-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathBIM_weakened_consistentBlend.dol
82 lines (61 loc) · 2.7 KB
/
BIM_weakened_consistentBlend.dol
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
%% Basic Mapping of Infinity blend
%%
%% -- here with weakenings.
logic CASL
spec PotentialInfProc =
sort State
ops InitState : State
preds NextState : State * State
__<__ : State * State
isFinal : State
forall x:State
. isFinal(x) <=> forall y:State . (not(x=y) => y < x) %(final_def)%
forall x: State . not (isFinal(x)) => exists! y:State
. NextState( x,y ) %(next_near_total)%
forall x, y, z : State . NextState(x,y) /\ NextState(x,z)
=> z = y %(next_inj)%
forall x : State . not (NextState(x,InitState)) %(init_not_next)%
forall x, y, z, xx, yy : State
. NextState(x,y) => InitState < y %(Init_least)%
. x < y /\ NextState (x,xx) /\ NextState (y,yy)
=> xx < yy %(less_monoton)%
. not ( x < x ) %(less_irref)%
. x < y /\ y < z => x < z %(less_trans)%
. x < y \/ x = y \/ y < x %(less_linear)%
%% . not(isFinal(x)) %(no_final)%
end
spec CompletedFinProc =
free type State ::= InitState | s2 | s3 | theFinalState
preds NextState : State * State
__<__ : State * State
isFinal : State
forall x:State
. isFinal(x) <=> forall y:State . (not(x=y) => y < x) %(final_def)%
%% weaken for consistent blend
%[forall x,y : State ]%
%[ . NextState(x,y) <=>]%
%[ ( (x = InitState /\ y = s2)]%
%[ \/ (x = s2 /\ y = s3)]%
%[ \/ (x = s3 /\ y = theFinalState)]%
%[ ) %(trans_table)%]%
forall x, y, z, xx, yy : State
. NextState(x,y) => InitState < y %(Init_least2)%
. x < y /\ NextState (x,xx) /\ NextState (y,yy)
=> xx < yy %(less_monoton2)%
. not ( x < x ) %(less_irref2)%
. x < y /\ y < z => x < z %(less_trans2)%
. x = theFinalState <=> isFinal (x) %(final_final)%
end
spec Generic =
sort GState
preds StateOrder : GState * GState
StateSuc : GState * GState
isFinal : GState
op InitState : GState
end
view V1 : Generic to PotentialInfProc =
GState |-> State, StateOrder |-> __<__, StateSuc |-> NextState
view V2 : Generic to CompletedFinProc =
GState |-> State, StateOrder |-> __<__, StateSuc |-> NextState
spec Colimit3 = combine V1,V2 end
%% Colimit3 consistent (darwin-non-fd)