hackingonempty 1 day ago

TLA+ = formal language for modeling software above the code level and hardware above the circuit level by Leslie Lamport (of vector clock and Paxos fame, among other things.)

https://lamport.azurewebsites.net/tla/tla.html

  • mike_hock 1 day ago

    So there's \in, \subseteq and probably many others that are written just like in Latex. Notably \cap and \cup were also copied from Latex, which describe the shape of the symbol instead of its meaning. But not \to, \mapsto, \Vee and \Wedge, they're written as ASCII art ->, |->, \/ and /\.

    Then there's SUBSET, which means power set ... yeah. -_-

    • igornotarobot 9 hours ago

      If the LaTeX-like syntax worries you, several projects aimed at providing PL-like syntaxes for TLA+. They vary by their degree of how much of the logic they throw away. I am not going to advertise these projects here, but you would find them on GitHub search by typing the tags like "#tlaplus #language", "#tlaplus #library", and "#tlaplus #pluscal".

      • mike_hock 8 hours ago

        No, I just find the inconsistent syntax annoying, but it turns out most things have alternative Latex-style spellings. I just went by their examples.

letFunny 23 hours ago

Author of the article here. I am surprised to see the post was submitted and made it to the front page! Happy to answer any questions

  • stevekemp 22 hours ago

    "to prevent multiple from" seems to be missing a word.

  • buggymcbugfix 20 hours ago

    Thanks for the nice article. The SQLite docs that explain this bug are emphatic about how utterly rare, even irreproducible it is. How, then, was it found, one wonders?

    • letFunny 20 hours ago

      My guess is that they noticed something was not quite right when inspecting the code and then tested their hypothesis manually to see if it was actually a real bug.

      Something similar happened to me when I was working on some code that should clear the state and, by inspection, I noticed some field was not properly cleared under specific circumstances. Then I tested the hypothesis and indeed found a bug. Sometimes intuition and guessing is what it takes.

    • bradfitz 16 hours ago

      We found it at Tailscale and bought an enterprise support contract from SQLite to debug it for us. Worth every penny.

      We should probably blog about it.

      • doctorpangloss 15 hours ago

        What mission critical purpose does sqlite provide at Tailscale exactly? Why use it at all?

        • akoboldfrying 12 hours ago

          It's in Chrome, Firefox, Safari, Windows 10, macOS because it efficiently solves a huge number of use cases while giving plenty of headroom for flexible querying.

          If you have data more complicated than a single CSV or tab-separated text file that you will only ever process in sequential order, and you don't need inter-process interaction, you should be asking why not use SQLite.

        • inigyou 9 hours ago

          sqlite is useful everywhere CSV files are useful but you'd like them to have more data integrity and faster updates. sqlite can replace some uses of MySQL, but more commonly it replaces fopen. https://sqlite.org/whentouse.html

  • sennalen 18 hours ago

    You’re in a desert walking along in the sand when all of the sudden you look down, and you see a tortoise, it’s crawling toward you. You reach down, you flip the tortoise over on its back. The tortoise lays on its back, its belly baking in the hot sun, beating its legs trying to turn itself over, but it can’t, not without your help. But you’re not helping. Why is that?

    • Groxx 16 hours ago

      Because that would reverse flipping it over the first time, and our universe's physics are not reversible. Thermodynamics demands the turtle stay flipped.

    • _doctor_love 15 hours ago

      What’s a tortoise?

      • wowczarek 13 hours ago

        You know what a turtle is? Same thing, Leon.

      • erikerikson 13 hours ago

        A turtle-like animal that only lives on land.

romaaeterna 19 hours ago

I don't like the title. The article actually describes the process of proving that dqlite does not have the same bug as SQLite, using a TLA+ specification. The SQLite bug fix was entirely separate from what is described here.

vatsachak 23 hours ago

Gotta love TLA+

I wonder if anyone has worked on porting it to Lean and making tactics for it

  • another_twist 22 hours ago

    i am not sure if a lean port is important. TLA+ could do with a bit more TLC (pun intended) with regards its devEx.

    Also congratulations to the author, I'll try and reproduce this over the weekend.

mempko 15 hours ago

This is so cool and I wonder how effective it would be using this technique when using LLMs to generate code. Have the llm generate code and a TLA+ model. Use the TLA+ model as the test bed of the code (instead of writing tests in the original language).