Go backward to Refining the Invariant
Go up to Top
Go forward to Designing the Server

Designing the Server

Server must maintain invariant and imply progress:

Server_C,R(server, client, counter) :<=>

   exists i in [1,C]:

      or

         receive_i(server, release) /\

            count' = count+1 /\

            changed(server, count)

         receive_i(server, request) /\ count > 0 /\

            send_i(client, grant) /\ count' = count-1 /\

            changed(server, client, count)

         receive_i(server, request) /\ count <=0 /\

            ...

receive a release message and increase counter

send a grant message and decrease counter

what now?

Need possibility to defer grant messages.

Author: Wolfgang Schreiner
Last Modification: April 22, 1999