tm2: Separation_Algebra/ex/capDL/Abstract_Separation

25 a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	1	(* Author: Andrew Boyton, 2012
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	2	Maintainers: Gerwin Klein <kleing at cse.unsw.edu.au>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	3	Rafal Kolanski <rafal.kolanski at nicta.com.au>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	4	*)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	5
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	6	header "Instantiating capDL as a separation algebra."
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	7
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	8	theory Abstract_Separation_D
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	9	imports "../../Sep_Tactics" Types_D "../../Map_Extra"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	10	begin
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	11
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	12	(**************************************
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	13	* Start of lemmas to move elsewhere. *
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	14	**************************************)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	15
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	16	lemma inter_empty_not_both:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	17	"\<lbrakk>x \<in> A; A \<inter> B = {}\<rbrakk> \<Longrightarrow> x \<notin> B"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	18	by fastforce
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	19
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	20	lemma union_intersection:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	21	"A \<inter> (A \<union> B) = A"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	22	"B \<inter> (A \<union> B) = B"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	23	"(A \<union> B) \<inter> A = A"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	24	"(A \<union> B) \<inter> B = B"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	25	by fastforce+
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	26
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	27	lemma union_intersection1: "A \<inter> (A \<union> B) = A"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	28	by (rule inf_sup_absorb)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	29	lemma union_intersection2: "B \<inter> (A \<union> B) = B"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	30	by fastforce
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	31
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	32	(* This lemma is strictly weaker than restrict_map_disj. *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	33	lemma restrict_map_disj':
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	34	"S \<inter> T = {} \<Longrightarrow> h \|` S \<bottom> h' \|` T"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	35	by (auto simp: map_disj_def restrict_map_def dom_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	36
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	37	lemma map_add_restrict_comm:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	38	"S \<inter> T = {} \<Longrightarrow> h \|` S ++ h' \|` T = h' \|` T ++ h \|` S"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	39	apply (drule restrict_map_disj')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	40	apply (erule map_add_com)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	41	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	42
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	43	(************************************
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	44	* End of lemmas to move elsewhere. *
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	45	************************************)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	46
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	47
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	48
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	49	(* The state for separation logic has:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	50	* The memory heap.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	51	* A function for which objects own which fields.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	52	In capDL, we say that an object either owns all of its fields, or none of them.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	53	These are both taken from the cdl_state.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	54	*)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	55
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	56	datatype sep_state = SepState cdl_heap cdl_ghost_state
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	57
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	58	(* Functions to get the heap and the ghost_state from the sep_state. *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	59	primrec sep_heap :: "sep_state \<Rightarrow> cdl_heap"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	60	where "sep_heap (SepState h gs) = h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	61
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	62	primrec sep_ghost_state :: "sep_state \<Rightarrow> cdl_ghost_state"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	63	where "sep_ghost_state (SepState h gs) = gs"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	64
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	65	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	66	the_set :: "'a option set \<Rightarrow> 'a set"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	67	where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	68	"the_set xs = {x. Some x \<in> xs}"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	69
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	70	lemma the_set_union [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	71	"the_set (A \<union> B) = the_set A \<union> the_set B"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	72	by (fastforce simp: the_set_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	73
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	74	lemma the_set_inter [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	75	"the_set (A \<inter> B) = the_set A \<inter> the_set B"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	76	by (fastforce simp: the_set_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	77
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	78	lemma the_set_inter_empty:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	79	"A \<inter> B = {} \<Longrightarrow> the_set A \<inter> the_set B = {}"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	80	by (fastforce simp: the_set_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	81
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	82
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	83	(* As the capDL operations mostly take the state (rather than the heap)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	84	* we need to redefine some of them again to take just the heap.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	85	*)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	86	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	87	slots_of_heap :: "cdl_heap \<Rightarrow> cdl_object_id \<Rightarrow> cdl_cap_map"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	88	where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	89	"slots_of_heap h \<equiv> \<lambda>obj_id.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	90	case h obj_id of
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	91	None \<Rightarrow> empty
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	92	\| Some obj \<Rightarrow> object_slots obj"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	93
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	94	(* Adds new caps to an object. It won't overwrite on a collision. *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	95	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	96	add_to_slots :: "cdl_cap_map \<Rightarrow> cdl_object \<Rightarrow> cdl_object"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	97	where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	98	"add_to_slots new_val obj \<equiv> update_slots (new_val ++ (object_slots obj)) obj"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	99
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	100	lemma add_to_slots_assoc:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	101	"add_to_slots x (add_to_slots (y ++ z) obj) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	102	add_to_slots (x ++ y) (add_to_slots z obj)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	103	apply (clarsimp simp: add_to_slots_def update_slots_def object_slots_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	104	apply (fastforce simp: cdl_tcb.splits cdl_cnode.splits
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	105	split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	106	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	107
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	108	(* Lemmas about add_to_slots, update_slots and object_slots. *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	109	lemma add_to_slots_twice [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	110	"add_to_slots x (add_to_slots y a) = add_to_slots (x ++ y) a"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	111	by (fastforce simp: add_to_slots_def update_slots_def object_slots_def
