Mercurial Mercurial > hg > pip / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Journal/Paper.thy
changeset 166 6cfafcb41a3d
parent 165 f73b7f339314
child 167 045371bde100
equal deleted inserted replaced
165:f73b7f339314 166:6cfafcb41a3d 
    44   Cs ("C") and
 
    44   Cs ("C") and
 
    45   readys ("ready") and
 
    45   readys ("ready") and
 
    46   preced ("prec") and
 
    46   preced ("prec") and
 
    47   preceds ("precs") and
 
    47   preceds ("precs") and
 
    48   cpreced ("cprec") and
 
    48   cpreced ("cprec") and
 
       
    49   cpreceds ("cprecs") and
 
    49   wq_fun ("wq") and
 
    50   wq_fun ("wq") and
 
    50   cprec_fun ("cp'_fun") and
 
    51   cp ("cprec") and
 
       
    52   (*cprec_fun ("cp_fun") and*)
 
    51   holdents ("resources") and
 
    53   holdents ("resources") and
 
    52   DUMMY  ("\<^raw:\mbox{$\_\!\_$}>") and
 
    54   DUMMY  ("\<^raw:\mbox{$\_\!\_$}>") and
 
    53   cntP ("c\<^bsub>P\<^esub>") and
 
    55   cntP ("c\<^bsub>P\<^esub>") and
 
    54   cntV ("c\<^bsub>V\<^esub>")
 
    56   cntV ("c\<^bsub>V\<^esub>")
 
    55 
    57 
   665   of @{text th} in the state @{text s}. Since the notion @{term
 
   667   of @{text th} in the state @{text s}. Since the notion @{term
 
   666   "dependants"} is defined as the transitive closure of all dependent
 
   668   "dependants"} is defined as the transitive closure of all dependent
 
   667   threads, we deal correctly with the problem in the informal
 
   669   threads, we deal correctly with the problem in the informal
 
   668   algorithm by Sha et al.~\cite{Sha90} where a priority of a thread is
 
   670   algorithm by Sha et al.~\cite{Sha90} where a priority of a thread is
 
   669   lowered prematurely (see Introduction). We again introduce an abbreviation for current
 
   671   lowered prematurely (see Introduction). We again introduce an abbreviation for current
 
   670   precedeces of a set of threads, written @{text "cpreceds wq s ths"}.
 
   672   precedeces of a set of threads, written @{text "cprecs wq s ths"}.
 
   671   
   673   
   672   \begin{isabelle}\ \ \ \ \ %%%
 
   674   \begin{isabelle}\ \ \ \ \ %%%
 
   673   @{thm cpreceds_def}
 
   675   @{thm cpreceds_def}
 
   674   \end{isabelle}
 
   676   \end{isabelle}
 
   675 
   677 
  1083 
  1085 
  1084   \noindent This theorem ensures that the thread @{text th}, which has
 
  1086   \noindent This theorem ensures that the thread @{text th}, which has
 
  1085   the highest precedence in the state @{text s}, is either running in
 
  1087   the highest precedence in the state @{text s}, is either running in
 
  1086   state @{term "s' @ s"}, or can only be blocked in the state @{text
 
  1088   state @{term "s' @ s"}, or can only be blocked in the state @{text
 
  1087   "s' @ s"} by a thread @{text th'} that already existed in @{text s}
 
  1089   "s' @ s"} by a thread @{text th'} that already existed in @{text s}
 
  1088   and requested a resource or had a lock on at least one resource---that means
 
  1090   and is waiting for a resource or had a lock on at least one resource---that means
 
  1089   the thread was not \emph{detached} in @{text s}.  As we shall see
 
  1091   the thread was not \emph{detached} in @{text s}.  As we shall see
 
  1090   shortly, that means there are only finitely many threads that can
 
  1092   shortly, that means there are only finitely many threads that can
 
  1091   block @{text th} in this way and then they need to run with the same
 
  1093   block @{text th} in this way.
 
