pip: comparison PrioG.thy

equal deleted inserted replaced

-:92f61f6a0fe7
+:af38526275f8
 apply (auto split:list.splits prod.splits simp:Let_def wq_def cs_waiting_def cs_holding_def)
 apply(case_tac "csa = cs", auto)
 apply(fold wq_def)
 apply(drule_tac step_back_step)
 apply(ind_cases " step s (P (hd (wq s cs)) cs)")
-apply(auto simp:s_RAG_def wq_def cs_holding_def)
+apply(simp add:s_RAG_def wq_def cs_holding_def)
+apply(auto)
 done
+(* FIXME: Unused
 lemma simple_A:
 fixes A
 assumes h: "\<And> x y. \<lbrakk>x \<in> A; y \<in> A\<rbrakk> \<Longrightarrow> x = y"
 shows "A = {} \<or> (\<exists> a. A = {a})"
 proof(cases "A = {}")
 next
 case False then obtain a where "a \<in> A" by auto
 with h have "A = {a}" by auto
 thus ?thesis by simp
 qed
+*)
 lemma RAG_target_th: "(Th th, x) \<in> RAG (s::state) \<Longrightarrow> \<exists> cs. x = Cs cs"
 by (unfold s_RAG_def, auto)
 lemma acyclic_RAG:
 fixes s
 assumes vt: "vt s"
 shows "acyclic (RAG s)"
-proof -
+using assms
-from vt show ?thesis
+proof(induct)
-proof(induct)
+case (vt_cons s e)
-case (vt_cons s e)
+assume ih: "acyclic (RAG s)"
-assume ih: "acyclic (RAG s)"
+and stp: "step s e"
-and stp: "step s e"
+and vt: "vt s"
-and vt: "vt s"
+show ?case
-show ?case
+proof(cases e)
-proof(cases e)
+case (Create th prio)
-case (Create th prio)
+with ih
-with ih
+show ?thesis by (simp add:RAG_create_unchanged)
-show ?thesis by (simp add:RAG_create_unchanged)
+next
-next
+case (Exit th)
-case (Exit th)
+with ih show ?thesis by (simp add:RAG_exit_unchanged)
-with ih show ?thesis by (simp add:RAG_exit_unchanged)
+next
-next
+case (V th cs)
-case (V th cs)
+from V vt stp have vtt: "vt (V th cs#s)" by auto
-from V vt stp have vtt: "vt (V th cs#s)" by auto
+from step_RAG_v [OF this]
-from step_RAG_v [OF this]
+have eq_de:
-have eq_de:
+"RAG (e # s) =
-"RAG (e # s) =
+RAG s - {(Cs cs, Th th)} - {(Th th', Cs cs) |th'. next_th s th cs th'} \<union>
-RAG s - {(Cs cs, Th th)} - {(Th th', Cs cs) |th'. next_th s th cs th'} \<union>
+{(Cs cs, Th th') |th'. next_th s th cs th'}"
-{(Cs cs, Th th') |th'. next_th s th cs th'}"
+(is "?L = (?A - ?B - ?C) \<union> ?D") by (simp add:V)
-(is "?L = (?A - ?B - ?C) \<union> ?D") by (simp add:V)
+from ih have ac: "acyclic (?A - ?B - ?C)" by (auto elim:acyclic_subset)
-from ih have ac: "acyclic (?A - ?B - ?C)" by (auto elim:acyclic_subset)
+from step_back_step [OF vtt]
-from step_back_step [OF vtt]
+have "step s (V th cs)" .
-have "step s (V th cs)" .
