pip: comparison Implementation.thy

equal deleted inserted replaced

-:32985f93e845
+:2dd47ea013ac
 To minimize the cost of the recalculation, we derived the following localized alternative
 definition of @{term cp}:
 *}
 lemma cp_rec_tG:
-"cp s th = Max ({preced th s} \<union> cprecs (children (tG s) th) s)"
+"cp s th = Max (preceds {th} s \<union> cprecs (children (tG s) th) s)"
 proof -
 have [simp]: "(cp s \<circ> the_thread \<circ> Th) = cp s" by (rule ext, simp)
 have [simp]: "(cp s \<circ> the_thread) ` children (tRAG s) (Th th) =
 cp s ` children (tG s) th"
 apply (unfold tRAG_def_tG)
 section {* The @{term Set} operation *}
 context valid_trace_set
 begin
+find_theorems RAG "(e#s)" "_ = _"
 text {* (* ddd *)
 The following two lemmas confirm that @{text "Set"}-operation
 only changes the precedence of the initiating thread (or actor)
 of the operation (or event).
 More specifically, the lemma says the change of @{text RAG}
 is by first removing the chain linking @{text taker}, @{text cs} and
 @{text th} and then adding in one edge from @{text cs} to @{text taker}.
 The added edge represents acquisition of @{text cs} by @{text taker}.
 *}
 lemma RAG_s:
 "RAG (e#s) = (RAG s - {(Cs cs, Th th), (Th taker, Cs cs)}) \<union>
 {(Cs cs, Th taker)}"
 by (unfold RAG_es waiting_set_eq holding_set_eq, auto)
 threads other than @{text th} and @{text taker}) do not need to do any @{text cp}-recalculation.
 The reason is simple: according to @{thm subtree_kept}, the sub-trees of such threads
 are not changed , additionally, since the @{text V}-operation does not change any precedence,
 the @{text "cp"}-value of such threads are not changed.
 *}
 lemma cp_kept:
 assumes "th1 \<notin> {th, taker}"
 shows "cp (e#s) th1 = cp s th1"
 by (unfold cp_alt_def the_preced_es subtree_kept[OF assms], simp)
 neither of these two threads has children with changed @{text cp}-value.
 It means the recursive calls in @{thm cp_rec_tG} will not descend when recalculating
 the @{text cp}-values for @{text th} and @{text taker}.
 *}
-lemma t1: "taker \<notin> children (tG (e#s)) th"
+lemma "taker \<notin> children (tG (e#s)) th"
 by (metis children_subtree empty_iff in_mono neq_taker_th root_def set_mp
 subtree_ancestorsI taker_ready_es vat_es.root_readys_tG)
-lemma t2: "th \<notin> children (tG (e#s)) taker"
+lemma "th \<notin> children (tG (e#s)) taker"
 by (metis children_subtree empty_iff  neq_taker_th root_def
 subsetD subtree_ancestorsI th_ready_es vat_es.root_readys_tG)
 end
 text {*
 By combining @{thm cp_kept_1} and @{thm cp_kept_2}, it is shown that no @{text cp}-recalculation
 is needed at all for this sub-case of @{text V}-operation.
 *}
-lemma eq_cp:
+lemma eq_cp_pre:
 shows "cp (e#s) th' = cp s th'"
 using cp_kept_1 cp_kept_2
 by (cases "th' = th", auto)
+lemma eq_cp:
+shows "cp (e#s) = cp s"
+by (rule ext, unfold eq_cp_pre, simp)
 end
 section {* The @{term P} operation *}
 context valid_trace_p_h
 begin
 text {*
-According to @{thm RAG_es}, the only change to @{text RAG} by
+It can be shown that the @{text tG} is not changed by
-the @{text P}-operation is the addition of the edge @{text "(Cs cs, Th th)"},
+the @{text P}-action. The reason is that the edge added to @{text RAG}
-representing the newly acquisition of @{text cs} by @{text th}.
+by the @{text P}-action, namely @{text "(Cs cs, Th th)"},
-The following lemma shows that this newly added edge only change the sub-tree
+does not bring any new thread into graph @{text tG}, because
-of @{text th}, the reason is that @{text th} is in no other sub-trees.
+the node of @{text cs} is isolated from the original @{text RAG}.
 *}
-lemma subtree_kept:
+lemma tG_es: "tG (e # s) = tG s"
-assumes "th' \<noteq> th"
+proof -
-shows "subtree (RAG (e#s)) (Th th') = subtree (RAG s) (Th th')"
+have [simp]: "\<And> th1. (Th th1, Cs cs) \<notin> RAG s"
-proof(unfold RAG_es, rule subtree_insert_next)
+by (metis in_RAG_E no_holder node.simps(4) the_cs.simps waiting_holding)
-from in_no_others_subtree[OF assms]
+show ?thesis
-show "Th th \<notin> subtree (RAG s) (Th th')" .
+apply (unfold tG_def_tRAG tRAG_alt_def RAG_es)
-qed
+by (auto)
+qed
-text {*
-With both sub-tree and precdences unchanged, the @{text cp}-values of
+text {*
-threads other than @{text th} are not changed. Therefore, the
+Since both @{text tG} and precedences are not changed, it is easy
-only recalculation of @{text cp}-value happens at @{text th}, and
+to show that all @{text cp}-value are not changed, therefore,
-the recalculation can be done locally using the
+no @{text cp}-recalculation is needed:
-{\em local recalculation principle}, because the @{text cp}-values
+*}
-of its children are not changed.
-*}
+lemma cp_kept: "cp (e#s) = cp s"
-lemma cp_kept:
+by (rule ext, simp add: cp_alt_def2 preced_kept tG_es)
-assumes "th' \<noteq> th"
-shows "cp (e#s) th' = cp s th'"
-proof -
-have "(the_preced (e#s) ` {th'a. Th th'a \<in> subtree (RAG (e#s)) (Th th')}) =
-(the_preced s ` {th'a. Th th'a \<in> subtree (RAG s) (Th th')})"
-by (unfold preced_kept subtree_kept[OF assms], simp)
-thus ?thesis by (unfold cp_alt_def, simp)
-qed
 end
 text {*
 The following locale @{text valid_trace_p_w} corresponds to
 text {*
 Because of @{thm preced_kept}, @{thm tG_kept} and @{thm th_tRAG},
 the @{text cp}-values of all other threads are not changed.
 The reasoning is almost the same as that of @{term Create}:
 *}
 lemma eq_cp:
 assumes neq_th: "th' \<noteq> th"
 shows "cp (e#s) th' = cp s th'"
 proof -
 have "(the_preced (e # s) ` subtree (tG (e # s)) th') =
 thus ?thesis by (unfold cp_alt_def2, simp)
 qed
 end
 end

changeset 188	2dd47ea013ac
parent 185	42767f6e0ae9
child 189	914288aec495