src/HOL/Bali/Evaln.thy
author wenzelm
Sun Nov 02 18:16:19 2014 +0100 (2014-11-02)
changeset 58887 38db8ddc0f57
parent 58251 b13e5c3497f5
child 58963 26bf09b95dda
permissions -rw-r--r--
modernized header;
wenzelm@12857
     1
(*  Title:      HOL/Bali/Evaln.thy
schirmer@12925
     2
    Author:     David von Oheimb and Norbert Schirmer
schirmer@12854
     3
*)
wenzelm@58887
     4
subsection {* Operational evaluation (big-step) semantics of Java expressions and 
schirmer@12854
     5
          statements
schirmer@12854
     6
*}
schirmer@12854
     7
haftmann@16417
     8
theory Evaln imports TypeSafe begin
schirmer@13688
     9
schirmer@12854
    10
schirmer@12854
    11
text {*
schirmer@13688
    12
Variant of @{term eval} relation with counter for bounded recursive depth. 
schirmer@13688
    13
In principal @{term evaln} could replace @{term eval}.
schirmer@13688
    14
schirmer@13688
    15
Validity of the axiomatic semantics builds on @{term evaln}. 
schirmer@13688
    16
For recursive method calls the axiomatic semantics rule assumes the method ok 
schirmer@13688
    17
to derive a proof for the body. To prove the method rule sound we need to 
schirmer@13688
    18
perform induction on the recursion depth. 
schirmer@13688
    19
For the completeness proof of the axiomatic semantics the notion of the most
schirmer@13688
    20
general formula is used. The most general formula right now builds on the 
schirmer@13688
    21
ordinary evaluation relation @{term eval}. 
schirmer@13688
    22
So sometimes we have to switch between @{term evaln} and @{term eval} and vice 
schirmer@13688
    23
versa. To make
schirmer@13688
    24
this switch easy @{term evaln} also does all the technical accessibility tests 
schirmer@13688
    25
@{term check_field_access} and @{term check_method_access} like @{term eval}. 
schirmer@13688
    26
If it would omit them @{term evaln} and @{term eval} would only be equivalent 
schirmer@13688
    27
for welltyped, and definitely assigned terms.
schirmer@12854
    28
*}
schirmer@12854
    29
berghofe@23747
    30
inductive
wenzelm@32960
    31
  evaln :: "[prog, state, term, nat, vals, state] \<Rightarrow> bool"
berghofe@21765
    32
    ("_\<turnstile>_ \<midarrow>_\<succ>\<midarrow>_\<rightarrow> '(_, _')" [61,61,80,61,0,0] 60)
berghofe@21765
    33
  and evarn :: "[prog, state, var, vvar, nat, state] \<Rightarrow> bool"
berghofe@21765
    34
    ("_\<turnstile>_ \<midarrow>_=\<succ>_\<midarrow>_\<rightarrow> _" [61,61,90,61,61,61] 60)
berghofe@21765
    35
  and eval_n:: "[prog, state, expr, val, nat, state] \<Rightarrow> bool"
berghofe@21765
    36
    ("_\<turnstile>_ \<midarrow>_-\<succ>_\<midarrow>_\<rightarrow> _" [61,61,80,61,61,61] 60)
berghofe@21765
    37
  and evalsn :: "[prog, state, expr list, val  list, nat, state] \<Rightarrow> bool"
berghofe@21765
    38
    ("_\<turnstile>_ \<midarrow>_\<doteq>\<succ>_\<midarrow>_\<rightarrow> _" [61,61,61,61,61,61] 60)
wenzelm@32960
    39
  and execn     :: "[prog, state, stmt, nat, state] \<Rightarrow> bool"
berghofe@21765
    40
    ("_\<turnstile>_ \<midarrow>_\<midarrow>_\<rightarrow> _"     [61,61,65,   61,61] 60)
berghofe@21765
    41
  for G :: prog
berghofe@21765
    42
where
schirmer@12854
    43
berghofe@21765
    44
  "G\<turnstile>s \<midarrow>c     \<midarrow>n\<rightarrow>    s' \<equiv> G\<turnstile>s \<midarrow>In1r  c\<succ>\<midarrow>n\<rightarrow> (\<diamondsuit>    ,  s')"
berghofe@21765
    45
| "G\<turnstile>s \<midarrow>e-\<succ>v  \<midarrow>n\<rightarrow>    s' \<equiv> G\<turnstile>s \<midarrow>In1l e\<succ>\<midarrow>n\<rightarrow> (In1 v ,  s')"
berghofe@21765
    46
| "G\<turnstile>s \<midarrow>e=\<succ>vf \<midarrow>n\<rightarrow>    s' \<equiv> G\<turnstile>s \<midarrow>In2  e\<succ>\<midarrow>n\<rightarrow> (In2 vf,  s')"
berghofe@21765
    47
| "G\<turnstile>s \<midarrow>e\<doteq>\<succ>v  \<midarrow>n\<rightarrow>    s' \<equiv> G\<turnstile>s \<midarrow>In3  e\<succ>\<midarrow>n\<rightarrow> (In3 v ,  s')"
schirmer@12854
    48
schirmer@13688
    49
--{* propagation of abrupt completion *}
schirmer@12854
    50
haftmann@28524
    51
| Abrupt:   "G\<turnstile>(Some xc,s) \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (undefined3 t,(Some xc,s))"
schirmer@12854
    52
schirmer@12854
    53
schirmer@13688
    54
--{* evaluation of variables *}
schirmer@12854
