4776
|
1 |
(* Title: HOL/UNITY/Channel
|
|
2 |
ID: $Id$
|
|
3 |
Author: Lawrence C Paulson, Cambridge University Computer Laboratory
|
|
4 |
Copyright 1998 University of Cambridge
|
|
5 |
|
|
6 |
Unordered Channel
|
|
7 |
|
|
8 |
From Misra, "A Logic for Concurrent Programming" (1994), section 13.3
|
|
9 |
*)
|
|
10 |
|
|
11 |
open Channel;
|
|
12 |
|
|
13 |
AddIffs [skip];
|
|
14 |
|
|
15 |
|
|
16 |
(*None represents "infinity" while Some represents proper integers*)
|
|
17 |
goalw thy [minSet_def] "!!A. minSet A = Some x --> x : A";
|
|
18 |
by (Simp_tac 1);
|
|
19 |
by (fast_tac (claset() addIs [LeastI]) 1);
|
|
20 |
qed_spec_mp "minSet_eq_SomeD";
|
|
21 |
|
|
22 |
goalw thy [minSet_def] " minSet{} = None";
|
|
23 |
by (Asm_simp_tac 1);
|
|
24 |
qed_spec_mp "minSet_empty";
|
|
25 |
Addsimps [minSet_empty];
|
|
26 |
|
|
27 |
goalw thy [minSet_def] "!!A. x:A ==> minSet A = Some (LEAST x. x: A)";
|
|
28 |
by (ALLGOALS Asm_simp_tac);
|
|
29 |
by (Blast_tac 1);
|
|
30 |
qed_spec_mp "minSet_nonempty";
|
|
31 |
|
|
32 |
goal thy
|
|
33 |
"leadsTo Acts (minSet -`` {Some x}) (minSet -`` (Some``greaterThan x))";
|
|
34 |
by (rtac leadsTo_weaken 1);
|
|
35 |
by (rtac ([UC2, UC1] MRS PSP) 1);
|
|
36 |
by (ALLGOALS Asm_simp_tac);
|
|
37 |
by (Blast_tac 1);
|
|
38 |
by Safe_tac;
|
|
39 |
by (auto_tac (claset() addDs [minSet_eq_SomeD],
|
|
40 |
simpset() addsimps [le_def, nat_neq_iff]));
|
|
41 |
qed "minSet_greaterThan";
|
|
42 |
|
|
43 |
|
|
44 |
(*The induction*)
|
|
45 |
goal thy "leadsTo Acts (UNIV-{{}}) (minSet -`` (Some``atLeast y))";
|
|
46 |
by (rtac leadsTo_weaken_R 1);
|
|
47 |
by (res_inst_tac [("l", "y"), ("f", "the o minSet"), ("B", "{}")]
|
|
48 |
greaterThan_bounded_induct 1);
|
|
49 |
by Safe_tac;
|
|
50 |
by (ALLGOALS Asm_simp_tac);
|
|
51 |
by (dtac minSet_nonempty 2);
|
|
52 |
by (Asm_full_simp_tac 2);
|
|
53 |
by (rtac (minSet_greaterThan RS leadsTo_weaken) 1);
|
|
54 |
by Safe_tac;
|
|
55 |
by (ALLGOALS Asm_full_simp_tac);
|
|
56 |
by (dtac minSet_nonempty 1);
|
|
57 |
by (Asm_full_simp_tac 1);
|
|
58 |
val lemma = result();
|
|
59 |
|
|
60 |
|
|
61 |
goal thy "!!y::nat. leadsTo Acts (UNIV-{{}}) {s. y ~: s}";
|
|
62 |
by (rtac (lemma RS leadsTo_weaken_R) 1);
|
|
63 |
by (Clarify_tac 1);
|
|
64 |
by (forward_tac [minSet_nonempty] 1);
|
|
65 |
by (asm_full_simp_tac (simpset() addsimps [Suc_le_eq]) 1);
|
|
66 |
by (blast_tac (claset() addDs [Suc_le_lessD, not_less_Least]) 1);
|
|
67 |
qed "Channel_progress";
|