Mercurial Mercurial > repos > isabelle / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/HOL/UNITY/Comp/Handshake.thy
changeset 67613 ce654b0e6d69
parent 60773 d09c66a0ea10
equal deleted inserted replaced
67610:4939494ed791 67613:ce654b0e6d69 
    45         cmdG_def [THEN def_act_simp, simp]
 
    45         cmdG_def [THEN def_act_simp, simp]
 
    46 
    46 
    47         invFG_def [THEN def_set_simp, simp]
 
    47         invFG_def [THEN def_set_simp, simp]
 
    48 
    48 
    49 
    49 
    50 lemma invFG: "(F \<squnion> G) : Always invFG"
 
    50 lemma invFG: "(F \<squnion> G) \<in> Always invFG"
 
    51 apply (rule AlwaysI)
 
    51 apply (rule AlwaysI)
 
    52 apply force
 
    52 apply force
 
    53 apply (rule constrains_imp_Constrains [THEN StableI])
 
    53 apply (rule constrains_imp_Constrains [THEN StableI])
 
    54 apply auto
 
    54 apply auto
 
    55  apply (unfold F_def, safety) 
    55  apply (unfold F_def, safety) 
    56 apply (unfold G_def, safety) 
    56 apply (unfold G_def, safety) 
    57 done
 
    57 done
 
    58 
    58 
    59 lemma lemma2_1: "(F \<squnion> G) : ({s. NF s = k} - {s. BB s}) LeadsTo  
    59 lemma lemma2_1: "(F \<squnion> G) \<in> ({s. NF s = k} - {s. BB s}) LeadsTo  
    60                               ({s. NF s = k} Int {s. BB s})"
 
    60                               ({s. NF s = k} Int {s. BB s})"
 
    61 apply (rule stable_Join_ensures1[THEN leadsTo_Basis, THEN leadsTo_imp_LeadsTo])
 
    61 apply (rule stable_Join_ensures1[THEN leadsTo_Basis, THEN leadsTo_imp_LeadsTo])
 
    62  apply (unfold F_def, safety) 
    62  apply (unfold F_def, safety) 
    63 apply (unfold G_def, ensures_tac "cmdG") 
    63 apply (unfold G_def, ensures_tac "cmdG") 
    64 done
 
    64 done
 
    65 
    65 
    66 lemma lemma2_2: "(F \<squnion> G) : ({s. NF s = k} Int {s. BB s}) LeadsTo 
    66 lemma lemma2_2: "(F \<squnion> G) \<in> ({s. NF s = k} Int {s. BB s}) LeadsTo 
    67                               {s. k < NF s}"
 
    67                               {s. k < NF s}"
 
    68 apply (rule stable_Join_ensures2[THEN leadsTo_Basis, THEN leadsTo_imp_LeadsTo])
 
    68 apply (rule stable_Join_ensures2[THEN leadsTo_Basis, THEN leadsTo_imp_LeadsTo])
 
    69  apply (unfold F_def, ensures_tac "cmdF") 
    69  apply (unfold F_def, ensures_tac "cmdF") 
    70 apply (unfold G_def, safety) 
    70 apply (unfold G_def, safety) 
    71 done
 
    71 done
 
    72 
    72 
    73 lemma progress: "(F \<squnion> G) : UNIV LeadsTo {s. m < NF s}"
 
    73 lemma progress: "(F \<squnion> G) \<in> UNIV LeadsTo {s. m < NF s}"
 
    74 apply (rule LeadsTo_weaken_R)
 
    74 apply (rule LeadsTo_weaken_R)
 
    75 apply (rule_tac f = "NF" and l = "Suc m" and B = "{}" 
    75 apply (rule_tac f = "NF" and l = "Suc m" and B = "{}" 
    76        in GreaterThan_bounded_induct)
 
    76        in GreaterThan_bounded_induct)
 
    77 (*The inductive step is (F \<squnion> G) : {x. NF x = ma} LeadsTo {x. ma < NF x}*)
 
    77 (*The inductive step is (F \<squnion> G) : {x. NF x = ma} LeadsTo {x. ma < NF x}*)
 
    78 apply (auto intro!: lemma2_1 lemma2_2
 
    78 apply (auto intro!: lemma2_1 lemma2_2
isabelle