forked from cubicle-model-checker/cubicle
-
Notifications
You must be signed in to change notification settings - Fork 0
/
dekker_n.cub
91 lines (70 loc) · 1.63 KB
/
dekker_n.cub
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
(*
Generalization of Dekker mutual exclusion algorithm by Alain J. Martin from
A new generalization of dekker’s algorithm for mutual
exclusion. Inf. Process. Lett., 23(6) :295–297, Dec. 1986.
--------------------------------------
p(i) =
NCS: while true do
x(i) := true;
LOOP: while (exists j ≠ i. x(j)) do
AWAIT: x(i) := false;
await [ t = 0 or t = i ];
TURN: t := i;
x(i) := true;
done;
CS: // CS(i);
x(i) := false;
t := 0;
done
--------------------------------------
Translated from MCMT v2 model.
*)
type location = NCS | LOOP | AWAIT | TURN | CS
array P[proc] : location
array X[proc] : bool
var T : proc
var T_set : bool
init (i) { T_set = False && X[i] = False && P[i] = NCS }
unsafe (i j) { P[i] = CS && P[j] = CS }
transition start (i)
requires { P[i] = NCS }
{
P[i] := LOOP;
X[i] := True;
}
transition wait (i j)
requires { P[i] = LOOP && X[j] = True }
{
P[i] := AWAIT;
X[i] := False;
}
transition enter (i)
requires { P[i] = LOOP && forall_other j. X[j] = False }
{
P[i] := CS;
}
transition awaited_1 (i)
requires { P[i] = AWAIT && T_set = False }
{
P[i] := TURN;
}
transition awaited_2 (i)
requires { P[i] = AWAIT && T_set = True && T = i }
{
P[i] := TURN;
}
transition turn (i)
requires { P[i] = TURN }
{
P[i] := LOOP;
X[i] := True;
T_set := True;
T := i;
}
transition loop (i)
requires { P[i] = CS }
{
P[i] := NCS;
X[i] := False;
T_set := False;
}