2014-07-14 19:32:44 +00:00
|
|
|
(*
|
2020-03-09 06:18:30 +00:00
|
|
|
* Copyright 2020, Data61, CSIRO (ABN 41 687 119 230)
|
2014-07-14 19:32:44 +00:00
|
|
|
*
|
2020-03-09 06:18:30 +00:00
|
|
|
* SPDX-License-Identifier: GPL-2.0-only
|
2014-07-14 19:32:44 +00:00
|
|
|
*)
|
|
|
|
|
|
|
|
(*
|
|
|
|
* Toplevel capDL refinement theorem.
|
|
|
|
*)
|
|
|
|
|
|
|
|
theory Refine_D
|
|
|
|
imports Syscall_DR
|
|
|
|
begin
|
|
|
|
|
2016-05-01 00:09:19 +00:00
|
|
|
context begin interpretation Arch . (*FIXME: arch_split*)
|
|
|
|
|
2019-06-05 10:18:48 +00:00
|
|
|
text \<open>
|
2017-07-12 05:13:51 +00:00
|
|
|
Toplevel @{text dcorres} theorem.
|
2019-06-05 10:18:48 +00:00
|
|
|
\<close>
|
2014-07-14 19:32:44 +00:00
|
|
|
|
2018-10-13 01:28:22 +00:00
|
|
|
lemma valid_etcbs_sched: "valid_sched s \<longrightarrow> valid_etcbs s" by (fastforce simp: valid_sched_def)
|
2014-07-14 19:32:44 +00:00
|
|
|
|
|
|
|
lemma handle_event_invs_and_valid_sched:
|
2016-11-10 05:39:38 +00:00
|
|
|
"\<lbrace>invs and valid_sched and (\<lambda>s. e \<noteq> Interrupt \<longrightarrow> ct_active s)
|
|
|
|
and (\<lambda>s. scheduler_action s = resume_cur_thread)\<rbrace> Syscall_A.handle_event e
|
2014-07-14 19:32:44 +00:00
|
|
|
\<lbrace>\<lambda>rv. invs and valid_sched\<rbrace>"
|
2018-03-15 03:45:48 +00:00
|
|
|
by ((wp he_invs handle_event_valid_sched), clarsimp)
|
2014-07-14 19:32:44 +00:00
|
|
|
|
|
|
|
lemma dcorres_call_kernel:
|
|
|
|
"dcorres dc \<top>
|
2016-11-10 05:39:38 +00:00
|
|
|
(invs and valid_sched and valid_pdpt_objs
|
|
|
|
and (\<lambda>s. e \<noteq> Interrupt \<longrightarrow> ct_running s)
|
2014-07-14 19:32:44 +00:00
|
|
|
and (\<lambda>s. scheduler_action s = resume_cur_thread))
|
|
|
|
(Syscall_D.call_kernel e) (Syscall_A.call_kernel e)"
|
|
|
|
apply (simp_all add: Syscall_D.call_kernel_def Syscall_A.call_kernel_def)
|
|
|
|
apply (rule corres_guard_imp)
|
2021-02-02 00:03:00 +00:00
|
|
|
apply (rule corres_split_deprecated)
|
2014-07-14 19:32:44 +00:00
|
|
|
prefer 2
|
|
|
|
apply (rule corres_split_handle [OF _ handle_event_corres])
|
|
|
|
prefer 4
|
|
|
|
apply (subst bind_return[symmetric])
|
2021-02-02 00:03:00 +00:00
|
|
|
apply (rule corres_split_deprecated)
|
2014-07-14 19:32:44 +00:00
|
|
|
apply (rule activate_thread_corres[unfolded fun_app_def])
|
|
|
|
apply simp
|
|
|
|
apply (rule schedule_dcorres)
|
|
|
|
apply (wp schedule_valid_sched | strengthen valid_etcbs_sched)+
|
|
|
|
apply (simp add: handle_pending_interrupts_def)
|
2021-02-02 00:03:00 +00:00
|
|
|
apply (rule corres_split_deprecated [OF _ get_active_irq_corres])
|
2014-07-14 19:32:44 +00:00
|
|
|
apply (clarsimp simp: when_def split: option.splits)
|
2020-10-23 02:29:46 +00:00
|
|
|
apply (rule handle_interrupt_corres[simplified dc_def])
|
2014-07-14 19:32:44 +00:00
|
|
|
apply ((wp | simp)+)[3]
|
|
|
|
apply (rule hoare_post_imp_dc2E, rule handle_event_invs_and_valid_sched)
|
|
|
|
apply (clarsimp simp: invs_def valid_state_def)
|
2017-05-31 06:29:12 +00:00
|
|
|
apply (simp add: conj_comms if_apply_def2 non_kernel_IRQs_def
|
2016-11-10 05:39:38 +00:00
|
|
|
| wp | strengthen valid_etcbs_sched valid_idle_invs_strg)+
|
2014-07-23 04:30:30 +00:00
|
|
|
apply (rule valid_validE2)
|
2014-07-14 19:32:44 +00:00
|
|
|
apply (rule hoare_vcg_conj_lift)
|
|
|
|
apply (rule he_invs)
|
|
|
|
apply (rule handle_event_valid_sched)
|
2018-10-13 01:28:22 +00:00
|
|
|
apply (fastforce intro: active_from_running simp: valid_sched_def)+
|
2018-03-14 00:48:48 +00:00
|
|
|
done
|
2014-07-14 19:32:44 +00:00
|
|
|
|
2014-09-05 04:48:22 +00:00
|
|
|
end
|
2016-05-01 00:09:19 +00:00
|
|
|
|
|
|
|
end
|