of output used by Spin 6.24 and later. * Bug fixes: - The scc_filter() function could abort with a BDD error. If all the acceptance sets of an SCC but the first one were useless. - The script in bench/spin13/ would not work on MacOS X because of some non-portable command. - A memory corruption in ltlcross. New in spot 1.1.2 (2013-06-09) * Bug fixes: - Uninitialized variables in ltlcross (affect the count of terminal weak, and strong SCCs). - Workaround an old GCC bug to allow compilation with g++ <= 4.5 - Fix several Doxygen comments so that they display correctly. New in spot 1.1.1 (2013-05-13): * New features: - lbtt_reachable(), the function that outputs a TGBA in LBTT's format, has a new option to indicate that the TGBA being printed is in fact a Büchi automaton. In this case it outputs an LBTT automaton with state-based acceptance. The output of the guards has also been changed in two ways: 1. atomic propositions that do not match p[0-9]+ are always double-quoted. This avoids issues where t or f were used as atomic propositions in the formula, output as-is in the automaton, and read back as true or false. Other names that correspond to LBT operators would cause problem as well. 2. formulas that label transitions are now output as irredundant-sums-of-products. - 'ltl2tgba --ba --lbtt' will now output automata with state-based acceptance. You can use 'ltl2tgba --ba --lbtt=t' to force the output of transition-based acceptance like in the previous versions. Some illustrations of this point and the previous one can be found in the man page for ltl2tgba(1). - There is a new function scc_filter_states() that removes all useless states from a TGBA. It is actually an abbridged version of scc_filter() that does not alter the acceptance conditions of the automaton. scc_filter_state() should be used when post-processing TGBAs that actually represent BAs. - simulation_sba(), cosimulation_sba(), and iterated_simulations_sba() are new functions that apply to TGBAs that actually represent BAs. They preserve the imporant property that if a state of the BA is is accepting, the outgoing transitions of that state are all accepting in the TGBA that represent the BA. This is something that was not preserved by functions cosimultion() and iterated_simulations() as mentionned in the bug fixes below. - ltlcross has a new option --seed, that makes it possible to change the seed used by the random graph generator. - ltlcross has a new option --products=N to check the result of each translation against N different state spaces, and everage the statistics of these N products. N default to 1; larger values increase the chances to detect inconsistencies in the translations, and also make the average size of the product built against the translated automata a more pertinent statistic. - bdd_dict::unregister_all_typed_variables() is a new function, making it easy to unregister all BDD variables of a given type owned by some object. * Bug fixes: - genltl --gh-r generated the wrong formulas due to a typo. - ltlfilt --eventual and --universal were not handled properly. - ltlfilt --stutter-invariant would trigger an assert on PSL formulas. - ltl2tgba, ltl2tgta, ltlcross, and ltlfilt, would all choke on empty lines in a file of formulas. They now ignore empty lines. - The iterated simulation applied on degeneralized TGBA was bogus for two reasons: one was that cosimulation was applied using the generic cosimulation for TGBA, and the second is that SCC-filtering, performed between iterations, was also a TGBA-based algorithm. Both of these algorithms could lose the property that if a TGBA represents a BA, all the outgoing transitions of a state should be accepting. As a consequence, some formulas where translated to incorrect Büchi automata. New in spot 1.1 (2013-04-28): Several of the new features described below are discribed in Tomáš Babiak, Thomas Badie, Alexandre Duret-Lutz, Mojmír Křetínský, Jan Strejček: Compositional Approach to Suspension and Other Improvements to LTL Translation. To appear in the proceedings of SPIN'13. * New features in the library: - The postprocessor class now takes an optional option_map argument that can be used to specify fine-tuning options, making it easier to benchmark different scenarios while developing new postprocessings. - A new translator class implements a complete translation chain, from LTL/PSL to TGBA/BA/Monitor. It performs pre- and post-processings in addition to the core translation, and offers an interface similar to that used in the postprocessor class, to specify the intent of the translation. - The degeneralization algorithm has learned three new tricks: level reset, level caching, and SCC-based ordering. The former two are enabled by default. Benchmarking has shown that the latter one does not always have a positive effect, so it is disabled by default. (See SPIN'13 paper.) - The scc_filter() function, which removes dead SCCs and also simplify acceptance conditions, has learnt how to simplify acceptance conditions in a few tricky situations that were not simplified previously. (See SPIN'13 paper.) - A new translation, called compsusp(), for "Compositional Suspension" is implemented on top of ltl_to_tgba_fm(). (See SPIN'13 paper.) - Some experimental LTL rewriting rules that trie to gather suspendable formulas are implemented and can be activated with the favor_event_univ option of ltl_simplifier. As always please check doc/tl/tl.tex for the list of rules. - An experimental "don't care" (direct) simulation has been implemented. This simulations consider the acceptance of out-of-SCC transitions as "don't care". It is not enabled by default because it currently is very slow. - remove_x() is a function that take a formula, and rewrite it without the X operator. The rewriting is only correct for stutter-insensitive LTL formulas (See K. Etessami's paper in IFP vol. 75(6). 