We are happy to announce the release of Spot 2.10
This is a major release that has been under development for 19 months. It contains new features contributed by Jérôme Dubois, Antoine Martin, Étienne Renault, Florian Renkin, Philipp Schlehuber, and myself. A summary of those changes is given at the end of this email.
You can find the new release here:
http://www.lrde.epita.fr/dload/spot/spot-2.10.tar.gz
See https://spot.lrde.epita.fr/ for documentation and installation instructions.
Please direct any feedback to spot@lrde.epita.fr.
New in spot 2.10 (2021-11-13)
Build:
- Spot is now built in C++17 mode, so you need at least GCC 7 or clang 5 to compile it. The current versions of all major linux distributions ship with at least GCC 7.4, so this should not be a problem. There is also an --enable-c++20 option to configure in case you want to force a build of Spot in C++20 mode.
Command-line tools:
- ltlsynt has been seriously overhauled, while trying to preserve backward compatibility. Below is just a summary of the main user-visible changes. Most of the new options are discussed on https://spot-dev.lrde.epita.fr/ltlsynt.html
+ ltlsynt now accepts only one of the --ins or --outs options to be given and will deduce the value of the other one.
+ ltlsynt learned --print-game-hoa to output its internal parity game in the HOA format (with an extension described below).
+ ltlsynt --aiger option now takes an optional argument indicating how the bdd and states are to be encoded in the aiger output. The option has to be given in the form ite|isop|both[+ud][+dc][+sub0|sub1|sub2] where the first only obligatory argument decides whether "if-then-else" ("ite") or irreducible-sum-of-products ("isop") is to be used. "both" executes both strategies and retains the smaller circuits. The additional options are for fine-tuning. "ud" also encodes the dual of the conditions and retains the smaller circuits. "dc" computes if for some inputs we do not care whether the output is high or low and try to use this information to compute a smaller circuit. "subX" indicates different strategies to find common subexpressions, with "sub0" indicating no extra computations.
+ ltlsynt learned --verify to check the computed strategy or aiger circuit against the specification.
+ ltlsynt now has a --decompose=yes|no option to specify if the specification should be decomposed into independent sub-specifications, the controllers of which can then be glued together to satisfy the input specification. (cf. [finkbeiner.21.nfm] in doc/spot.bib)
+ ltlsynt learned --simplify=no|bisim|bwoa|sat|bisim-sat|bwoa-sat to specifies how to simplify the synthesized controler.
- ltl2tgba, autfilt, dstar2tgba, and randaut learned a --buchi option, or -b for short. This outputs Büchi automata without forcing state-based acceptance.
The following aliases have also been added for consistency: --gba is an alias for --tgba, because the "t" of --tgba is never forced. --sba is an alias for -B/--ba, because -B really implies -S and that is not clear from --ba. As a consequence of the introduction of --sba, the option --sbacc (an alias for --state-based-acceptance) cannot be abbreviated as --sba anymore.
- autfilt learned a --kill-states=NUM[,NUM...] option.
- ltlcross, autcross, ltldo have learned shorthands for the commands of Owl 21.0. For instance running ltlcross 'owl-21 ltl2nba' ... is equivalent to running ltlcross '{owl-21 ltl2nba}owl-21 ltl2nba -f %f>%O' ...
Library:
- Spot now provides convenient functions to create and solve games. (twaalgos/game.hh) and some additional functions for reactive synthesis (twaalgos/synthesis.hh, twaalgos/mealy_machine.hh).
- A new class called aig represent an and-inverter-graphs, and is currently used during synthesis. (twaalgos/aiger.hh)
- Some new *experimental* classes, called "twacube" and "kripkecube" implement a way to store automata or Kripke structures without using BDDs as labels. Instead they use a structure called cube, that can only encode a conjunction of litterals. Avoiding BDDs (or rather, avoiding the BuDDy library) in the API for automata makes it possible to build multithreaded algorithms.
/!\ Currently these classes should be considered as experimental, and their API is very likely to change in a future version.
Functions like twacube_to_twa(), twa_to_twacube(), can be used to bridge between automata with BDD labels, and automata with cube labels.
