Multiple Repeat..Until in Promela Spin

Question

How can I write the following code in Promela:

I tried the following but I do not think that it is correct:

int c0 = 0;
int d1 = 0;
int d2 = 0;
do
    :: true ->
        d1 = x1;
        d2 = x2;
        if
            :: (c0 == c) ->
            if
                :: (c0%2==0) ->
                     c0 = c;
                    :: else;
            fi;
            :: else;
        fi;
       printf(" To simulate use(d1,d2) “);
od;

The variables in the code are not important. I just want the logic to be similar to the example algorithm above.

*What is this code snippet supposed to compute? It feels like it is missing something..* — Patrick Trentin, Oct 11 '19 at 09:40

frogatto · Answer 1 · 2019-09-24T10:50:09.147

2

Unconditional loops can be written by a do with an unguarded statement, so the "repeat forever" can be written as follows (note that true -> isn't needed).
```
do
:: ...
od;
```

"Repeat until"s can be written this way

do
:: condition -> break
:: else -> ...
od;

so the final code would be

int c0 = 0;
int d1 = 0;
int d2 = 0;
do
:: do
   :: c0 == c -> break
   :: else -> do
              :: c0 % 2 == 0 -> break
              :: else -> c0 = c
              od;
              d1 = x1;
              d2 = x2;
   od;
   printf(" To simulate use(d1,d2) “);
od;

edited Sep 24 '19 at 10:50

answered Sep 24 '19 at 10:44

frogatto

28,539
11
83
129

@frogatto why are you doing (:: c0 == c -> break) instead of (:: c0 != c -> break)? isn't this the opposite of the first until in the code above? – Jan Oct 11 '19 at 08:17
@PatrickTrentin I think the code in this answer is not producing the expected behaviour. (:: c0 == c -> break) will always break and in the original algorithm above it is supposed to get the value of c as shown in the inner repeat/until statement. So, how to overcome this? – Jan Oct 11 '19 at 09:17
1

@Jan you are actually right, thank you for pointing that out. See new answer. – Patrick Trentin Oct 11 '19 at 09:48

Patrick Trentin · Accepted Answer · 2019-10-11T09:42:38.213

You may want to take a look at the Q/A: "How to implement repeat-until in promela?".

Example:

proctype example_do_od(int c, x1, x2)
{
    int c0 = 0;
    int d1 = 0;
    int d2 = 0;

do_od_loop:
    // REPEAT:
    do
        :: true ->
            // REPEAT:
            do
                :: true ->
                    c0 = c;
                    // UNTIL:
                    if
                        :: c0 % 2 == 0 -> break;
                        :: else;
                    fi;
            od;
            d1 = x1;
            d2 = x2;
            // UNTIL:
            if
                :: c0 == c -> break;
                :: else;
            fi;
    od;
    printf("Use(%d, %d)\n", d1, d2);
    goto do_od_loop;
}

proctype example_goto(int c, x1, x2)
{
    int c0 = 0;
    int d1 = 0;
    int d2 = 0;

goto_loop:
repeat_01:
repeat_02:
    c0 = c;
    if
        :: c0 % 2 == 0;
        :: else -> goto repeat_02;
    fi;
    d1 = x1;
    d2 = x2;
    if
        :: c0 == c;
        :: else -> goto repeat_01;
    fi;
    printf("Use(%d, %d)\n", d1, d2);
    goto goto_loop;
}

active proctype main()
{
    int c = 2;
    int x1 = 5;
    int x2 = 6;

    run example_do_od(c, x1, x2);
    run example_goto(c, x1, x2);
}

Multiple Repeat..Until in Promela Spin

2 Answers2