previous up next
Go backward to Client Model
Go up to Top
Go forward to Refining the Invariant
RISC-Linz logo

Solution Idea

Introduce variable counter and maintain invariant:

implies
   and
      InitC,R(pc, counter ...)
      always ActionC,R(pc, counter, ...)
   always InvariantC,R(pc, counter, ...)
 
System.
 
 
Stronger specification.

Chosen appropriately, invariant implies safety property:

InvariantC,R(pc, counter, ...) :<=>
   and
      counter >= 0
      R =
         counter +
         number i in [1,C]: pci = resource
 
 
Counter is non-negative.
 
Counter complements number of processes operating on resource.

Must check whether clients maintains invariant.


Author: Wolfgang Schreiner
Last Modification: April 22, 1999

previous up next