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	112	split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	113
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	114	lemma slots_of_heap_empty [simp]: "slots_of_heap empty object_id = empty"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	115	by (simp add: slots_of_heap_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	116
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	117	lemma slots_of_heap_empty2 [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	118	"h obj_id = None \<Longrightarrow> slots_of_heap h obj_id = empty"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	119	by (simp add: slots_of_heap_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	120
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	121	lemma update_slots_add_to_slots_empty [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	122	"update_slots empty (add_to_slots new obj) = update_slots empty obj"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	123	by (clarsimp simp: update_slots_def add_to_slots_def split:cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	124
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	125	lemma update_object_slots_id [simp]: "update_slots (object_slots a) a = a"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	126	by (clarsimp simp: update_slots_def object_slots_def
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	127	split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	128
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	129	lemma update_slots_of_heap_id [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	130	"h obj_id = Some obj \<Longrightarrow> update_slots (slots_of_heap h obj_id) obj = obj"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	131	by (clarsimp simp: update_slots_def slots_of_heap_def object_slots_def
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	132	split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	133
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	134	lemma add_to_slots_empty [simp]: "add_to_slots empty h = h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	135	by (simp add: add_to_slots_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	136
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	137	lemma update_slots_eq:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	138	"update_slots a o1 = update_slots a o2 \<Longrightarrow> update_slots b o1 = update_slots b o2"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	139	by (fastforce simp: update_slots_def cdl_tcb.splits cdl_cnode.splits
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	140	split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	141
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	142
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	143
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	144	(* If there are not two conflicting objects at a position in two states.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	145	* Objects conflict if their types are different or their ghost_states collide.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	146	*)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	147	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	148	not_conflicting_objects :: "sep_state \<Rightarrow> sep_state \<Rightarrow> cdl_object_id \<Rightarrow> bool"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	149	where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	150	"not_conflicting_objects state_a state_b = (\<lambda>obj_id.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	151	let heap_a = sep_heap state_a;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	152	heap_b = sep_heap state_b;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	153	gs_a = sep_ghost_state state_a;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	154	gs_b = sep_ghost_state state_b
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	155	in case (heap_a obj_id, heap_b obj_id) of
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	156	(Some o1, Some o2) \<Rightarrow> object_type o1 = object_type o2 \<and> gs_a obj_id \<inter> gs_b obj_id = {}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	157	\| _ \<Rightarrow> True)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	158
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	159
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	160	(* "Cleans" slots to conform with the compontents. *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	161	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	162	clean_slots :: "cdl_cap_map \<Rightarrow> cdl_components \<Rightarrow> cdl_cap_map"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	163	where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	164	"clean_slots slots cmp \<equiv> slots \|` the_set cmp"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	165
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	166	(* Sets the fields of an object to a "clean" state.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	167	Because a frame's size is part of it's type, we don't reset it. *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	168	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	169	object_clean_fields :: "cdl_object \<Rightarrow> cdl_components \<Rightarrow> cdl_object"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	170	where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	171	"object_clean_fields obj cmp \<equiv> if None \<in> cmp then obj else case obj of
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	172	Tcb x \<Rightarrow> Tcb (x\<lparr>cdl_tcb_fault_endpoint := undefined\<rparr>)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	173	\| CNode x \<Rightarrow> CNode (x\<lparr>cdl_cnode_size_bits := undefined \<rparr>)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	174	\| _ \<Rightarrow> obj"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	175
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	176	(* Sets the slots of an object to a "clean" state. *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	177	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	178	object_clean_slots :: "cdl_object \<Rightarrow> cdl_components \<Rightarrow> cdl_object"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	179	where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	180	"object_clean_slots obj cmp \<equiv> update_slots (clean_slots (object_slots obj) cmp) obj"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	181
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	182	(* Sets an object to a "clean" state. *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	183	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	184	object_clean :: "cdl_object \<Rightarrow> cdl_components \<Rightarrow> cdl_object"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	185	where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	186	"object_clean obj gs \<equiv> object_clean_slots (object_clean_fields obj gs) gs"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	187
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	188	(* Overrides the left object with the attributes of the right, as specified by the ghost state.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	189	If the components for an object are empty, then this object is treated as empty, and thus ignored.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	190	*)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	191	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	192	object_add :: "cdl_object \<Rightarrow> cdl_object \<Rightarrow> cdl_components \<Rightarrow> cdl_components \<Rightarrow> cdl_object"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	193	where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	194	"object_add obj_a obj_b cmps_a cmps_b \<equiv>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	195	let clean_obj_a = object_clean obj_a cmps_a;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	196	clean_obj_b = object_clean obj_b cmps_b
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	197	in if (cmps_a = {})
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	198	then clean_obj_b
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	199	else if (cmps_b = {})
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	200	then clean_obj_a
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	201	else if (None \<in> cmps_b)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	202	then (update_slots (object_slots clean_obj_a ++ object_slots clean_obj_b) clean_obj_b)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	203	else (update_slots (object_slots clean_obj_a ++ object_slots clean_obj_b) clean_obj_a)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	204
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	205	(* Heaps are added by adding their repsective objects.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	206	* The ghost state tells us which object's fields should be taken.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	207	* Adding objects of the same type adds their caps
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	208	* (overwrites the left with the right).
