390 \end{isabelle} |
390 \end{isabelle} |
391 |
391 |
392 \noindent |
392 \noindent |
393 In this definition @{term "length s"} stands for the length of the list |
393 In this definition @{term "length s"} stands for the length of the list |
394 of events @{text s}. Again the default value in this function is @{text 0} |
394 of events @{text s}. Again the default value in this function is @{text 0} |
395 for threads that have not been created yet. An actor of an event is |
395 for threads that have not been created yet. An \emph{actor} of an event is |
396 defined as |
396 defined as |
397 |
397 |
398 \begin{isabelle}\ \ \ \ \ %%% |
398 \begin{isabelle}\ \ \ \ \ %%% |
399 \mbox{\begin{tabular}{lcl} |
399 \mbox{\begin{tabular}{lcl} |
400 @{thm (lhs) actor.simps(5)} & @{text "\<equiv>"} & |
400 @{thm (lhs) actor.simps(5)} & @{text "\<equiv>"} & |
401 @{thm (rhs) actor.simps(5)}\\ |
401 @{thm (rhs) actor.simps(5)}\\ |
402 @{thm (lhs) actor.simps(1)} & @{text "\<equiv>"} & |
402 @{thm (lhs) actor.simps(1)} & @{text "\<equiv>"} & |
403 @{thm (rhs) actor.simps(1)}\\ |
403 @{thm (rhs) actor.simps(1)}\\ |
|
404 @{thm (lhs) actor.simps(4)} & @{text "\<equiv>"} & |
|
405 @{thm (rhs) actor.simps(4)}\\ |
404 @{thm (lhs) actor.simps(2)} & @{text "\<equiv>"} & |
406 @{thm (lhs) actor.simps(2)} & @{text "\<equiv>"} & |
405 @{thm (rhs) actor.simps(2)}\\ |
407 @{thm (rhs) actor.simps(2)}\\ |
406 @{thm (lhs) actor.simps(3)} & @{text "\<equiv>"} & |
408 @{thm (lhs) actor.simps(3)} & @{text "\<equiv>"} & |
407 @{thm (rhs) actor.simps(3)}\\ |
409 @{thm (rhs) actor.simps(3)}\\ |
408 \end{tabular}} |
410 \end{tabular}} |
409 \end{isabelle} |
411 \end{isabelle} |
410 |
412 |
411 |
413 \noindent |
412 |
414 This allows us to define what actions a set of threads @{text ths} might |
413 |
415 perform in a list of events @{text s}, namely |
414 |
416 @{thm actions_of_def[THEN eq_reflection]}. |
415 A \emph{precedence} of a thread @{text th} in a |
417 A \emph{precedence} of a thread @{text th} in a |
416 state @{text s} is the pair of natural numbers defined as |
418 state @{text s} is the pair of natural numbers defined as |
417 |
419 |
418 \begin{isabelle}\ \ \ \ \ %%% |
420 \begin{isabelle}\ \ \ \ \ %%% |
419 @{thm preced_def} |
421 @{thm preced_def} |
588 \noindent Note that forrests can have trees with infinte depth and |
590 \noindent Note that forrests can have trees with infinte depth and |
589 containing nodes with infinitely many children. A \emph{finite |
591 containing nodes with infinitely many children. A \emph{finite |
590 forrest} is a forrest which is well-founded and every node has |
592 forrest} is a forrest which is well-founded and every node has |
591 finitely many children (is only finitely branching). |
593 finitely many children (is only finitely branching). |
592 |
594 |
593 \endnote{ |
595 %\endnote{ |
594 \begin{isabelle}\ \ \ \ \ %%% |
|
595 @{thm rtrancl_path.intros} |
|
596 \end{isabelle} |
|
597 |
|
598 %\begin{isabelle}\ \ \ \ \ %%% |
596 %\begin{isabelle}\ \ \ \ \ %%% |
599 %@{thm rpath_def} |
597 %@ {thm rtrancl_path.intros} |
|
598 %\end{isabelle} |
|
599 % |
|
600 %\begin{isabelle}\ \ \ \ \ %%% |
|
601 %@ {thm rpath_def} |
600 %\end{isabelle} |
602 %\end{isabelle} |
601 } |
603 %} |
602 |
604 |
603 |
605 |
604 %\endnote{{\bf Lemma about overlapping paths}} |
606 %\endnote{{\bf Lemma about overlapping paths}} |
605 |
607 |
606 The locking mechanism of PIP ensures that for each thread node, |
608 The locking mechanism of PIP ensures that for each thread node, |
612 resource is locked. So if the @{text "RAG"} is well-founded and |
614 resource is locked. So if the @{text "RAG"} is well-founded and |
613 finite, we can always start at a thread waiting for a resource and |
615 finite, we can always start at a thread waiting for a resource and |
614 ``chase'' outgoing arrows leading to a single root of a tree. |
616 ``chase'' outgoing arrows leading to a single root of a tree. |
615 |
617 |
616 The use of relations for representing RAGs allows us to conveniently define |
618 The use of relations for representing RAGs allows us to conveniently define |
617 the notion of the \emph{dependants} of a thread using the transitive closure |
619 the notion of the \emph{dependants} of a thread |
