isabelle: src/HOL/TLA/Memory/MemoryImplementation.thy@b15f8e094874 (annotated)

3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	1	(*
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	2	File: MemoryImplementation.thy
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	3	Author: Stephan Merz
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	4	Copyright: 1997 University of Munich
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	5
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	6	Theory Name: MemoryImplementation
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	7	Logic Image: TLA
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	8
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	9	RPC-Memory example: Memory implementation
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	10	*)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	11
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	12	MemoryImplementation = Memory + RPC + MemClerk + Datatype +
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	13
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	14	datatype histState = histA \| histB
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	15
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	16	types
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	17	histType = "(PrIds => histState) stfun" (* the type of the history variable *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	18
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	19	consts
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	20	(* the specification *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	21	(* channel (external) *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	22	memCh :: "memChType"
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	23	(* internal variables *)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	24	mm :: "memType"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	25
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	26	(* the state variables of the implementation *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	27	(* channels *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	28	(* same interface channel memCh *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	29	crCh :: "rpcSndChType"
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	30	rmCh :: "rpcRcvChType"
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	31	(* internal variables *)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	32	(* identity refinement mapping for mm -- simply reused *)
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	33	rst :: "rpcStType"
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	34	cst :: "mClkStType"
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	35	ires :: "resType"
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	36
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	37	constdefs
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	38	(* auxiliary predicates *)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	39	MVOKBARF :: "Vals => bool"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	40	"MVOKBARF v == (v : MemVal) \| (v = OK) \| (v = BadArg) \| (v = RPCFailure)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	41	MVOKBA :: "Vals => bool"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	42	"MVOKBA v == (v : MemVal) \| (v = OK) \| (v = BadArg)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	43	MVNROKBA :: "Vals => bool"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	44	"MVNROKBA v == (v : MemVal) \| (v = NotAResult) \| (v = OK) \| (v = BadArg)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	45
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	46	(* tuples of state functions changed by the various components *)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	47	e :: "PrIds => (bit * memOp) stfun"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	48	"e p == PRED (caller memCh!p)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	49	c :: "PrIds => (mClkState * (bit * Vals) * (bit * rpcOp)) stfun"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	50	"c p == PRED (cst!p, rtrner memCh!p, caller crCh!p)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	51	r :: "PrIds => (rpcState * (bit * Vals) * (bit * memOp)) stfun"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	52	"r p == PRED (rst!p, rtrner crCh!p, caller rmCh!p)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	53	m :: "PrIds => ((bit * Vals) * Vals) stfun"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	54	"m p == PRED (rtrner rmCh!p, ires!p)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	55
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	56	(* the environment action *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	57	ENext :: "PrIds => action"
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	58	"ENext p == ACT (? l. #l : #MemLoc & Call memCh p #(read l))"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	59
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	60
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	61	(* specification of the history variable *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	62	HInit :: "histType => PrIds => stpred"
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	63	"HInit rmhist p == PRED rmhist!p = #histA"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	64
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	65	HNext :: "histType => PrIds => action"
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	66	"HNext rmhist p == ACT (rmhist!p)$ =
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	67	(if (MemReturn rmCh ires p \| RPCFail crCh rmCh rst p)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	68	then #histB
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	69	else if (MClkReply memCh crCh cst p)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	70	then #histA
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	71	else $(rmhist!p))"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	72
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	73	HistP :: "histType => PrIds => temporal"
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	74	"HistP rmhist p == TEMP Init HInit rmhist p
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	75	& [][HNext rmhist p]_(c p,r p,m p, rmhist!p)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	76
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	77	Hist :: "histType => temporal"
9517 f58863b1406a tuned version by Stephan Merz (unbatchified etc.); wenzelm parents: 6255 diff changeset	78	"Hist rmhist == TEMP (ALL p. HistP rmhist p)"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	79
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	80	(* the implementation *)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	81	IPImp :: "PrIds => temporal"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	82	"IPImp p == TEMP ( Init ~Calling memCh p & [][ENext p]_(e p)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	83	& MClkIPSpec memCh crCh cst p
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	84	& RPCIPSpec crCh rmCh rst p
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	85	& RPSpec rmCh mm ires p
9517 f58863b1406a tuned version by Stephan Merz (unbatchified etc.); wenzelm parents: 6255 diff changeset	86	& (ALL l. #l : #MemLoc --> MSpec rmCh mm ires l))"
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	87
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	88	ImpInit :: "PrIds => stpred"
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	89	"ImpInit p == PRED ( ~Calling memCh p
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	90	& MClkInit crCh cst p
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	91	& RPCInit rmCh rst p
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	92	& PInit ires p)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	93
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	94	ImpNext :: "PrIds => action"
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	95	"ImpNext p == ACT [ENext p]_(e p)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	96	& [MClkNext memCh crCh cst p]_(c p)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	97	& [RPCNext crCh rmCh rst p]_(r p)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	98	& [RNext rmCh mm ires p]_(m p)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	99
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	100	ImpLive :: "PrIds => temporal"
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	101	"ImpLive p == TEMP WF(MClkFwd memCh crCh cst p)_(c p)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	102	& SF(MClkReply memCh crCh cst p)_(c p)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	103	& WF(RPCNext crCh rmCh rst p)_(r p)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	104	& WF(RNext rmCh mm ires p)_(m p)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	105	& WF(MemReturn rmCh ires p)_(m p)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	106
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	107	Implementation :: "temporal"
9517 f58863b1406a tuned version by Stephan Merz (unbatchified etc.); wenzelm parents: 6255 diff changeset	108	"Implementation == TEMP ( (ALL p. Init (~Calling memCh p) & [][ENext p]_(e p))
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	109	& MClkISpec memCh crCh cst
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	110	& RPCISpec crCh rmCh rst
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	111	& IRSpec rmCh mm ires)"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	112
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	113	(* the predicate S describes the states of the implementation.
