lemmy released this Jul 11, 2019 · 170 commits to master since this release

### Changelog

The high level changelog is available at http://research.microsoft.com/en-us/um/people/lamport/tla/toolbox.html#release. The 1.6.0 milestone lists all completed issues.

#### TLC

• Invalid violation of a liveness property because of bidirectional transitions in liveness graph due to inverse action e9ccb77
• Evaluate Initial Predicate expressions A /\ B /\ C in given order instead of A /\ C /\ B eb5d554
• Print error message when length of a behavior exceeds 2^15 states on-disk or 2^31 in-memory 28a0117
• Reduce fingerprint collision probability by randomly selecting irreducible polynomial at TLC startup (unless set on command-line with fp parameter)
• Correctly recreate error traces for specs using RandomElement operator from TLC's standard module
• Expose TLC runtime statistics and control in specs (diameter, states, distinct states, runtime, level, exit) through named registers for TLCGet and TLCSet 592056f 43e2b74
• Improve readability of progress output by showing thousands delimiters Contributor: P. White
• Visualize SANY's semantic graph with GraphViz: java [-Dtla2sany.explorer.DotExplorerVisitor.includeLineNumbers=true] -cp /path/to/tla2tools.jar tla2sany.SANY -d Spec.tla dot Screenshot
• Indicate TLC's process id (pid) in startup banner ea70206
• Inspection hatch to monitor states generated by a running TLC process: java -cp /path/to/tla2tools.jar tlc2.tool.management.StateMonitor [interval] 9ddffad b483440 (Screencast)
• Support suspension of (breadth-first) model checking via JMX API
• Opt-in usage data reporting
• Warn user if TLC is slowed down fa71d52 34c91e9 34c91e9
##### Performance & Scalability
• Multi-Threaded Simulation Mode 8355920 Contributor: will62794
• More efficiently generate the set of subsets for the TLA+ expression (SUBSET S) 4a62e5b
• Reduce worker contention by separating the trace file into N partial trace files where N is the number of workers 548ce71
• Speed-up TLC shutdown by calculating 'actual fingerprint collision probability' only if 'calculated probability' exceeds 1E-10 f12b10e
• Increase TLC throughput by ~10% by refactoring hot code-paths e6c8f6c 1bc2ab1
• Show active fingerprint set and state queue implementation in startup banner e974533 ea3feb5
• ByteArrayQueue prototype to increases throughput by reducing the critical section of the queue of unseen states 01b0e98
• Activate with -Dtlc2.tool.ModelChecker.BAQueue=true Java system property
##### Command-line
• Accept absolute spec path on command-line
• Make tlc2.TLC the main-class attribute of the tla2tools.jar fac02ee
• Set executable bit for tla2tools.jar to simplify command-line on Linux: /path/to/tla2tools.jar /path/to/spec
• Command-line TLC users please always pass -XX:+UseParallelGC Java 11 flag to not suffer performance penalty
• Retire tla.zip in favor of tla2tools.jar 2da02d3
• Exit status is now non-zero in the case of any errors or property violations #277
##### CloudTLC
• Switch to Azure service principal authentication
• Automatically handle Azure resource deletion as part of instance termination 5be0e77
• Gracefully terminate cloud resources when a CloudTLC run is terminated prematurely d593d0e
• Power-off instead of terminate CloudTLC instances tagged power_off to speed-up subsequent restart 22a7385
• Adds support for packet.net's t1.small.x86 budget baremetal instances 71a2530

#### Toolbox

##### Model Editor
• Better visualize coverage by coloring the editor 881f2e6
• Usability improvements to the model editor including:
• What was previously the "Advanced Options" page has been split into two pages with the Advanced TLC Options occupying its own page now.
• Neither of these pages are visible by default, and are accessed by hyperlink on the main model page; their open-or-closed state are saved with the model so that subsequent model openings will restore the view to the configuration last seen by the user.
• The selection of the behavior spec is now performed via pulldown, as seen in this accompanying screencast..
• The "How to run?" section of the main page has been simplified, as can be seen in the same screencast as above. Checkpoint related TLC options have been moved to the Advanced TLC Options page. A given worker, memory, and disk storage file count configuration can be saved as the default configuration to be used with new models.
• Init and Next fields of the "What is the Behavior Spec" accept multi-line expressions
• The "How to run" and the "What to check?" sections on the main page have been given full width of the page.
• Similarly, the "State Constraint" section on the "Advance Options" page have been given full width.
• The tables in the "Statistics" section of the "Model Checking Results" page now expand to fill the width of the page, and resize their columns to consume the available width when those tables resize.
• The "General" section of the "Model Checking Results" page has been condensed to two lines. The top line, always visible, will show:
• an "Awaiting..." text for an un-executed model.
• once running, or ran, a Start time, an End time, a status, and potentially a last checkpoint time, and a mode denotation for Depth-first or Simulation runs.
• ... and the second line will be visible should their be errors in execution, information about fingerprint collision, and/or zero counts on coverage.
• The Evaluate Constant Expression section in the Results page can be moved to its own tab in the model editor via a preference checkbox in TLA+ Preferences → TLC Model Checker.
• The Evaluate Constant Expression now features a toggle button to more easily jump in and out of Evaluate Constant model check mode (No behavior spec selected.)
##### Trace Explorer
• TETrace operator to support self-referential error trace expression
• Supporting naming to compose trace expressions a34ef2c (Screencast)
• Map SANY errors back to Toolbox expression locations 9ae65ab (Screenshot)
• Add syntax highlighting and redo/undo in input boxes
• Allow customizable fonts for the Toolbox's Error Trace viewer
• Add header button to error trace to toggle tree expansion between collapse and expand all. Shift+Click returns to default two-level expansion 8640936 (Screencast)
• The edit button is enabled if the table contains one formula, regardless of whether that formula is selected; formulas are able to be drag reordered; changes (addition, editing, removal, and reordering) are now saved automatically. (All covered by Issue #9)
• There is a button in the Error-Trace section header which allows the 'linking' of the trace viewer with the spec editor; in the same way that one could previously double-click on a trace location to reveal the section of the specification in the spec editor, while the editor is linked this action can be done by a single click, as well as by navigating with the keyboard arrow keys. (Issue #289)