2000) This algorithm is accessible from the command-line using ltlfilt's --remove-x option. - is_stutter_insensitive() takes any LTL formula, and check whether it is stutter-insensitive. This algorithm is accessible from the command-line using ltlfilt's --stutter-insensitive option. - Several functions have been introduced to check the strength of an SCC. is_inherently_weak_scc() is_weak_scc() is_syntactic_weak_scc() is_complete_scc() is_terminal_scc() is_syntactic_terminal_scc() Beware that the costly is_weak_scc() function introduced in Spot 1.0, which is based on a cycle enumeration, has been renammed to is_inherently_weak_scc() to match established vocabulary. * Command-line tools: - ltl2tgba and ltl2tgta now honor a new --extra-options (or -x) flag to fine-tune the algorithms used. The available options are documented in the spot-x (7) manpage. For instance use '-x comp-susp' to use the afore-mentioned compositional suspension. - The output format of 'ltlcross --json' has been changed slightly. In a future version we will offer some reporting script that turn such JSON output into various tables and graphs, and these change are required to make the format usable for other benchmarks (not just ltlcross). - ltlcross will now count the number of non-accepting, terminal, weak, and strong SCCs, as well as the number of terminal, weak, and strong automata produced by each tool. * Documentation: - org-mode files used to generate the documentation about command-line tools (shown at http://spot.lrde.epita.fr/tools.html) is distributed in doc/org/. The resulting html files are also in doc/userdoc/. * Web interface: - A new "Compositional Suspension" tab has been added to experiment with compositional suspension. * Benchmarks: - See bench/spin13/README for instructions to reproduce our Spin'13 benchmark for the compositional suspension. * Bug fixes: - There was a memory leak in the LTL simplification code, that could only be triggered when disabling advanced simplifications. - The translation of the PSL formula !{xxx} was incorrect when xxx simplified to false. - Various warnings triggered by new compilers. New in spot 1.0.2 (2013-03-06): * New features: - the on-line ltl2tgba.html interface can output deterministic or non-deterministic monitors. However, and unlike the ltl2tgba command-line tool, it doesn't different output formats. - the class ltl::ltl_simplifier now has an option to rewrite Boolean subformulaes as irredundante-sum-of-product during the simplification of any LTL/PSL formula. The service is also available as a method ltl_simplifier::boolean_to_isop() that applies this rewriting to a Boolean formula and implements a cache. ltlfilt as a new option --boolean-to-isop to try to apply the above rewriting from the command-line: % ltlfilt --boolean-to-isop -f 'GF((a->b)&(b->c))' GF((!a & !b) | (b & c)) This is currently not used anywhere else in the library. * Bug fixes: - 'ltl2tgba --high' is documented to be the same as 'ltl2tgba', but by default ltl2tgba forgot to enable LTL simplifications based on language containment, which --high do enable. There are now enabled by default. - the on-line ltl2tgba.html interface failed to output monitors, testing automata, and generalized testing automata due to two issues with the Python bindings. It also used to display Testing Automaton Options when the desired output was set to Monitor. - bench/ltl2tgba would not work in a VPATH build. - a typo caused some .dir-locals.el configuration parameters to be silently ignored by emacs - improved Doxygen comments for formula_to_bdd, bdd_to_formula, and bdd_dict. - src/tgbatest/ltl2tgba (not to be confused with src/bin/ltl2tgba) would have a memory leak when passed the conflicting option -M and -O. It probably has many other problems. Do not use src/tgbatest/ltl2tgba if you are not writing a test case for Spot. Use src/bin/ltl2tgba instead. New in spot 1.0.1 (2013-01-23): * Bug fixes: - Two executions of the simulation reductions could produce two isomorphic automata, but with transitions in a different order. - ltlcross did not diagnose write errors to temporary files, and certain versions of g++ would warn about it. - "P0.init" is parsed as an atomic even without the double quotes, but it was always output with double quotes. This version will not quote this atomic proposition anymore. - "U", "W", "M", "R" were correctly parsed as atomic propositions (instead of binary operators) when placed in double quotes, but on output they were output without quotes, making the result unparsable. - the to_lbt_string() functions would always output a trailing space. This is not the case anymore. - tgba_product::transition_annotation() would segfault when called in a product against a Kripke structure. * Minor improvements: - Four new LTL simplifications rules: GF(a|Xb) = GF(a|b) GF(a|Fb) = GF(a|b) FG(a&Xb) = FG(a&b) FG(a&Gb) = FG(a&b) - The on-line version of ltl2tgba now displays edge and transition counts, just as the ltlcross tool. - ltlcross will display the number of timeouts at the end of its execution. - ltlcross will diagnose tools with missing input or output %-sequence before attempting to run any of them. - The parser for LBT's prefix-style LTL formulas will now read atomic propositions that are not of the form p1, p2... This makes it possible to process formulas written in ltl2dstar's syntax. * Pruning: - lbtt has been removed from the distribution. A copy of the last version we distributed is still available at http://spot.lip6.fr/dl/lbtt-1.2.1a.tar.gz and our test suite will use it if it is installed, but the same tests are already performed by