2020-05-08 19:23:51 +02:00
|
|
|
MODULE main
|
|
|
|
VAR
|
|
|
|
wantP: boolean;
|
|
|
|
wantQ: boolean;
|
|
|
|
p: process proc(wantP, wantQ); -- PROCESS: http://nusmv.fbk.eu/NuSMV/userman/v21/nusmv_3.html#SEC27
|
|
|
|
q: process proc(wantQ, wantP);
|
|
|
|
ASSIGN
|
|
|
|
init(wantP) := FALSE;
|
|
|
|
init(wantQ) := FALSE;
|
|
|
|
|
|
|
|
CTLSPEC -- no mutual exclusion
|
|
|
|
AG (p.state != critical | q.state != critical)
|
|
|
|
|
|
|
|
CTLSPEC -- no deadlock
|
|
|
|
AG ((p.state = setTrue | q.state = setTrue) -> AF (p.state = critical | q.state = critical))
|
|
|
|
|
|
|
|
CTLSPEC -- no individual starvation
|
|
|
|
AG (p.state = setTrue -> AF p.state = critical)
|
|
|
|
CTLSPEC
|
|
|
|
AG (q.state = setTrue -> AF q.state = critical)
|
|
|
|
|
2020-05-21 13:57:43 +02:00
|
|
|
LTLSPEC -- no mutual exclusion
|
|
|
|
G (p.state != critical | q.state != critical)
|
|
|
|
LTLSPEC -- no deadlock
|
|
|
|
G ((p.state = setTrue | q.state = setTrue) -> F (p.state = critical | q.state = critical))
|
|
|
|
LTLSPEC -- no individual starvation
|
|
|
|
G (p.state = setTrue -> F p.state = critical)
|
|
|
|
LTLSPEC
|
|
|
|
G (q.state = setTrue -> F q.state = critical)
|
2020-05-08 19:23:51 +02:00
|
|
|
|
|
|
|
MODULE proc(mine, other)
|
|
|
|
VAR
|
|
|
|
state: {local, critical, setTrue, setFalse, resetTrue, resetFalse};
|
|
|
|
ASSIGN
|
|
|
|
init(state) := local;
|
|
|
|
next(state) := case
|
|
|
|
state = local: {local, setTrue};
|
|
|
|
state = setTrue & other = TRUE: resetFalse;
|
|
|
|
state = setTrue & other = FALSE: critical;
|
|
|
|
state = resetFalse: resetTrue;
|
|
|
|
state = resetTrue & other = TRUE: resetFalse;
|
|
|
|
state = resetTrue & other = FALSE: critical;
|
|
|
|
state = critical: setFalse;
|
|
|
|
state = setFalse: local;
|
|
|
|
esac;
|
|
|
|
next(mine) := case
|
|
|
|
state = setTrue: TRUE;
|
|
|
|
state = setFalse: FALSE;
|
|
|
|
state = resetTrue: TRUE;
|
|
|
|
state = resetFalse: FALSE;
|
|
|
|
TRUE: mine;
|
|
|
|
esac;
|
|
|
|
FAIRNESS
|
|
|
|
running
|