In addition to the previous conversion, we implemented various state-of-the-art multi-threaded emptiness-check algorithms: [bloemen.16.ppopp], [bloemen.16.hvc], [evangeslita.12.atva], [renault.13.lpar], [holzmann.11.ieee] (see doc/spot.bib).
The mc_instanciator class provides an abstraction for launching, pinning, and stopping threads inside of parallel model-checking algorithms.
The class ltsmin_model class, providing support for loading various models that follow ltsmin's PINS interinterface, has been adjusted and can now produce either a kripke instance, or a kripkecube instance.
- The postprocessor::set_type() method can now accept options postprocessor::Buchi and postprocessor::GeneralizedBuchi.
These syntaxes is more homogeneous with the rest of the supported types. Note that postprocessor::BA and postprocessor::TGBA, while still supported and not yet marked as deprecated, are best avoided in new code.
postprocessor::set_type(postprocessor::TGBA)
can be replaced by
postprocessor::set_type(postprocessor::GeneralizedBuchi)
and
postprocessor::set_type(postprocessor::BA)
by
postprocessor::set_type(postprocessor::Buchi) postprocessor::set_pref(postprocessor::Small | postprocessor::SBAcc)
Note that the old postprocessor::BA option implied state-based acceptance (and was unique in that way), but the new postprocessor::Buchi specifies Büchi acceptance without requiring state-based acceptance (something that postprocessor did not permit before).
- Translations for formulas such as FGp1 & FGp2 &...& FGp32 which used to take ages are now instantaneous. (Issue #412.)
- remove_fin() learned to remove more unnecessary edges by using propagate_marks_vector(), both in the general case and in the Rabin-like case.
- simplify_acceptance() learned to simplify acceptence formulas of the form Inf(x)&Inf(y) or Fin(x)|Fin(y) when the presence of x always implies that of y. (Issue #406.)
- simplifiy_acceptance_here() and propagate_marks_here() learned to use some patterns of the acceptance condition to remove or add (depending on the function) colors on edges. As an example, with a condition such as Inf(0) | Fin(1), an edge labeled by {0,1} can be simplied to {0}, but the oppose rewriting can be useful as well. (Issue #418.)
- The parity_game class has been removed, now any twa_graph_ptr that has a "state-player" property is considered to be a game.
- the "state-player" property is output by the HOA printer, and read back by the automaton parser, which means that games can be saved and loaded.
- print_dot() will display states from player 1 using a diamond shape.
- print_dot() learned to display automata that correspond to Mealy machines specifically.
- print_dot() has a new option "i" to define id=... attributes for states (S followed by the state number), edges (E followed by the edge number), and SCCs (SCC followed by SCC number). The option "i(graphid)" will also set the id of the graph. These id attributes are useful if an automaton is converted into SVG and one needs to refer to some particular state/edge/SCC with CSS or javascript. See https://spot.lrde.epita.fr/oaut.html#SVG-and-CSS
- spot::postproc has new configuration variables that define thresholds to disable some costly operation in order to speedup the processing of large automata. (Those variables are typically modified using the -x option of command-line tools, and are all documented in the spot-x(7) man page.)
wdba-det-max Maximum number of additional states allowed in intermediate steps of WDBA-minimization. If the number of additional states reached in the powerset construction or in the followup products exceeds this value, WDBA-minimization is aborted. Defaults to 4096. Set to 0 to disable. This limit is ignored when -D used or when det-max-states is set.
simul-max Number of states above which simulation-based reductions are skipped. Defaults to 4096. Set to 0 to disable. This also applies to the simulation-based optimization of the determinization algorithm.
simul-trans-pruning For simulation-based reduction, this is the number of equivalence classes above which transition-pruning for non-deterministic automata is disabled. Defaults to 512. Set to 0 to disable. This applies to all simulation-based reduction, as well as to the simulation-based optimization of the determinization algorithm. Simulation-based reduction perform a number of BDD implication checks that is quadratic in the number of classes to implement transition pruning.
dpa-simul Set to 0/1 to disable/enable simulation-based reduction performed after running a Safra-like determinization to optain a DPA. By default, it is only disabled with --low or if simul=0.
