|
77
|
1 |
theory New_obj_prop
|
|
|
2 |
imports Main Finite_current Flask_type Flask Static
|
|
|
3 |
begin
|
|
|
4 |
|
|
|
5 |
context tainting_s begin
|
|
|
6 |
|
|
|
7 |
lemma nn_notin_aux: "finite s \<Longrightarrow> \<forall> a \<in> s. Max s \<ge> a "
|
|
|
8 |
apply (erule finite.induct, simp)
|
|
|
9 |
apply (rule ballI)
|
|
|
10 |
apply (case_tac "aa = a", simp+)
|
|
|
11 |
done
|
|
|
12 |
|
|
|
13 |
lemma nn_notin: "finite s \<Longrightarrow> next_nat s \<notin> s"
|
|
|
14 |
apply (drule nn_notin_aux)
|
|
|
15 |
apply (simp add:next_nat_def)
|
|
|
16 |
by (auto)
|
|
|
17 |
|
|
|
18 |
|
|
|
19 |
(* lemmas of new created obj *)
|
|
|
20 |
|
|
|
21 |
lemma np_notin_curp: "valid \<tau> \<Longrightarrow> new_proc \<tau> \<notin> current_procs \<tau>" using finite_cp
|
|
|
22 |
by (simp add:new_proc_def nn_notin)
|
|
|
23 |
|
|
|
24 |
lemma np_notin_curp': "\<lbrakk>new_proc \<tau> \<in> current_procs \<tau>; valid \<tau>\<rbrakk> \<Longrightarrow> False"
|
|
|
25 |
apply (drule np_notin_curp, simp)
|
|
|
26 |
done
|
|
|
27 |
|
|
|
28 |
lemma ni_notin_curi: "valid \<tau> \<Longrightarrow> new_inode_num \<tau> \<notin> current_inode_nums \<tau>"
|
|
|
29 |
apply (drule finite_ci)
|
|
|
30 |
by (simp add:new_inode_num_def nn_notin)
|
|
|
31 |
|
|
|
32 |
lemma ni_notin_curi': "\<lbrakk>new_inode_num \<tau> \<in> current_inode_nums \<tau>; valid \<tau>\<rbrakk> \<Longrightarrow> False"
|
|
|
33 |
by (drule ni_notin_curi, simp)
|
|
|
34 |
|
|
|
35 |
lemma nm_notin_curm: "valid \<tau> \<Longrightarrow> new_msgq \<tau> \<notin> current_msgqs \<tau>" using finite_cm
|
|
|
36 |
by (simp add:new_msgq_def nn_notin)
|
|
|
37 |
|
|
|
38 |
lemma nm_notin_curm': "\<lbrakk>new_msgq \<tau> \<in> current_msgqs \<tau>; valid \<tau>\<rbrakk> \<Longrightarrow> False"
|
|
|
39 |
by (drule nm_notin_curm, simp)
|
|
|
40 |
|
|
|
41 |
(*
|
|
|
42 |
lemma nh_notin_curh: "valid \<tau> \<Longrightarrow> new_shm \<tau> \<notin> current_shms \<tau>" using finite_ch
|
|
|
43 |
by (simp add:new_shm_def nn_notin)
|
|
|
44 |
|
|
|
45 |
lemma nh_notin_curh': "\<lbrakk>new_shm \<tau> \<in> current_shms \<tau>; valid \<tau>\<rbrakk> \<Longrightarrow> False"
|
|
|
46 |
by (drule nh_notin_curh, simp)
|
|
|
47 |
*)
|
|
|
48 |
|
|
|
49 |
lemma nfd_notin_curfd: "valid \<tau> \<Longrightarrow> new_proc_fd \<tau> p \<notin> current_proc_fds \<tau> p"
|
|
|
50 |
using finite_cfd[where p = p]
|
|
|
51 |
apply (simp add:new_proc_fd_def nn_notin)
|
|
|
52 |
done
|
|
|
53 |
|
|
|
54 |
lemma nfd_notin_curfd': "\<lbrakk>new_proc_fd \<tau> p \<in> current_proc_fds \<tau> p; valid \<tau>\<rbrakk> \<Longrightarrow> False"
|
|
|
55 |
by (drule nfd_notin_curfd[where p = p], simp)
|
|
|
56 |
|
|
|
57 |
lemma nim_notin_curim: "valid \<tau> \<Longrightarrow> new_inode_num \<tau> \<notin> current_inode_nums \<tau>"
|
|
|
58 |
by (drule finite_ci, simp add:new_inode_num_def nn_notin)
|
|
|
59 |
|
|
|
60 |
lemma nim_notin_curim': "\<lbrakk>new_inode_num \<tau> \<in> current_inode_nums \<tau>; valid \<tau>\<rbrakk> \<Longrightarrow> False"
