-- file: qlock.mod

mod! LABEL {
  [Label]
  ops rm wt cs : -> Label .
  pred (_=_) : Label Label {comm} .
  var L : Label .
  eq (L = L) = true .
  eq (rm = wt) = false .
  eq (rm = cs) = false .
  eq (wt = cs) = false .
}

mod* PID {
  [Pid < PidErr]
  op none : -> PidErr
  pred (_=_) : PidErr PidErr {comm}
  var I : Pid .
  eq (I = I) = true .
  eq (none = I) = false .
  -- (none = none) is not defined intentionally
}

mod* TRIVerr {
  [Elt < EltErr]
  op none : -> EltErr
}
mod! QUEUE(D :: TRIVerr) {
  [Queue]
-- constructors
  op empty :             -> Queue {constr}
  op _,_   : Queue Elt.D -> Queue {constr l-assoc}
-- operators
  op put : Elt.D Queue -> Queue
  op get : Queue -> Queue
  op top : Queue -> EltErr.D
  op empty? : Queue -> Bool
-- CafeOBJ variables
  var Q : Queue
  vars X Y : Elt.D
-- equations
  eq put(X,empty) = empty,X .
  eq put(X,(Q,Y)) = put(X,Q),Y .
  -- get(empty) is not defined intentionally
  eq get((Q,X)) = Q .
  eq top(empty) = (none):EltErr.D .
  eq top((Q,X)) = X .
  eq empty?(empty) = true .
  eq empty?((Q,X)) = false .
}

view TRIVerr2PID from TRIVerr to PID {
  sort Elt -> Pid,
  sort EltErr -> PidErr,
  op (none):EltErr -> (none):PidErr
}
mod* QLOCK {
  pr(LABEL)
  pr(QUEUE(D <= TRIVerr2PID))
  *[Sys]*
-- any initial state
  op init : -> Sys
-- observations
  bop pc    : Sys Pid -> Label
  bop queue : Sys -> Queue
-- actions
  bop want : Sys Pid -> Sys
  bop try  : Sys Pid -> Sys
  bop exit : Sys Pid -> Sys
-- for any initial state
  eq pc(init,I:Pid)  = rm .
  eq queue(init) = empty .
-- CafeOBJ variables
  var S : Sys
  vars I J : Pid
-- for want
  op c-want : Sys Pid -> Bool {strat: (0 1 2)}
  eq c-want(S,I) = (pc(S,I) = rm) .
  --
  ceq pc(want(S,I),J)  
      = (if I = J then wt else pc(S,J) fi) if c-want(S,I) .
  ceq queue(want(S,I)) = put(I,queue(S))   if c-want(S,I) .
  ceq want(S,I)        = S                 if not c-want(S,I) .
-- for try
  op c-try : Sys Pid -> Bool {strat: (0 1 2)}
  eq c-try(S,I) = (pc(S,I) = wt and top(queue(S)) = I) .
  --
  ceq pc(try(S,I),J)  
      = (if I = J then cs else pc(S,J) fi) if c-try(S,I) .
  eq  queue(try(S,I)) = queue(S) .
  ceq try(S,I)        = S                  if not c-try(S,I) .
-- for exit
  op c-exit : Sys Pid -> Bool {strat: (0 1 2)}
  eq c-exit(S,I) = (pc(S,I) = cs) .
  -- 
  ceq pc(exit(S,I),J)  
      = (if I = J then rm else pc(S,J) fi) if c-exit(S,I) .
  ceq queue(exit(S,I)) = get(queue(S))     if c-exit(S,I) .
  ceq exit(S,I)        = S                 if not c-exit(S,I) .
}