### A note to macOS users

Startup on macOS version 10.14 (Mojave) will fail with "TLA+ Toolbox can't be opened because Apple cannot check it for malicious software.". Please make sure to follow the instructions outlined in GitHub issue #320 to address this problem.

### Checksums

sha1sum file
b0fca8d26568c5304b5e4d5ab40f3ffe1ed48ba1 TLAToolbox-1.6.0-linux.gtk.x86_64.zip
836c91cddf98088f7e2c8c2f711e95217d5530da TLAToolbox-1.6.0-macosx.cocoa.x86_64.zip
ae09753744f462957709d94d735ef292e775a05b TLAToolbox-1.6.0-win32.win32.x86_64.zip
aa4876bb4ae1275eb157fe67322fa69fd7452b7a tla2tools.jar
d54307de60caf42e586b06d84994ec9cfcee0675 repository.zip (most of you don't want this)
Assets 7

lemmy released this Jul 18, 2018 · 922 commits to master since this release

### Changelog

The high level changelog is available at http://research.microsoft.com/en-us/um/people/lamport/tla/toolbox.html#release. The 1.5.7 milestone lists all completed issues.

#### TLC

• Reword and complete comments of TLA+ standard modules d2f54a1
• IsABag inconsistent with Bags.tla when parameter is not a bag 5d15bde
• BagsUnion operator of TLA+ standard module for BagUnion({b,b}) produces incorrect b (+) b as result bc0f7db
• Correctly handle sequences as input to Bags operators
• Provisional Randomization standard module
• tlc2.Generator refactored into tlc2.TLC 6141aed
• Correctly recreate error trace in BFS mode with RandomElement 3a618d7
• Minimize the number of duplicate states that are generated as part of the initial predicate f3a98ce
• Minimize the number of duplicate states that are generated as part of the next-state predicate fba4319
• Indicate name of action which does not completely specified the successor state fddcdd4
• Speed-up Cloud TLC by skipping instance provisioning 2bc2488
• Colorize and label actions (arcs) in state graph visualization 7e80f1d (Screenshot) Contributor: will62794
• Fix broken error traces with views 5a62945

#### PlusCal

• Allow no intervening label between call and goto in PlusCal 188e1fd

#### Specification Editor

• Show errors in PlusCal algorithm for assignments to undeclared variables 1e3f8fa
• Editor command "Goto declaration" now also goes to declarations of TLA+ standard modules 103204a (Screencast)
• Mouse hover help shows BNF and help for PlusCal statements dbeafb6
• Show operation definition and comment in mouse hover help ad36f39
• Code completion for PlusCal statements triggered by Ctrl+Space 13c772f (Screencast)
• Code completion for operator definitions and declarations triggered by Ctrl+Space c31c2bd (Screencast)
• Automatically transpile PlusCal to TLA+ on editor save 642b540 (Screencast)

#### Model Editor

• Collapse, disable and annotate "Generals" and "Statistics" sections with "No behavior spec" 43d207d
• Add undo and redo support to constant expression source viewer ff03c66
• Add TLA+ syntax highlighting to constant expression source viewer fd93b56
• Report the number of initial states as first item reported in the ResultPage's statistic table (with diameter of 0) 076f0c7
• Show output/progress of remotely running Cloud TLC in Toolbox 593fc82

### 32 bits

32 bit (x86) variants of the TLA Toolbox have been discontinued with this release. fb68044

### A note to Java 11 users (mostly macOS)

Please consider downloading a recent Toolbox nightly build (1.6.0) instead of the Toolbox 1.5.7 release below. The nightly builds do not suffer from a startup crash when the system Java VM is newer than Java10.