ltlcross. - the bench/ltl2tgba/ benchmark, that used lbtt to compare various LTL-to-Büchi translators, has been updated to use ltlcross. It now output summary tables in LaTeX. Support for Modella (no longer available online), and Wring (requires a too old Perl version) have been dropped. - the half-baked and underdocumented "Event TGBA" support in src/evtgba*/ has been removed, as it was last worked on in 2004. New in spot 1.0 (2012-10-27): * License change: Spot is now distributed using GPL v3+ instead of GPL v2+. This is because we started using some third-party files distributed under GPL v3+. * Command-line tools Useful command-line tools are now installed in addition to the library. Some of these tools were originally written for our test suite and had evolved organically into useful programs with crappy interfaces: they have now been rewritten with better argument parsing, saner defaults, and they come with man pages. - genltl: Generate LTL formulas from scalable patterns. This offers 20 patterns so far. - randltl: Generate random LTL/PSL formulas. - ltlfilt: Filter lists of formulas according to several criteria (e.g., match only safety formulas that are larger than some given size). Besides being used as a "grep" tool for formulas, this can also be used to convert files of formulas between different syntaxes, apply some simplifications, check whether to formulas are equivalent, ... - ltl2tgba: Translate LTL/PSL formulas into Büchi automata (TGBA, BA, or Monitor). A fundamental change to the interface is that you may now specify the goal of the translation: do you you favor deterministic or smaller automata? - ltl2tgta: Translate LTL/PSL formulas into Testing Automata. - ltlcross: Compare the output of translators from LTL/PSL to Büchi automata, to find bug or for benchmarking. This is essentially a Spot-based reimplementation of LBTT that supports PSL in addition to LTL, and that can output more statistics. An introduction to these tools can be found on-line at http://spot.lrde.lip6.fr/tools.html The former test versions of genltl and randltl have been removed from the source tree. The old version of ltl2tgba with its gazillion options is still in src/tgbatest/ and is meant to be used for testing only. Although ltlcross is meant to replace LBTT, we are still using both tools in this release; however this is likely to be the last release of Spot that redistributes LBTT. * New features in the Spot library: - Support for various flavors of Testing Automata. The flavors are: + "classical" Testing Automata, as used for instance by Geldenhuys and Hansen (Spin'06), using Büchi and livelock acceptance conditions. + Generalized Testing Automata, extending the previous with multiple Büchi acceptance sets. + Transition-based Generalized Testing Automata moving Büchi acceptance to transitions, and getting rid of livelock acceptance conditions by expliciting stuttering self-loops. Supporting algorithms include anything required to run the automata-theoretic approach using testing automata: + dedicated synchronized product + dedicated emptiness-check for TA and GTA, as these may require two passes because of the two kinds of acceptance, while a TGTA can be checked for emptiness with the same one-pass algorithm as a TGBA. + conversion from a TGBA to any of the above kind, with options to reduce these automata with bisimulation, and to produce a BA/GBA that require a single pass (at the expense of determinism). + output in dot format for display A discussion of these automata, part of Ala Eddine BEN SALEM's PhD work, should appear in ToPNoC VI (LNCS 7400). The web-based interface and the aforementioned ltl2tgta tool can be used to build testing automata. - TGBA can now be reduced by Reverse Simulation (in addition to the Direct Simulation introduced in 0.9). A function called iterated_simulations() will alternate direct and reverse simulations in a loop as long as it diminishes the size of the automaton. - The enumerate_cycles class implements the Loizou-Thanisch algorithm to enumerate elementary cycles in a SCC. As an example of use, is_weak_scc() will tell whether an SCC is inherently weak (all its cycles are accepting, or none of them are). - parse_lbt() will parse an LTL formula expressed in the prefix syntax used (at least) by LBT, LBTT and Scheck. to_lbt_string() can be used to print an LTL formula using this syntax. - to_wring_string() can be used to print an LTL formula into Wring's syntax. - The LTL/PSL parser now has a lenient mode that can be useful to interpret atomic proposition with language-specific constructs. In lenient mode, any (...) or {...} block that cannot be parsed as formula will be assumed to be an atomic proposition. For instance the input (a < b) U (process[2]@ok), normally flagged as a syntax error, is read as "a < b" U "process[2]@ok" in lenient mode. - minimize_obligation() has a new option to disable WDBA minimization it cases it would produce a deterministic automaton that is bigger than the original TGBA. This can help choosing between less states or more determinism. - new functions is_deterministic() and count_nondet_states() (The count of nondeterministic states is now displayed on automata generated with the web interface.) - A new class, "postprocessor", makes it easier to apply all available simplification algorithms on a TGBA/BA/Monitors. * Minor changes: - The '*' operator can (again) be used as an AND in LTL formulas. This is for compatibility with formula written in Wring's syntax. However inside SERE it is interpreted as the Kleen star. - When printing a formula using Spin's LTL syntax, we don't double-quote complex atomic propositions (that was not valid Spin input anyway). For instance F"foo == 2" used to be output as <>"foo == 2". We