equal
deleted
inserted
replaced
901 apply (unfold system_safety_def) |
901 apply (unfold system_safety_def) |
902 apply (tactic \<open>resolve_tac @{context} [Always_Int_rule [@{thm System_sum_bounded}, |
902 apply (tactic \<open>resolve_tac @{context} [Always_Int_rule [@{thm System_sum_bounded}, |
903 @{thm Always_tokens_giv_le_allocGiv}, @{thm Always_tokens_allocRel_le_rel}] RS |
903 @{thm Always_tokens_giv_le_allocGiv}, @{thm Always_tokens_allocRel_le_rel}] RS |
904 @{thm Always_weaken}] 1\<close>) |
904 @{thm Always_weaken}] 1\<close>) |
905 apply auto |
905 apply auto |
906 apply (rule setsum_fun_mono [THEN order_trans]) |
906 apply (rule sum_fun_mono [THEN order_trans]) |
907 apply (drule_tac [2] order_trans) |
907 apply (drule_tac [2] order_trans) |
908 apply (rule_tac [2] add_le_mono [OF order_refl setsum_fun_mono]) |
908 apply (rule_tac [2] add_le_mono [OF order_refl sum_fun_mono]) |
909 prefer 3 apply assumption |
909 prefer 3 apply assumption |
910 apply auto |
910 apply auto |
911 done |
911 done |
912 |
912 |
913 subsection \<open>Proof of the progress property (2)\<close> |
913 subsection \<open>Proof of the progress property (2)\<close> |