Assets 8

lemmy released this Jan 30, 2018 · 1162 commits to master since this release

### Important bugfix

An uncommon but serious bug in TLC has been found that has existed since its initial implementation. The bug can cause TLC to generate an incorrect set of initial states, or an incorrect set of possible next states when examining a state. Either can cause TLC not to examine all reachable states. The error can occur in the following two cases:

The possible initial values of some variable var are specified by a subformula F(..., var, ...) in the initial predicate, for some operator F such that expanding the definition of F results in a formula containing more than one occurrence of var, not all occurring in separate disjuncts of that formula.

The possible next values of some variable var are specified by a subformula F(..., var', ...) in the next-state relation, for some operator F such that expanding the definition of F results in a formula containing more than one occurrence of var' , not all occurring in separate disjuncts of that formula.

An example of the first case is an initial predicate Init defined as follows:

VARIABLES x, ...

F(var) == \/ var \in 0..99 /\ var % 2 = 0
\/ var = -1

Init == /\ F(x)
/\ ...

The error would not appear if F were defined by:

F(var) == \/ var \in {i \in 0..99 : i % 2 = 0}
\/ var = -1

or if the definition of F(x) were expanded in Init :

Init == /\ \/ x \in 0..99 /\ x % 2 = 0
\/ x = -1
/\ ...

A similar example holds for case 2 with the same operator F and the next-state formula

Next == /\ F(x')
/\ ...

### Changelog

The high level changelog is available at http://research.microsoft.com/en-us/um/people/lamport/tla/toolbox.html#release. The 1.5.6 milestone lists all completed issues. Github has a more technical changelog listing all commits.

### Checksums

sha1sum file
11272c4874866447fc1da9729ce700322e086c9a TLAToolbox-1.5.6-linux.gtk.x86_64.zip
91ed75dc1df01dd668a97a9aa614f2173e927f51 TLAToolbox-1.5.6-macosx.cocoa.x86_64.zip
aca06efe0d766b8d43b0288d083995fdc150c3e4 tla.zip
Assets 7

lemmy released this Jan 8, 2018 · 1196 commits to master since this release

## This release does not completely address the important bug discussed below

### Important bugfix

This release fixes a rare but serious bug that has been in TLC since its initial implementation. TLC could generate an incorrect set of initial states, and hence not examine all reachable states, in the following situation:

The possible initial values of some variable var are specified by a subformula: F(..., var , ...) in the initial predicate, for some operator F such that expanding the definition of F results in a formula containing more than one occurrence of var, not all occurring in separate disjuncts of that formula. An example is an initial predicate Init defined as follows:

VARIABLES x, ...

F(var) == \/ var \in 0..99 /\ var % 2 = 0
\/ var = -1

Init == /\ F(x)
/\ ...

The error would not appear if F were defined by

F(var) == \/ var \in {i \in 0..99 : i % 2 = 0}
\/ var = -1

or if the definition of F(x) were expanded in Init:

Init == /\ \/ var \in 0..99 /\ var % 2 = 0
\/ var = -1
/\ ...

### Changelog

The high level changelog is available at http://research.microsoft.com/en-us/um/people/lamport/tla/toolbox.html#release. The 1.5.5 milestone lists all completed issues. Github has a more technical changelog listing all commits..

### Checksums

sha1sum file
81c2981a0e22fe05e0eac0082625ab863acb9412 TLAToolbox-1.5.5-linux.gtk.x86_64.zip
4ace976a1f579b8f9e4c60e516e1142016d2352e TLAToolbox-1.5.5-win32.win32.x86_64.zip
Assets 6
tla.zip 4.14 MB

lemmy released this Oct 7, 2017 · 1250 commits to master since this release

sha1sum/shasum:
1ba8ddff282e0d1f31edaf57221a0da1f0e54d32 tla.zip
8c04794d897bf1d1f1c7d5a72db2216aabbca47c TLAToolbox-1.5.4-linux.gtk.x86_64.zip
1510d0d63e93b2436b301facd7f62b58853c8b80 TLAToolbox-1.5.4-macosx.cocoa.x86_64.zip
f75905000593269a94a9b3b0aa2d3570c95ddba2 TLAToolbox-1.5.4-win32.win32.x86_64.zip

Assets 6
tla.zip 4.14 MB

lemmy released this Apr 17, 2017 · 1671 commits to master since this release

Version 1.5.3 - 14 April 2017

Assets 8
tla.zip 3.87 MB

lemmy released this Nov 9, 2017 · 2003 commits to master since this release

Version 1.5.2 of 21 December 2015

• Added a quick access dialog for showing and selecting models and modules.
• The toolbox now maintains backups of previous versions of modules.
• Only one Toolbox instance can now be run at a time.
• A -userFile parameter allows redirecting Print/PrintT output to a file.
• Not all states of very long error traces are displayed initially.
• Ended support for 32-bit Toolbox releases on Mac OSX.
• Several optimizations and bug fixes were made.
Assets 7

#### v1.3.1

1.3.1 release


#### v1.4.7

1.4.7 release - build #49


#### v1.4.6

1.4.6 release - build #48

You can’t perform that action at this time.