    55
wenzelm@32960
    56
| LVar: "G\<turnstile>Norm s \<midarrow>LVar vn=\<succ>lvar vn s\<midarrow>n\<rightarrow> Norm s"
schirmer@12854
    57
wenzelm@32960
    58
| FVar: "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>Init statDeclC\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>e-\<succ>a\<midarrow>n\<rightarrow> s2;
wenzelm@32960
    59
          (v,s2') = fvar statDeclC stat fn a s2;
schirmer@13688
    60
          s3 = check_field_access G accC statDeclC fn stat a s2'\<rbrakk> \<Longrightarrow>
wenzelm@32960
    61
          G\<turnstile>Norm s0 \<midarrow>{accC,statDeclC,stat}e..fn=\<succ>v\<midarrow>n\<rightarrow> s3"
schirmer@12854
    62
wenzelm@32960
    63
| AVar: "\<lbrakk>G\<turnstile> Norm s0 \<midarrow>e1-\<succ>a\<midarrow>n\<rightarrow> s1 ; G\<turnstile>s1 \<midarrow>e2-\<succ>i\<midarrow>n\<rightarrow> s2; 
wenzelm@32960
    64
          (v,s2') = avar G i a s2\<rbrakk> \<Longrightarrow>
wenzelm@32960
    65
                      G\<turnstile>Norm s0 \<midarrow>e1.[e2]=\<succ>v\<midarrow>n\<rightarrow> s2'"
schirmer@12854
    66
schirmer@12854
    67
schirmer@12854
    68
schirmer@12854
    69
schirmer@13688
    70
--{* evaluation of expressions *}
schirmer@12854
    71
wenzelm@32960
    72
| NewC: "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>Init C\<midarrow>n\<rightarrow> s1;
wenzelm@32960
    73
          G\<turnstile>     s1 \<midarrow>halloc (CInst C)\<succ>a\<rightarrow> s2\<rbrakk> \<Longrightarrow>
wenzelm@32960
    74
                                  G\<turnstile>Norm s0 \<midarrow>NewC C-\<succ>Addr a\<midarrow>n\<rightarrow> s2"
schirmer@12854
    75
wenzelm@32960
    76
| NewA: "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>init_comp_ty T\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>e-\<succ>i'\<midarrow>n\<rightarrow> s2; 
wenzelm@32960
    77
          G\<turnstile>abupd (check_neg i') s2 \<midarrow>halloc (Arr T (the_Intg i'))\<succ>a\<rightarrow> s3\<rbrakk> \<Longrightarrow>
wenzelm@32960
    78
                                G\<turnstile>Norm s0 \<midarrow>New T[e]-\<succ>Addr a\<midarrow>n\<rightarrow> s3"
schirmer@12854
    79
wenzelm@32960
    80
| Cast: "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1;
wenzelm@32960
    81
          s2 = abupd (raise_if (\<not>G,snd s1\<turnstile>v fits T) ClassCast) s1\<rbrakk> \<Longrightarrow>
wenzelm@32960
    82
                                G\<turnstile>Norm s0 \<midarrow>Cast T e-\<succ>v\<midarrow>n\<rightarrow> s2"
schirmer@12854
    83
wenzelm@32960
    84
| Inst: "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1;
wenzelm@32960
    85
          b = (v\<noteq>Null \<and> G,store s1\<turnstile>v fits RefT T)\<rbrakk> \<Longrightarrow>
wenzelm@32960
    86
                              G\<turnstile>Norm s0 \<midarrow>e InstOf T-\<succ>Bool b\<midarrow>n\<rightarrow> s1"
schirmer@12854
    87
wenzelm@32960
    88
| Lit:                     "G\<turnstile>Norm s \<midarrow>Lit v-\<succ>v\<midarrow>n\<rightarrow> Norm s"
schirmer@12854
    89
berghofe@21765
    90
| UnOp: "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1\<rbrakk> 
schirmer@13337
    91
         \<Longrightarrow> G\<turnstile>Norm s0 \<midarrow>UnOp unop e-\<succ>(eval_unop unop v)\<midarrow>n\<rightarrow> s1"
schirmer@13337
    92
berghofe@21765
    93
| BinOp: "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e1-\<succ>v1\<midarrow>n\<rightarrow> s1; 
schirmer@13384
    94
           G\<turnstile>s1 \<midarrow>(if need_second_arg binop v1 then (In1l e2) else (In1r Skip))
schirmer@13384
    95
            \<succ>\<midarrow>n\<rightarrow> (In1 v2,s2)\<rbrakk> 
schirmer@13337
    96
         \<Longrightarrow> G\<turnstile>Norm s0 \<midarrow>BinOp binop e1 e2-\<succ>(eval_binop binop v1 v2)\<midarrow>n\<rightarrow> s2"
schirmer@13337
    97
wenzelm@32960
    98
| Super:                   "G\<turnstile>Norm s \<midarrow>Super-\<succ>val_this s\<midarrow>n\<rightarrow> Norm s"
schirmer@12854
    99
wenzelm@32960
   100
| Acc:  "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>va=\<succ>(v,f)\<midarrow>n\<rightarrow> s1\<rbrakk> \<Longrightarrow>
wenzelm@32960
   101
                                  G\<turnstile>Norm s0 \<midarrow>Acc va-\<succ>v\<midarrow>n\<rightarrow> s1"
schirmer@12854
   102
wenzelm@32960
   103
