isabelle: src/HOL/UNITY/Mutex.thy@325300576da7 (annotated)

4776 1f9362e769c1 New UNITY theory paulson parents: diff changeset	1	(* Title: HOL/UNITY/Mutex.thy
1f9362e769c1 New UNITY theory paulson parents: diff changeset	2	ID: $Id$
1f9362e769c1 New UNITY theory paulson parents: diff changeset	3	Author: Lawrence C Paulson, Cambridge University Computer Laboratory
1f9362e769c1 New UNITY theory paulson parents: diff changeset	4	Copyright 1998 University of Cambridge
1f9362e769c1 New UNITY theory paulson parents: diff changeset	5
1f9362e769c1 New UNITY theory paulson parents: diff changeset	6	Based on "A Family of 2-Process Mutual Exclusion Algorithms" by J Misra
1f9362e769c1 New UNITY theory paulson parents: diff changeset	7	*)
1f9362e769c1 New UNITY theory paulson parents: diff changeset	8
5240 bbcd79ef7cf2 Constant "invariant" and new constrains_tac, ensures_tac paulson parents: 5232 diff changeset	9	Mutex = SubstAx +
4776 1f9362e769c1 New UNITY theory paulson parents: diff changeset	10
5232 e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	11	record state =
e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	12	PP :: bool
5596 b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	13	MM :: int
b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	14	NN :: int
5232 e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	15	UU :: bool
e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	16	VV :: bool
4776 1f9362e769c1 New UNITY theory paulson parents: diff changeset	17
1f9362e769c1 New UNITY theory paulson parents: diff changeset	18	constdefs
5253 82a5ca6290aa New record type of programs paulson parents: 5240 diff changeset	19
82a5ca6290aa New record type of programs paulson parents: 5240 diff changeset	20	( The program for process U )
82a5ca6290aa New record type of programs paulson parents: 5240 diff changeset	21
5232 e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	22	cmd0U :: "(state*state) set"
5596 b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	23	"cmd0U == {(s,s'). s' = s (\|UU:=True, MM:=#1\|) & MM s = #0}"
5232 e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	24
e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	25	cmd1U :: "(state*state) set"
5596 b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	26	"cmd1U == {(s,s'). s' = s (\|PP:= VV s, MM:=#2\|) & MM s = #1}"
4776 1f9362e769c1 New UNITY theory paulson parents: diff changeset	27
5232 e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	28	cmd2U :: "(state*state) set"
5596 b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	29	"cmd2U == {(s,s'). s' = s (\|MM:=#3\|) & ~ PP s & MM s = #2}"
4776 1f9362e769c1 New UNITY theory paulson parents: diff changeset	30
5232 e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	31	cmd3U :: "(state*state) set"
5596 b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	32	"cmd3U == {(s,s'). s' = s (\|UU:=False, MM:=#4\|) & MM s = #3}"
5232 e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	33
e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	34	cmd4U :: "(state*state) set"
5596 b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	35	"cmd4U == {(s,s'). s' = s (\|PP:=True, MM:=#0\|) & MM s = #4}"
4776 1f9362e769c1 New UNITY theory paulson parents: diff changeset	36
5253 82a5ca6290aa New record type of programs paulson parents: 5240 diff changeset	37	( The program for process V )
82a5ca6290aa New record type of programs paulson parents: 5240 diff changeset	38
5232 e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	39	cmd0V :: "(state*state) set"
5596 b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	40	"cmd0V == {(s,s'). s' = s (\|VV:=True, NN:=#1\|) & NN s = #0}"
5232 e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	41
e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	42	cmd1V :: "(state*state) set"
5596 b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	43	"cmd1V == {(s,s'). s' = s (\|PP:= ~ UU s, NN:=#2\|) & NN s = #1}"
4776 1f9362e769c1 New UNITY theory paulson parents: diff changeset	44
5232 e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	45	cmd2V :: "(state*state) set"
5596 b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	46	"cmd2V == {(s,s'). s' = s (\|NN:=#3\|) & PP s & NN s = #2}"
4776 1f9362e769c1 New UNITY theory paulson parents: diff changeset	47
5232 e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	48	cmd3V :: "(state*state) set"
5596 b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	49	"cmd3V == {(s,s'). s' = s (\|VV:=False, NN:=#4\|) & NN s = #3}"
5232 e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	50
e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	51	cmd4V :: "(state*state) set"
5596 b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	52	"cmd4V == {(s,s'). s' = s (\|PP:=False, NN:=#0\|) & NN s = #4}"
4776 1f9362e769c1 New UNITY theory paulson parents: diff changeset	53
5253 82a5ca6290aa New record type of programs paulson parents: 5240 diff changeset	54	Mprg :: state program
5596 b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	55	"Mprg == mk_program ({s. ~ UU s & ~ VV s & MM s = #0 & NN s = #0},
b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	56	{cmd0U, cmd1U, cmd2U, cmd3U, cmd4U,
b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	57	cmd0V, cmd1V, cmd2V, cmd3V, cmd4V})"
5253 82a5ca6290aa New record type of programs paulson parents: 5240 diff changeset	58
5232 e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	59
e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	60	( The correct invariants )
e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	61
e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	62	invariantU :: "state set"
5596 b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	63	"invariantU == {s. (UU s = (#1 <= MM s & MM s <= #3)) &
b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	64	(MM s = #3 --> ~ PP s)}"
5232 e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	65
e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	66	invariantV :: "state set"
5596 b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	67	"invariantV == {s. (VV s = (#1 <= NN s & NN s <= #3)) &
b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	68	(NN s = #3 --> PP s)}"
5232 e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	69
e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	70	( The faulty invariant (for U alone) )
e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	71
e5a7cdd07ea5 Tidied; uses records paulson parents: 5071 diff changeset	72	bad_invariantU :: "state set"
5596 b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	73	"bad_invariantU == {s. (UU s = (#1 <= MM s & MM s <= #3)) &
b29d18d8c4d2 abstype of programs paulson parents: 5584 diff changeset	74	(#3 <= MM s & MM s <= #4 --> ~ PP s)}"
4776 1f9362e769c1 New UNITY theory paulson parents: diff changeset	75
1f9362e769c1 New UNITY theory paulson parents: diff changeset	76	end

author	paulson
	Wed, 18 Nov 1998 15:10:46 +0100
changeset 5931	325300576da7
parent 5596	b29d18d8c4d2
child 6012	1894bfc4aee9
permissions	-rw-r--r--