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	209	*)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	210	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	211	cdl_heap_add :: "sep_state \<Rightarrow> sep_state \<Rightarrow> cdl_heap"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	212	where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	213	"cdl_heap_add state_a state_b \<equiv> \<lambda>obj_id.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	214	let heap_a = sep_heap state_a;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	215	heap_b = sep_heap state_b;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	216	gs_a = sep_ghost_state state_a;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	217	gs_b = sep_ghost_state state_b
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	218	in case heap_b obj_id of
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	219	None \<Rightarrow> heap_a obj_id
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	220	\| Some obj_b \<Rightarrow> case heap_a obj_id of
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	221	None \<Rightarrow> heap_b obj_id
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	222	\| Some obj_a \<Rightarrow> Some (object_add obj_a obj_b (gs_a obj_id) (gs_b obj_id))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	223
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	224	(* Heaps are added by adding their repsective objects.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	225	* The ghost state tells us which object's fields should be taken.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	226	* Adding objects of the same type adds their caps
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	227	* (overwrites the left with the right).
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	228	*)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	229	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	230	cdl_ghost_state_add :: "sep_state \<Rightarrow> sep_state \<Rightarrow> cdl_ghost_state"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	231	where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	232	"cdl_ghost_state_add state_a state_b \<equiv> \<lambda>obj_id.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	233	let heap_a = sep_heap state_a;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	234	heap_b = sep_heap state_b;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	235	gs_a = sep_ghost_state state_a;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	236	gs_b = sep_ghost_state state_b
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	237	in if heap_a obj_id = None \<and> heap_b obj_id \<noteq> None then gs_b obj_id
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	238	else if heap_b obj_id = None \<and> heap_a obj_id \<noteq> None then gs_a obj_id
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	239	else gs_a obj_id \<union> gs_b obj_id"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	240
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	241
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	242	(* Adding states adds their heaps,
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	243	* and each objects owns whichever fields it owned in either heap.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	244	*)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	245	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	246	sep_state_add :: "sep_state \<Rightarrow> sep_state \<Rightarrow> sep_state"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	247	where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	248	"sep_state_add state_a state_b \<equiv>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	249	let
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	250	heap_a = sep_heap state_a;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	251	heap_b = sep_heap state_b;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	252	gs_a = sep_ghost_state state_a;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	253	gs_b = sep_ghost_state state_b
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	254	in
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	255	SepState (cdl_heap_add state_a state_b) (cdl_ghost_state_add state_a state_b)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	256
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	257
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	258	(* Heaps are disjoint if for all of their objects:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	259	* the caps of their respective objects are disjoint,
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	260	* their respective objects don't conflict,
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	261	* they don't both own any of the same fields.
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	262	*)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	263	definition
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	264	sep_state_disj :: "sep_state \<Rightarrow> sep_state \<Rightarrow> bool"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	265	where
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	266	"sep_state_disj state_a state_b \<equiv>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	267	let
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	268	heap_a = sep_heap state_a;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	269	heap_b = sep_heap state_b;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	270	gs_a = sep_ghost_state state_a;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	271	gs_b = sep_ghost_state state_b
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	272	in
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	273	\<forall>obj_id. not_conflicting_objects state_a state_b obj_id"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	274
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	275	lemma not_conflicting_objects_comm:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	276	"not_conflicting_objects h1 h2 obj = not_conflicting_objects h2 h1 obj"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	277	apply (clarsimp simp: not_conflicting_objects_def split:option.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	278	apply (fastforce simp: update_slots_def cdl_tcb.splits cdl_cnode.splits
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	279	split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	280	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	281
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	282	lemma object_clean_comm:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	283	"\<lbrakk>object_type obj_a = object_type obj_b;
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	284	object_slots obj_a ++ object_slots obj_b = object_slots obj_b ++ object_slots obj_a; None \<notin> cmp\<rbrakk>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	285	\<Longrightarrow> object_clean (add_to_slots (object_slots obj_a) obj_b) cmp =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	286	object_clean (add_to_slots (object_slots obj_b) obj_a) cmp"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	287	apply (clarsimp simp: object_type_def split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	288	apply (clarsimp simp: object_clean_def object_clean_slots_def object_clean_fields_def
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	289	add_to_slots_def object_slots_def update_slots_def
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	290	cdl_tcb.splits cdl_cnode.splits
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	291	split: cdl_object.splits)+
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	292	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	293
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	294	lemma add_to_slots_object_slots:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	295	"object_type y = object_type z