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	114	slight simplification: two "histState" parameters instead of a
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	115	(one- or two-element) set.
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	116	NB: The second conjunct of the definition in the paper is taken care of by
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	117	the type definitions. The last conjunct is asserted separately as the memory
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	118	invariant MemInv, proved in Memory.ML. *)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	119	S :: "histType => bool => bool => bool => mClkState => rpcState => histState => histState => PrIds => stpred"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	120	"S rmhist ecalling ccalling rcalling cs rs hs1 hs2 p == PRED
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	121	Calling memCh p = #ecalling
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	122	& Calling crCh p = #ccalling
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	123	& (#ccalling --> arg<crCh!p> = MClkRelayArg<arg<memCh!p>>)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	124	& (~ #ccalling & cst!p = #clkB --> MVOKBARF<res<crCh!p>>)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	125	& Calling rmCh p = #rcalling
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	126	& (#rcalling --> arg<rmCh!p> = RPCRelayArg<arg<crCh!p>>)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	127	& (~ #rcalling --> ires!p = #NotAResult)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	128	& (~ #rcalling & rst!p = #rpcB --> MVOKBA<res<rmCh!p>>)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	129	& cst!p = #cs
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	130	& rst!p = #rs
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	131	& (rmhist!p = #hs1 \| rmhist!p = #hs2)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	132	& MVNROKBA<ires!p>"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	133
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	134	(* predicates S1 -- S6 define special instances of S *)
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	135	S1 :: "histType => PrIds => stpred"
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	136	"S1 rmhist p == S rmhist False False False clkA rpcA histA histA p"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	137	S2 :: "histType => PrIds => stpred"
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	138	"S2 rmhist p == S rmhist True False False clkA rpcA histA histA p"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	139	S3 :: "histType => PrIds => stpred"
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	140	"S3 rmhist p == S rmhist True True False clkB rpcA histA histB p"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	141	S4 :: "histType => PrIds => stpred"
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	142	"S4 rmhist p == S rmhist True True True clkB rpcB histA histB p"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	143	S5 :: "histType => PrIds => stpred"
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	144	"S5 rmhist p == S rmhist True True False clkB rpcB histB histB p"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	145	S6 :: "histType => PrIds => stpred"
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	146	"S6 rmhist p == S rmhist True False False clkB rpcA histB histB p"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	147
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	148	(* The invariant asserts that the system is always in one of S1 - S6, for every p *)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	149	ImpInv :: "histType => PrIds => stpred"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	150	"ImpInv rmhist p == PRED ( S1 rmhist p \| S2 rmhist p \| S3 rmhist p
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	151	\| S4 rmhist p \| S5 rmhist p \| S6 rmhist p)"
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	152
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	153	resbar :: "histType => resType" (* refinement mapping *)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	154	"resbar rmhist s p ==
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	155	(if (S1 rmhist p s \| S2 rmhist p s)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	156	then ires s p
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	157	else if S3 rmhist p s
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	158	then if rmhist s p = histA
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	159	then ires s p else MemFailure
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	160	else if S4 rmhist p s
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	161	then if (rmhist s p = histB & ires s p = NotAResult)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	162	then MemFailure else ires s p
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	163	else if S5 rmhist p s
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	164	then res (rmCh s p)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	165	else if S6 rmhist p s
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	166	then if res (crCh s p) = RPCFailure
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	167	then MemFailure else res (crCh s p)
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	168	else NotAResult)" (* dummy value *)
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	169
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	170	rules
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	171	(* the "base" variables: everything except resbar and hist (for any index) *)
6255 db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	172	MI_base "basevars (caller memCh!p,
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	173	(rtrner memCh!p, caller crCh!p, cst!p),
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	174	(rtrner crCh!p, caller rmCh!p, rst!p),
db63752140c7 updated (Stephan Merz); wenzelm parents: 3807 diff changeset	175	(mm!l, rtrner rmCh!p, ires!p))"
3807 82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	176
82a99b090d9d A formalization of TLA in HOL -- by Stephan Merz; wenzelm parents: diff changeset	177	end

author	paulson
	Tue, 30 Aug 2005 12:47:53 +0200
changeset 17189	b15f8e094874
parent 11703	6e5de8d4290a
child 17309	c43ed29bd197
permissions	-rw-r--r--