| Ass:  "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>va=\<succ>(w,f)\<midarrow>n\<rightarrow> s1;
schirmer@12854
   104
          G\<turnstile>     s1 \<midarrow>e-\<succ>v     \<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow>
wenzelm@32960
   105
                                   G\<turnstile>Norm s0 \<midarrow>va:=e-\<succ>v\<midarrow>n\<rightarrow> assign f v s2"
schirmer@12854
   106
wenzelm@32960
   107
| Cond: "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e0-\<succ>b\<midarrow>n\<rightarrow> s1;
schirmer@12854
   108
          G\<turnstile>     s1 \<midarrow>(if the_Bool b then e1 else e2)-\<succ>v\<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow>
wenzelm@32960
   109
                            G\<turnstile>Norm s0 \<midarrow>e0 ? e1 : e2-\<succ>v\<midarrow>n\<rightarrow> s2"
schirmer@12854
   110
wenzelm@32960
   111
| Call: 
schirmer@12854
   112
  "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>a'\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>args\<doteq>\<succ>vs\<midarrow>n\<rightarrow> s2;
schirmer@12854
   113
    D = invocation_declclass G mode (store s2) a' statT \<lparr>name=mn,parTs=pTs\<rparr>; 
schirmer@13688
   114
    s3=init_lvars G D \<lparr>name=mn,parTs=pTs\<rparr> mode a' vs s2;
schirmer@13688
   115
    s3' = check_method_access G accC statT mode \<lparr>name=mn,parTs=pTs\<rparr> a' s3;
schirmer@13688
   116
    G\<turnstile>s3'\<midarrow>Methd D \<lparr>name=mn,parTs=pTs\<rparr>-\<succ>v\<midarrow>n\<rightarrow> s4
schirmer@13688
   117
   \<rbrakk>
schirmer@12925
   118
   \<Longrightarrow> 
schirmer@13688
   119
    G\<turnstile>Norm s0 \<midarrow>{accC,statT,mode}e\<cdot>mn({pTs}args)-\<succ>v\<midarrow>n\<rightarrow> (restore_lvars s2 s4)"
schirmer@12854
   120
berghofe@21765
   121
| Methd:"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>body G D sig-\<succ>v\<midarrow>n\<rightarrow> s1\<rbrakk> \<Longrightarrow>
wenzelm@32960
   122
                                G\<turnstile>Norm s0 \<midarrow>Methd D sig-\<succ>v\<midarrow>Suc n\<rightarrow> s1"
schirmer@12854
   123
wenzelm@32960
   124
| Body: "\<lbrakk>G\<turnstile>Norm s0\<midarrow>Init D\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>c\<midarrow>n\<rightarrow> s2;
schirmer@13688
   125
          s3 = (if (\<exists> l. abrupt s2 = Some (Jump (Break l)) \<or>  
schirmer@13688
   126
                         abrupt s2 = Some (Jump (Cont l)))
schirmer@13688
   127
                  then abupd (\<lambda> x. Some (Error CrossMethodJump)) s2 
schirmer@13688
   128
                  else s2)\<rbrakk>\<Longrightarrow>
schirmer@13337
   129
         G\<turnstile>Norm s0 \<midarrow>Body D c
schirmer@13688
   130
          -\<succ>the (locals (store s2) Result)\<midarrow>n\<rightarrow>abupd (absorb Ret) s3"
schirmer@12854
   131
schirmer@13688
   132
--{* evaluation of expression lists *}
schirmer@12854
   133
berghofe@21765
   134
| Nil:
wenzelm@32960
   135
                                "G\<turnstile>Norm s0 \<midarrow>[]\<doteq>\<succ>[]\<midarrow>n\<rightarrow> Norm s0"
schirmer@12854
   136
wenzelm@32960
   137
| Cons: "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e -\<succ> v \<midarrow>n\<rightarrow> s1;
schirmer@12854
   138
          G\<turnstile>     s1 \<midarrow>es\<doteq>\<succ>vs\<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow>
wenzelm@32960
   139
                             G\<turnstile>Norm s0 \<midarrow>e#es\<doteq>\<succ>v#vs\<midarrow>n\<rightarrow> s2"
schirmer@12854
   140
schirmer@12854
   141
schirmer@13688
   142
--{* execution of statements *}
schirmer@12854
   143
wenzelm@32960
   144
| Skip:                             "G\<turnstile>Norm s \<midarrow>Skip\<midarrow>n\<rightarrow> Norm s"
schirmer@12854
   145
wenzelm@32960
   146
| Expr: "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1\<rbrakk> \<Longrightarrow>
wenzelm@32960
   147
                                  G\<turnstile>Norm s0 \<midarrow>Expr e\<midarrow>n\<rightarrow> s1"
schirmer@12854
   148
berghofe@21765
   149
| Lab:  "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>c \<midarrow>n\<rightarrow> s1\<rbrakk> \<Longrightarrow>
schirmer@13337
   150
                             G\<turnstile>Norm s0 \<midarrow>l\<bullet> c\<midarrow>n\<rightarrow> abupd (absorb l) s1"
schirmer@12854
   151
wenzelm@32960
   152