dba-simul Set to 0/1 to disable/enable simulation-based reduction performed after running the powerset-like construction (enabled by option tba-det) to obtain a DBA. By default, it is only disabled with --low or if simul=0.
spot::translator additionally honor the following new variables:
tls-max-states Maximum number of states of automata involved in automata-based implication checks for formula simplifications. Defaults to 64.
exprop When set, this causes the core LTL translation to explicitly iterate over all possible valuations of atomic propositions when considering the successors of a BDD-encoded state, instead of discovering possible successors by rewriting the BDD as a sum of product. This is enabled by default for --high, and disabled by default otherwise. When unambiguous automata are required, this option forced and cannot be disabled. (This feature is not new, but was not tunable before.)
- In addition the to above new variables, the default value for ba-simul (controling how degeneralized automata are reduced) and for det-simul (simulation-based optimization of the determinization) is now equal to the default value of simul. This changes allows "-x simul=0" to disable all of "ba-simul", "dba-simul", "dpa-simul", and "det-simul" at once.
- tgba_powerset() now takes an extra optional argument to specify a list of accepting sinks states if some are known. Doing so can cut the size of the powerset automaton by 2^|sinks| in favorable cases.
- twa_graph::merge_edges() had its two passes swapped. Doing so improves the determinism of some automata.
- twa_graph::kill_state(num) is a new method that removes the outgoing edge of some state. It can be used together with purge_dead_states() to remove selected states.
- The new functions reduce_direct_sim(), reduce_direct_cosim() and reduce_iterated() (and their state based acceptance version, reduce_direct_sim_sba(), reduce_direct_cosim_sba() and reduce_iterated_sba()), are matrix-based implementation of simulation-based reductions. This new version is faster than the signature-based BDD implementation in most cases, however there are some cases it does not capture yet.. By default, the old one is used. This behavior can be changed by setting SPOT_SIMULATION_REDUCTION environment variable or using the "-x simul-method=..." option (see spot-x(7)).
- The automaton parser will now recognize lines of the form #line 10 "filename" that may occur *between* the automata of an input stream to specify that error messages should be emitted as if the next automaton was read from "filename" starting on line 10. (Issue #232)
- The automaton parser for HOA is now faster at parsing files where a label is used multiple times (i.e., most automata): it uses a hash table to avoid reconstructing BDDs corresponding to label that have already been parsed. This trick was already used in the never claim parser.
- spot::twa_graph::merge_states() will now sort the vector of edges before attempting to detect mergeable states. When merging states with identical outgoing transitions, it will now also consider self-looping transitions has having identical destinations. Additionally, this function now returns the number of states that have been merged (and therefore removed from the automaton).
- spot::zielonka_tree and spot::acd are new classes that implement the Zielonka Tree and Alternatic Cycle Decomposition, based on a paper by Casares et al. (ICALP'21). Those structures can be used to paritize any automaton, and more. The graphical rendering of ACD in Jupyter notebooks is Spot's first interactive output. See https://spot.lrde.epita.fr/ipynb/zlktree.html for more.
Python:
- Bindings for functions related to games. See https://spot.lrde.epita.fr/ipynb/games.html and https://spot.lrde.epita.fr/tut40.html for examples.
- Bindings for functions related to synthesis and aig-circuits. See https://spot.lrde.epita.fr/ipynb/synthesis.html
- spot::twa::prop_set was previously absent from the Python bindings, making it impossible to call make_twa_graph() for copying a twa. It is now available as spot.twa_prop_set (issue #453). Also for convenience, the twa_graph.__copy__() method, called by copy.copy(), will duplicate a twa_graph (issue #470).
Bugs fixed:
- tgba_determinize() could create parity automata using more colors than necessary. (Related to issue #298)
- There were two corners cases under which sat_minimize() would return the original transition-based automaton when asked to produce state-based output without changing the acceptance condition.
Deprecation notices:
- twa_graph::defrag_states() and digraph::defrag_states() now take the renaming vector by reference instead of rvalue reference. The old prototype is still supported but will emit a deprecation warning.
-
Alexandre Duret-Lutz