+thus ?thesis
-thus ?thesis
+proof(cases)
-proof(cases)
+assume "holding s th cs"
-assume "holding s th cs"
+hence th_in: "th \<in> set (wq s cs)" and
-hence th_in: "th \<in> set (wq s cs)" and
+eq_hd: "th = hd (wq s cs)" unfolding s_holding_def wq_def by auto
-eq_hd: "th = hd (wq s cs)" unfolding s_holding_def wq_def by auto
+then obtain rest where
-then obtain rest where
+eq_wq: "wq s cs = th#rest"
-eq_wq: "wq s cs = th#rest"
+by (cases "wq s cs", auto)
-by (cases "wq s cs", auto)
+show ?thesis
-show ?thesis
+proof(cases "rest = []")
-proof(cases "rest = []")
+case False
-case False
+let ?th' = "hd (SOME q. distinct q \<and> set q = set rest)"
-let ?th' = "hd (SOME q. distinct q \<and> set q = set rest)"
+from eq_wq False have eq_D: "?D = {(Cs cs, Th ?th')}"
-from eq_wq False have eq_D: "?D = {(Cs cs, Th ?th')}"
+by (unfold next_th_def, auto)
-by (unfold next_th_def, auto)
+let ?E = "(?A - ?B - ?C)"
-let ?E = "(?A - ?B - ?C)"
+have "(Th ?th', Cs cs) \<notin> ?E\<^sup>*"
-have "(Th ?th', Cs cs) \<notin> ?E\<^sup>*"
+proof
-proof
+assume "(Th ?th', Cs cs) \<in> ?E\<^sup>*"
-assume "(Th ?th', Cs cs) \<in> ?E\<^sup>*"
+hence " (Th ?th', Cs cs) \<in> ?E\<^sup>+" by (simp add: rtrancl_eq_or_trancl)
-hence " (Th ?th', Cs cs) \<in> ?E\<^sup>+" by (simp add: rtrancl_eq_or_trancl)
+from tranclD [OF this]
-from tranclD [OF this]
+obtain x where th'_e: "(Th ?th', x) \<in> ?E" by blast
-obtain x where th'_e: "(Th ?th', x) \<in> ?E" by blast
+hence th_d: "(Th ?th', x) \<in> ?A" by simp
-hence th_d: "(Th ?th', x) \<in> ?A" by simp
+from RAG_target_th [OF this]
-from RAG_target_th [OF this]
+obtain cs' where eq_x: "x = Cs cs'" by auto
-obtain cs' where eq_x: "x = Cs cs'" by auto
+with th_d have "(Th ?th', Cs cs') \<in> ?A" by simp
-with th_d have "(Th ?th', Cs cs') \<in> ?A" by simp
+hence wt_th': "waiting s ?th' cs'"
-hence wt_th': "waiting s ?th' cs'"
+unfolding s_RAG_def s_waiting_def cs_waiting_def wq_def by simp
-unfolding s_RAG_def s_waiting_def cs_waiting_def wq_def by simp
+hence "cs' = cs"
-hence "cs' = cs"
+proof(rule waiting_unique [OF vt])
-proof(rule waiting_unique [OF vt])
+from eq_wq wq_distinct[OF vt, of cs]
-from eq_wq wq_distinct[OF vt, of cs]
+show "waiting s ?th' cs"
-show "waiting s ?th' cs"
+apply (unfold s_waiting_def wq_def, auto)
-apply (unfold s_waiting_def wq_def, auto)
+proof -
-proof -
+assume hd_in: "hd (SOME q. distinct q \<and> set q = set rest) \<notin> set rest"
-assume hd_in: "hd (SOME q. distinct q \<and> set q = set rest) \<notin> set rest"
 and eq_wq: "wq_fun (schs s) cs = th # rest"
 have "(SOME q. distinct q \<and> set q = set rest) \<noteq> []"
 proof(rule someI2)
 from wq_distinct[OF vt, of cs] and eq_wq
 show "distinct rest \<and> set rest = set rest" unfolding wq_def by auto
-next
-fix x assume "distinct x \<and> set x = set rest"
-with False show "x \<noteq> []" by auto
-qed
-hence "hd (SOME q. distinct q \<and> set q = set rest) \<in>
-set (SOME q. distinct q \<and> set q = set rest)" by auto
-moreover have "\<dots> = set rest"
-proof(rule someI2)
-from wq_distinct[OF vt, of cs] and eq_wq
-show "distinct rest \<and> set rest = set rest" unfolding wq_def by auto
-next
-show "\<And>x. distinct x \<and> set x = set rest \<Longrightarrow> set x = set rest" by auto
-qed
-moreover note hd_in
-ultimately show "hd (SOME q. distinct q \<and> set q = set rest) = th" by auto
 next
-assume hd_in: "hd (SOME q. distinct q \<and> set q = set rest) \<notin> set rest"
+fix x assume "distinct x \<and> set x = set rest"
+with False show "x \<noteq> []" by auto
+qed