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	296	\<Longrightarrow> add_to_slots (object_slots (add_to_slots (x) y)) z =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	297	add_to_slots (x ++ object_slots y) z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	298	apply (clarsimp simp: add_to_slots_def update_slots_def object_slots_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	299	apply (fastforce simp: object_type_def cdl_tcb.splits cdl_cnode.splits
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	300	split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	301	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	302
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	303	lemma not_conflicting_objects_empty [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	304	"not_conflicting_objects s (SepState empty (\<lambda>obj_id. {})) obj_id"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	305	by (clarsimp simp: not_conflicting_objects_def split:option.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	306
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	307	lemma empty_not_conflicting_objects [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	308	"not_conflicting_objects (SepState empty (\<lambda>obj_id. {})) s obj_id"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	309	by (clarsimp simp: not_conflicting_objects_def split:option.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	310
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	311	lemma not_conflicting_objects_empty_object [elim!]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	312	"(sep_heap x) obj_id = None \<Longrightarrow> not_conflicting_objects x y obj_id"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	313	by (clarsimp simp: not_conflicting_objects_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	314
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	315	lemma empty_object_not_conflicting_objects [elim!]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	316	"(sep_heap y) obj_id = None \<Longrightarrow> not_conflicting_objects x y obj_id"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	317	apply (drule not_conflicting_objects_empty_object [where y=x])
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	318	apply (clarsimp simp: not_conflicting_objects_comm)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	319	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	320
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	321	lemma cdl_heap_add_empty [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	322	"cdl_heap_add (SepState h gs) (SepState empty (\<lambda>obj_id. {})) = h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	323	by (simp add: cdl_heap_add_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	324
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	325	lemma empty_cdl_heap_add [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	326	"cdl_heap_add (SepState empty (\<lambda>obj_id. {})) (SepState h gs)= h"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	327	apply (simp add: cdl_heap_add_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	328	apply (rule ext)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	329	apply (clarsimp split: option.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	330	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	331
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	332	lemma map_add_result_empty1: "a ++ b = empty \<Longrightarrow> a = empty"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	333	apply (subgoal_tac "dom (a++b) = {}")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	334	apply (subgoal_tac "dom (a) = {}")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	335	apply clarsimp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	336	apply (unfold dom_map_add)[1]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	337	apply clarsimp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	338	apply clarsimp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	339	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	340
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	341	lemma map_add_result_empty2: "a ++ b = empty \<Longrightarrow> b = empty"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	342	apply (subgoal_tac "dom (a++b) = {}")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	343	apply (subgoal_tac "dom (a) = {}")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	344	apply clarsimp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	345	apply (unfold dom_map_add)[1]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	346	apply clarsimp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	347	apply clarsimp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	348	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	349
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	350	lemma map_add_emptyE [elim!]: "\<lbrakk>a ++ b = empty; \<lbrakk>a = empty; b = empty\<rbrakk> \<Longrightarrow> R\<rbrakk> \<Longrightarrow> R"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	351	apply (frule map_add_result_empty1)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	352	apply (frule map_add_result_empty2)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	353	apply clarsimp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	354	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	355
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	356	lemma clean_slots_empty [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	357	"clean_slots empty cmp = empty"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	358	by (clarsimp simp: clean_slots_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	359
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	360	lemma object_type_update_slots [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	361	"object_type (update_slots slots x) = object_type x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	362	by (clarsimp simp: object_type_def update_slots_def split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	363
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	364	lemma object_type_object_clean_slots [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	365	"object_type (object_clean_slots x cmp) = object_type x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	366	by (clarsimp simp: object_clean_slots_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	367
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	368	lemma object_type_object_clean_fields [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	369	"object_type (object_clean_fields x cmp) = object_type x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	370	by (clarsimp simp: object_clean_fields_def object_type_def split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	371
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	372	lemma object_type_object_clean [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	373	"object_type (object_clean x cmp) = object_type x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	374	by (clarsimp simp: object_clean_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	375
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	376	lemma object_type_add_to_slots [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	377	"object_type (add_to_slots slots x) = object_type x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	378	by (clarsimp simp: object_type_def add_to_slots_def update_slots_def split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	379
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	380	lemma object_slots_update_slots [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	381	"has_slots obj \<Longrightarrow> object_slots (update_slots slots obj) = slots"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	382	by (clarsimp simp: object_slots_def update_slots_def has_slots_def
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	383	split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	384