| Comp: "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>c1 \<midarrow>n\<rightarrow> s1;
wenzelm@32960
   153
          G\<turnstile>     s1 \<midarrow>c2 \<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow>
wenzelm@32960
   154
                                 G\<turnstile>Norm s0 \<midarrow>c1;; c2\<midarrow>n\<rightarrow> s2"
schirmer@12854
   155
wenzelm@32960
   156
| If:   "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>b\<midarrow>n\<rightarrow> s1;
wenzelm@32960
   157
          G\<turnstile>     s1\<midarrow>(if the_Bool b then c1 else c2)\<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow>
wenzelm@32960
   158
                       G\<turnstile>Norm s0 \<midarrow>If(e) c1 Else c2 \<midarrow>n\<rightarrow> s2"
schirmer@12854
   159
wenzelm@32960
   160
| Loop: "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>b\<midarrow>n\<rightarrow> s1;
wenzelm@32960
   161
          if the_Bool b 
schirmer@12854
   162
             then (G\<turnstile>s1 \<midarrow>c\<midarrow>n\<rightarrow> s2 \<and> 
schirmer@12854
   163
                   G\<turnstile>(abupd (absorb (Cont l)) s2) \<midarrow>l\<bullet> While(e) c\<midarrow>n\<rightarrow> s3)
wenzelm@32960
   164
             else s3 = s1\<rbrakk> \<Longrightarrow>
wenzelm@32960
   165
                              G\<turnstile>Norm s0 \<midarrow>l\<bullet> While(e) c\<midarrow>n\<rightarrow> s3"
schirmer@12854
   166
  
berghofe@21765
   167
| Jmp: "G\<turnstile>Norm s \<midarrow>Jmp j\<midarrow>n\<rightarrow> (Some (Jump j), s)"
schirmer@12854
   168
  
berghofe@21765
   169
| Throw:"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>a'\<midarrow>n\<rightarrow> s1\<rbrakk> \<Longrightarrow>
wenzelm@32960
   170
                                 G\<turnstile>Norm s0 \<midarrow>Throw e\<midarrow>n\<rightarrow> abupd (throw a') s1"
schirmer@12854
   171
wenzelm@32960
   172
| Try:  "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>c1\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>sxalloc\<rightarrow> s2;
wenzelm@32960
   173
          if G,s2\<turnstile>catch tn then G\<turnstile>new_xcpt_var vn s2 \<midarrow>c2\<midarrow>n\<rightarrow> s3 else s3 = s2\<rbrakk>
schirmer@12854
   174
          \<Longrightarrow>
wenzelm@32960
   175
                  G\<turnstile>Norm s0 \<midarrow>Try c1 Catch(tn vn) c2\<midarrow>n\<rightarrow> s3"
schirmer@12854
   176
wenzelm@32960
   177
| Fin:  "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>c1\<midarrow>n\<rightarrow> (x1,s1);
wenzelm@32960
   178
          G\<turnstile>Norm s1 \<midarrow>c2\<midarrow>n\<rightarrow> s2;
schirmer@13688
   179
          s3=(if (\<exists> err. x1=Some (Error err)) 
schirmer@13688
   180
              then (x1,s1) 
schirmer@13688
   181
              else abupd (abrupt_if (x1\<noteq>None) x1) s2)\<rbrakk> \<Longrightarrow>
schirmer@13688
   182
              G\<turnstile>Norm s0 \<midarrow>c1 Finally c2\<midarrow>n\<rightarrow> s3"
schirmer@12854
   183
  
wenzelm@32960
   184
| Init: "\<lbrakk>the (class G C) = c;
wenzelm@32960
   185
          if inited C (globs s0) then s3 = Norm s0
wenzelm@32960
   186
          else (G\<turnstile>Norm (init_class_obj G C s0)
wenzelm@32960
   187
                  \<midarrow>(if C = Object then Skip else Init (super c))\<midarrow>n\<rightarrow> s1 \<and>
wenzelm@32960
   188
                G\<turnstile>set_lvars empty s1 \<midarrow>init c\<midarrow>n\<rightarrow> s2 \<and> 
schirmer@12854
   189
                s3 = restore_lvars s1 s2)\<rbrakk>
schirmer@12854
   190
          \<Longrightarrow>
wenzelm@32960
   191
                 G\<turnstile>Norm s0 \<midarrow>Init C\<midarrow>n\<rightarrow> s3"
schirmer@12854
   192
monos
haftmann@22218
   193
  if_bool_eq_conj
schirmer@12854
   194
schirmer@12854
   195
schirmer@12854
   196
declare split_if     [split del] split_if_asm     [split del]
schirmer@12854
   197
        option.split [split del] option.split_asm [split del]
schirmer@13688
   198
        not_None_eq [simp del] 
schirmer@13688
   199
        split_paired_All [simp del] split_paired_Ex [simp del]
wenzelm@51717
   200
setup {* map_theory_simpset (fn ctxt => ctxt delloop "split_all_tac") *}
wenzelm@24019
   201
berghofe@23747
   202
inductive_cases evaln_cases: "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v, s')"
schirmer@12854
   203
berghofe@23747
   204
inductive_cases evaln_elim_cases:
