# Re: [tlaplus] Spec describing simultaneity of events

Something TLC can handle more easily and may work for your example is:

\E ids \in SUBSET TaskID :
var' = [id \in TaskID |-> IF id \in ids THEN ... ELSE var[id]]

On Thursday, October 22, 2020 at 4:38:00 AM UTC-7 Stephan Merz wrote:
Hi Mariusz,

I imagine you'd like to write something like

Next == \E ids \in SUBSET TaskID : \A id \in ids : Task(id)

In practice, this is not going to work, in particular because your state variables are probably arrays and the definition of Task contains expressions of the form

var' = [var EXCEPT ![id] = ...]

You can try to work around this problem by writing

var[id]' = ...

in the definition of Task and defining

Next ==
/\ var' \in [TaskID -> ...]
/\ \E ids \in SUBSET TaskID :
/\ \A id \in ids : Task(id)
/\ \A id \in TaskID \ ids : UNCHANGED var[id]

but TLC will not handle that very well because it will generate all possible type-correct values for var' and then reduce those to the few successor values that are actually possible. Perhaps Apalache would be able to handle such definitions better because it doesn't explicitly construct states one by one. If you are mainly interested in verification using TLC, I think that your solution will work best.

Stephan

On 22 Oct 2020, at 13:25, Mariusz Ryndzionek <mrynd...@xxxxxxxxx> wrote:

I'm writing a simple spec for a task scheduler. Most of the spec I've seen do something like this:

This models/describes a situation where each task gets activatedbone at a time. I would like to model a situation where any combination of tasks can become active at any instant. Something like this seems to work:

However is there a maybe another way to accomplish this? Preferably a way that would not require to turn Task(taks_id) into Tasks(task_ids).

Regards,
Mariusz

--
You received this message because you are subscribed to the Google Groups "tlaplus" group.
To unsubscribe from this group and stop receiving emails from it, send an email to tlaplus+u...@xxxxxxxxxxxxxxxx.