Ziele Untersuchung
mit Columbo Integrität von
Datenbanken Interaktion und
Portierbarkeit Ergonomie der
Schnittstellen

Angebot Produkte Projekt Beratung

Mittel Analytik Modellierung Sprachen Algebra Logik Hardware Thinking Intellekt

Zusammenhänge Gesellschaft Wirtschaft Branche Firma


products/sources/formale Sprachen/Isabelle/HOL/TLA/Memory/

Quellcode-Bibliothek

^© Kompilation durch diese Firma

[Weder Korrektheit noch Funktionsfähigkeit der Software werden zugesichert.]

Datei: Sprache: Isabelle

Original von: Isabelle^©

(*  Title:      HOL/TLA/Memory/MemClerk.thy
    Author:     Stephan Merz, University of Munich
*)

section \<open>RPC-Memory example: specification of the memory clerk\<close>

theory MemClerk
imports Memory RPC MemClerkParameters
begin

(* The clerk takes the same arguments as the memory and sends requests to the RPC *)
type_synonym mClkSndChType = "memChType"
type_synonym mClkRcvChType = "rpcSndChType"
type_synonym mClkStType = "(PrIds \ mClkState) stfun"

definition
  (* state predicates *)
  MClkInit      :: "mClkRcvChType \ mClkStType \ PrIds \ stpred"
  where "MClkInit rcv cst p = PRED (cst!p = #clkA \ \Calling rcv p)"

definition
  (* actions *)
  MClkFwd       :: "mClkSndChType \ mClkRcvChType \ mClkStType \ PrIds \ action"
  where "MClkFwd send rcv cst p = ACT
                           $Calling send p
                         \<and> $(cst!p) = #clkA
                         \<and> Call rcv p MClkRelayArg<arg<send!p>>
                         \<and> (cst!p)$ = #clkB
                         \<and> unchanged (rtrner send!p)"

definition
  MClkRetry     :: "mClkSndChType \ mClkRcvChType \ mClkStType \ PrIds \ action"
  where "MClkRetry send rcv cst p = ACT
                           $(cst!p) = #clkB
                         \<and> res<$(rcv!p)> = #RPCFailure
                         \<and> Call rcv p MClkRelayArg<arg<send!p>>
                         \<and> unchanged (cst!p, rtrner send!p)"

definition
  MClkReply     :: "mClkSndChType \ mClkRcvChType \ mClkStType \ PrIds \ action"
  where "MClkReply send rcv cst p = ACT
                           \<not>$Calling rcv p
                         \<and> $(cst!p) = #clkB
                         \<and> Return send p MClkReplyVal<res<rcv!p>>
                         \<and> (cst!p)$ = #clkA
                         \<and> unchanged (caller rcv!p)"

definition
  MClkNext      :: "mClkSndChType \ mClkRcvChType \ mClkStType \ PrIds \ action"
  where "MClkNext send rcv cst p = ACT
                        (  MClkFwd send rcv cst p
                         \<or> MClkRetry send rcv cst p
                         \<or> MClkReply send rcv cst p)"

definition
  (* temporal *)
  MClkIPSpec    :: "mClkSndChType \ mClkRcvChType \ mClkStType \ PrIds \ temporal"
  where "MClkIPSpec send rcv cst p = TEMP
                           Init MClkInit rcv cst p
                         \<and> \<box>[ MClkNext send rcv cst p ]_(cst!p, rtrner send!p, caller rcv!p)
                         \<and> WF(MClkFwd send rcv cst p)_(cst!p, rtrner send!p, caller rcv!p)
                         \<and> SF(MClkReply send rcv cst p)_(cst!p, rtrner send!p, caller rcv!p)"

definition
  MClkISpec     :: "mClkSndChType \ mClkRcvChType \ mClkStType \ temporal"
  where "MClkISpec send rcv cst = TEMP (\p. MClkIPSpec send rcv cst p)"

lemmas MC_action_defs =
  MClkInit_def MClkFwd_def MClkRetry_def MClkReply_def MClkNext_def

lemmas MC_temp_defs = MClkIPSpec_def MClkISpec_def

(* The Clerk engages in an action for process p only if there is an outstanding,
   unanswered call for that process.
*)
lemma MClkidle: "\ \$Calling send p \ $(cst!p) = #clkA \ \MClkNext send rcv cst p"
  by (auto simp: AReturn_def MC_action_defs)

lemma MClkbusy: "\ $Calling rcv p \ \MClkNext send rcv cst p"
  by (auto simp: ACall_def MC_action_defs)

(* Enabledness of actions *)

lemma MClkFwd_enabled: "\p. basevars (rtrner send!p, caller rcv!p, cst!p) \
      \<turnstile> Calling send p \<and> \<not>Calling rcv p \<and> cst!p = #clkA
         \<longrightarrow> Enabled (MClkFwd send rcv cst p)"
  by (tactic \<open>action_simp_tac (\<^context> addsimps [@{thm MClkFwd_def},
    @{thm ACall_def}, @{thm caller_def}, @{thm rtrner_def}]) [exI]
    [@{thm base_enabled}, @{thm Pair_inject}] 1\<close>)

lemma MClkFwd_ch_enabled: "\ Enabled (MClkFwd send rcv cst p) \
         Enabled (<MClkFwd send rcv cst p>_(cst!p, rtrner send!p, caller rcv!p))"
  by (auto elim!: enabled_mono simp: angle_def MClkFwd_def)

lemma MClkReply_change: "\ MClkReply send rcv cst p \
         <MClkReply send rcv cst p>_(cst!p, rtrner send!p, caller rcv!p)"
  by (auto simp: angle_def MClkReply_def elim: Return_changed [temp_use])

lemma MClkReply_enabled: "\p. basevars (rtrner send!p, caller rcv!p, cst!p) \
      \<turnstile> Calling send p \<and> \<not>Calling rcv p \<and> cst!p = #clkB
         \<longrightarrow> Enabled (<MClkReply send rcv cst p>_(cst!p, rtrner send!p, caller rcv!p))"
  apply (tactic \<open>action_simp_tac \<^context>
    [@{thm MClkReply_change} RSN (2, @{thm enabled_mono})] [] 1\<close>)
  apply (tactic \<open>action_simp_tac (\<^context> addsimps
    [@{thm MClkReply_def}, @{thm AReturn_def}, @{thm caller_def}, @{thm rtrner_def}])
    [exI] [@{thm base_enabled}, @{thm Pair_inject}] 1\<close>)
  done

lemma MClkReplyNotRetry: "\ MClkReply send rcv cst p \ \MClkRetry send rcv cst p"
  by (auto simp: MClkReply_def MClkRetry_def)

end

¤ Dauer der Verarbeitung: 0.5 Sekunden (vorverarbeitet) ¤

Download des Quellennavigators
Download des sprechenden Kalenders
in der Quellcodebibliothek suchen

Haftungshinweis

Die Informationen auf dieser Webseite wurden nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit, noch Qualität der bereit gestellten Informationen zugesichert.