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	385	lemma object_slots_update_slots_empty [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	386	"\<not>has_slots obj \<Longrightarrow> object_slots (update_slots slots obj) = empty"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	387	by (clarsimp simp: object_slots_def update_slots_def has_slots_def
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	388	split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	389
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	390	lemma update_slots_no_slots [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	391	"\<not>has_slots obj \<Longrightarrow> update_slots slots obj = obj"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	392	by (clarsimp simp: update_slots_def has_slots_def split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	393
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	394	lemma update_slots_update_slots [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	395	"update_slots slots (update_slots slots' obj) = update_slots slots obj"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	396	by (clarsimp simp: update_slots_def split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	397
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	398	lemma update_slots_same_object:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	399	"a = b \<Longrightarrow> update_slots a obj = update_slots b obj"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	400	by (erule arg_cong)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	401
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	402	lemma object_type_has_slots:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	403	"\<lbrakk>has_slots x; object_type x = object_type y\<rbrakk> \<Longrightarrow> has_slots y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	404	by (clarsimp simp: object_type_def has_slots_def split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	405
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	406	lemma object_slots_object_clean_fields [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	407	"object_slots (object_clean_fields obj cmp) = object_slots obj"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	408	by (clarsimp simp: object_slots_def object_clean_fields_def split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	409
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	410	lemma object_slots_object_clean_slots [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	411	"object_slots (object_clean_slots obj cmp) = clean_slots (object_slots obj) cmp"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	412	by (clarsimp simp: object_clean_slots_def object_slots_def update_slots_def split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	413
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	414	lemma object_slots_object_clean [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	415	"object_slots (object_clean obj cmp) = clean_slots (object_slots obj) cmp"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	416	by (clarsimp simp: object_clean_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	417
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	418	lemma object_slots_add_to_slots [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	419	"object_type y = object_type z \<Longrightarrow> object_slots (add_to_slots (object_slots y) z) = object_slots y ++ object_slots z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	420	by (clarsimp simp: object_slots_def add_to_slots_def update_slots_def object_type_def split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	421
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	422	lemma update_slots_object_clean_slots [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	423	"update_slots slots (object_clean_slots obj cmp) = update_slots slots obj"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	424	by (clarsimp simp: object_clean_slots_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	425
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	426	lemma object_clean_fields_idem [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	427	"object_clean_fields (object_clean_fields obj cmp) cmp = object_clean_fields obj cmp"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	428	by (clarsimp simp: object_clean_fields_def split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	429
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	430	lemma object_clean_slots_idem [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	431	"object_clean_slots (object_clean_slots obj cmp) cmp = object_clean_slots obj cmp"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	432	apply (case_tac "has_slots obj")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	433	apply (clarsimp simp: object_clean_slots_def clean_slots_def)+
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	434	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	435
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	436	lemma object_clean_fields_object_clean_slots [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	437	"object_clean_fields (object_clean_slots obj gs) gs = object_clean_slots (object_clean_fields obj gs) gs"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	438	by (clarsimp simp: object_clean_fields_def object_clean_slots_def
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	439	clean_slots_def object_slots_def update_slots_def
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	440	split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	441
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	442	lemma object_clean_idem [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	443	"object_clean (object_clean obj cmp) cmp = object_clean obj cmp"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	444	by (clarsimp simp: object_clean_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	445
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	446	lemma has_slots_object_clean_slots:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	447	"has_slots (object_clean_slots obj cmp) = has_slots obj"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	448	by (clarsimp simp: has_slots_def object_clean_slots_def update_slots_def split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	449
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	450	lemma has_slots_object_clean_fields:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	451	"has_slots (object_clean_fields obj cmp) = has_slots obj"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	452	by (clarsimp simp: has_slots_def object_clean_fields_def split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	453
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	454	lemma has_slots_object_clean:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	455	"has_slots (object_clean obj cmp) = has_slots obj"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	456	by (clarsimp simp: object_clean_def has_slots_object_clean_slots has_slots_object_clean_fields)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	457
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	458	lemma object_slots_update_slots_object_clean_fields [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	459	"object_slots (update_slots slots (object_clean_fields obj cmp)) = object_slots (update_slots slots obj)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	460	apply (case_tac "has_slots obj")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	461	apply (clarsimp simp: has_slots_object_clean_fields)+
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	462	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	463
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	464	lemma object_clean_fields_update_slots [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	465	"object_clean_fields (update_slots slots obj) cmp = update_slots slots (object_clean_fields obj cmp)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	466	by (clarsimp simp: object_clean_fields_def update_slots_def split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	467
