isabelle: src/HOL/UNITY/Handshake.ML@e4297d03e5d2 (annotated)

5252 1b0f14d11142 Union primitives and examples paulson parents: diff changeset	1	(* Title: HOL/UNITY/Handshake
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	2	ID: $Id$
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	3	Author: Lawrence C Paulson, Cambridge University Computer Laboratory
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	4	Copyright 1998 University of Cambridge
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	5
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	6	Handshake Protocol
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	7
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	8	From Misra, "Asynchronous Compositions of Programs", Section 5.3.2
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	9	*)
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	10
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	11	(split_all_tac causes a big blow-up)
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	12	claset_ref() := claset() delSWrapper "split_all_tac";
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	13
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	14	(Simplification for records)
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	15	Addsimps (thms"state.update_defs");
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	16	Addsimps [invFG_def];
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	17
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	18
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	19	Goalw [prgF_def, Join_def] "id : Acts (Join prgF prgG) ";
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	20	by (Simp_tac 1);
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	21	qed "id_in_Acts";
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	22	AddIffs [id_in_Acts];
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	23
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	24
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	25	Goalw [prgF_def, prgG_def] "invariant (Join prgF prgG) invFG";
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	26	by (rtac invariantI 1);
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	27	by (force_tac (claset(),
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	28	simpset() addsimps [Join_def]) 1);
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	29	by (auto_tac (claset(), simpset() addsimps [stable_Join]));
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	30	by (constrains_tac [prgG_def,cmdG_def] 2);
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	31	by (auto_tac (claset() addIs [le_anti_sym] addSEs [le_SucE], simpset()));
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	32	by (constrains_tac [prgF_def,cmdF_def] 1);
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	33	qed "invFG";
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	34
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	35	Goal "LeadsTo (Join prgF prgG) {s. NF s = k & ~ BB s} {s. NF s = k & BB s}";
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	36	br (ensures_stable_Join1 RS leadsTo_Basis RS leadsTo_imp_LeadsTo) 1;
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	37	by (ensures_tac [prgG_def,cmdG_def] "cmdG" 2);
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	38	by (constrains_tac [prgF_def,cmdF_def] 1);
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	39	qed "lemma2_1";
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	40
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	41	Goal "LeadsTo (Join prgF prgG) {s. NF s = k & BB s} {s. k < NF s}";
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	42	br (ensures_stable_Join2 RS leadsTo_Basis RS leadsTo_imp_LeadsTo) 1;
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	43	by (constrains_tac [prgG_def,cmdG_def] 2);
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	44	by (ensures_tac [prgF_def,cmdF_def] "cmdF" 1);
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	45	qed "lemma2_2";
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	46
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	47
5258 d1c0504d6c42 Finished the example paulson parents: 5252 diff changeset	48	Goal "LeadsTo (Join prgF prgG) UNIV {s. m < NF s}";
d1c0504d6c42 Finished the example paulson parents: 5252 diff changeset	49	br LeadsTo_weaken_R 1;
d1c0504d6c42 Finished the example paulson parents: 5252 diff changeset	50	by (res_inst_tac [("f", "NF"), ("l","Suc m"), ("B","{}")]
5277 e4297d03e5d2 A higher-level treatment of LeadsTo, minimizing use of "reachable" paulson parents: 5258 diff changeset	51	GreaterThan_bounded_induct 1);
5258 d1c0504d6c42 Finished the example paulson parents: 5252 diff changeset	52	by (auto_tac (claset(), simpset() addsimps [vimage_def]));
d1c0504d6c42 Finished the example paulson parents: 5252 diff changeset	53	by (trans_tac 2);
d1c0504d6c42 Finished the example paulson parents: 5252 diff changeset	54	(The inductive step: LeadsTo (Join prgF prgG) {x. NF x = ma} {x. ma < NF x})
5252 1b0f14d11142 Union primitives and examples paulson parents: diff changeset	55	br LeadsTo_Diff 1;
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	56	br lemma2_2 2;
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	57	br LeadsTo_Trans 1;
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	58	br lemma2_2 2;
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	59	br (lemma2_1 RS LeadsTo_weaken_L) 1;
1b0f14d11142 Union primitives and examples paulson parents: diff changeset	60	by Auto_tac;
5258 d1c0504d6c42 Finished the example paulson parents: 5252 diff changeset	61	qed "progress";

author	paulson
	Thu, 06 Aug 1998 15:47:26 +0200
changeset 5277	e4297d03e5d2
parent 5258	d1c0504d6c42
child 5313	1861a564d7e2
permissions	-rw-r--r--