now output <>(foo == 2) instead. The latter syntax is understood by Spin 6. It can be read back by Spot in lenient mode (see above). - The gspn-ssp benchmark has been removed. New in spot 0.9.2 (2012-07-02): * New features to the web interface. - It can run ltl3ba (Babiak et al., TACAS'12) where available. - "a loading logo" is displayed when result is not instantaneous. * Speed improvements: - The unicity hash table of BuDDy has been separated separated node table for better cache-friendliness. The resulting speedup is around 5% on BDD-intensive algorithms. - A new BDD operation, called bdd_implies() has been added to BuDDy to check whether one BDD implies another. This benefits mostly the simulation and degeneralization algorithms of Spot. - A new offline implementation of the degeneralization (which had always been performed on-the-fly so far) available. This especially helps the Safra complementation. * Bug fixes: - The CGI script running for ltl2tgba.html will correctly timeout after 30s when Spot's translation takes more time. - Applying WDBA-minimization on an automaton generated by the Couvreur/LaCIM translator could lead to an incorrect automaton due to a bug in the definition of product with symbolic automata. - The Makefile.am of BuDDy, LBTT, and Spot have been adjusted to accomodate Automake 1.12 (while still working with 1.11). - Better error recovery when parsing broken LTL formulae. - Fix errors and warnings reported by clang 3.1 and the upcoming g++ 4.8. New in spot 0.9.1 (2012-05-23): * The version of LBTT we distribute includes a patch from Tomáš Babiak to count the number of non-deterministic states, and the number of deterministic automata produced. See lbtt/NEWS for the list of other differences with the original version of LBTT 1.2.1. * The Couvreur/FM translator has learned two new tricks. These only help to speedup the translation by not issuing states or acceptance conditions that would be latter suppresed by other optimizations. - The translation rules used to translate subformulae of the G operator have been adjusted not to produce useless loops already implied by G. This generalizes the "GF" trick presented in Couvreur's original FM'99 paper. - Promises generated for formula of the form P(a U (b U c)) are reduced into P(c), avoiding the introduction of many promises that imply each other. * The tgba_parse() function is now available via the Python bindings. * Bug fixes: - The random SERE generator was using the wrong operators for "and" and "or", mistaking And/Or with AndRat/OrRat. - The translation of !{r} was incorrect when this subformula was recurring (e.g. in G!{r}) and r had loops. - Correctly recognize ltl2tgba's option -rL. - Using LTL simplification rules based on syntactic implication, or based on language containment checks, caused BDD variables to be allocated in an "unnatural" order, resulting in a slower translation and a less optimal degeneralization. - When ltl2tgba reads a neverclaim, it now considers the resulting TGBA as a Büchi automaton, and will display double circles in the dotty output. New in spot 0.9 (2012-05-09): * New features: - Operators from the linear fragment of PSL are supported. This basically extends LTL with Sequential Extended Regulat Expressions (SERE), and a couple of operators to bridge SERE and LTL. See doc/tl/tl.pdf for the list of operators and their semantics. - Formula rewritings have been completely revamped, and augmented with rules for PSL operators (and some new LTL rules as well). See doc/tl/tl.pdf for the list of the rewritings implemented. - Some of these rewritings that may produce larger formulas (for instance to rewrite "{a;b;c}" into "a & X(b & Xc)") may be explicitely disabled with a new option. - The src/ltltest/randltl tool can now generate random SEREs and random PSL formulae. - Only one translator (ltl2tgba_fm) has been augmented to translate the new SERE and PSL operators. The internal translation from SERE to DFA is likely to be rewriten in a future version. - A new function, length_boolone(), computes the size of an LTL/PSL formula while considering that any Boolean term has length 1. - The LTL/PSL parser recognizes some UTF-8 characters (like ◇ or ∧) as operators, and some output routines now have an UTF-8 output mode. Tools like randltl and ltl2tgba have gained an -8 option to enable such output. See doc/tl/tl.pdf for the list of recognized codepoints. - A new direct simulation reduction has been implemented. It works directly on TGBAs. It is in src/tgbaalgos/simlation.hh, and it can be tested via ltl2tgba's -RDS option. - unabbreviate_wm() is a function that rewrites the W and M operators of LTL formulae using R and U. This is called whenever we output a formula in Spin syntax. By combining this with the aforementioned PSL rewriting rules, many PSL formulae that use simple SERE can be converted into LTL formulae that can be feed to tools that only understand U and R. The web interface will let you do this. - changes to the on-line translator: + SVG output is available + can display some properties of a formula + new options for direct simulation, larger rewritings, and utf-8 output - configure --without-included-lbtt will prevent LBTT from being configured and built. This helps on systems (such as MinGW) where LBTT cannot be built. The test-suite will skip any LBTT-based test if LBTT is missing. * Interface changes: - Operators ->, <->, U, W, R, and M are now parsed as right-associative to better match the PSL standard. - The constructors for temporal formulae will perform some trivial simplifications based on associativity, commutativity, idempotence, and neutral elements. See doc/tl/tl.pdf for the list of such simplifications. - Formula instances now have many methods