Does TLA+ have a feature where a certain operator is true if and only if a new, different state is produced in the next action?
132 views
Skip to first unread message
Guo Hua
Dec 3, 2023, 2:00:17 AM12/3/23
to tlaplus
Does TLA+ have a feature where a certain operator is true if and only if a new, different state is produced in the next action?
If
there are no built-in features like this, could I write new overriding
operators or modules to implement this? I need some tips.
Just like in the following example,
/\ (\/ Next1
\/ Next2)
/\ (NextCanProduceNewState => OperatorX )
Thanks
Hua
Guo Hua
Dec 3, 2023, 2:41:35 AM12/3/23
to tlaplus
Also, I thought, can I simply achieve this by adding OperatorX to Invariants?
Andrew Helwer
Dec 3, 2023, 9:26:31 AM12/3/23
to tlaplus
Here's my attempt:
---- MODULE Test ----
EXTENDS TLC
VARIABLES a, b, c
Vars == <<a, b, c>>
TypeOK ==
/\ a \in BOOLEAN
/\ b \in BOOLEAN
/\ c \in BOOLEAN
GeneratesNewState == Vars' /= Vars
SomeAction(msg) == Print(msg, TRUE)
Action1 == UNCHANGED Vars
Action2 ==
/\ a' = ~a
/\ b' = ~b
/\ c' = ~c
Init ==
/\ a = TRUE
/\ b = TRUE
/\ c = TRUE
Next ==
\/ /\ Action1
/\ GeneratesNewState => SomeAction("Action1")
\/ /\ Action2
/\ GeneratesNewState => SomeAction("Action2")
Spec ==
/\ Init
/\ [][Next]_Vars
====
EXTENDS TLC
VARIABLES a, b, c
Vars == <<a, b, c>>
TypeOK ==
/\ a \in BOOLEAN
/\ b \in BOOLEAN
/\ c \in BOOLEAN
GeneratesNewState == Vars' /= Vars
SomeAction(msg) == Print(msg, TRUE)
Action1 == UNCHANGED Vars
Action2 ==
/\ a' = ~a
/\ b' = ~b
/\ c' = ~c
Init ==
/\ a = TRUE
/\ b = TRUE
/\ c = TRUE
Next ==
\/ /\ Action1
/\ GeneratesNewState => SomeAction("Action1")
\/ /\ Action2
/\ GeneratesNewState => SomeAction("Action2")
Spec ==
/\ Init
/\ [][Next]_Vars
====
If you run TLC on this it will print "Action2" but never "Action1". Note how the prime operator distributes over the variables in Vars; a neat feature!
Andrew
Guo Hua
Dec 8, 2023, 6:31:14 AM12/8/23
to tlaplus
Thank you for your reply.
However, I am sorry for not describing it clearly.
However, I am sorry for not describing it clearly.
What I said was "generating distinct new states in the entire search space of TLC model checking", rather than "not changing the value of variables".
Hua
Markus Kuppe
Dec 8, 2023, 12:03:02 PM12/8/23
to tla...@googlegroups.com
TLC exposes TLCGet(“distinct”) among other statistics [1].
Markus
[1] https://lamport.azurewebsites.net/tla/current-tools.pdf
Markus
[1] https://lamport.azurewebsites.net/tla/current-tools.pdf
Guo Hua
Dec 12, 2023, 12:04:59 PM12/12/23
to tlaplus
Thank you for your reply. I got it.
Akash
Dec 12, 2023, 12:20:15 PM12/12/23
to tla...@googlegroups.com
I'm a beginner to TLA+, so I may be wrong, but, I think you are referring to "leads to" in temporal logic.
F squiggly arrow G.
If F is true then eventually G must be true.
Then you can apply this concept to your operator and make it nested.
Kind regards,
Akash
--
You received this message because you are subscribed to the Google Groups "tlaplus" group.
To unsubscribe from this group and stop receiving emails from it, send an email to tlaplus+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/tlaplus/abdbce77-89f5-4964-8151-75946c390b37n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages