diff -r 5f86fb3ddd44 -r 811e3028d169 Dynamic_static.thy
--- a/Dynamic_static.thy	Tue Nov 19 09:27:25 2013 +0800
+++ b/Dynamic_static.thy	Tue Nov 19 12:31:56 2013 +0800
@@ -86,34 +86,78 @@
 where
   "is_created_proc s p \<equiv> p \<in> init_procs \<longrightarrow> deleted (O_proc p) s"
 
+lemma enrich_proc_aux1:
+  assumes vs': "valid s'"
+    and os: "os_grant s e" and grant: "grant s e"
+    and alive: "\<forall> obj. alive s obj \<longrightarrow> alive s' obj"
+    and cp2sp: "\<forall> p. p \<in> current_procs s \<longrightarrow> cp2sproc s' p = cp2sproc s p"
+    and cf2sf: "\<forall> f. f \<in> current_files s \<longrightarrow> cf2sfile s' f = cf2sfile s f"
+  shows "valid (e # s')"
+proof (cases e)
+  case (Execve p f fds)
+  have p_in: "p \<in> current_procs s'" using os alive
+    apply (erule_tac x = "O_proc p" in allE)
+    by (auto simp:Execve)
+  have f_in: "is_file s' f" using os alive
+    apply (erule_tac x = "O_file f" in allE)
+    by (auto simp:Execve)
+  have fd_in: "fds \<subseteq> current_proc_fds s' p" using os alive
+    apply (auto simp:Execve)
+    by (erule_tac x = "O_fd p x" in allE, auto)
+  have "os_grant s' e" using p_in f_in fd_in by (simp add:Execve)
+  moreover have "grant s' e"
+  proof-
+    from grant obtain up rp tp uf rf tf 
+      where p1: "sectxt_of_obj s (O_proc p) = Some (up, rp, tp)"
+      and p2: "sectxt_of_obj s (O_file f) = Some (uf, rf, tf)" 
+      by (simp add:Execve split:option.splits, blast)
+    with grant obtain pu nr nt where p3: "npctxt_execve (up, rp, tp) (uf, rf, tf) = Some (pu, nr, nt)"
+      by (simp add:Execve split:option.splits del:npctxt_execve.simps, blast)
+    from p1 have p1': "sectxt_of_obj s' (O_proc p) = Some (up, rp, tp)"
+      using os cp2sp
+      apply (erule_tac x = p in allE)
+      by (auto simp:Execve co2sobj.simps cp2sproc_def split:option.splits)
+    from p2 have p2': "sectxt_of_obj s' (O_file f) = Some (uf, rf, tf)" 
+      using os cf2sf
+      apply (erule_tac x = "f" in allE)
+      apply (auto simp:Execve dest:is_file_in_current)
+      thm cf2sfile_def
+      apply (auto simp:cf2sfile_def split:option.splits)
+      apply (auto simp:Execve co2sobj.simps cf2sfile_simps split:option.splits)
+      apply (simp add:cf2sfiles_def)
+      apply (auto)[1]
+      using os pre
+  show ?thesis
+  proof-
+    have
+    
+
+
+
 lemma enrich_proc_prop:
   "\<lbrakk>valid s; is_created_proc s p; p' \<notin> all_procs s\<rbrakk>
    \<Longrightarrow> valid (enrich_proc s p p') \<and> 
-       co2sobj (enrich_proc s p p') (O_proc p') = co2sobj (enrich_proc s p p') (O_proc p) \<and>
-       (alive s obj \<longrightarrow> alive (enrich_proc s p p')  obj \<and> co2sobj (enrich_proc s p p') obj = co2sobj s obj)"
+       (p \<in> current_procs s \<longrightarrow> co2sobj (enrich_proc s p p') (O_proc p') = co2sobj (enrich_proc s p p') (O_proc p)) \<and>
+       (\<forall> obj. alive s obj \<longrightarrow> alive (enrich_proc s p p')  obj \<and> co2sobj (enrich_proc s p p') obj = co2sobj s obj)"
 proof (induct s)
   case Nil
   thus ?case by (auto simp:is_created_proc_def)
 next
   case (Cons e s)
-  hence p1: "\<lbrakk>p \<in> current_procs s; valid s; is_created_proc s p; p' \<notin> current_procs s\<rbrakk>
+  hence p1: "\<lbrakk>valid s; is_created_proc s p; p' \<notin> all_procs s\<rbrakk>
   \<Longrightarrow> valid (enrich_proc s p p') \<and>
-     p' \<in> current_procs (enrich_proc s p p') \<and>
-     co2sobj (enrich_proc s p p') (O_proc p') = co2sobj (enrich_proc s p p') (O_proc p) \<and>
+     (p \<in> current_procs s \<longrightarrow> co2sobj (enrich_proc s p p') (O_proc p') = co2sobj (enrich_proc s p p') (O_proc p)) \<and>
      (alive s obj \<longrightarrow> alive (enrich_proc s p p') obj \<and> co2sobj (enrich_proc s p p') obj = co2sobj s obj)"
-    and p2: "p \<in> current_procs (e # s)" and p3: "valid (e # s)"
-    and p4: "is_created_proc (e # s) p" and p5: "p' \<notin> current_procs (e # s)"
+    and p2: "valid (e # s)" and p3: "is_created_proc (e # s) p" and p4: "p' \<notin> all_procs (e # s)"
     by auto
-  from p4 p2 have p4': "is_created_proc s p"
-    by (case_tac e, auto simp:is_created_proc_def)
-  from p3 have vd: "valid s" and os: "os_grant s e" and grant: "grant s e"
+  from p2 have vd: "valid s" and os: "os_grant s e" and grant: "grant s e"
     by (auto dest:vd_cons vt_grant vt_grant_os)
-  from p1 p4' have a1: "\<lbrakk>p \<in> current_procs s; p' \<notin> current_procs s\<rbrakk>
-    \<Longrightarrow> valid (enrich_proc s p p')" by (auto simp:vd)
+  from p4 have p4': "p' \<notin> all_procs s" by (case_tac e, auto)
+  from p1 p4' have a1: "is_created_proc s p \<Longrightarrow> valid (enrich_proc s p p')" by (auto simp:vd)
   have c1: "valid (enrich_proc (e # s) p p')"
     apply (case_tac e)
-    using a1 os p5
-    apply (auto)
+    using a1 os p3
+    apply (auto simp:is_created_proc_def)
     sorry
   moreover have c2: "p' \<in> current_procs (enrich_proc (e # s) p p')"
     sorry