|
|
|
61 |
by (drule nim_notin_curim, simp)
|
|
|
62 |
|
|
|
63 |
lemma len_fname_all: "length (fname_all_a len) = len"
|
|
|
64 |
by (induct len, auto simp:fname_all_a.simps)
|
|
|
65 |
|
|
93
|
66 |
lemma finite_fs_fnames:
|
|
|
67 |
"finite (fs::t_file set) \<Longrightarrow> finite {fn. fn # f \<in> fs}"
|
|
|
68 |
thm finite_imageI
|
|
77
|
69 |
apply (drule_tac h = "\<lambda> f'. case f' of [] \<Rightarrow> '''' | fn # pf' \<Rightarrow> if (pf' = f) then fn else ''''" in finite_imageI)
|
|
93
|
70 |
apply (rule_tac B = "(list_case [] (\<lambda>fn pf'. if pf' = f then fn else []) ` fs)" in finite_subset)
|
|
77
|
71 |
unfolding image_def
|
|
|
72 |
apply (clarsimp split:if_splits)
|
|
93
|
73 |
apply (rule_tac x = "x # f" in bexI, simp+)
|
|
|
74 |
done
|
|
77
|
75 |
|
|
93
|
76 |
lemma ncf_notin_curf_aux:
|
|
|
77 |
"finite (fs::t_file set) \<Longrightarrow> Suc (Max (fname_length_set {fn. fn # f \<in> fs})) \<notin> fname_length_set {fn. fn # f \<in> fs}"
|
|
|
78 |
apply (drule_tac f = f in finite_fs_fnames)
|
|
|
79 |
apply (drule_tac h = length in finite_imageI)
|
|
|
80 |
apply (simp add:fname_length_set_def)
|
|
|
81 |
apply (drule nn_notin_aux)
|
|
|
82 |
apply auto
|
|
77
|
83 |
done
|
|
|
84 |
|
|
93
|
85 |
lemma ncf_notin_curf_general:
|
|
94
|
86 |
assumes fin_fs: "finite fs"
|
|
|
87 |
shows "new_childf_general f fs \<notin> fs"
|
|
93
|
88 |
proof-
|
|
94
|
89 |
have a1: "Suc (Max (fname_length_set {fn. fn # f \<in> fs})) \<notin>
|
|
|
90 |
fname_length_set {fn. fn # f \<in> fs}"
|
|
|
91 |
using fin_fs
|
|
93
|
92 |
by (erule_tac ncf_notin_curf_aux)
|
|
|
93 |
have a2: "\<And> f pf fs. f # pf \<in> fs \<Longrightarrow> f \<in> {fn. fn # pf \<in> fs}" by auto
|
|
|
94 |
have a3: "\<And> f pf fs. f \<in> {fn. fn # pf \<in> fs} \<Longrightarrow> length f \<in> fname_length_set {fn. fn # pf \<in> fs}"
|
|
|
95 |
by (auto simp:fname_length_set_def)
|
|
|
96 |
show ?thesis
|
|
|
97 |
apply (simp only:new_childf_general_def next_fname_def all_fname_under_dir_def)
|
|
|
98 |
apply (rule notI)
|
|
|
99 |
apply (drule a2, drule a3)
|
|
|
100 |
apply (simp only:len_fname_all)
|
|
|
101 |
using a1 by auto
|
|
|
102 |
qed
|
|
|
103 |
|
|
|
104 |
lemma ncf_notin_curf:
|
|
|
105 |
"valid \<tau> \<Longrightarrow> new_childf f \<tau> \<notin> (current_files \<tau>)"
|
|
94
|
106 |
apply (drule finite_cf)
|
|
|
107 |
apply (drule_tac fs = "current_files \<tau>" in ncf_notin_curf_general)
|
|
93
|
108 |
apply (simp add:new_childf_def)
|
|
|
109 |
done
|
|
|
110 |
|
|
94
|
111 |
lemma ncf_parent_general: "valid \<tau> \<Longrightarrow> parent (new_childf_general f fs) = Some f"
|
|
93
|
112 |
by (simp add:new_childf_general_def)
|
|
|
113 |
|
|
77
|
114 |
lemma ncf_parent: "valid \<tau> \<Longrightarrow> parent (new_childf f \<tau>) = Some f"
|
|
93
|
115 |
by (simp add:new_childf_def ncf_parent_general)
|
|
77
|
116 |
|
|
|
117 |
end
|
|
|
118 |
|
|
|
119 |
end
|