+hence "hd (SOME q. distinct q \<and> set q = set rest) \<in>
+set (SOME q. distinct q \<and> set q = set rest)" by auto
+moreover have "\<dots> = set rest"
+proof(rule someI2)
+from wq_distinct[OF vt, of cs] and eq_wq
+show "distinct rest \<and> set rest = set rest" unfolding wq_def by auto
+next
+show "\<And>x. distinct x \<and> set x = set rest \<Longrightarrow> set x = set rest" by auto
+qed
+moreover note hd_in
+ultimately show "hd (SOME q. distinct q \<and> set q = set rest) = th" by auto
+next
+assume hd_in: "hd (SOME q. distinct q \<and> set q = set rest) \<notin> set rest"
 and eq_wq: "wq s cs = hd (SOME q. distinct q \<and> set q = set rest) # rest"
 have "(SOME q. distinct q \<and> set q = set rest) \<noteq> []"
 proof(rule someI2)
 from wq_distinct[OF vt, of cs] and eq_wq
 show "distinct rest \<and> set rest = set rest" by auto
 next
 fix x assume "distinct x \<and> set x = set rest"
 with False show "x \<noteq> []" by auto
-qed
-hence "hd (SOME q. distinct q \<and> set q = set rest) \<in>
-set (SOME q. distinct q \<and> set q = set rest)" by auto
-moreover have "\<dots> = set rest"
-proof(rule someI2)
-from wq_distinct[OF vt, of cs] and eq_wq
-show "distinct rest \<and> set rest = set rest" by auto
-next
-show "\<And>x. distinct x \<and> set x = set rest \<Longrightarrow> set x = set rest" by auto
-qed
-moreover note hd_in
-ultimately show False by auto
 qed
+hence "hd (SOME q. distinct q \<and> set q = set rest) \<in>
+set (SOME q. distinct q \<and> set q = set rest)" by auto
+moreover have "\<dots> = set rest"
+proof(rule someI2)
+from wq_distinct[OF vt, of cs] and eq_wq
+show "distinct rest \<and> set rest = set rest" by auto
+next
+show "\<And>x. distinct x \<and> set x = set rest \<Longrightarrow> set x = set rest" by auto
+qed
+moreover note hd_in
+ultimately show False by auto
 qed
-with th'_e eq_x have "(Th ?th', Cs cs) \<in> ?E" by simp
-with False
-show "False" by (auto simp: next_th_def eq_wq)
 qed
-with acyclic_insert[symmetric] and ac
+with th'_e eq_x have "(Th ?th', Cs cs) \<in> ?E" by simp
-and eq_de eq_D show ?thesis by auto
+with False
-next
+show "False" by (auto simp: next_th_def eq_wq)
-case True
+qed
-with eq_wq
+with acyclic_insert[symmetric] and ac
-have eq_D: "?D = {}"
+and eq_de eq_D show ?thesis by auto
-by (unfold next_th_def, auto)
+next
-with eq_de ac
+case True
-show ?thesis by auto
+with eq_wq
-qed
+have eq_D: "?D = {}"
-qed
+by (unfold next_th_def, auto)
+with eq_de ac
+show ?thesis by auto
+qed
+qed
 next
 case (P th cs)
 from P vt stp have vtt: "vt (P th cs#s)" by auto
 from step_RAG_p [OF this] P
 have "RAG (e # s) =
 hence eq_r: "?R =  RAG s \<union> {(Th th, Cs cs)}" by simp
 have "(Cs cs, Th th) \<notin> (RAG s)\<^sup>*"
 proof
 assume "(Cs cs, Th th) \<in> (RAG s)\<^sup>*"
 hence "(Cs cs, Th th) \<in> (RAG s)\<^sup>+" by (simp add: rtrancl_eq_or_trancl)
 moreover from step_back_step [OF vtt] have "step s (P th cs)" .
 ultimately show False
 proof -
 show " \<lbrakk>(Cs cs, Th th) \<in> (RAG s)\<^sup>+; step s (P th cs)\<rbrakk> \<Longrightarrow> False"
 by (ind_cases "step s (P th cs)", simp)
-qed
 qed
-with acyclic_insert ih eq_r show ?thesis by auto
+qed
+with acyclic_insert ih eq_r show ?thesis by auto
 qed
 ultimately show ?thesis by simp
 next
 case (Set thread prio)
 with ih
 qed
 next
 case vt_nil
 show "acyclic (RAG ([]::state))"
 by (auto simp: s_RAG_def cs_waiting_def
 cs_holding_def wq_def acyclic_def)
 qed
 qed
 lemma finite_RAG:
 fixes s
 assumes vt: "vt s"

changeset 36	af38526275f8
parent 35	92f61f6a0fe7
child 38	c89013dca1aa