Mercurial Mercurial > repos > Old_HOL / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
IOA/example/Impl.thy
changeset 156 fd1be45b64bf
child 168 44ff2275d44f
equal deleted inserted replaced
155:722bf1319be5 156:fd1be45b64bf 
       
     1 Impl = Sender + Receiver + Channels +
 
       
     2 
       
     3 types 
       
     4 
       
     5 'm impl_state 
       
     6 = "'m sender_state * 'm receiver_state * 'm packet multiset * bool multiset"
 
       
     7 (*  sender_state   *  receiver_state   *    srch_state      * rsch_state *)
 
       
     8 
       
     9 
       
    10 consts
 
       
    11  impl_ioa    :: "('m action, 'm impl_state)ioa"
 
       
    12  sen         :: "'m impl_state => 'm sender_state"
 
       
    13  rec         :: "'m impl_state => 'm receiver_state"
 
       
    14  srch        :: "'m impl_state => 'm packet multiset"
 
       
    15  rsch        :: "'m impl_state => bool multiset"
 
       
    16  inv1, inv2, 
       
    17  inv3, inv4  :: "'m impl_state => bool"
 
       
    18  hdr_sum     :: "'m packet multiset => bool => nat"
 
       
    19 
       
    20 rules
 
       
    21 
       
    22  impl_def
 
       
    23   "impl_ioa == (sender_ioa || receiver_ioa || srch_ioa || rsch_ioa)"
 
       
    24 
       
    25  sen_def   "sen == fst"
 
       
    26  rec_def   "rec == fst o snd"
 
       
    27  srch_def "srch == fst o snd o snd"
 
       
    28  rsch_def "rsch == snd o snd o snd"
 
       
    29 
       
    30 hdr_sum_def
 
       
    31    "hdr_sum(M,b) == countm(M,%pkt.hdr(pkt) = b)"
 
       
    32 
       
    33 (* Lemma 5.1 *)
 
       
    34 inv1_def 
       
    35   "inv1(s) ==                                                                 \
 
       
    36  \   (!b. count(rsent(rec(s)),b) = count(srcvd(sen(s)),b) + count(rsch(s),b)) \
 
       
    37  \ & (!b. count(ssent(sen(s)),b)                                              \
 
       
    38  \        = hdr_sum(rrcvd(rec(s)),b) + hdr_sum(srch(s),b))"
 
       
    39 
       
    40 (* Lemma 5.2 *)
 
       
    41  inv2_def "inv2(s) ==                                                   \
 
       
    42 \  (rbit(rec(s)) = sbit(sen(s)) &                                       \
 
       
    43 \   ssending(sen(s)) &                                                  \
 
       
    44 \   count(rsent(rec(s)),~sbit(sen(s))) <= count(ssent(sen(s)),~sbit(sen(s))) &\
 
       
    45 \   count(ssent(sen(s)),~sbit(sen(s))) <= count(rsent(rec(s)),sbit(sen(s))))  \
 
       
    46 \   |                                                                   \
 
       
    47 \  (rbit(rec(s)) = (~sbit(sen(s))) &                                    \
 
       
    48 \   rsending(rec(s)) &                                                  \
 
       
    49 \   count(ssent(sen(s)),~sbit(sen(s))) <= count(rsent(rec(s)),sbit(sen(s))) &       \
 
       
    50 \   count(rsent(rec(s)),sbit(sen(s))) <= count(ssent(sen(s)),sbit(sen(s))))"
 
       
    51 
       
    52 (* Lemma 5.3 *)
 
       
    53  inv3_def "inv3(s) ==                                                   \
 
       
    54 \   rbit(rec(s)) = sbit(sen(s))                                         \
 
       
    55 \   --> (!m. sq(sen(s))=[] | m ~= hd(sq(sen(s)))                        \
 
       
    56 \        -->  count(rrcvd(rec(s)),<sbit(sen(s)),m>)                     \
 
       
    57 \             + count(srch(s),<sbit(sen(s)),m>)                         \
 
       
    58 \            <= count(rsent(rec(s)),~sbit(sen(s))))"
 
       
    59 
       
    60 (* Lemma 5.4 *)
 
       
    61  inv4_def "inv4(s) == rbit(rec(s)) = (~sbit(sen(s))) --> sq(sen(s)) ~= []"
 
       
    62 
       
    63 end
Old_HOL