to inspect their properties (membership to syntactic classes, absence of X operator, etc...) in constant time. - LTL/PSL formulae are now handled everywhere as 'const formula*' and not just 'formula*'. This reflects the true nature of these (immutable) formula objects, and cleanups a lot of code. Unfortunately, it is a backward incompatible change: you may have to add 'const' to a couple of lines in your code, and change 'ltl::const_vistitor' into 'ltl::visitor' if you have written a custom visitor. - The new entry point for LTL/PSL simplifications is the function ltl_simplifier::simplify() declared in src/ltlvisit/simplify.hh. The ltl_simplifier class implements a cache. Functions such as reduce() or reduce_tau03() are deprecated. - The old game-theory-based implementations for direct and delayed simulation reductions have been removed. The old direct simulation would only work on degeneralized automata, and yet produce results inferior to the new direct simulation introduced in this release. The implementation of delayed simulation was unreliable. The function reduc_tgba_sim() has been kept for compatibility (it calls the new direct simulation whatever the type of simulation requested) and marked as deprecated. ltl2tgba's options -Rd, -RD are gone. Options -R1t, -R1s, -R2s, and -R2t are deprecated and all made equivalent to -RDS. - The tgba_explicit hierarchy has been reorganized in order to make room for sba_explicit classes that share most of the code. The main consequence is that the tgba_explicit type no longuer exists. However the tgba_explicit_number, tgba_explicit_formula, and tgba_explicit_string still do. New in spot 0.8.3 (2012-03-09): * Support for both Python 2.x and Python 3.x. (Previous versions would only work with Python 2.x.) * The online ltl2tgba.html now stores its state in the URL so that history is preserved, and links to particular setups can be sent. * Bug fixes: - Fix a segfault in the compression code used by the -Z option of dve2check. - Fix a race condition in the CGI script. - Fix a segfault in the CGI script when computing a Büchi run. New in spot 0.8.2 (2012-01-19): * configure now has a --disable-python option to disable the compilation of Python bindings. * Minor speedups in the Safra complementation. * Better memory management for the on-the-fly degeneralization algorithm. This mostly benefits to the Safra complementation. * Bug fixes: - spot::ltl::length() forgot to count the '&' and '|' operators in an LTL formula. - minimize_wdba() could fail to mark some transiant SCCs as accepting, producing an automaton that was not fully minimized. - minimize_dfa() could produce incorrect automata, but it is not clear whether this could have had an inpact on WDBA minimization (the worse case is that some TGBA would not have been minimized when they could). - Fix a Python syntax error in the CGI script. - Fix compilation with g++ 4.0. - Fix a make check failure when valgrind is missing. New in spot 0.8.1 (2011-12-18): * Only bug fixes: - When ltl2tgba is set to perform both WDBA minimization and degeneralization, do the latter only if the former failed. In previous version, automata were (uselessly) degeneralized before WDBA minimization, causing important slowdowns. - Fix compilation with Clang 3.0. - Fix a Makefile setup causing a "make check" failure on MacOS X. - Fix an mkdir error in the CGI script. New in spot 0.8 (2011-11-28): * Major new features: - Spot can read DiVinE models. See iface/dve2/README for details. - The genltl tool can now output 20 different LTL formula families. It also replaces the LTLcounter Perl scripts. - There is a printer and parser for Kripke structures in text format. * Major interface changes: - The destructor of all states is now private. Any code that looks like "delete some_state;" will cause an compile error and should be updated to "some_state->destroy();". This new syntax is supported since version 0.7. - The experimental Nips interface has been removed. * Minor changes: - The dotty_reachable() function has a new option "assume_sba" that can be used for rendering automata with state-based acceptance. In that case, acceptance states are displayed with a double circle. ltl2tgba (both command line and on-line) Use it to display degeneralized automata. - The dotty_reachable() function will also display transition annotations (as returned by the tgba::transitition_annotation()). This can be useful when displaying (small) state spaces. - Identifiers used to name atomic proposition can contain dots. E.g.: X.Y is now an atomic proposition, while it was understood as X&Y in previous versions. - The Doxygen documentation is no longer built as a PDF file. * Internal improvements: - The on-line ltl2tgba CGI script uses a cache to produce faster answers. - Better memory management for the states of explicit automata. Thanks to the aforementioned ->destroy() change, we can avoid cloning explicit states. - tgba_product has learned how to be faster when one of the operands is a Kripke structure (15% speedup). - The reduction rule for "a M b" has been improved: it can be reduced to "a & b" if "a" is a pure eventuallity. - More useless acceptance conditions are removed by SCC simplifications. * Bug fixes: - Safra complementation has been fixed in cases where more than one acceptance conditions where needed to convert the deterministic Streett automaton as a TGBA. - The degeneralization is now idempotent. Previously, degeneralizing an already degeneralized automaton could add some states. - The degeneralization now has a deterministic behavior. Previously it was possible to obtain different output depending on the memory layout. - Spot now outputs neverclaims with fully parenthesized guards. I.e., instead of (!x && y) -> goto S1 it now outputs ((!