  1092   precedence as @{text th}.
 
       
  1093 
  1094 
  1094   
  1095   
  1095 %% HERE
 
  1096 %% HERE
 
  1096 
  1097 
  1097   Given our assumptions (on @{text th}), the first property we can
 
  1098   Given our assumptions (on @{text th}), the first property we can
 
  1113   \noindent
 
  1114   \noindent
 
  1114   We also know that this is equal to the maximum of current precedences of all threads,
 
  1115   We also know that this is equal to the maximum of current precedences of all threads,
 
  1115   that is
 
  1116   that is
 
  1116 
  1117 
  1117   \begin{center}
 
  1118   \begin{center}
 
  1118   @{term "cp (t @ s) th' = Max (cp (t @ s) ` treads (t @ s))"}
 
  1119   @{term "cp (t @ s) th' = Max (cp (t @ s) ` threads (t @ s))"}
 
  1119   \end{center}
 
  1120   \end{center}
 
  1120 
  1121 
  1121   \noindent
 
  1122   \noindent
 
  1122   This is because each ready thread, say @{text "th\<^sub>r"}, has the maximum
 
  1123   This is because each ready thread, say @{text "th\<^sub>r"}, has the maximum
 
  1123   current precedence of the subtree located at @{text "th\<^sub>r"}. All these
 
  1124   current precedence of the subtree located at @{text "th\<^sub>r"}. All these
 
  1141 
  1142 
  1142   \begin{proof} Let us assume @{text "th'"} is detached in state
 
  1143   \begin{proof} Let us assume @{text "th'"} is detached in state
 
  1143   @{text "s"}, then, according to the definition of detached, @{text
 
  1144   @{text "s"}, then, according to the definition of detached, @{text
 
  1144   "th’"} does not hold or wait for any resource. Hence the @{text
 
  1145   "th’"} does not hold or wait for any resource. Hence the @{text
 
  1145   cp}-value of @{text "th'"} in @{text s} is not boosted, that is
 
  1146   cp}-value of @{text "th'"} in @{text s} is not boosted, that is
 
  1146   @{term "cp s th' = prec th s"}, and is therefore lower than the
 
  1147   @{term "cp s th' = prec th' s"}, and is therefore lower than the
 
  1147   precedence (as well as the @{text "cp"}-value) of @{term "th"}. This
 
  1148   precedence (as well as the @{text "cp"}-value) of @{term "th"}. This
 
  1148   means @{text "th'"} will not run as long as @{text "th"} is a
 
  1149   means @{text "th'"} will not run as long as @{text "th"} is a live
 
  1149   live thread. In turn this means @{text "th'"} cannot acquire a reseource
 
  1150   thread. In turn this means @{text "th'"} cannot take any action in
 
  1150   and is still detached in state @{text "s' @ s"}.  Consequently
 
  1151   state @{text "s' @ s"} to change its current status; therefore
 
  1151   @{text "th'"} is also not boosted in state @{text "s' @ s"} and
 
  1152   @{text "th'"} is still detached in state @{text "s' @ s"}.
 
  1152   would not run. This contradicts our assumption.\qed
 
  1153   Consequently @{text "th'"} is also not boosted in state @{text "s' @
 
       
  1154   s"} and would not run. This contradicts our assumption.\qed
 
  1153   \end{proof}
 
  1155   \end{proof}
 
  1154 
  1156 
  1155 
  1157 
  1156   \begin{proof}[of Theorem 1] If @{term "th \<in> running (s' @ s)"},
 
  1158   \begin{proof}[of Theorem 1] If @{term "th \<in> running (s' @ s)"},
 
  1157   then there is nothing to show. So let us assume otherwise. Since the
 
  1159   then there is nothing to show. So let us assume otherwise. Since the
 
  1174   This concludes the proof of Theorem 1.\qed
 
  1176   This concludes the proof of Theorem 1.\qed
 
  1175   \end{proof}
 
  1177   \end{proof}
 
  1176 
  1178 
  1177 
  1179 
  1178   %\endnote{
 
  1180   %\endnote{
 
  1179   %In what follows we will describe properties of PIP that allow us to
 
  1181   
  1180   %prove Theorem~\ref{mainthm} and, when instructive, briefly describe
 
