CristalCaveGem » LustreC

node Sofar( X : bool ) returns ( Sofar : bool );

let

    Sofar = X -> X and pre Sofar;

tel

node excludes12( X1, X2, X3, X4, X5, X6, X7, X8, X9, X10, X11, X12 : bool ) returns ( excludes : bool );

let

    excludes = not X1 and not X2 and not X3 and not X4 and not X5 and not X6 and not X7 and not X8 and not X9 and not X10 and not X11 and not X12 or

                  X1 and not X2 and not X3 and not X4 and not X5 and not X6 and not X7 and not X8 and not X9 and not X10 and not X11 and not X12 or

              not X1 and     X2 and not X3 and not X4 and not X5 and not X6 and not X7 and not X8 and not X9 and not X10 and not X11 and not X12 or

              not X1 and not X2 and     X3 and not X4 and not X5 and not X6 and not X7 and not X8 and not X9 and not X10 and not X11 and not X12 or

              not X1 and not X2 and not X3 and     X4 and not X5 and not X6 and not X7 and not X8 and not X9 and not X10 and not X11 and not X12 or

              not X1 and not X2 and not X3 and not X4 and     X5 and not X6 and not X7 and not X8 and not X9 and not X10 and not X11 and not X12 or

              not X1 and not X2 and not X3 and not X4 and not X5 and     X6 and not X7 and not X8 and not X9 and not X10 and not X11 and not X12 or

              not X1 and not X2 and not X3 and not X4 and not X5 and not X6 and     X7 and not X8 and not X9 and not X10 and not X11 and not X12 or

              not X1 and not X2 and not X3 and not X4 and not X5 and not X6 and not X7 and     X8 and not X9 and not X10 and not X11 and not X12 or

              not X1 and not X2 and not X3 and not X4 and not X5 and not X6 and not X7 and not X8 and     X9 and not X10 and not X11 and not X12 or

              not X1 and not X2 and not X3 and not X4 and not X5 and not X6 and not X7 and not X8 and not X9 and     X10 and not X11 and not X12 or

              not X1 and not X2 and not X3 and not X4 and not X5 and not X6 and not X7 and not X8 and not X9 and not X10 and     X11 and not X12 or

              not X1 and not X2 and not X3 and not X4 and not X5 and not X6 and not X7 and not X8 and not X9 and not X10 and not X11 and     X12;

tel

node peterson(e01, e02, e03, e04, e05, e06, e07, e08, e09, e10, e11, e12 : bool) returns (x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13 : int);

var

   g01, g02, g03, g04, g05, g06, g07, g08, g09, g10, g11, g12 : bool;

let

   g01 = pre x0>=1 and pre x4>=1;

   g02 = pre x1 >= 1 and pre x6 >= 1;

   g03 = pre x1>=1 and pre x7>=1;

   g04 = pre x2>=1 and pre x9>=1;

   g05 = pre x2>=1 and pre x6>=1;

   g06 = pre x3>=1 and pre x5>=1;

   g07 = pre x9>=1 and pre x10>=1;

   g08 = pre x7>=1 and pre x11>=1;

   g09 = pre x6>=1 and pre x11>=1;

   g10 = pre x4>=1 and pre x12>=1;

   g11 = pre x7>=1 and pre x12>=1;

   g12 = pre x8>=1 and pre x13>=1;

   x0 = 1 -> 

   if(e01) then if(g01) then pre x0-1 else pre x0 else 

   if(e06) then if(g06) then pre x0+1 else pre x0 else 

   pre x0;

   x1 = 0 -> 

   if(e01) then if(g01) then pre x1+1 else pre x1 else 

   if(e02) then if(g02) then pre x1-1 else pre x1 else 

   if(e03) then if(g03) then pre x1-1 else pre x1 else 

   pre x1;

   x2 = 0 -> 

   if(e02) then if(g02) then pre x2+1 else pre x2 else 

   if(e03) then if(g03) then pre x2+1 else pre x2 else 

   if(e04) then if(g04) then pre x2-1 else pre x2 else 

   if(e05) then if(g05) then pre x2-1 else pre x2 else 

   pre x2;

   x3 = 0 -> 

   if(e04) then if(g04) then pre x3+1 else pre x3 else 

   if(e05) then if(g05) then pre x3+1 else pre x3 else 

   if(e06) then if(g06) then pre x3-1 else pre x3 else 

   pre x3;

   x4 = 1 -> 

   if(e01) then if(g01) then pre x4-1 else pre x4 else 

   if(e06) then if(g06) then pre x4+1 else pre x4 else 

   pre x4;

   x5 = 0 -> 

   if(e01) then if(g01) then pre x5+1 else pre x5 else 

   if(e06) then if(g06) then pre x5-1 else pre x5 else 

   pre x5;

   x6 = 0 -> 

   if(e02) then if(g02) then pre x6-1 else pre x6 else 

   if(e08) then if(g08) then pre x6+1 else pre x6 else 

   pre x6;

   x7 = 1 -> 

   if(e02) then if(g02) then pre x7+1 else pre x7 else 

   if(e08) then if(g08) then pre x7-1 else pre x7 else 

   pre x7;

   x8 = 0 -> 

   if(e07) then if(g07) then pre x8+1 else pre x8 else 

   if(e12) then if(g12) then pre x8-1 else pre x8 else 

   pre x8;

   x9 = 1 -> 

   if(e07) then if(g07) then pre x9-1 else pre x9 else 

   if(e12) then if(g12) then pre x9+1 else pre x9 else 

   pre x9;

   x10 = 1 -> 

   if(e07) then if(g07) then pre x10-1 else pre x10 else 

   if(e12) then if(g12) then pre x10+1 else pre x10 else 

   pre x10;

   x11 = 0 -> 

   if(e07) then if(g07) then pre x11+1 else pre x11 else 

   if(e08) then if(g08) then pre x11-1 else pre x11 else 

   if(e09) then if(g09) then pre x11-1 else pre x11 else 

   pre x11;

   x12 = 0 -> 

   if(e08) then if(g08) then pre x12+1 else pre x12 else 

   if(e09) then if(g09) then pre x12+1 else pre x12 else 

   if(e10) then if(g10) then pre x12-1 else pre x12 else 

   if(e11) then if(g11) then pre x12-1 else pre x12 else 

   pre x12;

   x13 = 0 -> 

   if(e10) then if(g10) then pre x13+1 else pre x13 else 

   if(e11) then if(g11) then pre x13+1 else pre x13 else 

   if(e12) then if(g12) then pre x13-1 else pre x13 else 

   pre x13;

tel

--@ ensures OK;

node top(e01, e02, e03, e04, e05, e06, e07, e08, e09, e10, e11, e12 : bool)

returns ( OK : bool );

    var x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13 : int;

        env : bool;

let

   (x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13) = peterson(e01, e02, e03, e04, e05, e06, e07, e08, e09, e10, e11, e12);

    env = Sofar( excludes12( e01, e02, e03, e04, e05, e06, e07, e08, e09, e10, e11, e12 ) and x2 < 32767 );

    OK = env => x2 >= 0;

--!k:2;

--!PROPERTY: OK=true;

    --%MAIN;

tel