-
Notifications
You must be signed in to change notification settings - Fork 1
/
SpireSafe.cfg
62 lines (50 loc) · 2.66 KB
/
SpireSafe.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
SPECIFICATION
(*****************************************************************************)
(* Various specification 'flavours' that may be used for bounded model *)
(* checking. *)
(*****************************************************************************)
(*****************************************************************************)
(* Regular specification for model checking. *)
(*****************************************************************************)
Spec
(*****************************************************************************)
(* Starts in any state permitted by the inductive invariant `Inv'. *)
(* This is a traditional inductive specification that works for tiny *)
(* models, but scales poorly as the model size increases. Consider *)
(* using `RSpec' for larger models. *)
(*****************************************************************************)
\* ISpec
(*****************************************************************************)
(* Uses random sampling to generate inductive initial states, being a subset *)
(* of all possible initial states otherwise permitted by `Inv'. Each run *)
(* results in a different set of initial states. *)
(* Sample sizes are configured by setting `Carg' and `Parg' in the module *)
(* definition. *)
(*****************************************************************************)
\* RSpec
CONSTANTS
None = "none"
Rounds <- FiniteRounds
Values = {x, y}
MaxRound = 3
(*****************************************************************************)
(* Varying combinations of consenters and quorums. Uncomment to size the *)
(* model accordingly. *)
(*****************************************************************************)
\* Consenters = {a, b, c, d, e}
\* Quorums = {{a, b, c}, {a, b, d}, {a, b, e}, {a, c, d}, {a, c, e}, {a, d, e}, {b, c, d}, {b, c, e}, {b, d, e}, {c, d, e}}
\* Consenters = {a, b, c, d}
\* Quorums = {{a, b, c}, {a, b, d}, {a, c, d}, {b, c, d}}
Consenters = {a, b, c}
Quorums = {{a, b}, {b, c}, {a, c}}
\* Consenters = {a, b}
\* Quorums = {{a, b}}
\* Consenters = {a}
\* Quorums = {{a}}
INVARIANTS
TypeOK
Inv
SingularPrimedPerRound
ChosenRequiresEarlierUnprimedOffers
Consistency
SYMMETRY Symmetry