wenzelm@32960
   205
        "G\<turnstile>(Some xc, s) \<midarrow>t                        \<succ>\<midarrow>n\<rightarrow> (v, s')"
wenzelm@32960
   206
        "G\<turnstile>Norm s \<midarrow>In1r Skip                      \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   207
        "G\<turnstile>Norm s \<midarrow>In1r (Jmp j)                   \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   208
        "G\<turnstile>Norm s \<midarrow>In1r (l\<bullet> c)                    \<succ>\<midarrow>n\<rightarrow> (x, s')"
wenzelm@32960
   209
        "G\<turnstile>Norm s \<midarrow>In3  ([])                      \<succ>\<midarrow>n\<rightarrow> (v, s')"
wenzelm@32960
   210
        "G\<turnstile>Norm s \<midarrow>In3  (e#es)                    \<succ>\<midarrow>n\<rightarrow> (v, s')"
wenzelm@32960
   211
        "G\<turnstile>Norm s \<midarrow>In1l (Lit w)                   \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   212
        "G\<turnstile>Norm s \<midarrow>In1l (UnOp unop e)             \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   213
        "G\<turnstile>Norm s \<midarrow>In1l (BinOp binop e1 e2)       \<succ>\<midarrow>n\<rightarrow> (v, s')"
wenzelm@32960
   214
        "G\<turnstile>Norm s \<midarrow>In2  (LVar vn)                 \<succ>\<midarrow>n\<rightarrow> (v, s')"
wenzelm@32960
   215
        "G\<turnstile>Norm s \<midarrow>In1l (Cast T e)                \<succ>\<midarrow>n\<rightarrow> (v, s')"
wenzelm@32960
   216
        "G\<turnstile>Norm s \<midarrow>In1l (e InstOf T)              \<succ>\<midarrow>n\<rightarrow> (v, s')"
wenzelm@32960
   217
        "G\<turnstile>Norm s \<midarrow>In1l (Super)                   \<succ>\<midarrow>n\<rightarrow> (v, s')"
wenzelm@32960
   218
        "G\<turnstile>Norm s \<midarrow>In1l (Acc va)                  \<succ>\<midarrow>n\<rightarrow> (v, s')"
wenzelm@32960
   219
        "G\<turnstile>Norm s \<midarrow>In1r (Expr e)                  \<succ>\<midarrow>n\<rightarrow> (x, s')"
wenzelm@32960
   220
        "G\<turnstile>Norm s \<midarrow>In1r (c1;; c2)                 \<succ>\<midarrow>n\<rightarrow> (x, s')"
wenzelm@32960
   221
        "G\<turnstile>Norm s \<midarrow>In1l (Methd C sig)             \<succ>\<midarrow>n\<rightarrow> (x, s')"
wenzelm@32960
   222
        "G\<turnstile>Norm s \<midarrow>In1l (Body D c)                \<succ>\<midarrow>n\<rightarrow> (x, s')"
wenzelm@32960
   223
        "G\<turnstile>Norm s \<midarrow>In1l (e0 ? e1 : e2)            \<succ>\<midarrow>n\<rightarrow> (v, s')"
wenzelm@32960
   224
        "G\<turnstile>Norm s \<midarrow>In1r (If(e) c1 Else c2)        \<succ>\<midarrow>n\<rightarrow> (x, s')"
wenzelm@32960
   225
        "G\<turnstile>Norm s \<midarrow>In1r (l\<bullet> While(e) c)           \<succ>\<midarrow>n\<rightarrow> (x, s')"
wenzelm@32960
   226
        "G\<turnstile>Norm s \<midarrow>In1r (c1 Finally c2)           \<succ>\<midarrow>n\<rightarrow> (x, s')"
wenzelm@32960
   227
        "G\<turnstile>Norm s \<midarrow>In1r (Throw e)                 \<succ>\<midarrow>n\<rightarrow> (x, s')"
wenzelm@32960
   228
        "G\<turnstile>Norm s \<midarrow>In1l (NewC C)                  \<succ>\<midarrow>n\<rightarrow> (v, s')"
wenzelm@32960
   229
        "G\<turnstile>Norm s \<midarrow>In1l (New T[e])                \<succ>\<midarrow>n\<rightarrow> (v, s')"
wenzelm@32960
   230
        "G\<turnstile>Norm s \<midarrow>In1l (Ass va e)                \<succ>\<midarrow>n\<rightarrow> (v, s')"
wenzelm@32960
   231
        "G\<turnstile>Norm s \<midarrow>In1r (Try c1 Catch(tn vn) c2)  \<succ>\<midarrow>n\<rightarrow> (x, s')"
wenzelm@32960
   232
        "G\<turnstile>Norm s \<midarrow>In2  ({accC,statDeclC,stat}e..fn) \<succ>\<midarrow>n\<rightarrow> (v, s')"
wenzelm@32960
   233
        "G\<turnstile>Norm s \<midarrow>In2  (e1.[e2])                 \<succ>\<midarrow>n\<rightarrow> (v, s')"
wenzelm@32960
   234
        "G\<turnstile>Norm s \<midarrow>In1l ({accC,statT,mode}e\<cdot>mn({pT}p)) \<succ>\<midarrow>n\<rightarrow> (v, s')"
wenzelm@32960
   235
        "G\<turnstile>Norm s \<midarrow>In1r (Init C)                  \<succ>\<midarrow>n\<rightarrow> (x, s')"
schirmer@13688
   236
schirmer@12854
   237
declare split_if     [split] split_if_asm     [split] 
schirmer@12854
   238
        option.split [split] option.split_asm [split]
schirmer@13688
   239
        not_None_eq [simp] 
schirmer@13688
   240
        split_paired_All [simp] split_paired_Ex [simp]
wenzelm@52037
   241
declaration {* K (Simplifier.map_ss (fn ss => ss addloop ("split_all_tac", split_all_tac))) *}
wenzelm@24019
   242
schirmer@12854
   243
lemma evaln_Inj_elim: "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (w,s') \<Longrightarrow> case t of In1 ec \<Rightarrow>  
schirmer@12854
   244
  (case ec of Inl e \<Rightarrow> (\<exists>v. w = In1 v) | Inr c \<Rightarrow> w = \<diamondsuit>)  
schirmer@12854
   245
  | In2 e \<Rightarrow> (\<exists>v. w = In2 v) | In3 e \<Rightarrow> (\<exists>v. w = In3 v)"
schirmer@12854
   246
apply (erule evaln_cases , auto)
schirmer@12854
   247
apply (induct_tac "t")
blanchet@58251
   248
apply   (rename_tac a, induct_tac "a")
schirmer@12854
   249
apply auto
schirmer@12854
   250
done
schirmer@12854
   251
schirmer@13688
   252
text {* The following simplification procedures set up the proper injections of
schirmer@13688
   253
 terms and their corresponding values in the evaluation relation:
schirmer@13688
   254
 E.g. an expression 
schirmer@13688
   255
 (injection @{term In1l} into terms) always evaluates to ordinary values 
schirmer@13688
   256
 (injection @{term In1} into generalised values @{term vals}). 
schirmer@13688
   257
*}
schirmer@13688
   258
berghofe@21765
   259
lemma evaln_expr_eq: "G\<turnstile>s \<midarrow>In1l t\<succ>\<midarrow>n\<rightarrow> (w, s') = (\<exists>v. w=In1 v \<and> G\<turnstile>s \<midarrow>t-\<succ>v \<midarrow>n\<rightarrow> s')"
berghofe@21765
   260
  by (auto, frule evaln_Inj_elim, auto)
berghofe@21765
   261
berghofe@21765
   262
lemma evaln_var_eq: "G\<turnstile>s \<midarrow>In2 t\<succ>\<midarrow>n\<rightarrow> (w, s') = (\<exists>vf. w=In2 vf \<and> G\<turnstile>s \<midarrow>t=\<succ>vf\<midarrow>n\<rightarrow> s')"
berghofe@21765
   263
  by (auto, frule evaln_Inj_elim, auto)
berghofe@21765
   264
berghofe@21765
   265
lemma evaln_exprs_eq: "G\<turnstile>s \<midarrow>In3 t\<succ>\<midarrow>n\<rightarrow> (w, s') = (\<exists>vs. w=In3 vs \<and> G\<turnstile>s \<midarrow>t\<doteq>\<succ>vs\<midarrow>n\<rightarrow> s')"
berghofe@21765
   266
  by (auto, frule evaln_Inj_elim, auto)
berghofe@21765
   267
berghofe@21765
   268
lemma evaln_stmt_eq: "G\<turnstile>s \<midarrow>In1r t\<succ>\<midarrow>n\<rightarrow> (w, s') = (w=\<diamondsuit> \<and> G\<turnstile>s \<midarrow>t \<midarrow>n\<rightarrow> s')"
berghofe@21765
   269
  by (auto, frule evaln_Inj_elim, auto, frule evaln_Inj_elim, auto)
berghofe@21765
   270
wenzelm@24019
   271
simproc_setup evaln_expr ("G\<turnstile>s \<midarrow>In1l t\<succ>\<midarrow>n\<rightarrow> (w, s')") = {*
wenzelm@24019
   272
  fn _ => fn _ => fn ct =>
wenzelm@24019
   273
    (case Thm.term_of ct of
wenzelm@24019
   274
      (_ $ _ $ _ $ _ $ _ $ (Const _ $ _) $ _) => NONE
wenzelm@24019
   275
    | _ => SOME (mk_meta_eq @{thm evaln_expr_eq})) *}
wenzelm@24019
   276
wenzelm@24019
   277
simproc_setup evaln_var ("G\<turnstile>s \<midarrow>In2 t\<succ>\<midarrow>n\<rightarrow> (w, s')") = {*
wenzelm@24019
   278
  fn _ => fn _ => fn ct =>
wenzelm@24019
   279
    (case Thm.term_of ct of
wenzelm@24019
   280
      (_ $ _ $ _ $ _ $ _ $ (Const _ $ _) $ _) => NONE
wenzelm@24019
   281
    | _ => SOME (mk_meta_eq @{thm evaln_var_eq})) *}
schirmer@12854
   282
wenzelm@24019
   283
simproc_setup evaln_exprs ("G\<turnstile>s \<midarrow>In3 t\<succ>\<midarrow>n\<rightarrow> (w, s')") = {*
wenzelm@24019
   284
  fn _ => fn _ => fn ct =>
wenzelm@24019
   285
    (case Thm.term_of ct of
wenzelm@24019
   286
      (_ $ _ $ _ $ _ $ _ $ (Const _ $ _) $ _) => NONE
wenzelm@24019
   287
    | _ => SOME (mk_meta_eq @{thm evaln_exprs_eq})) *}
schirmer@12854
   288
wenzelm@24019
   289
simproc_setup evaln_stmt ("G\<turnstile>s \<midarrow>In1r t\<succ>\<midarrow>n\<rightarrow> (w, s')") = {*
wenzelm@24019
   290
  fn _ => fn _ => fn ct =>
wenzelm@24019
   291
    (case Thm.term_of ct of
wenzelm@24019
   292
      (_ $ _ $ _ $ _ $ _ $ (Const _ $ _) $ _) => NONE
wenzelm@24019
   293
    | _ => SOME (mk_meta_eq @{thm evaln_stmt_eq})) *}
wenzelm@24019
   294
wenzelm@56199
   295
ML {* ML_Thms.bind_thms ("evaln_AbruptIs", sum3_instantiate @{context} @{thm evaln.Abrupt}) *}
schirmer@12854
   296
declare evaln_AbruptIs [intro!]
schirmer@12854
   297
schirmer@13337
   298
lemma evaln_Callee: "G\<turnstile>Norm s\<midarrow>In1l (Callee l e)\<succ>\<midarrow>n\<rightarrow> (v,s') = False"
schirmer@13337
   299
proof -
schirmer@13337
   300
  { fix s t v s'
schirmer@13337
   301
    assume eval: "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v,s')" and
schirmer@13337
   302
         normal: "normal s" and
schirmer@13337
   303
         callee: "t=In1l (Callee l e)"
berghofe@21765
   304
    then have "False" by induct auto
schirmer@13337
   305
  }
schirmer@13337
   306
  then show ?thesis
nipkow@44890
   307
    by (cases s') fastforce 
schirmer@13337
   308
qed
schirmer@13337
   309
schirmer@13337
   310
lemma evaln_InsInitE: "G\<turnstile>Norm s\<midarrow>In1l (InsInitE c e)\<succ>\<midarrow>n\<rightarrow> (v,s') = False"
schirmer@13337
   311
proof -
schirmer@13337
   312
  { fix s t v s'
schirmer@13337
   313
    assume eval: "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v,s')" and
schirmer@13337
   314
         normal: "normal s" and
schirmer@13337
   315
         callee: "t=In1l (InsInitE c e)"
berghofe@21765
   316
    then have "False" by induct auto
schirmer@13337
   317
  }
schirmer@13337
   318
  then show ?thesis
nipkow@44890
   319
    by (cases s') fastforce
schirmer@13337
   320
qed
schirmer@13337
   321
schirmer@13337
   322
lemma evaln_InsInitV: "G\<turnstile>Norm s\<midarrow>In2 (InsInitV c w)\<succ>\<midarrow>n\<rightarrow> (v,s') = False"
schirmer@13337
   323
proof -
schirmer@13337
   324
  { fix s t v s'
schirmer@13337
   325
    assume eval: "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v,s')" and
schirmer@13337
   326
         normal: "normal s" and
schirmer@13337
   327
         callee: "t=In2 (InsInitV c w)"
berghofe@21765
   328
    then have "False" by induct auto
schirmer@13337
   329
  }  
schirmer@13337
   330
  then show ?thesis
nipkow@44890
   331
    by (cases s') fastforce
schirmer@13337
   332
qed
schirmer@13337
   333
schirmer@13337
   334
lemma evaln_FinA: "G\<turnstile>Norm s\<midarrow>In1r (FinA a c)\<succ>\<midarrow>n\<rightarrow> (v,s') = False"
schirmer@13337
   335
proof -
schirmer@13337
   336
  { fix s t v s'
schirmer@13337
   337
    assume eval: "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v,s')" and
schirmer@13337
   338
         normal: "normal s" and
schirmer@13337
   339
         callee: "t=In1r (FinA a c)"
berghofe@21765
   340
    then have "False" by induct auto
schirmer@13337
   341
  } 
schirmer@13337
   342
  then show ?thesis
nipkow@44890
   343
    by (cases s') fastforce
schirmer@13337
   344
qed
schirmer@13337
   345
schirmer@12854
   346
lemma evaln_abrupt_lemma: "G\<turnstile>s \<midarrow>e\<succ>\<midarrow>n\<rightarrow> (v,s') \<Longrightarrow> 
haftmann@28524
   347
 fst s = Some xc \<longrightarrow> s' = s \<and> v = undefined3 e"
schirmer@12854
   348
apply (erule evaln_cases , auto)
schirmer@12854
   349
done
schirmer@12854
   350
schirmer@12854
   351
lemma evaln_abrupt: 
schirmer@12854
   352
 "\<And>s'. G\<turnstile>(Some xc,s) \<midarrow>e\<succ>\<midarrow>n\<rightarrow> (w,s') = (s' = (Some xc,s) \<and>  
haftmann@28524
   353
  w=undefined3 e \<and> G\<turnstile>(Some xc,s) \<midarrow>e\<succ>\<midarrow>n\<rightarrow> (undefined3 e,(Some xc,s)))"
schirmer@12854
   354
apply auto
schirmer@12854
   355
apply (frule evaln_abrupt_lemma, auto)+
schirmer@12854
   356
done
schirmer@12854
   357
wenzelm@24019
   358
simproc_setup evaln_abrupt ("G\<turnstile>(Some xc,s) \<midarrow>e\<succ>\<midarrow>n\<rightarrow> (w,s')") = {*
wenzelm@24019
   359
  fn _ => fn _ => fn ct =>
wenzelm@24019
   360
    (case Thm.term_of ct of
haftmann@24165
   361
      (_ $ _ $ _ $ _ $ _ $ _ $ (Const (@{const_name Pair}, _) $ (Const (@{const_name Some},_) $ _)$ _))