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	468	lemma object_clean_fields_twice [simp]:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	469	"(object_clean_fields (object_clean_fields obj cmp') cmp) = object_clean_fields obj (cmp \<inter> cmp')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	470	by (clarsimp simp: object_clean_fields_def split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	471
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	472	lemma update_slots_object_clean_fields:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	473	"\<lbrakk>None \<notin> cmps; None \<notin> cmps'; object_type obj = object_type obj'\<rbrakk>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	474	\<Longrightarrow> update_slots slots (object_clean_fields obj cmps) =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	475	update_slots slots (object_clean_fields obj' cmps')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	476	by (fastforce simp: update_slots_def object_clean_fields_def object_type_def split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	477
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	478	lemma object_clean_fields_no_slots:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	479	"\<lbrakk>None \<notin> cmps; None \<notin> cmps'; object_type obj = object_type obj'; \<not> has_slots obj; \<not> has_slots obj'\<rbrakk>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	480	\<Longrightarrow> object_clean_fields obj cmps = object_clean_fields obj' cmps'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	481	by (fastforce simp: object_clean_fields_def object_type_def has_slots_def split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	482
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	483	lemma update_slots_object_clean:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	484	"\<lbrakk>None \<notin> cmps; None \<notin> cmps'; object_type obj = object_type obj'\<rbrakk>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	485	\<Longrightarrow> update_slots slots (object_clean obj cmps) = update_slots slots (object_clean obj' cmps')"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	486	apply (clarsimp simp: object_clean_def object_clean_slots_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	487	apply (erule (2) update_slots_object_clean_fields)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	488	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	489
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	490	lemma cdl_heap_add_assoc':
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	491	"\<forall>obj_id. not_conflicting_objects x z obj_id \<and>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	492	not_conflicting_objects y z obj_id \<and>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	493	not_conflicting_objects x z obj_id \<Longrightarrow>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	494	cdl_heap_add (SepState (cdl_heap_add x y) (cdl_ghost_state_add x y)) z =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	495	cdl_heap_add x (SepState (cdl_heap_add y z) (cdl_ghost_state_add y z))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	496	apply (rule ext)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	497	apply (rename_tac obj_id)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	498	apply (erule_tac x=obj_id in allE)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	499	apply (clarsimp simp: cdl_heap_add_def cdl_ghost_state_add_def not_conflicting_objects_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	500	apply (simp add: Let_unfold split: option.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	501	apply (rename_tac obj_y obj_x obj_z)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	502	apply (clarsimp simp: object_add_def clean_slots_def object_clean_def object_clean_slots_def Let_unfold)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	503	apply (case_tac "has_slots obj_z")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	504	apply (subgoal_tac "has_slots obj_y")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	505	apply (subgoal_tac "has_slots obj_x")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	506	apply ((clarsimp simp: has_slots_object_clean_fields has_slots_object_clean_slots has_slots_object_clean
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	507	map_add_restrict union_intersection \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	508	drule inter_empty_not_both \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	509	erule update_slots_object_clean_fields \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	510	erule object_type_has_slots, simp \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	511	simp \| safe)+)[3]
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	512	apply (subgoal_tac "\<not> has_slots obj_y")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	513	apply (subgoal_tac "\<not> has_slots obj_x")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	514	apply ((clarsimp simp: has_slots_object_clean_fields has_slots_object_clean_slots has_slots_object_clean
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	515	map_add_restrict union_intersection \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	516	drule inter_empty_not_both \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	517	erule object_clean_fields_no_slots \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	518	erule object_type_has_slots, simp \|
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	519	simp \| safe)+)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	520	apply (fastforce simp: object_type_has_slots)+
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	521	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	522
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	523	lemma cdl_heap_add_assoc:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	524	"\<lbrakk>sep_state_disj x y; sep_state_disj y z; sep_state_disj x z\<rbrakk>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	525	\<Longrightarrow> cdl_heap_add (SepState (cdl_heap_add x y) (cdl_ghost_state_add x y)) z =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	526	cdl_heap_add x (SepState (cdl_heap_add y z) (cdl_ghost_state_add y z))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	527	apply (clarsimp simp: sep_state_disj_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	528	apply (cut_tac cdl_heap_add_assoc')
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	529	apply fast
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	530	apply fastforce
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	531	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	532
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	533	lemma cdl_ghost_state_add_assoc:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	534	"cdl_ghost_state_add (SepState (cdl_heap_add x y) (cdl_ghost_state_add x y)) z =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	535	cdl_ghost_state_add x (SepState (cdl_heap_add y z) (cdl_ghost_state_add y z))"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	536	apply (rule ext)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	537	apply (fastforce simp: cdl_heap_add_def cdl_ghost_state_add_def Let_unfold)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	538	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	539
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	540	lemma clean_slots_map_add_comm:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	541	"cmps_a \<inter> cmps_b = {}
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	542	\<Longrightarrow> clean_slots slots_a cmps_a ++ clean_slots slots_b cmps_b =
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	543	clean_slots slots_b cmps_b ++ clean_slots slots_a cmps_a"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	544	apply (clarsimp simp: clean_slots_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	545	apply (drule the_set_inter_empty)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	546	apply (erule map_add_restrict_comm)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	547	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	548
