# HG changeset patch # User kleing # Date 1014913308 -3600 # Node ID 7acfab8361d1d7d32a04a7f208ee679ae93ee4c5 # Parent 8040cce614e5bca947f28cd10c2d50fe16900cf5 enforce positive branch targets diff -r 8040cce614e5 -r 7acfab8361d1 src/HOL/MicroJava/BV/Effect.thy --- a/src/HOL/MicroJava/BV/Effect.thy Thu Feb 28 15:12:09 2002 +0100 +++ b/src/HOL/MicroJava/BV/Effect.thy Thu Feb 28 17:21:48 2002 +0100 @@ -127,54 +127,61 @@ text "Conditions under which eff is applicable:" consts -app' :: "instr \ jvm_prog \ nat \ ty \ state_type => bool" +app' :: "instr \ jvm_prog \ p_count \ nat \ ty \ state_type => bool" recdef app' "{}" -"app' (Load idx, G, maxs, rT, s) = (idx < length (snd s) \ - (snd s) ! idx \ Err \ - length (fst s) < maxs)" -"app' (Store idx, G, maxs, rT, (ts#ST, LT)) = (idx < length LT)" -"app' (LitPush v, G, maxs, rT, s) = (length (fst s) < maxs \ typeof (\t. None) v \ None)" -"app' (Getfield F C, G, maxs, rT, (oT#ST, LT)) = (is_class G C \ - field (G,C) F \ None \ - fst (the (field (G,C) F)) = C \ - G \ oT \ (Class C))" -"app' (Putfield F C, G, maxs, rT, (vT#oT#ST, LT)) = (is_class G C \ - field (G,C) F \ None \ - fst (the (field (G,C) F)) = C \ - G \ oT \ (Class C) \ - G \ vT \ (snd (the (field (G,C) F))))" -"app' (New C, G, maxs, rT, s) = (is_class G C \ length (fst s) < maxs)" -"app' (Checkcast C, G, maxs, rT, (RefT rt#ST,LT)) = (is_class G C)" -"app' (Pop, G, maxs, rT, (ts#ST,LT)) = True" -"app' (Dup, G, maxs, rT, (ts#ST,LT)) = (1+length ST < maxs)" -"app' (Dup_x1, G, maxs, rT, (ts1#ts2#ST,LT)) = (2+length ST < maxs)" -"app' (Dup_x2, G, maxs, rT, (ts1#ts2#ts3#ST,LT)) = (3+length ST < maxs)" -"app' (Swap, G, maxs, rT, (ts1#ts2#ST,LT)) = True" -"app' (IAdd, G, maxs, rT, (PrimT Integer#PrimT Integer#ST,LT)) - = True" -"app' (Ifcmpeq b, G, maxs, rT, (ts#ts'#ST,LT)) = (isPrimT ts \ ts' = ts \ - isRefT ts \ isRefT ts')" -"app' (Goto b, G, maxs, rT, s) = True" -"app' (Return, G, maxs, rT, (T#ST,LT)) = (G \ T \ rT)" -"app' (Throw, G, maxs, rT, (T#ST,LT)) = isRefT T" - -"app' (Invoke C mn fpTs, G, maxs, rT, s) = - (length fpTs < length (fst s) \ - (let apTs = rev (take (length fpTs) (fst s)); - X = hd (drop (length fpTs) (fst s)) - in - G \ X \ Class C \ is_class G C \ method (G,C) (mn,fpTs) \ None \ - list_all2 (\x y. G \ x \ y) apTs fpTs))" +"app' (Load idx, G, pc, maxs, rT, s) = + (idx < length (snd s) \ (snd s) ! idx \ Err \ length (fst s) < maxs)" +"app' (Store idx, G, pc, maxs, rT, (ts#ST, LT)) = + (idx < length LT)" +"app' (LitPush v, G, pc, maxs, rT, s) = + (length (fst s) < maxs \ typeof (\t. None) v \ None)" +"app' (Getfield F C, G, pc, maxs, rT, (oT#ST, LT)) = + (is_class G C \ field (G,C) F \ None \ fst (the (field (G,C) F)) = C \ + G \ oT \ (Class C))" +"app' (Putfield F C, G, pc, maxs, rT, (vT#oT#ST, LT)) = + (is_class G C \ field (G,C) F \ None \ fst (the (field (G,C) F)) = C \ + G \ oT \ (Class C) \ G \ vT \ (snd (the (field (G,C) F))))" +"app' (New C, G, pc, maxs, rT, s) = + (is_class G C \ length (fst s) < maxs)" +"app' (Checkcast C, G, pc, maxs, rT, (RefT rt#ST,LT)) = + (is_class G C)" +"app' (Pop, G, pc, maxs, rT, (ts#ST,LT)) = + True" +"app' (Dup, G, pc, maxs, rT, (ts#ST,LT)) = + (1+length ST < maxs)" +"app' (Dup_x1, G, pc, maxs, rT, (ts1#ts2#ST,LT)) = + (2+length ST < maxs)" +"app' (Dup_x2, G, pc, maxs, rT, (ts1#ts2#ts3#ST,LT)) = + (3+length ST < maxs)" +"app' (Swap, G, pc, maxs, rT, (ts1#ts2#ST,LT)) = + True" +"app' (IAdd, G, pc, maxs, rT, (PrimT Integer#PrimT Integer#ST,LT)) = + True" +"app' (Ifcmpeq b, G, pc, maxs, rT, (ts#ts'#ST,LT)) = + (0 \ int pc + b \ (isPrimT ts \ ts' = ts \ isRefT ts \ isRefT ts'))" +"app' (Goto b, G, pc, maxs, rT, s) = + (0 \ int pc + b)" +"app' (Return, G, pc, maxs, rT, (T#ST,LT)) = + (G \ T \ rT)" +"app' (Throw, G, pc, maxs, rT, (T#ST,LT)) = + isRefT T" +"app' (Invoke C mn fpTs, G, pc, maxs, rT, s) = + (length fpTs < length (fst s) \ + (let apTs = rev (take (length fpTs) (fst s)); + X = hd (drop (length fpTs) (fst s)) + in + G \ X \ Class C \ is_class G C \ method (G,C) (mn,fpTs) \ None \ + list_all2 (\x y. G \ x \ y) apTs fpTs))" -"app' (i,G,maxs,rT,s) = False" +"app' (i,G, pc,maxs,rT,s) = False" constdefs xcpt_app :: "instr \ jvm_prog \ nat \ exception_table \ bool" "xcpt_app i G pc et \ \C\set(xcpt_names (i,G,pc,et)). is_class G C" app :: "instr => jvm_prog => nat => ty => nat => exception_table => state_type option => bool" - "app i G maxs rT pc et s == case s of None => True | Some t => app' (i,G,maxs,rT,t) \ xcpt_app i G pc et" + "app i G maxs rT pc et s == case s of None => True | Some t => app' (i,G,pc,maxs,rT,t) \ xcpt_app i G pc et" lemma 1: "2 < length a ==> (\l l' l'' ls. a = l#l'#l''#ls)" @@ -303,8 +310,9 @@ lemma appIfcmpeq[simp]: -"app (Ifcmpeq b) G maxs rT pc et (Some s) = (\ts1 ts2 ST LT. s = (ts1#ts2#ST,LT) \ - ((\ p. ts1 = PrimT p \ ts2 = PrimT p) \ (\r r'. ts1 = RefT r \ ts2 = RefT r')))" +"app (Ifcmpeq b) G maxs rT pc et (Some s) = + (\ts1 ts2 ST LT. s = (ts1#ts2#ST,LT) \ 0 \ int pc + b \ + ((\ p. ts1 = PrimT p \ ts2 = PrimT p) \ (\r r'. ts1 = RefT r \ ts2 = RefT r')))" by (cases s, cases "2 int pc + b)" by simp lemma appThrow[simp]: