Mercurial Mercurial > wneuper > isa / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
src/ZF/UNITY/Distributor.thy
author haftmann
Fri, 17 Jun 2005 16:12:49 +0200
changeset 16417 9bc16273c2d4
parent 14095 a1ba833d6b61
child 24893 b8ef7afe3a6b
permissions -rw-r--r--
migrated theory headers to new format 
     1 (*  Title: ZF/UNITY/Distributor

     2     ID:         $Id$

     3     Author:     Sidi O Ehmety, Cambridge University Computer Laboratory

     4     Copyright   2002  University of Cambridge

     5 

     6 A multiple-client allocator from a single-client allocator:

     7 Distributor specification

     8 *)

     9 

    10 theory Distributor imports AllocBase Follows  Guar GenPrefix begin

    11 

    12 text{*Distributor specification (the number of outputs is Nclients)*}

    13 

    14 text{*spec (14)*}

    15 constdefs

    16   distr_follows :: "[i, i, i, i =>i] =>i"

    17     "distr_follows(A, In, iIn, Out) ==

    18      (lift(In) IncreasingWrt prefix(A)/list(A)) \<inter>

    19      (lift(iIn) IncreasingWrt prefix(nat)/list(nat)) \<inter>

    20      Always({s \<in> state. \<forall>elt \<in> set_of_list(s`iIn). elt < Nclients})

    21          guarantees

    22          (\<Inter>n \<in> Nclients.

    23           lift(Out(n))

    24               Fols

    25           (%s. sublist(s`In, {k \<in> nat. k<length(s`iIn) & nth(k, s`iIn) = n}))

    26 	  Wrt prefix(A)/list(A))"

    27 

    28   distr_allowed_acts :: "[i=>i]=>i"

    29     "distr_allowed_acts(Out) ==

    30      {D \<in> program. AllowedActs(D) =

    31      cons(id(state), \<Union>G \<in> (\<Inter>n\<in>nat. preserves(lift(Out(n)))). Acts(G))}"

    32 

    33   distr_spec :: "[i, i, i, i =>i]=>i"

    34     "distr_spec(A, In, iIn, Out) ==

    35      distr_follows(A, In, iIn, Out) \<inter> distr_allowed_acts(Out)"

    36 

    37 locale distr =

    38   fixes In  --{*items to distribute*}

    39     and iIn --{*destinations of items to distribute*}

    40     and Out --{*distributed items*}

    41     and A   --{*the type of items being distributed *}

    42     and D

    43  assumes

    44      var_assumes [simp]:  "In \<in> var & iIn \<in> var & (\<forall>n. Out(n):var)"

    45  and all_distinct_vars:   "\<forall>n. all_distinct([In, iIn, iOut(n)])"

    46  and type_assumes [simp]: "type_of(In)=list(A) &  type_of(iIn)=list(nat) &

    47                           (\<forall>n. type_of(Out(n))=list(A))"

    48  and default_val_assumes [simp]:

    49                          "default_val(In)=Nil &

    50                           default_val(iIn)=Nil &

    51                           (\<forall>n. default_val(Out(n))=Nil)"

    52  and distr_spec:  "D \<in> distr_spec(A, In, iIn, Out)"

    53 

    54 

    55 lemma (in distr) In_value_type [simp,TC]: "s \<in> state ==> s`In \<in> list(A)"

    56 apply (unfold state_def)

    57 apply (drule_tac a = In in apply_type, auto)

    58 done

    59 

    60 lemma (in distr) iIn_value_type [simp,TC]:

    61      "s \<in> state ==> s`iIn \<in> list(nat)"

    62 apply (unfold state_def)

    63 apply (drule_tac a = iIn in apply_type, auto)

    64 done

    65 

    66 lemma (in distr) Out_value_type [simp,TC]:

    67      "s \<in> state ==> s`Out(n):list(A)"

    68 apply (unfold state_def)

    69 apply (drule_tac a = "Out (n)" in apply_type)

    70 apply auto

    71 done

    72 

    73 lemma (in distr) D_in_program [simp,TC]: "D \<in> program"

    74 apply (cut_tac distr_spec)

    75 apply (auto simp add: distr_spec_def distr_allowed_acts_def)

    76 done

    77 

    78 lemma (in distr) D_ok_iff:

    79      "G \<in> program ==>

    80 	D ok G <-> ((\<forall>n \<in> nat. G \<in> preserves(lift(Out(n)))) & D \<in> Allowed(G))"

    81 apply (cut_tac distr_spec)

    82 apply (auto simp add: INT_iff distr_spec_def distr_allowed_acts_def

    83                       Allowed_def ok_iff_Allowed)

    84 apply (drule safety_prop_Acts_iff [THEN [2] rev_iffD1])