618 operation for relations, written ~@{term "trancl DUMMY"}. This gives |
|
619 |
620 |
620 \begin{isabelle}\ \ \ \ \ %%% |
621 \begin{isabelle}\ \ \ \ \ %%% |
621 @{thm dependants_raw_def} |
622 @{thm dependants_raw_def} |
622 \end{isabelle} |
623 \end{isabelle} |
623 |
624 |
640 |
641 |
641 \begin{isabelle}\ \ \ \ \ %%% |
642 \begin{isabelle}\ \ \ \ \ %%% |
642 @{thm cpreced_def3}\hfill\numbered{cpreced} |
643 @{thm cpreced_def3}\hfill\numbered{cpreced} |
643 \end{isabelle} |
644 \end{isabelle} |
644 |
645 |
645 \endnote{ |
646 %\endnote{ |
646 \begin{isabelle}\ \ \ \ \ %%% |
647 %\begin{isabelle}\ \ \ \ \ %%% |
647 @{thm cp_alt_def cp_alt_def1} |
648 %@ {thm cp_alt_def cp_alt_def1} |
648 \end{isabelle}} |
649 %\end{isabelle} |
|
650 %} |
649 |
651 |
650 \noindent where the dependants of @{text th} are given by the |
652 \noindent where the dependants of @{text th} are given by the |
651 waiting queue function. While the precedence @{term prec} of any |
653 waiting queue function. While the precedence @{term prec} of any |
652 thread is determined statically (for example when the thread is |
654 thread is determined statically (for example when the thread is |
653 created), the point of the current precedence is to dynamically |
655 created), the point of the current precedence is to dynamically |
1161 \noindent |
1163 \noindent |
1162 This concludes the proof of Theorem 1.\qed |
1164 This concludes the proof of Theorem 1.\qed |
1163 \end{proof} |
1165 \end{proof} |
1164 |
1166 |
1165 |
1167 |
1166 \endnote{ |
1168 %\endnote{ |
1167 In what follows we will describe properties of PIP that allow us to |
1169 %In what follows we will describe properties of PIP that allow us to |
1168 prove Theorem~\ref{mainthm} and, when instructive, briefly describe |
1170 %prove Theorem~\ref{mainthm} and, when instructive, briefly describe |
1169 our argument. Recall we want to prove that in state @{term "s' @ s"} |
1171 %our argument. Recall we want to prove that in state @ {term "s' @ s"} |
1170 either @{term th} is either running or blocked by a thread @{term |
1172 %either @{term th} is either running or blocked by a thread @ {term |
1171 "th'"} (@{term "th \<noteq> th'"}) which was alive in state @{term s}. We |
1173 %"th'"} (@{term "th \<noteq> th'"}) which was alive in state @{term s}. We |
1172 can show that |
1174 %can show that |
1173 |
1175 |
1174 |
1176 |
1175 \begin{lemma} |
1177 %\begin{lemma} |
1176 If @{thm (prem 2) eq_pv_blocked} |
1178 %If @{thm (prem 2) eq_pv_blocked} |
1177 then @{thm (concl) eq_pv_blocked} |
1179 %then @{thm (concl) eq_pv_blocked} |
1178 \end{lemma} |
1180 %\end{lemma} |
1179 |
1181 |
1180 \begin{lemma} |
1182 %\begin{lemma} |
1181 If @{thm (prem 2) eq_pv_persist} |
1183 %If @{thm (prem 2) eq_pv_persist} |
1182 then @{thm (concl) eq_pv_persist} |
1184 %then @{thm (concl) eq_pv_persist} |
1183 \end{lemma}} |
1185 %\end{lemma}} |
1184 |
1186 |
1185 \endnote{{\bf OUTLINE} |
1187 \endnote{{\bf OUTLINE} |
1186 |
1188 |
1187 Since @{term "th"} is the most urgent thread, if it is somehow |
1189 Since @{term "th"} is the most urgent thread, if it is somehow |
1188 blocked, people want to know why and wether this blocking is |
1190 blocked, people want to know why and wether this blocking is |
1675 |
1677 |
1676 Proof: |
1678 Proof: |
1677 |
1679 |
1678 Consider the states @{text "s upto t"}. It holds that all the states where |
1680 Consider the states @{text "s upto t"}. It holds that all the states where |
1679 @{text "th"} runs and all the states where @{text "th"} does not run is |
1681 @{text "th"} runs and all the states where @{text "th"} does not run is |
1680 equalt to @{text "1 + len t"}. That means |
1682 equalt to @{text "len t"}. That means |
1681 |
1683 |
1682 \begin{center} |
1684 \begin{center} |
1683 @{text "states where th does not run = 1 + len t - states where th runs"} (*) |
1685 @{text "states where th does not run = len t - states where th runs"} (*) |
1684 \end{center} |
1686 \end{center} |
1685 |
1687 |
1686 It also holds that all the actions of @{text "th"} are less or equal to |
1688 It also holds that all the actions of @{text "th"} are less or equal to |
1687 the states where @{text th} runs. That is |
1689 the states where @{text th} runs. That is |
1688 |
1690 |