------------------------------- MODULE dekker -------------------------------EX

1. ------------------------------- MODULE dekker -------------------------------
2. EXTENDS TLC, Integers
3. CONSTANT Threads
4.  
5. (*--algorithm dekker
6.  
7. variables
8. flag = [t \in Threads |-> FALSE],
9. next_thread \in Threads;
10.  
11. define
12. \* At most one thread is in the critical section at a time
13. AtMostOneCritical == \A t1, t2 \in Threads:
14. t1 /= t2 => ~(pc[t1] = "CS" /\ pc[t2] = "CS")
15.  
16. \* All threads eventually reach the critical section
17. Liveness == \A t \in Threads: <>(pc[t] = "CS")
18. end define;
19.  
20. fair process thread \in Threads
21. begin
22. P1: flag[self] := TRUE;
23. P2:
24. while \E t \in Threads \ {self}: flag[t] do
25. P2_1:
26. if next_thread /= self then
27. P2_1_1: flag[self] := FALSE;
28. P2_1_2: await next_thread = self;
29. P2_1_3: flag[self] := TRUE;
30. end if;
31. end while;
32. CS: skip; \* CS means "critical section"
33. P3: with t \in Threads \ {self} do
34. next_thread := t;
35. end with;
36. P4: goto P1;
37. end process;
38.  
39. end algorithm;*)
40. \* BEGIN TRANSLATION
41. VARIABLES flag, next_thread, pc
42.  
43. (* define statement *)
44. AtMostOneCritical == \A t1, t2 \in Threads:
45. t1 /= t2 => ~(pc[t1] = "CS" /\ pc[t2] = "CS")
46.  
47.  
48. Liveness == \A t \in Threads: <>(pc[t] = "CS")
49.  
50.  
51. vars == << flag, next_thread, pc >>
52.  
53. ProcSet == (Threads)
54.  
55. Init == (* Global variables *)
56. /\ flag = [t \in Threads |-> FALSE]
57. /\ next_thread \in Threads
58. /\ pc = [self \in ProcSet |-> "P1"]
59.  
60. P1(self) == /\ pc[self] = "P1"
61. /\ flag' = [flag EXCEPT ![self] = TRUE]
62. /\ pc' = [pc EXCEPT ![self] = "P2"]
63. /\ UNCHANGED next_thread
64.  
65. P2(self) == /\ pc[self] = "P2"
66. /\ IF \E t \in Threads \ {self}: flag[t]
67. THEN /\ pc' = [pc EXCEPT ![self] = "P2_1"]
68. ELSE /\ pc' = [pc EXCEPT ![self] = "CS"]
69. /\ UNCHANGED << flag, next_thread >>
70.  
71. P2_1(self) == /\ pc[self] = "P2_1"
72. /\ IF next_thread /= self
73. THEN /\ pc' = [pc EXCEPT ![self] = "P2_1_1"]
74. ELSE /\ pc' = [pc EXCEPT ![self] = "P2"]
75. /\ UNCHANGED << flag, next_thread >>
76.  
77. P2_1_1(self) == /\ pc[self] = "P2_1_1"
78. /\ flag' = [flag EXCEPT ![self] = FALSE]
79. /\ pc' = [pc EXCEPT ![self] = "P2_1_2"]
80. /\ UNCHANGED next_thread
81.  
82. P2_1_2(self) == /\ pc[self] = "P2_1_2"
83. /\ next_thread = self
84. /\ pc' = [pc EXCEPT ![self] = "P2_1_3"]
85. /\ UNCHANGED << flag, next_thread >>
86.  
87. P2_1_3(self) == /\ pc[self] = "P2_1_3"
88. /\ flag' = [flag EXCEPT ![self] = TRUE]
89. /\ pc' = [pc EXCEPT ![self] = "P2"]
90. /\ UNCHANGED next_thread
91.  
92. CS(self) == /\ pc[self] = "CS"
93. /\ TRUE
94. /\ pc' = [pc EXCEPT ![self] = "P3"]
95. /\ UNCHANGED << flag, next_thread >>
96.  
97. P3(self) == /\ pc[self] = "P3"
98. /\ \E t \in Threads \ {self}:
99. next_thread' = t
100. /\ pc' = [pc EXCEPT ![self] = "P4"]
101. /\ flag' = flag
102.  
103. P4(self) == /\ pc[self] = "P4"
104. /\ pc' = [pc EXCEPT ![self] = "P1"]
105. /\ UNCHANGED << flag, next_thread >>
106.  
107. thread(self) == P1(self) \/ P2(self) \/ P2_1(self) \/ P2_1_1(self)
108. \/ P2_1_2(self) \/ P2_1_3(self) \/ CS(self) \/ P3(self)
109. \/ P4(self)
110.  
111. (* Allow infinite stuttering to prevent deadlock on termination. *)
112. Terminating == /\ \A self \in ProcSet: pc[self] = "Done"
113. /\ UNCHANGED vars
114.  
115. Next == (\E self \in Threads: thread(self))
116. \/ Terminating
117.  
118. Spec == /\ Init /\ [][Next]_vars
119. /\ \A self \in Threads : WF_vars(thread(self))
120.  
121. Termination == <>(\A self \in ProcSet: pc[self] = "Done")
122.  
123. \* END TRANSLATION
124. =============================================================================
125. \* Modification History
126. \* Last modified Sun Sep 29 12:39:24 PDT 2019 by tony
127. \* Created Sun Sep 29 12:18:45 PDT 2019 by tony