equal
deleted
inserted
replaced
113 |
113 |
114 lemma client_prog_preserves: |
114 lemma client_prog_preserves: |
115 "client_prog:(\<Inter>x \<in> var-{ask, rel, tok}. preserves(lift(x)))" |
115 "client_prog:(\<Inter>x \<in> var-{ask, rel, tok}. preserves(lift(x)))" |
116 apply (rule Inter_var_DiffI, force) |
116 apply (rule Inter_var_DiffI, force) |
117 apply (rule ballI) |
117 apply (rule ballI) |
118 apply (rule preservesI, constrains, auto) |
118 apply (rule preservesI, safety, auto) |
119 done |
119 done |
120 |
120 |
121 |
121 |
122 lemma preserves_lift_imp_stable: |
122 lemma preserves_lift_imp_stable: |
123 "G \<in> preserves(lift(ff)) ==> G \<in> stable({s \<in> state. P(s`ff)})"; |
123 "G \<in> preserves(lift(ff)) ==> G \<in> stable({s \<in> state. P(s`ff)})"; |
134 lemma client_prog_Increasing_ask_rel: |
134 lemma client_prog_Increasing_ask_rel: |
135 "client_prog: program guarantees Incr(lift(ask)) Int Incr(lift(rel))" |
135 "client_prog: program guarantees Incr(lift(ask)) Int Incr(lift(rel))" |
136 apply (unfold guar_def) |
136 apply (unfold guar_def) |
137 apply (auto intro!: increasing_imp_Increasing |
137 apply (auto intro!: increasing_imp_Increasing |
138 simp add: client_prog_ok_iff increasing_def preserves_imp_prefix) |
138 simp add: client_prog_ok_iff increasing_def preserves_imp_prefix) |
139 apply (constrains, force, force)+ |
139 apply (safety, force, force)+ |
140 done |
140 done |
141 |
141 |
142 declare nth_append [simp] append_one_prefix [simp] |
142 declare nth_append [simp] append_one_prefix [simp] |
143 |
143 |
144 lemma NbT_pos2: "0<NbT" |
144 lemma NbT_pos2: "0<NbT" |
156 {s \<in> state. \<forall>elt \<in> set_of_list(s`ask). elt \<le> NbT})" |
156 {s \<in> state. \<forall>elt \<in> set_of_list(s`ask). elt \<le> NbT})" |
157 apply (rotate_tac -1) |
157 apply (rotate_tac -1) |
158 apply (auto simp add: client_prog_ok_iff) |
158 apply (auto simp add: client_prog_ok_iff) |
159 apply (rule invariantI [THEN stable_Join_Always2], force) |
159 apply (rule invariantI [THEN stable_Join_Always2], force) |
160 prefer 2 |
160 prefer 2 |
161 apply (fast intro: stable_Int preserves_lift_imp_stable, constrains) |
161 apply (fast intro: stable_Int preserves_lift_imp_stable, safety) |
162 apply (auto dest: ActsD) |
162 apply (auto dest: ActsD) |
163 apply (cut_tac NbT_pos) |
163 apply (cut_tac NbT_pos) |
164 apply (rule NbT_pos2 [THEN mod_less_divisor]) |
164 apply (rule NbT_pos2 [THEN mod_less_divisor]) |
165 apply (auto dest: ActsD preserves_imp_eq simp add: set_of_list_append) |
165 apply (auto dest: ActsD preserves_imp_eq simp add: set_of_list_append) |
166 done |
166 done |
176 |
176 |
177 (*** Towards proving the liveness property ***) |
177 (*** Towards proving the liveness property ***) |
178 |
178 |
179 lemma client_prog_stable_rel_le_giv: |
179 lemma client_prog_stable_rel_le_giv: |
180 "client_prog \<in> stable({s \<in> state. <s`rel, s`giv> \<in> prefix(nat)})" |
180 "client_prog \<in> stable({s \<in> state. <s`rel, s`giv> \<in> prefix(nat)})" |
181 by (constrains, auto) |
181 by (safety, auto) |
182 |
182 |
183 lemma client_prog_Join_Stable_rel_le_giv: |
183 lemma client_prog_Join_Stable_rel_le_giv: |
184 "[| client_prog \<squnion> G \<in> Incr(lift(giv)); G \<in> preserves(lift(rel)) |] |
184 "[| client_prog \<squnion> G \<in> Incr(lift(giv)); G \<in> preserves(lift(rel)) |] |
185 ==> client_prog \<squnion> G \<in> Stable({s \<in> state. <s`rel, s`giv> \<in> prefix(nat)})" |
185 ==> client_prog \<squnion> G \<in> Stable({s \<in> state. <s`rel, s`giv> \<in> prefix(nat)})" |
186 apply (rule client_prog_stable_rel_le_giv [THEN Increasing_preserves_Stable]) |
186 apply (rule client_prog_stable_rel_le_giv [THEN Increasing_preserves_Stable]) |