    85 apply (auto intro: safety_prop_Inter)

    86 done

    87 

    88 lemma (in distr) distr_Increasing_Out:

    89 "D \<in> ((lift(In) IncreasingWrt prefix(A)/list(A)) \<inter>

    90       (lift(iIn) IncreasingWrt prefix(nat)/list(nat)) \<inter>

    91       Always({s \<in> state. \<forall>elt \<in> set_of_list(s`iIn). elt<Nclients}))

    92       guarantees

    93           (\<Inter>n \<in> Nclients. lift(Out(n)) IncreasingWrt

    94                             prefix(A)/list(A))"

    95 apply (cut_tac D_in_program distr_spec)

    96 apply (simp (no_asm_use) add: distr_spec_def distr_follows_def)

    97 apply (auto intro!: guaranteesI intro: Follows_imp_Increasing_left 

    98             dest!: guaranteesD)

    99 done

   100 

   101 lemma (in distr) distr_bag_Follows_lemma:

   102 "[| \<forall>n \<in> nat. G \<in> preserves(lift(Out(n)));

   103    D \<squnion> G \<in> Always({s \<in> state.

   104           \<forall>elt \<in> set_of_list(s`iIn). elt < Nclients}) |]

   105   ==> D \<squnion> G \<in> Always

   106           ({s \<in> state. msetsum(%n. bag_of (sublist(s`In,

   107                        {k \<in> nat. k < length(s`iIn) &

   108                           nth(k, s`iIn)= n})),

   109                          Nclients, A) =

   110               bag_of(sublist(s`In, length(s`iIn)))})"

   111 apply (cut_tac D_in_program)

   112 apply (subgoal_tac "G \<in> program")

   113  prefer 2 apply (blast dest: preserves_type [THEN subsetD])

   114 apply (erule Always_Diff_Un_eq [THEN iffD1])

   115 apply (rule state_AlwaysI [THEN Always_weaken], auto)

   116 apply (rename_tac s)

   117 apply (subst bag_of_sublist_UN_disjoint [symmetric])

   118    apply (simp (no_asm_simp) add: nat_into_Finite)

   119   apply blast

   120  apply (simp (no_asm_simp))

   121 apply (simp add: set_of_list_conv_nth [of _ nat])

   122 apply (subgoal_tac

   123        "(\<Union>i \<in> Nclients. {k\<in>nat. k < length(s`iIn) & nth(k, s`iIn) = i}) =

   124         length(s`iIn) ")

   125 apply (simp (no_asm_simp))

   126 apply (rule equalityI)

   127 apply (force simp add: ltD, safe)

   128 apply (rename_tac m)

   129 apply (subgoal_tac "length (s ` iIn) \<in> nat")

   130 apply typecheck

   131 apply (subgoal_tac "m \<in> nat")

   132 apply (drule_tac x = "nth(m, s`iIn) " and P = "%elt. ?X (elt) --> elt<Nclients" in bspec)

   133 apply (simp add: ltI)

   134 apply (simp_all add: Ord_mem_iff_lt)

   135 apply (blast dest: ltD)

   136 apply (blast intro: lt_trans)

   137 done

   138 

   139 theorem (in distr) distr_bag_Follows:

   140  "D \<in> ((lift(In) IncreasingWrt prefix(A)/list(A)) \<inter>

   141        (lift(iIn) IncreasingWrt prefix(nat)/list(nat)) \<inter>

   142         Always({s \<in> state. \<forall>elt \<in> set_of_list(s`iIn). elt < Nclients}))

   143       guarantees

   144        (\<Inter>n \<in> Nclients.

   145         (%s. msetsum(%i. bag_of(s`Out(i)),  Nclients, A))

   146         Fols

   147         (%s. bag_of(sublist(s`In, length(s`iIn))))

   148         Wrt MultLe(A, r)/Mult(A))"

   149 apply (cut_tac distr_spec)

   150 apply (rule guaranteesI, clarify)

   151 apply (rule distr_bag_Follows_lemma [THEN Always_Follows2])

   152 apply (simp add: D_ok_iff, auto)

   153 apply (rule Follows_state_ofD1)

   154 apply (rule Follows_msetsum_UN)

   155    apply (simp_all add: nat_into_Finite bag_of_multiset [of _ A])

   156 apply (auto simp add: distr_spec_def distr_follows_def)

   157 apply (drule guaranteesD, assumption)

   158 apply (simp_all cong add: Follows_cong

   159 		add: refl_prefix

   160 		   mono_bag_of [THEN subset_Follows_comp, THEN subsetD, 

   161 				unfolded metacomp_def])

   162 done

   163 

   164 end
wneuper/isa