diff -r 69032a618aa9 -r d14c4e9e9c8e src/HOL/MicroJava/BV/BVSpec.thy --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/HOL/MicroJava/BV/BVSpec.thy Thu Nov 11 12:23:45 1999 +0100 @@ -0,0 +1,201 @@ +(* Title: HOL/MicroJava/BV/BVSpec.thy + ID: $Id$ + Author: Cornelia Pusch + Copyright 1999 Technische Universitaet Muenchen + +Specification of bytecode verifier +*) + +BVSpec = Convert + + +types + method_type = "state_type list" + class_type = "sig \\ method_type" + prog_type = "cname \\ class_type" + +consts + wt_LS :: "[load_and_store,jvm_prog,method_type,p_count,p_count] \\ bool" +primrec +"wt_LS (Load idx) G phi max_pc pc = + (let (ST,LT) = phi ! pc + in + pc+1 < max_pc \\ + idx < length LT \\ + (\\ts. (LT ! idx) = Some ts \\ + G \\ phi ! (pc+1) >>>= (ts # ST , LT)))" + +"wt_LS (Store idx) G phi max_pc pc = + (let (ST,LT) = phi ! pc + in + pc+1 < max_pc \\ + idx < length LT \\ + (\\ts ST'. ST = ts # ST' \\ + G \\ phi ! (pc+1) >>>= (ST' , LT[idx:=Some ts])))" + +"wt_LS (Bipush i) G phi max_pc pc = + (let (ST,LT) = phi ! pc + in + pc+1 < max_pc \\ + G \\ phi ! (pc+1) >>>= ((PrimT Integer) # ST , LT))" + +"wt_LS (Aconst_null) G phi max_pc pc = + (let (ST,LT) = phi ! pc + in + pc+1 < max_pc \\ + G \\ phi ! (pc+1) >>>= (NT # ST , LT))" + +consts + wt_MO :: "[manipulate_object,jvm_prog,method_type,p_count,p_count] \\ bool" +primrec +"wt_MO (Getfield F C) G phi max_pc pc = + (let (ST,LT) = phi ! pc + in + pc+1 < max_pc \\ + is_class G C \\ + (\\T oT ST'. cfield (G,C) F = Some(C,T) \\ + ST = oT # ST' \\ + G \\ oT \\ (Class C) \\ + G \\ phi ! (pc+1) >>>= (T # ST' , LT)))" + +"wt_MO (Putfield F C) G phi max_pc pc = + (let (ST,LT) = phi ! pc + in + pc+1 < max_pc \\ + is_class G C \\ + (\\T vT oT ST'. + cfield (G,C) F = Some(C,T) \\ + ST = vT # oT # ST' \\ + G \\ oT \\ (Class C) \\ + G \\ vT \\ T \\ + G \\ phi ! (pc+1) >>>= (ST' , LT)))" + + +consts + wt_CO :: "[create_object,jvm_prog,method_type,p_count,p_count] \\ bool" +primrec +"wt_CO (New C) G phi max_pc pc = + (let (ST,LT) = phi ! pc + in + pc+1 < max_pc \\ + is_class G C \\ + G \\ phi ! (pc+1) >>>= ((Class C) # ST , LT))" + +consts + wt_CH :: "[check_object,jvm_prog,method_type,p_count,p_count] \\ bool" +primrec +"wt_CH (Checkcast C) G phi max_pc pc = + (let (ST,LT) = phi ! pc + in + pc+1 < max_pc \\ + is_class G C \\ + (\\rt ST'. ST = RefT rt # ST' \\ + G \\ phi ! (pc+1) >>>= (Class C # ST' , LT)))" + +consts + wt_OS :: "[op_stack,jvm_prog,method_type,p_count,p_count] \\ bool" +primrec +"wt_OS Pop G phi max_pc pc = + (let (ST,LT) = phi ! pc + in + \\ts ST'. pc+1 < max_pc \\ + ST = ts # ST' \\ + G \\ phi ! (pc+1) >>>= (ST' , LT))" + +"wt_OS Dup G phi max_pc pc = + (let (ST,LT) = phi ! pc + in + pc+1 < max_pc \\ + (\\ts ST'. ST = ts # ST' \\ + G \\ phi ! (pc+1) >>>= (ts # ts # ST' , LT)))" + +"wt_OS Dup_x1 G phi max_pc pc = + (let (ST,LT) = phi ! pc + in + pc+1 < max_pc \\ + (\\ts1 ts2 ST'. ST = ts1 # ts2 # ST' \\ + G \\ phi ! (pc+1) >>>= (ts1 # ts2 # ts1 # ST' , LT)))" + +"wt_OS Dup_x2 G phi max_pc pc = + (let (ST,LT) = phi ! pc + in + pc+1 < max_pc \\ + (\\ts1 ts2 ts3 ST'. ST = ts1 # ts2 # ts3 # ST' \\ + G \\ phi ! (pc+1) >>>= (ts1 # ts2 # ts3 # ts1 # ST' , LT)))" + +"wt_OS Swap G phi max_pc pc = + (let (ST,LT) = phi ! pc + in + pc+1 < max_pc \\ + (\\ts ts' ST'. ST = ts' # ts # ST' \\ + G \\ phi ! (pc+1) >>>= (ts # ts' # ST' , LT)))" + +consts + wt_BR :: "[branch,jvm_prog,method_type,p_count,p_count] \\ bool" +primrec +"wt_BR (Ifcmpeq branch) G phi max_pc pc = + (let (ST,LT) = phi ! pc + in + pc+1 < max_pc \\ (nat(int pc+branch)) < max_pc \\ + (\\ts ts' ST'. ST = ts # ts' # ST' \\ ts = ts' \\ + G \\ phi ! (pc+1) >>>= (ST' , LT) \\ + G \\ phi ! (nat(int pc+branch)) >>>= (ST' , LT)))" +"wt_BR (Goto branch) G phi max_pc pc = + (let (ST,LT) = phi ! pc + in + (nat(int pc+branch)) < max_pc \\ + G \\ phi ! (nat(int pc+branch)) >>>= (ST , LT))" + +consts + wt_MI :: "[meth_inv,jvm_prog,method_type,p_count,p_count] \\ bool" +primrec +"wt_MI (Invokevirtual mn fpTs) G phi max_pc pc = + (let (ST,LT) = phi ! pc + in + pc+1 < max_pc \\ + (\\apTs C ST'. ST = (rev apTs) @ (Class C # ST') \\ + length apTs = length fpTs \\ + (\\(aT,fT)\\set(zip apTs fpTs). G \\ aT \\ fT) \\ + (\\D rT b. cmethd (G,C) (mn,fpTs) = Some(D,rT,b) \\ + G \\ phi ! (pc+1) >>>= (rT # ST' , LT))))" + +constdefs + wt_MR :: "[jvm_prog,ty,method_type,p_count] \\ bool" +"wt_MR G rT phi pc \\ + (let (ST,LT) = phi ! pc + in + (\\T ST'. ST = T # ST' \\ G \\ T \\ rT))" + + +constdefs + wt_instr :: "[instr,jvm_prog,ty,method_type,nat,p_count] \\ bool" + "wt_instr instr G rT phi max_pc pc \\ + case instr of + LS ins \\ wt_LS ins G phi max_pc pc + | CO ins \\ wt_CO ins G phi max_pc pc + | MO ins \\ wt_MO ins G phi max_pc pc + | CH ins \\ wt_CH ins G phi max_pc pc + | MI ins \\ wt_MI ins G phi max_pc pc + | MR \\ wt_MR G rT phi pc + | OS ins \\ wt_OS ins G phi max_pc pc + | BR ins \\ wt_BR ins G phi max_pc pc" + + +constdefs + wt_start :: "[jvm_prog,cname,ty list,nat,method_type] \\ bool" + "wt_start G C pTs mxl phi \\ + G \\ phi!0 >>>= ([],(Some(Class C))#((map Some pTs))@(replicate mxl None))" + + + wt_method :: "[jvm_prog,cname,ty list,ty,nat,instr list,method_type] \\ bool" + "wt_method G cn pTs rT mxl ins phi \\ + let max_pc = length ins + in + 0 < max_pc \\ wt_start G cn pTs mxl phi \\ + (\\pc. pc wt_instr (ins ! pc) G rT phi max_pc pc)" + + wt_jvm_prog :: "[jvm_prog,prog_type] \\ bool" +"wt_jvm_prog G phi \\ + wf_prog (\\G C (sig,rT,maxl,b). + wt_method G C (snd sig) rT maxl b (phi C sig)) G" + +end