|
nipkow@8011
|
1 |
(* Title: HOL/MicroJava/BV/Correct.thy
|
|
nipkow@8011
|
2 |
ID: $Id$
|
|
nipkow@8011
|
3 |
Author: Cornelia Pusch
|
|
nipkow@8011
|
4 |
Copyright 1999 Technische Universitaet Muenchen
|
|
nipkow@8011
|
5 |
|
|
nipkow@8011
|
6 |
The invariant for the type safety proof.
|
|
nipkow@8011
|
7 |
*)
|
|
nipkow@8011
|
8 |
|
|
nipkow@8011
|
9 |
Correct = BVSpec +
|
|
nipkow@8011
|
10 |
|
|
nipkow@8011
|
11 |
constdefs
|
|
nipkow@8011
|
12 |
approx_val :: "[jvm_prog,aheap,val,ty option] \\<Rightarrow> bool"
|
|
nipkow@8011
|
13 |
"approx_val G h v any \\<equiv> case any of None \\<Rightarrow> True | Some T \\<Rightarrow> G,h\\<turnstile>v\\<Colon>\\<preceq>T"
|
|
nipkow@8011
|
14 |
|
|
nipkow@8011
|
15 |
approx_loc :: "[jvm_prog,aheap,val list,locvars_type] \\<Rightarrow> bool"
|
|
nipkow@8011
|
16 |
"approx_loc G hp loc LT \\<equiv>
|
|
nipkow@8011
|
17 |
length loc=length LT \\<and> (\\<forall>(val,any)\\<in>set (zip loc LT). approx_val G hp val any)"
|
|
nipkow@8011
|
18 |
|
|
nipkow@8011
|
19 |
approx_stk :: "[jvm_prog,aheap,opstack,opstack_type] \\<Rightarrow> bool"
|
|
nipkow@8011
|
20 |
"approx_stk G hp stk ST \\<equiv> approx_loc G hp stk (map Some ST)"
|
|
nipkow@8011
|
21 |
|
|
nipkow@8011
|
22 |
correct_frame :: "[jvm_prog,aheap,state_type,nat,bytecode] \\<Rightarrow> frame \\<Rightarrow> bool"
|
|
nipkow@8011
|
23 |
"correct_frame G hp \\<equiv> \\<lambda>(ST,LT) maxl ins (stk,loc,C,ml,pc).
|
|
nipkow@8011
|
24 |
approx_stk G hp stk ST \\<and> approx_loc G hp loc LT \\<and>
|
|
nipkow@8011
|
25 |
pc < length ins \\<and> length loc=length(snd ml)+maxl+1"
|
|
nipkow@8011
|
26 |
|
|
nipkow@8011
|
27 |
consts
|
|
nipkow@8011
|
28 |
correct_frames :: "[jvm_prog,aheap,prog_type,ty,cname,sig,frame list] \\<Rightarrow> bool"
|
|
nipkow@8011
|
29 |
primrec
|
|
nipkow@8011
|
30 |
"correct_frames G hp phi rT0 C0 ml0 [] = False"
|
|
nipkow@8011
|
31 |
|
|
nipkow@8011
|
32 |
"correct_frames G hp phi rT0 C0 ml0 (f#frs) =
|
|
nipkow@8011
|
33 |
(let (stk,loc,C,ml,pc) = f;
|
|
nipkow@8011
|
34 |
(ST,LT) = (phi C ml) ! pc
|
|
nipkow@8011
|
35 |
in
|
|
nipkow@8011
|
36 |
(\\<exists>rT maxl ins.
|
|
nipkow@8011
|
37 |
cmethd (G,C) ml = Some(C,rT,(maxl,ins)) \\<and>
|
|
nipkow@8011
|
38 |
(\\<exists>mn pTs k. pc = k+1 \\<and> ins!k = MI(Invokevirtual mn pTs) \\<and>
|
|
nipkow@8011
|
39 |
(mn,pTs) = ml0 \\<and>
|
|
nipkow@8011
|
40 |
(\\<exists>apTs D ST'.
|
|
nipkow@8011
|
41 |
fst((phi C ml)!k) = (rev apTs) @ (Class D) # ST' \\<and>
|
|
nipkow@8011
|
42 |
length apTs = length pTs \\<and>
|
|
nipkow@8011
|
43 |
(\\<exists>D' rT' maxl' ins'.
|
|
nipkow@8011
|
44 |
cmethd (G,D) (mn,pTs) = Some(D',rT',(maxl',ins')) \\<and>
|
|
nipkow@8011
|
45 |
G \\<turnstile> rT0 \\<preceq> rT') \\<and>
|
|
nipkow@8011
|
46 |
correct_frame G hp (tl ST, LT) maxl ins f \\<and>
|
|
nipkow@8011
|
47 |
correct_frames G hp phi rT C ml frs))))"
|
|
nipkow@8011
|
48 |
|
|
nipkow@8011
|
49 |
|
|
nipkow@8011
|
50 |
constdefs
|
|
nipkow@8011
|
51 |
correct_state :: "[jvm_prog,prog_type,jvm_state] \\<Rightarrow> bool"
|
|
nipkow@8011
|
52 |
"correct_state G phi \\<equiv> \\<lambda>(xp,hp,frs).
|
|
nipkow@8011
|
53 |
case xp of
|
|
nipkow@8011
|
54 |
None \\<Rightarrow> (case frs of
|
|
nipkow@8011
|
55 |
[] \\<Rightarrow> True
|
|
nipkow@8011
|
56 |
| (f#fs) \\<Rightarrow> (let (stk,loc,C,ml,pc) = f
|
|
nipkow@8011
|
57 |
in
|
|
nipkow@8011
|
58 |
\\<exists>rT maxl ins.
|
|
nipkow@8011
|
59 |
cmethd (G,C) ml = Some(C,rT,(maxl,ins)) \\<and>
|
|
nipkow@8011
|
60 |
G,hp\\<turnstile>\\<surd> \\<and>
|
|
nipkow@8011
|
61 |
correct_frame G hp ((phi C ml) ! pc) maxl ins f \\<and>
|
|
nipkow@8011
|
62 |
correct_frames G hp phi rT C ml fs))
|
|
nipkow@8011
|
63 |
| Some x \\<Rightarrow> True"
|
|
nipkow@8011
|
64 |
|
|
nipkow@8011
|
65 |
end
|