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	549	lemma object_clean_all:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	550	"object_type obj_a = object_type obj_b \<Longrightarrow> object_clean obj_b {} = object_clean obj_a {}"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	551	apply (clarsimp simp: object_clean_def object_clean_slots_def clean_slots_def the_set_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	552	apply (rule_tac cmps'1="{}" and obj'1="obj_a" in trans [OF update_slots_object_clean_fields], fastforce+)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	553	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	554
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	555	lemma object_add_comm:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	556	"\<lbrakk>object_type obj_a = object_type obj_b; cmps_a \<inter> cmps_b = {}\<rbrakk>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	557	\<Longrightarrow> object_add obj_a obj_b cmps_a cmps_b = object_add obj_b obj_a cmps_b cmps_a"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	558	apply (clarsimp simp: object_add_def Let_unfold)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	559	apply (rule conjI \| clarsimp)+
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	560	apply fastforce
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	561	apply (rule conjI \| clarsimp)+
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	562	apply (drule_tac slots_a = "object_slots obj_a" and slots_b = "object_slots obj_b" in clean_slots_map_add_comm)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	563	apply fastforce
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	564	apply (rule conjI \| clarsimp)+
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	565	apply (drule_tac slots_a = "object_slots obj_a" and slots_b = "object_slots obj_b" in clean_slots_map_add_comm)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	566	apply fastforce
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	567	apply (rule conjI \| clarsimp)+
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	568	apply (erule object_clean_all)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	569	apply (clarsimp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	570	apply (rule_tac cmps'1=cmps_b and obj'1=obj_b in trans [OF update_slots_object_clean], assumption+)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	571	apply (drule_tac slots_a = "object_slots obj_a" and slots_b = "object_slots obj_b" in clean_slots_map_add_comm)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	572	apply fastforce
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	573	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	574
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	575	lemma sep_state_add_comm:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	576	"sep_state_disj x y \<Longrightarrow> sep_state_add x y = sep_state_add y x"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	577	apply (clarsimp simp: sep_state_add_def sep_state_disj_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	578	apply (rule conjI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	579	apply (case_tac x, case_tac y, clarsimp)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	580	apply (rename_tac heap_a gs_a heap_b gs_b)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	581	apply (clarsimp simp: cdl_heap_add_def Let_unfold)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	582	apply (rule ext)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	583	apply (case_tac "heap_a obj_id")
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	584	apply (case_tac "heap_b obj_id", simp_all add: slots_of_heap_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	585	apply (case_tac "heap_b obj_id", simp_all add: slots_of_heap_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	586	apply (rename_tac obj_a obj_b)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	587	apply (erule_tac x=obj_id in allE)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	588	apply (rule object_add_comm)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	589	apply (clarsimp simp: not_conflicting_objects_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	590	apply (clarsimp simp: not_conflicting_objects_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	591	apply (rule ext, fastforce simp: cdl_ghost_state_add_def Let_unfold Un_commute)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	592	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	593
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	594	lemma add_to_slots_comm:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	595	"\<lbrakk>object_slots y_obj \<bottom> object_slots z_obj; update_slots empty y_obj = update_slots empty z_obj \<rbrakk>
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	596	\<Longrightarrow> add_to_slots (object_slots z_obj) y_obj = add_to_slots (object_slots y_obj) z_obj"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	597	by (fastforce simp: add_to_slots_def update_slots_def object_slots_def
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	598	cdl_tcb.splits cdl_cnode.splits
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	599	dest!: map_add_com
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	600	split: cdl_object.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	601
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	602	lemma cdl_heap_add_none1:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	603	"cdl_heap_add x y obj_id = None \<Longrightarrow> (sep_heap x) obj_id = None"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	604	by (clarsimp simp: cdl_heap_add_def Let_unfold split:option.splits split_if_asm)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	605
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	606	lemma cdl_heap_add_none2:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	607	"cdl_heap_add x y obj_id = None \<Longrightarrow> (sep_heap y) obj_id = None"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	608	by (clarsimp simp: cdl_heap_add_def Let_unfold split:option.splits split_if_asm)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	609
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	610	lemma object_type_object_addL:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	611	"object_type obj = object_type obj'
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	612	\<Longrightarrow> object_type (object_add obj obj' cmp cmp') = object_type obj"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	613	by (clarsimp simp: object_add_def Let_unfold)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	614
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	615	lemma object_type_object_addR:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	616	"object_type obj = object_type obj'
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	617	\<Longrightarrow> object_type (object_add obj obj' cmp cmp') = object_type obj'"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	618	by (clarsimp simp: object_add_def Let_unfold)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	619
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	620	lemma sep_state_add_disjL:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	621	"\<lbrakk>sep_state_disj y z; sep_state_disj x (sep_state_add y z)\<rbrakk> \<Longrightarrow> sep_state_disj x y"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	622	apply (clarsimp simp: sep_state_disj_def sep_state_add_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	623	apply (rename_tac obj_id)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	624	apply (clarsimp simp: not_conflicting_objects_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	625	apply (erule_tac x=obj_id in allE)+
