12 Goalw [stable_def] |
12 Goalw [stable_def] |
13 "[| !! m. F : stable {s. s(Bproc,Rcvd) <= s(Aproc,Sent)}; \ |
13 "[| !! m. F : stable {s. s(Bproc,Rcvd) <= s(Aproc,Sent)}; \ |
14 \ !! m. F : stable {s. s(Aproc,Rcvd) <= s(Bproc,Sent)}; \ |
14 \ !! m. F : stable {s. s(Aproc,Rcvd) <= s(Bproc,Sent)}; \ |
15 \ !! m proc. F : stable {s. m <= s(proc,Sent)}; \ |
15 \ !! m proc. F : stable {s. m <= s(proc,Sent)}; \ |
16 \ !! n proc. F : stable {s. n <= s(proc,Rcvd)}; \ |
16 \ !! n proc. F : stable {s. n <= s(proc,Rcvd)}; \ |
17 \ !! m proc. F : {s. s(proc,Idle) = 1' & s(proc,Rcvd) = m} co \ |
17 \ !! m proc. F : {s. s(proc,Idle) = Suc 0 & s(proc,Rcvd) = m} co \ |
18 \ {s. s(proc,Rcvd) = m --> s(proc,Idle) = 1'}; \ |
18 \ {s. s(proc,Rcvd) = m --> s(proc,Idle) = Suc 0}; \ |
19 \ !! n proc. F : {s. s(proc,Idle) = 1' & s(proc,Sent) = n} co \ |
19 \ !! n proc. F : {s. s(proc,Idle) = Suc 0 & s(proc,Sent) = n} co \ |
20 \ {s. s(proc,Sent) = n} \ |
20 \ {s. s(proc,Sent) = n} \ |
21 \ |] ==> F : stable {s. s(Aproc,Idle) = 1' & s(Bproc,Idle) = 1' & \ |
21 \ |] ==> F : stable {s. s(Aproc,Idle) = Suc 0 & s(Bproc,Idle) = Suc 0 & \ |
22 \ s(Aproc,Sent) = s(Bproc,Rcvd) & \ |
22 \ s(Aproc,Sent) = s(Bproc,Rcvd) & \ |
23 \ s(Bproc,Sent) = s(Aproc,Rcvd) & \ |
23 \ s(Bproc,Sent) = s(Aproc,Rcvd) & \ |
24 \ s(Aproc,Rcvd) = m & s(Bproc,Rcvd) = n}"; |
24 \ s(Aproc,Rcvd) = m & s(Bproc,Rcvd) = n}"; |
25 |
25 |
26 val sent_nondec_A = read_instantiate [("proc","Aproc")] sent_nondec; |
26 val sent_nondec_A = read_instantiate [("proc","Aproc")] sent_nondec; |