apalache
P
| apalache | P | |
|---|---|---|
| 7 | 8 | |
| 410 | 2,919 | |
| 2.7% | 0.9% | |
| 9.4 | 8.3 | |
| 2 days ago | 9 days ago | |
| Scala | C# | |
| Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
apalache
-
Verified Rust for low-level systems code
TLA+ has also had an SMT-based backend, Apalache [1], for a few years now. In general, you encode your system model (which would be the Rust functions for Verus, the TLA model for Apalache) and your desired properties into an SMT formula, and you let the solver have a go at it. The deal is that the SMT language is quite expressive, which makes such encodings... not easy, but not impossible. And after you're done with it, you can leverage all the existing solvers that people have built.
While there is a series of "standard" techniques for encoding particular program languages features into SMT (e.g., handling higher-order functions, which SMT solves don't handle natively), the details of how you encode the model/properties are extremely specific to each formalism, and you need to be very careful to ensure that the encoding is sound. You'd need to go and read the relevant papers to see how this is done.
[1]: https://apalache.informal.systems
- Holiday protocols: secret Santa with Quint
-
Learn TLA+
Anyone know of some good free software TLA+ model checkers? The "Other Tooling" mentions one alternative checker, https://apalache.informal.systems/, but that's all I could find. Thanks.
- Apalache – Symbolic Model Checker for TLA+
-
A dependently typed language for proofs that you can implement in one day
> How are those types any different than outright stating a behavioral invariant?
Because the behavior of programs can't be verified without executing the program, but types can be checked purely based on syntax. There is way less source code than runtime states of any non-trivial program.
I've asked this same question many times, the TLA+ way is much more expressive and _simpler_. But model checking is a way harder problem than type checking, in general. SMT solvers make this line blurry - in fact, have you heard of the SMT-based model checker for TLA+, [Apalache](https://apalache.informal.systems/)?. I haven't tried it out, but that should be way faster than TLC which just brute forces the state-space exploration.
I'm totally with you about TLA+ style spec properties, but it's a big theoretical hurdle to cross before they could be as efficient as types.
- Apalache Release v0.15.1
- Apalache, a symbolic model checker for TLA+, v0.8.0 is released
P
- Property-based testing in practice [pdf]
-
Gem adds support for creating state machines for attributes on any Ruby class
I worked on a state machine framework in another language, and have definitely have found less terse to be pretty good. Typing a few extra characters isn't that bad, especially if it makes some awful bit of evented code easier for someone to understand.
Of the things available open source, I think P-lang is pretty cool: https://github.com/p-org/P/blob/master/Tutorial/1_ClientServ...
-
The Actor Model and the Chess Clock
Your proposed syntax reminded me of https://p-org.github.io/P/
-
The TLA+ Video Course
I’ve gotten a lot of good about TLA+ and the more recent the P language has been really promising lately. It’s got a good pedigree and is being increasingly used as AWS as well.
- P Language
-
Learn TLA+
I tried to use TLA+ but what annoys me the most is the disconnection between the actual implementation and its code. I think the P language has a much better future just because it can generate code that works: https://github.com/p-org/P
-
Let's build a distributed Postgres proof of concept
It is tough.
My approach when learning new protocols like Raft or Paxos is to implement them in Pluscal (TLA+'s higher-level language) or P (https://github.com/p-org/P). I've found that helps separate the protocol-level concerns from the implementation-level concerns (sockets? wire format?) in a way that reduces the difficulty of learning the protocol.
What are some alternatives?
tlaplus - TLC is a model checker for specifications written in TLA+. The TLA+Toolbox is an IDE for TLA+.
Hybridizer - Examples of C# code compiled to GPU by hybridizer
Formality - A modern proof language [Moved to: https://github.com/kind-lang/Kind]
Testura.Code - Testura.Code is a wrapper around the Roslyn API and used for generation, saving and compiling C# code. It provides methods and helpers to generate classes, methods, statements and expressions.
advent-of-tla - AoC goals in TLA+
Mond - A scripting language for .NET Core
BlockingQueue - Tutorial "Weeks of debugging can save you hours of TLA+". Each git commit introduces a new concept => check the git history!
PeachPie - PeachPie - the PHP compiler and runtime for .NET and .NET Core
ewd998 - Distributed termination detection on a ring, due to Shmuel Safra:
Iron python - Implementation of the Python programming language for .NET Framework; built on top of the Dynamic Language Runtime (DLR).
suslik - Synthesis of Heap-Manipulating Programs from Separation Logic
Amplifier.NET - Amplifier allows .NET developers to easily run complex applications with intensive mathematical computation on Intel CPU/GPU, NVIDIA, AMD without writing any additional C kernel code. Write your function in .NET and Amplifier will take care of running it on your favorite hardware.