  1182 In what follows we will describe properties of PIP that allow us to
 
  1181   %our argument. Recall we want to prove that in state @ {term "s' @ s"}
 
  1183   prove Theorem~\ref{mainthm} and, when instructive, briefly describe
 
  1182   %either @{term th} is either running or blocked by a thread @ {term
 
  1184   our argument. Recall we want to prove that in state @ {term "s' @ s"} 
  1183   %"th'"} (@{term "th \<noteq> th'"}) which was alive in state @{term s}. We
 
  1185 either @{term th} is either running or blocked by a thread @
 
  1184   %can show that
 
  1186   {term "th'"} (@{term "th \<noteq> th'"}) which was alive in state
 
  1185 
  1187   @{term s}. We can show that
 
  1186 
  1188 
  1187   %\begin{lemma}
 
  1189 
  1188   %If @{thm (prem 2) eq_pv_blocked}
 
  1190   \begin{lemma}
 
  1189   %then @{thm (concl) eq_pv_blocked}
 
  1191   If @{thm (prem 2) eq_pv_blocked}
 
  1190   %\end{lemma}
 
  1192   then @{thm (concl) eq_pv_blocked}
 
  1191 
  1193   \end{lemma}
 
  1192   %\begin{lemma}
 
  1194 
  1193   %If @{thm (prem 2) eq_pv_persist}
 
  1195   \begin{lemma}
 
  1194   %then @{thm (concl) eq_pv_persist}
 
  1196   If @{thm (prem 2) eq_pv_persist}
 
  1195   %\end{lemma}}
 
  1197   then @{thm (concl) eq_pv_persist}
 
       
  1198   \end{lemma}
 
       
  1199   %%%}
 
  1196 
  1200 
  1197 %  \endnote{{\bf OUTLINE}
 
  1201 %  \endnote{{\bf OUTLINE}
 
  1198 
  1202 
  1199 %  Since @{term "th"} is the most urgent thread, if it is somehow
 
  1203   Since @{term "th"} is the most urgent thread, if it is somehow
 
  1200 %  blocked, people want to know why and wether this blocking is
 
  1204   blocked, people want to know why and wether this blocking is
 
  1201 %  reasonable.
 
  1205   reasonable.
 
  1202 
  1206 
  1203 %  @{thm [source] th_blockedE} @{thm th_blockedE}
 
  1207   @{thm [source] th_blockedE} @{thm th_blockedE}
 
  1204 
  1208 
  1205 %  if @{term "th"} is blocked, then there is a path leading from 
  1209   if @{term "th"} is blocked, then there is a path leading from 
  1206 %  @{term "th"} to @{term "th'"}, which means:
 
  1210   @{term "th"} to @{term "th'"}, which means:
 
  1207 %  there is a chain of demand leading from @{term th} to @{term th'}.
 
  1211   there is a chain of demand leading from @{term th} to @{term th'}.
 
  1208 
  1212 
  1209   %%% in other words
 
  1213    in other words
 
  1210   %%% th -> cs1 -> th1 -> cs2 -> th2 -> ... -> csn -> thn -> cs -> th'. 
  1214    th -> cs1 -> th1 -> cs2 -> th2 -> ... -> csn -> thn -> cs -> th'. 
  1211   %%% 
  1215    
  1212   %%% We says that th is blocked by "th'".
 
