• No results found

Experience in developing the mCRL2 toolset

N/A
N/A
Info
Downloaden
Protected

Academic year: 2021

Share "Experience in developing the mCRL2 toolset"

Copied!
4
0
0

Bezig met laden.... (Bekijk nu de volledige tekst)

Download het nu ( 4 pagina )

Hele tekst

(1)

Experience in developing the mCRL2 toolset

Citation for published version (APA):

Groote, J. F., Keiren, J. J. A., Stappers, F. P. M., Wesselink, J. W., & Willemse, T. A. C. (2010). Experience in developing the mCRL2 toolset. In F. Gervais, & B. Fraikin (Eds.), Informal Proceedings of the 1st Workshop on Tool Building in Formal Methods (TBFM'10, Orford, Québec, Canada, February 22, 2010; in conjunction with ABZ 2010) (pp. 1-3)

Document status and date: Published: 01/01/2010

Document Version:

Publisher’s PDF, also known as Version of Record (includes final page, issue and volume numbers)

Please check the document version of this publication:

• A submitted manuscript is the version of the article upon submission and before peer-review. There can be important differences between the submitted version and the official published version of record. People interested in the research are advised to contact the author for the final version of the publication, or visit the DOI to the publisher's website.

• The final author version and the galley proof are versions of the publication after peer review.

• The final published version features the final layout of the paper including the volume, issue and page numbers.

Link to publication

General rights

Copyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights. • Users may download and print one copy of any publication from the public portal for the purpose of private study or research. • You may not further distribute the material or use it for any profit-making activity or commercial gain

• You may freely distribute the URL identifying the publication in the public portal.

If the publication is distributed under the terms of Article 25fa of the Dutch Copyright Act, indicated by the “Taverne” license above, please follow below link for the End User Agreement:

www.tue.nl/taverne

Take down policy

If you believe that this document breaches copyright please contact us at:

openaccess@tue.nl

providing details and we will investigate your claim.

(2)

Experience in developing the mCRL2 toolset

J.F. Groote, J. Keiren, F.P.M. Stappers, J.W. Wesselink, and T.A.C. Willemse Technische Universiteit Eindhoven

Department of Mathematics and Computer Science P.O. Box 513, 5600 MB Eindhoven, The Netherlands

{j.f.groote, j.j.a.keiren, f.p.m.stappers, j.w.wesselink, t.a.c.willemse}@tue.nl

Introduction mCRL2 is a language with a toolset [3] for formal analysis of behaviour of concurrent systems. It is developed in an academic research group to support process algebra based verification in an academic as well as an industrial setting. This paper provides an insight into the experiences and practises in developing and maintaining the mCRL2 toolset.

History. Experience in applying the µCRL toolset [1] to real world systems uncovered major shortcomings. These shortcomings led to the development of the richer modelling language mCRL2, with its associated toolset, in 2002. A motivation for the development of mCRL2 is described in [2]. In an attempt to keep development effort to a minimum, code from µCRL was reused with minimal changes required to support the extended language.

The decision to reuse µCRL code fixed important design decisions like the use of C code in the project, and the use of ATerm library [4] based data structures for the purpose of maximal subterm sharing.

In this paper we identify the challenges in the development process, and describe the development principles and coding mechanisms that we have adopted.

Development and maintenance issues In an academic environment, people tend to come and go in quick succession. Additionally writing scientific papers instead of writ-ing code is core business. This introduces the followwrit-ing maintenance problems in the development process:

– documentation solely exists in the minds of the developers;

– code written by other developers needs to be maintained and debugged;

In general these issues turn out to be time consuming, especially if one takes into ac-count that the code base consists of 273864 lines of code in 1214 files, contributed by over 20 developers. Some components have been substantially modified by 10 or more developers in disjoint time spans. Changes in core components of the mCRL2 toolset have caused bugs that remained undetected for extensive periods of time. Similarly, small changes have shown to cause dramatic decreases in performance of the tools.

We can identify the following problems in our code base:

– we adopted existing C code, based on the ATerm library, with untyped interfaces, low abstraction level and heavy use of unsafe type casts;

(3)

2

– portability issues in the existing code obstructed our ambition to have the mCRL2 toolset available as a cross-platform tool.

The combination of these issues induces a steep learning curve for new developers, often requiring assistance from more experienced developers. The lack of documen-tation, a high level interface, and general purpose algorithms inadvertently led each developer to introduce his own ad-hoc solution for general problems, and this led to a copy-paste-adjust mentality. Generalising these ad-hoc implementations into a single implementation has shown to be virtually impossible without major changes to the al-gorithms that use them. On the other hand generalised implementations are required to make progress in implementing new or overhauled parts of the code. Overcoming these issues badly constrains development of new features, and hence the ability to closely follow developments in the theory. An additional issue introduced by the large amount of code duplication is lack of consistent behaviour between tools.

Adopted process and coding guidelines Based on the issues that we have observed, we give an insight in the development guidelines we have since adopted.

One of the main issues that we have run into process-wise is the lack of documenta-tion. To address this issue, developers are required to explicitly design their components prior to implementing. Furthermore the implementation needs to be accompanied with extensive source code and interface documentation.1 To make sure that all documen-tation is of sufficient quality, it is now reviewed by at least one other developer. Style differences among code from various authors are reduced using coding guidelines.