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	626	apply (fastforce simp: cdl_heap_add_def cdl_ghost_state_add_def object_type_object_addR
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	627	split: option.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	628	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	629
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	630	lemma sep_state_add_disjR:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	631	"\<lbrakk>sep_state_disj y z; sep_state_disj x (sep_state_add y z)\<rbrakk> \<Longrightarrow> sep_state_disj x z"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	632	apply (clarsimp simp: sep_state_disj_def sep_state_add_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	633	apply (rename_tac obj_id)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	634	apply (clarsimp simp: not_conflicting_objects_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	635	apply (erule_tac x=obj_id in allE)+
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	636	apply (fastforce simp: cdl_heap_add_def cdl_ghost_state_add_def object_type_object_addR
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	637	split: option.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	638	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	639
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	640	lemma sep_state_add_disj:
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	641	"\<lbrakk>sep_state_disj y z; sep_state_disj x y; sep_state_disj x z\<rbrakk> \<Longrightarrow> sep_state_disj x (sep_state_add y z)"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	642	apply (clarsimp simp: sep_state_disj_def sep_state_add_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	643	apply (rename_tac obj_id)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	644	apply (clarsimp simp: not_conflicting_objects_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	645	apply (erule_tac x=obj_id in allE)+
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	646	apply (fastforce simp: cdl_heap_add_def cdl_ghost_state_add_def object_type_object_addR
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	647	split: option.splits)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	648	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	649
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	650
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	651
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	652
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	653	(*********************************************)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	654	(* Definition of separation logic for capDL. *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	655	(*********************************************)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	656
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	657	instantiation "sep_state" :: zero
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	658	begin
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	659	definition "0 \<equiv> SepState empty (\<lambda>obj_id. {})"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	660	instance ..
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	661	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	662
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	663	instantiation "sep_state" :: stronger_sep_algebra
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	664	begin
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	665
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	666	definition "(op ##) \<equiv> sep_state_disj"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	667	definition "(op +) \<equiv> sep_state_add"
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	668
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	669
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	670
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	671	(**********************************************
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	672	* The proof that this is a separation logic. *
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	673	**********************************************)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	674
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	675	instance
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	676	apply default
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	677	(* x ## 0 *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	678	apply (simp add: sep_disj_sep_state_def sep_state_disj_def zero_sep_state_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	679	(* x ## y \<Longrightarrow> y ## x *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	680	apply (clarsimp simp: not_conflicting_objects_comm sep_disj_sep_state_def sep_state_disj_def Let_unfold
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	681	map_disj_com not_conflicting_objects_comm Int_commute)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	682	(* x + 0 = x *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	683	apply (simp add: plus_sep_state_def sep_state_add_def zero_sep_state_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	684	apply (case_tac x)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	685	apply (clarsimp simp: cdl_heap_add_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	686	apply (rule ext)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	687	apply (clarsimp simp: cdl_ghost_state_add_def split:split_if_asm)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	688	(* x ## y \<Longrightarrow> x + y = y + x *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	689	apply (clarsimp simp: plus_sep_state_def sep_disj_sep_state_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	690	apply (erule sep_state_add_comm)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	691	(* (x + y) + z = x + (y + z) *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	692	apply (simp add: plus_sep_state_def sep_state_add_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	693	apply (rule conjI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	694	apply (clarsimp simp: sep_disj_sep_state_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	695	apply (erule (2) cdl_heap_add_assoc)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	696	apply (rule cdl_ghost_state_add_assoc)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	697	(* x ## y + z = (x ## y \<and> x ## z) *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	698	apply (clarsimp simp: plus_sep_state_def sep_disj_sep_state_def)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	699	apply (rule iffI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	700	(* x ## y + z \<Longrightarrow> (x ## y \<and> x ## z) *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	701	apply (rule conjI)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	702	(* x ## y + z \<Longrightarrow> (x ## y) *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	703	apply (erule (1) sep_state_add_disjL)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	704	(* x ## y + z \<Longrightarrow> (x ## z) *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	705	apply (erule (1) sep_state_add_disjR)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	706	(* x ## y + z \<Longleftarrow> (x ## y \<and> x ## z) *)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	707	apply clarsimp
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	708	apply (erule (2) sep_state_add_disj)
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	709	done
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	710
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	711	end
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	712
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	713
a5f5b9336007 thys2 added Xingyuan Zhang <xingyuanzhang@126.com> parents: diff changeset	714	end

author	Xingyuan Zhang <xingyuanzhang@126.com>
	Sat, 13 Sep 2014 10:07:14 +0800
changeset 25	a5f5b9336007
permissions	-rw-r--r--