(x)) && (y)) -> goto S1 This prevents problems when the model defines `x' as #define x flag==0 because !x then evaluated to (!flag)==0 instead of !(flag==0). New in spot 0.7.1 (2011-02-07): * The LTL parser will accept operator ~ (for not) as well as --> and <--> (for implication and equivalence), allowing formulae from the Büchi Store to be read directly. * The neverclaim parser will accept guards of the form :: !(...) -> goto ... instead of the more commonly used :: (!(...)) -> goto ... This makes it possible to read neverclaims provided by the Büchi Store. * A new ltl2tgba option, -kt, will count the number of "sub-transitions". I.e., a transition labelled by "true" counts for 4 "sub-transitions" if the automaton uses 2 atomic propositions. * Bugs fixed: - Fix segfault during WDBA minimization on automata with useless states. - Use the included BuDDy library if the one already installed is older than the one distributed with Spot 0.7. - Fix two typos in the code of the CGI scripts. New in spot 0.7 (2011-02-01): * Spot is now able to read an automaton expressed as a Spin neverclaim. * The "experimental" Kripke structure introduced in Spot 0.5 has been rewritten, and is no longer experimental. We have a developement version of checkpn using it, and it should be released shortly after Spot 0.7. * The function to_spin_string(), that outputs an LTL formula using Spin's syntax, now takes an optional argument to request parentheses at all levels. * src/ltltest/genltl is a new tool that generates some interesting families of LTL formulae, for testing purpose. * bench/ltlclasses/ uses the above tool to conduct the same benchmark as in the DepCoS'09 paper by Cichoń et al. The resulting benchmark completes in 12min, while it tooks days (or exhausted the memory) when the paper was written (they used Spot 0.4). * Degeneralization has again been improved in two ways: - It will merge degeneralized transitions that can be merged. - It uses a cache to speed up the improvement introduced in 0.6. * An implementation of Dax et al.'s paper for minimizing obligation formulae has been integrated. Use ltl2tgba -Rm to enable this optimization from the command-line; it will have no effect if the property is not an obligation. * bench/wdba/ conducts a benchmark similar to the one on Dax's webpage, comparing the size of the automata expressing obligation formula before and after minimization. See bench/wdba/README for results. * Using similar code, Spot can now construct deterministic monitors. * New ltl2tgba options: -XN: read an input automaton as a neverclaim. -C, -CR: Compute (and display) a counterexample after running the emptiness check. With -CR, the counterexample will be replayed on the automaton to ensure it is correct (previous version would always compute a replay a counterexample when emptiness-check was enabled) -ks: traverse the automaton to compute its number of states and transitions (this is faster than -k which will also count SCCs and paths). -M: Build a deterministic monitor. -O: Tell whether a formula represents a safety, guarantee, or obligation property. -Rm: Minimize automata representing obligation properties. * The on-line tool to translate LTL formulae into automata has been rewritten and is now at http://spot.lip6.fr/ltl2tgba.html It requires a javascript-enabled browser. * Bug fixes: - Location of the errors messages in the TGBA parser where inaccurate. - Various warning fixes for different versions of GCC and Clang. - The neverclaim output with ltl2tgba -N or -NN used to ignore any automaton simplification performed after degeneralization. - The formula simplification based on universality and eventuality had a quadratic run-time. New in spot 0.6 (2010-04-16): * Several optimizations to improve some auxiliary steps of the LTL translation (not the core of the translation): - Better degeneralization - SCC simplifications has been tuned for degeneralization (ltl2tgba now has two options -R3 and -R3f: the latter will remove every acceptance condition that used to be removed in Spot 0.5 while the former will leave useless acceptance conditions going to accepting SCC. Experience shows that -R3 is more favorable to degeneralization). - ltl2tgba will perform SCC optimizations before degeneralization and not the converse - We added a syntactic simplification rule to rewrite F(a)|F(b) as F(a|b). We only had a rule for the more specific FG(a)|FG(b) = F(Ga|Gb). - The syntactic simplification rule for F(a&GF(b)) = F(a)&GF(b) has be disabled because the latter formula is in fact harder to translate efficiently. * New LTL operators: W (weak until) and its dual M (strong release) - Weak until allows many LTL specification to be specified more compactly. - All LTL translation algorithms have been updated to support these operators. - Although they do not add any expressive power, translating "a W b" is more efficient (read smaller output automaton) than translating the equivalent form using the U operator. - Basic syntactic rewriting rules will automatically rewrite "a U (b | G(a))" and "(a U b)|G(a)" as "a W b", so you will benefit from the new operators even if you do not use them. Similar rewriting rules exist for R and M, although they are less used. * New options have been added to the CGI script for - SVG output - SCC simplifications * Bug fixes: - The precedence of the "->" and "<->" Boolean operators has been adjusted to better match other tools. Spot <= 0.5 used to parse "a & b -> c & d" as "a & (b -> c) & d"; Spot >= 0.6 will parse it as "(a & b) -> (c & d)". - The random graph generator was fixed (again!) not to produce dead states as documented. - Locations in the error messages of the LTL parser were off by one. New in spot 0.5 (2010-02-01): * We have setup two mailing lists: - is read-only and will be used to announce new releases. You may subscribe at https://www.lrde.epita.fr/mailman/listinfo/spot-announce - can be used to discuss anything related to Spot. You may subscribe at https://www.lrde.epita.fr/mailman/listinfo/spot-announce * Two new LTL translations have been implemented: - eltl_to_tgba_lacim() is a symbolic translation for ELTL based on Couvreur's LaCIM'00 paper. For this translation (available with ltl2tgba's option -le), all operators are described as finite automata. A default set of operators is provided for LTL (option -lo) and user may add more automaton operators. - ltl_to_taa() is a translation based on Tauriainen's PhD thesis. LTL is translated to "self-loop" alternating automata and then to Transition-based Generalized Automata. (ltl2tgba's option -taa). The "Couvreur/FM" translation remains the best LTL translation available in Spot. * The data structures used to represent LTL formulae have been overhauled, and it resulted in a big performence improvement (in time and memory consumption) for the LTL translation. * Two complementation algorithms for state-based Büchi automata have been implemented: - tgba_kv_complement is an on-the-fly implementation of the Kupferman-Vardi construction (TCS'05) for generalized acceptance conditions. - tgba_safra_complement is an implementation of Safra's complementation. This algorithm takes a degeneralized Büchi automaton as input, but our implementation for the Streett->Büchi step will produce a generalized automaton in the end. * ltl2tgba has gained several options and the help text has been reorganized. Please run src/tgbatest/ltl2tgba without arguments for details. Couvreur/FM is now the default translation. * The ltl2tgba.py CGI script can now run standalone. It also offers the Tauriainen/TAA translation, and some options for SCC-based reductions. * Automata using BDD-encoded transitions relation can now be pruned for useless states symbolically using the delete_unaccepting_scc() function. This is ltl2tgba's -R3b option. * The SCC-based simplification (ltl2tgba's -R3 option) has been rewritten and improved. * The "*" symbol, previously parsed as a synonym for "&" is no longer recognized. This makes room for an upcoming support of rational operators. * More benchmarks in the bench/ directory: - gspn-ssp/ some benchmarks published at ACSD'07, - ltlcounter/ translation of a class of LTL formulae used by Rozier & Vardi at SPIN'07 - scc-stats/ SCC statistics after translation of LTL formulae - split-product/ parallelizing gain after splitting LTL automata * An experimental Kripke interface has been developed to simplify the integration of third party tools that do not use acceptance conditions and that have label on states instead of transitions. This interface has not been used yet. * Experimental interface with the Nips virtual machine. It is not very useful as Spot isn't able to retrieve any property information from the model. This will just check assertions. * Distribution: - The Boost C++ library is now required. - Update to Autoconf 2.65, Automake 1.11.1, Libtool 2.2.6b, Bison 2.4.1, and Swig 1.3.40. - Thanks to the newest Automake, "make check" will now run in parallel if you use "make -j2 check" or more. * Bug fixes: - Disable warnings from the garbage collection of BuDDy, it could break the standard output of ltl2tgba. - Fix several C++ constructs to ensure Spot will build with GCC 4.3, 4.4, and older 3.x releases, as well as with Intel's ICC compiler. - A very old bug in the hash function for LTL formulae caused Spot to sometimes (but very rarely) consider two different LTL formulae as equal. New in spot 0.4 (2007-07-17): * Upgrade to Autoconf 2.61, Automake 1.10, Bison 2.3, and Swig 1.3.31. * Better LTL simplifications. * Don't initialize Buddy if it has already been initialized (in case the client software is already using Buddy). * Lots of work in the greatspn interface for our ACSD'05 paper. * Bug fixes: - Fix the random graph generator not to produce dead states as documented. - Fix synchronized product in case both side use acceptance conditions. - Fix some syntax errors with newer versions of GCC. New in spot 0.3 (2006-01-25): * lbtt 1.2.0 * The CGI script for LTL translation also offers emptiness check algorithms. * tau03_opt_search implements the "ordering heuristic". (Submitted by Heikki Tauriainen.) * A couple of bugs were fixed into the LTL or automata simplifications. New in spot 0.2 (2005-04-08): * Emptiness checks: - the new spot::option_map class is used to pass options to emptiness-check algorithms. - the new emptiness_check_instantiator class is used to turn a string such as `algorithm(option1, option2)' into an actual instance of this emptiness-check algorithm with the given options. All tools use this. - tau03_opt_search implements the "condition heuristic". (Suggested by Heikki Tauriainen.) * Minor bug fixes. New in spot 0.1 (2005-01-31): * Emptiness checks: - They all follow the same interface, and gather statistical data. - New algorithms: gv04.hh, se05.hh, tau03.hh, tau03opt.hh - New options for couvreur99: poprem and group. - reduce_run() try to reduce accepting runs produced by emptiness checks. - replay_run() ensure accepting runs are actually accepting runs. * New testing tools: - ltltest/randltl: Generate random LTL formulae. - tgbatest/randtgba: Generate random TGBAs. Optionally multiply them against random LTL formulae. Optionally check them for emptiness with all available algorithms. Optionally gather statistics. * bench/emptchk/: Contains scripts that benchmark emptiness-checks. * Split the degeneralization proxy in two: - tgba_tba_proxy uses at most max(N,1) copies - tgba_sba_proxy uses at most 1+max(N,1) copies and has a state_is_accepting() method * tgba::transition_annotation annotate a transition with some string. This comes handy to associate that transition to its high-level name. * Preliminary support for Event-based GBA (the evtgba*/ directories). This might as well disappear in a future release. * LTL formulae are now sorting using their string representation, instead of their memory address (which is still unique). This makes the output of the various functions more deterministic. * The Doxygen documentation is now organized using modules. New in spot 0.0x (2004-08-13): * New atomic_prop_collect() function: collect atomic propositions in an LTL formula. * Fix several typos in documentation, and some warnings in the code. * Now compiles on Darwin and Cygwin. * Upgrade to Automake 1.9.1, and lbtt 1.1.2. (And drop support for older lbtt versions.) * Support newer versions of Valgrind (>= 2.1.0). New in spot 0.0v (2004-06-29): * LTL formula simplifications using basic rewriting rules, a-la Wring syntactic approximations, and Etessami's universal and existential classes. - Function reduce() in ltlvisit/reduce.hh is the main interface. - Can be tested with the CGI script. * TGBA simplifications using direct simulation, delayed simulation, and SCC-based simplifications. This is still experimental. * The LTL parser will now read LTL formulae written using Wring's syntax. * ltl2tgba_fm() now has options for on-the-fly fair-loop approximations, and Modella-like branching-postponement. * GreatSPN interface: - The `declarative_environment' is now part of Spot itself rather than part of the interface with GreatSPN. - the RG and SRG interface can deal with dead markings in three ways (omit deadlocks from the state graph, stutter on the deadlock and consider as a regular behavior, or stutter and distinguish the deadlock with a property). - update SSP interface to Soheib Baarir latest work. * Preliminary Python bindings for BuDDy's FDD and BVEC. * Upgrade to BuDDy 2.3. New in spot 0.0t (2004-04-23): * `emptiness_check': - fix two bugs in the computation of the counter example, - revamp the interface for better customization. * `never_claim_reachable': new function. * Introduce annonymous BDD variables in `bdd_dict', and start to use it in `ltl_to_tgba_fm'. * Offer never claim in the CGI script. * Rename EESRG as SSP, and offer specialized variants of the emptiness_check. New in spot 0.0r (2004-03-08): * In ltl_to_tgba_fm: - New option `exprop' to optimize determinism. - Make the `symbolic indentification' from 0.0p optional. * `nonacceptant_lbtt_reachable' new function to help getting accurate statistics from LBTT. * Revamp the cgi script's user interface. * Upgrade to lbtt 1.0.3, swig 1.3.21, automake 1.8.3 New in spot 0.0p (2004-02-03): * In ltl_to_tgba_fm: - identify states with identical symbolic expansions (i.e., identical continuations) - use Acc[b] as acceptance condition for Fb, not Acc[Fb]. * Update and speed-up the cgi script. * Improve degeneralization. New in spot 0.0n (2004-01-13): * emptiness_check::check2() is a variant of Couvreur's emptiness check that explores visited states first. * Build the EESRG supporting code condinally, as the associated GreatSPN changes have not yet been contributed to GreatSPN. * Add a powerset algorithm (determinize TGBA ignoring acceptance conditions, i.e., as if they were used to recognize finite languages). * tgba_explicit::merge_transitions: merge transitions with same source, destination, and acceptance condition. * Run test cases within valgrind. * Various bug fixes. New in spot 0.0l (2003-12-01): * Computation of prime implicants. This simplify the output of ltl_to_tgba_fm, and allows conditions to be output as some of product in dot output. * Optimize translation of GFy in ltl_to_tgba_fm. * tgba_explicit supports arbitrary binary formulae on transitions (only conjunctions were allowed). New in spot 0.0j (2003-11-03): * Use hash_map's instead of map's almost everywhere. * New emptiness check, based on Couvreur's algorithm. * LTL propositions can be put inside doublequotes to disambiguate some constructions. * Preliminary support for GreatSPN's EESRG. * Various bug fixes. New in spot 0.0h (2003-08-18): * More python bindings: - "import buddy" works (see wrap/python/tests/bddnqueen.py for an example), - almost all the Spot API is now available via "import spot". * wrap/python/cgi/ltl2tgba.py is an LTL-to-Büchi translator that work as as a cgi script. * Couvreur's FM'99 ltl-to-tgba translation. New in spot 0.0f (2003-08-01): * More python bindings, still only for the spot::ltl:: namespace. * Functional GSPN interface. (Enable with --with-gspn=directory.) * The LTL scanner recognizes /\, \/, and xor. * Upgrade to lbtt 1.0.2. * tgba_tba_proxy is an on-the-fly degeneralizer. * Implements the "magic search" algorithm. (Works only on a tgba_tba_proxy.) * Tgba's output algorithms (save(), dotty()) now non-recursive. * During products, succ_iter will optimize its set of successors using information computed from the current product state. * BDD dictionnaries are now shared between automata and. This gets rid of all the BDD-variable translating machinery. New in spot 0.0d (2003-07-13): * Optimize translation of G operators occurring at the root of a formula (or its immediate children when the root is a conjunction). This saves two BDD variables per G operator. * Distribute lbtt, and run it during `make check'. * First sketch of GSPN interface. * succ_iter_concreate::next() completely rewritten. * Transitions are now labelled by boolean formulae (not only conjunctions). * Documentation: - Output collaboration diagrams. - Build and distribute PDF manual. * Many bug fixes. New in spot 0.0b (2003-06-26): * Everything.