  1216    We says that th is blocked by @{text "th'"}.
 
  1213 
  1217 
  1214 %  THEN
 
  1218   THEN
 
  1215 
  1219 
  1216 %  @ {thm [source] vat_t.th_chain_to_ready} @ {thm vat_t.th_chain_to_ready}
 
  1220   @{thm [source] vat_t.th_chain_to_ready} @{thm vat_t.th_chain_to_ready}
 
  1217 
  1221 
  1218 %  It is basic propery with non-trival proof. 
  1222   It is basic propery with non-trival proof. 
  1219 
  1223 
  1220 %  THEN
 
  1224   THEN
 
  1221 
  1225 
  1222 %  @ {thm [source] max_preced} @ {thm max_preced}
 
  1226   @{thm [source] max_preced} @{thm max_preced}
 
  1223 
  1227 
  1224 %  which says @{term "th"} holds the max precedence.
 
  1228   which says @{term "th"} holds the max precedence.
 
  1225 
  1229 
  1226 %  THEN
 
  1230   THEN
 
  1227  
  1231  
  1228 %  @ {thm [source] th_cp_max th_cp_preced th_kept}
 
  1232   @{thm [source] th_cp_max th_cp_preced th_kept}
 
  1229 %  @ {thm th_cp_max th_cp_preced th_kept}
 
  1233   @{thm th_cp_max th_cp_preced th_kept}
 
  1230 
  1234 
  1231 %  THENTHEN
 
  1235   THEN
 
  1232 
  1236 
  1233  %@ {thm [source] running_inversion_4} @  {thm running_inversion_4}
 
  1237  ??? %%@ {thm [source] running_inversion_4} @  {thm running_inversion_4}
 
  1234 
  1238 
  1235  % which explains what the @{term "th'"} looks like. Now, we have found the 
  1239  which explains what the @{term "th'"} looks like. Now, we have found the 
  1236  % @{term "th'"} which blocks @{term th}, we need to know more about it.
 
  1240  @{term "th'"} which blocks @{term th}, we need to know more about it.
 
  1237  % To see what kind of thread can block @{term th}.
 
  1241  To see what kind of thread can block @{term th}.
 
  1238 
  1242 
  1239  % From these two lemmas we can see the correctness of PIP, which is
 
  1243   From these two lemmas we can see the correctness of PIP, which is
 
  1240  % that: the blockage of th is reasonable and under control.
 
  1244   that: the blockage of th is reasonable and under control.
 
  1241 
  1245 
  1242  % Lemmas we want to describe:
 
  1246   Lemmas we want to describe:
 
  1243 
  1247 
  1244  % \begin{lemma}
 
  1248   \begin{lemma}
 
  1245  % @ {thm running_cntP_cntV_inv}
 
  1249   @{thm running_cntP_cntV_inv}
 
  1246  % \end{lemma}
 
  1250   \end{lemma}
 
  1247 
  1251 
  1248 %  \noindent
 
  1252   \noindent
 
  1249 %  Remember we do not have the well-nestedness restriction in our
 
  1253   Remember we do not have the well-nestedness restriction in our
 
  1250 %  proof, which means the difference between the counters @{const cntV}
 
  1254   proof, which means the difference between the counters @{const cntV}
 
  1251 %  and @{const cntP} can be larger than @{term 1}.
 
  1255   and @{const cntP} can be larger than @{term 1}.
 
  1252 
  1256 
  1253 %  \begin{lemma}\label{runninginversion}
 
  1257   \begin{lemma}\label{runninginversion}
 
  1254 %  @ {thm running_inversion}
 
  1258   @{thm running_inversion}
 
  1255 %  \end{lemma}
 
  1259   \end{lemma}
 
  1256   
  1260   
  1257 %  explain tRAG
 
  1261   explain tRAG
 
  1258 %}
 
  1262 %}
 
  1259 
  1263 
  1260   
  1264   
  1261 %  Suppose the thread @ {term th} is \emph{not} running in state @ {term
 
  1265 %  Suppose the thread @ {term th} is \emph{not} running in state @ {term
 
  1262 %  "t @ s"}, meaning that it should be blocked by some other thread.
 
  1266 %  "t @ s"}, meaning that it should be blocked by some other thread.
pip