In the development of a formal methods toolset correctness, reliability and per-formance are key issues. Therefore developers are required to write unit tests for the components they implement. Furthermore bug fixes must always be accompanied with tests that show the bug is fixed. All tests are run on a daily basis on all supported plat-forms. We experienced that changes in the core of the toolset can have an unanticipated but vast effect on the performance of individual tools, hence we run the core tools in our toolset on a selection of examples on a daily basis. Historical running times are accumulated for comparison. This data is used to examine tool performance trends over time.

On source code level we have run into the following issues: (1) the compiler not assisting us in finding straightforward mistakes in the code because of the untyped in-terfaces, (2) duplication of code, and (3) the lack of cross-platform support. These issues have been addressed by transitioning the code to C++. This addressed our problems as follows. A framework of C++ classes and interfaces was designed for the most common data structures and algorithms. This allows the compiler to do stricter checking on types. All new code has been written using this framework, leading to more comprehensible code at a higher abstraction level. A lot of existing code has gradually been adapted to use this framework, or whenever necessary been rewritten from scratch. By now there are only a few pieces of code that still need to be migrated. In this migration process a lot of duplicate code has been removed. The most striking example of this is the new implementation of our tools. Every tool in our toolset is a class which inherits from

1

Note that all documentation, and test and performance measurement results that we mention are available through the project website (http://www.mcrl2.org)

(4)

3 an abstract base class that implements parsing command line arguments, printing help messages, as well as some default options. This reuse reduced the code base by several thousand lines of code, and enabled a uniform treatment of command-line arguments across the tools. By using external libraries that are available for all supported plat-forms, and by adhering to the C++ standard in our implementation, we have succeeded in porting our toolset to Windows, Linux and MacOSX. This offers the advantage of having different checks from different compilers, which again helps in improving sta-bility of the toolset. In practice the overhead required for supporting multiple platforms is relatively low.

Currently interfaces are generalised using techniques from generic programming. This allows to create uniform interfaces with a high degree of flexibility. In an academic environment, where people require prototypes of new or altered functionality, this is a very useful property, as more time needs to be spent on experimenting, and less on coding.

Conclusions We have described the challenges that occur in developing a formal meth-ods toolset in an academic environment. Some of the issues discussed are widely known in the software development process in general, and not only in academia. Others, like the quick turnover in development resources and the urge to experiment with different implementations, as well as the low focus on tool development, are more specific to an academic environment, and require generalised solutions.

For the issues that were raised we have discussed the solutions that we have imple-mented so far, as well as changes that are currently going on.

The key to more understandable and reliable implementations, as well as a more swift development process lie in a high level of abstraction in the code and (more) detailed design and source code documentation.

References

1. S.C.C. Blom, W.J. Fokkink, J.F. Groote, I. v. Langevelde, B. Lisser, and J.C. v.d. Pol. µCRL: A toolset for analysing algebraic specifications. In Proc. of CAV’01, volume 2102 of LNCS, pages 250–254, 2001.

2. J.F. Groote, A.H.J. Mathijssen, and Y.S. Usenko M.J. v. Weerdenburg. From µCRL to mCRL2: Motivation and outline. In Proc. of APC 25, volume 162 of ENTCS, pages 191– 196, 2006.

3. J.F. Groote, A.H.J. Mathijssen, M.A. Reniers, Y.S. Usenko, and M.J. v. Weerdenburg. Anal-ysis of distributed systems with mcrl2. In M. Alexander and W. Gardner, editors, Process Algebra for Parallel and Distributed Processing, pages 99–128. Chapman Hall, 2009. 4. M.G.J. v.d. Brand, H.A. d. Jong, P. Klint, and P.A. Olivier. Efficient Annotated Terms.

Referenties

Download het nu ( PDF - 4 pagina - 195.42 KB )

GERELATEERDE DOCUMENTEN

‘Underground and over the sea: more community prophylactics in action’

Following these communities’ preventative steps will not only enrich the medical and especially health history of Europe, but also expand the possible scope of transregional

Generic programming in the mCRL2 toolset

Using concept definitions, requirements on template types can be defined that are type checked during compile time.. The main benefits for the mCRL2 tool set are uniform and

Therefore, research focuses more and more on the knowledge management within organizations

Summarizing the two studies, I found that temporary employment status negatively affects knowledge management in knowledge collection and retention; temporary

EAT MORE - MOVE MORE

An experimental study was conducted that provided participants with different conditions of real- time feedback and caloric information types as manipulation and measured

The more we care, the

unhealthy prime condition on sugar and saturated fat content of baskets, perceived healthiness of baskets as well as the total healthy items picked per basket. *See table

The impact of brand positioning on self-congruity perceptions and brand attitude

However what has not been shown is how the brand positioning or brand concept categorization of symbolic an utilitarian can affect ideal and actual self-congruity perceptions and

Against this historical background we turn to a more detailed study of

So reflective abstraction, which has its foundations in the sensory- motor activity that the human subject shares with other animals, in its developed form is a

Lowering the pitch of your voice makes you feel more powerful and think more abstractly

Additionally, in Experi- ment 2 we tested whether feelings of power are indeed affected by producing the lowered or raised voice pitch oneself, as compared to merely listening to