CS195Y Lecture 14

2/27/17

Announcement: Pick case study partners by Thursday night, Alloy4 also due Thursday at 11:59pm
The event idiom

Last week we used transition predicates to model events in our Courses model. But this gets kind of messy especially when we have lots of events with overlapping code. We can use the event idiom to make this a little bit more managable. 

abstract sig Event{
  a, b : CourseStates
}

sig AddStudent extends Event{
  s : Student
}{
 enroll[a, s, b]
}

Note that usually Tim would make a sig fact with all the constraints required but to save time we're just using the predicate we already wrote. Using idoms can help us when we have a large web of different events that might happen. We ask you to use the event idom in the homework so you get more practice with different styles. One down side is that it can make the visualizer a bit tougher to use in some cases. 

fact nextState {
  all s : CourseState - last \ {
    some ev : Event | {
      ev.a = s
      ev.b = s.next
    }
  }
}

Some vs. One event. Q: doesn't this make it that we could have multiple events that do the same thing? Sure but that might be ok, depends on what else is happening. But if we were to use One that would make our computation much more expensive! This is because Alloy has to find the candidate and then also check that every other atom doesn't work. 

fact cannonicalEvents {
  all ev1, ev2 : Event | {
    ev1.a != ev2.a or
    ev1.b != ev2.b
  }
}

Why do we want to write this? 1. Reduce # of events 2. Might have another constraint with 2 events with same fields 3. Might not want to see events with same fields in visualier Is this constraint enough though? Turns out we do need disj key word for this to work. As is we get no instances.

Back to Binary Trees
pred isBSTree{
  isBTree
  isOrdered
}run is BSTree for exactly 4 instances
No instances! What about 5, 6, 7 ...? Looks like we have a hypothesis! Maybe it only works for odd numbers of nodes? Let's test it out. 
run {
  isBSTree and rem[#Node, 2] = 0} for 8 Node, 8 Int
}

Rem is from the Alloy arithmetic library and works just like mod!

No instances again! Hypothesis confirmed up to size 8.

What could be going wrong??
Every node needs to have two children, they can be real or empty. Because we count empty nodes as real nodes there's always an even number of children. And we have to have a root so we can only have trees with an odd number of nodes. Fix: Can we write a function to count only nodes that are not empty? Or just define the number of Data nodes? 

run isBSTree for 8 Node, exactly 2 Data

It works! Now we have a binary tree with an odd number of nodes