1
我试图解决与农民,狼,山羊和卷心菜有关的任务。SPIN:解释错误跟踪
所以,我发现了如下因素PROMELA描述:
#define fin (all_right_side == true)
#define wg (g_and_w == false)
#define gc (g_and_c == false)
ltl ltl_0 { <> fin && [] (wg && gc) }
bool all_right_side, g_and_w, g_and_c;
active proctype river()
{
bit f = 0,
w = 0,
g = 0,
c = 0;
all_right_side = false;
g_and_w = false;
g_and_c = false;
printf("MSC: f %c w %c g %c c %c \n", f, w, g, c);
do
:: (f==1) && (f == w) && (f ==g) && (f == c) ->
all_right_side = true;
break;
:: else ->
if
:: (f == w) ->
f = 1 - f;
w = 1 - w;
:: (f == c) ->
f = 1 - f;
w = 1 - c;
:: (f == g) ->
f = 1 - f;
w = 1 - g;
:: (true) ->
f = 1 - f;
fi;
printf("M f %c w %c g %c c %c \n", f, w, g, c);
if
:: (f != g && g == c) ->
g_and_c = true;
:: (f != g && g == w) ->
g_and_w = true;
::else ->
skip
fi
od;
printf ("MSC: OK!\n")
}
我添加有一个LTL-式:LTL ltl_0 {<>鳍& & [](WG & & GC)} 验证,狼不会吃山羊,山羊不会吃白菜。我想要举一个例子,农民如何运输他所有的需求(w-g-c)而不损失。
当运行验证时,得到以下结果: 状态矢量20字节,深度达到59,错误:1 64个状态,存储 23个州,匹配 87转变(=存储+匹配) 0原子步骤 散列冲突:0(已解决)
这意味着该程序为我生成了一个示例。但我无法解释它。 * .pml.trial文件的内容是:enter image description here
请帮我解释。