1

It is my first time using spin and I am encountering an error that I do not understand. I am aware that the processes terminates in the same order they are created thus I don't understand why the process of the function I call in a loop does not terminate. Here is a very simplified version of my code :

int limit;

proctype f() {
    limit--;
    printm(limit)
    run g();
}

proctype g() {
    limit++;
}

init {
    limit = 5;
    do
        :: (limit > 0) -> run f();
    od
}

The limit variable is created so there is not more than 5 processes f running at the same time. The processes g does terminate but f don't. So I get the error : too many processes I would like to know why f does not terminate and if there is another way to do that?

Patrick Trentin
  • 7,126
  • 3
  • 23
  • 40
guillau4
  • 177
  • 9

1 Answers1

0

Your question is based on a false premise: it isn't true that there are never more than 5 processes in your system.

In fact, there can be any number of processes of type f(), because there is absolutely no guarantee that the instruction:

limit--;

is executed right after the process is created with

run f();

It is possible that the process scheduler lets init() execute for several (tens, hundreds, more..) loop iterations before it preempts it and gives a chance to some f() to execute anything.

If a process g() is created, then this can clearly terminate.

If a process f() is created, this can terminate only if there aren't already 255 processes in the system and it is the process f() with the highest pid, so that it does not have to wait for other processes.

The init() process can never terminate.

As a possible fix, you might want to try to look into _nr_pr:

int limit = 5;

proctype f() {
    printm(limit)
}

init {
    do
        :: (_nr_pr <= (limit + 1)) ->
                run f();
    od
}
Patrick Trentin
  • 7,126
  • 3
  • 23
  • 40
  • It did not solve the issue. This is what made me make the precedent assumption: `Starting g with pid 122 846: proc 121 (f:1) test.pml:5 (state 2) [(run g())] 847: proc 122 (g:1) test.pml:9 (state 1) [limit = (limit+1)] limit = 5 848: proc 122 terminates` As You can see process 122 terminates not 121. – guillau4 Apr 04 '18 at 14:16
  • @guillau4 you were right in pointing out that the previous code example I provided can incur in the same problem as yours. `f()` with `pid` `121` **cannot** terminate before any other process with higher `pid` value is terminated. This does not mean that it will necessarily terminate immediately. The `init()` process can spawn other `f()` processes in the meantime, or another `f()` process can create his own `g()`. I invite you to read [the answer to this question](https://stackoverflow.com/questions/45293090/how-does-spin-decide-the-order-of-process-execution-in-atomic-processes). – Patrick Trentin Apr 04 '18 at 14:36
  • So if I understand correctly, `f()` can not terminate even though it reached the end of its code and I have no way to force this except by forcing all the scheduling? – guillau4 Apr 04 '18 at 14:56
  • @guillau4 Yes, that is possible, if the right circumnstances arise in a given model. I am not aware of any way in which the scheduling can be enforced, so I would try change the model so that no weird situation can arise. – Patrick Trentin Apr 04 '18 at 15:02