wenzelm@24019
   362
        => NONE
wenzelm@24019
   363
    | _ => SOME (mk_meta_eq @{thm evaln_abrupt}))
schirmer@12854
   364
*}
schirmer@12854
   365
haftmann@28524
   366
lemma evaln_LitI: "G\<turnstile>s \<midarrow>Lit v-\<succ>(if normal s then v else undefined)\<midarrow>n\<rightarrow> s"
schirmer@12854
   367
apply (case_tac "s", case_tac "a = None")
schirmer@12854
   368
by (auto intro!: evaln.Lit)
schirmer@12854
   369
schirmer@12854
   370
lemma CondI: 
schirmer@12854
   371
 "\<And>s1. \<lbrakk>G\<turnstile>s \<midarrow>e-\<succ>b\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>(if the_Bool b then e1 else e2)-\<succ>v\<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow> 
haftmann@28524
   372
  G\<turnstile>s \<midarrow>e ? e1 : e2-\<succ>(if normal s1 then v else undefined)\<midarrow>n\<rightarrow> s2"
schirmer@12854
   373
apply (case_tac "s", case_tac "a = None")
schirmer@12854
   374
by (auto intro!: evaln.Cond)
schirmer@12854
   375
schirmer@12854
   376
lemma evaln_SkipI [intro!]: "G\<turnstile>s \<midarrow>Skip\<midarrow>n\<rightarrow> s"
schirmer@12854
   377
apply (case_tac "s", case_tac "a = None")
schirmer@12854
   378
by (auto intro!: evaln.Skip)
schirmer@12854
   379
schirmer@12854
   380
lemma evaln_ExprI: "G\<turnstile>s \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s' \<Longrightarrow> G\<turnstile>s \<midarrow>Expr e\<midarrow>n\<rightarrow> s'"
schirmer@12854
   381
apply (case_tac "s", case_tac "a = None")
schirmer@12854
   382
by (auto intro!: evaln.Expr)
schirmer@12854
   383
schirmer@12854
   384
lemma evaln_CompI: "\<lbrakk>G\<turnstile>s \<midarrow>c1\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>c2\<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow> G\<turnstile>s \<midarrow>c1;; c2\<midarrow>n\<rightarrow> s2"
schirmer@12854
   385
apply (case_tac "s", case_tac "a = None")
schirmer@12854
   386
by (auto intro!: evaln.Comp)
schirmer@12854
   387
schirmer@12854
   388
lemma evaln_IfI: 
schirmer@12854
   389
 "\<lbrakk>G\<turnstile>s \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>(if the_Bool v then c1 else c2)\<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow> 
schirmer@12854
   390
  G\<turnstile>s \<midarrow>If(e) c1 Else c2\<midarrow>n\<rightarrow> s2"
schirmer@12854
   391
apply (case_tac "s", case_tac "a = None")
schirmer@12854
   392
by (auto intro!: evaln.If)
schirmer@12854
   393
schirmer@12854
   394
lemma evaln_SkipD [dest!]: "G\<turnstile>s \<midarrow>Skip\<midarrow>n\<rightarrow> s' \<Longrightarrow> s' = s" 
schirmer@12854
   395
by (erule evaln_cases, auto)
schirmer@12854
   396
schirmer@12854
   397
lemma evaln_Skip_eq [simp]: "G\<turnstile>s \<midarrow>Skip\<midarrow>n\<rightarrow> s' = (s = s')"
schirmer@12854
   398
apply auto
schirmer@12854
   399
done
schirmer@12854
   400
schirmer@13688
   401
schirmer@13688
   402
schirmer@13384
   403
wenzelm@58887
   404
subsubsection {* evaln implies eval *}
schirmer@13688
   405
schirmer@12925
   406
lemma evaln_eval:  
schirmer@13688
   407
  assumes evaln: "G\<turnstile>s0 \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v,s1)" 
wenzelm@12937
   408
  shows "G\<turnstile>s0 \<midarrow>t\<succ>\<rightarrow> (v,s1)"
schirmer@13688
   409
using evaln 
schirmer@13688
   410
proof (induct)
wenzelm@24727
   411
  case (Loop s0 e b n s1 c s2 l s3)
wenzelm@23350
   412
  note `G\<turnstile>Norm s0 \<midarrow>e-\<succ>b\<rightarrow> s1`
schirmer@13688
   413
  moreover
schirmer@13688
   414
  have "if the_Bool b
schirmer@13688
   415
        then (G\<turnstile>s1 \<midarrow>c\<rightarrow> s2) \<and> 
schirmer@13688
   416
             G\<turnstile>abupd (absorb (Cont l)) s2 \<midarrow>l\<bullet> While(e) c\<rightarrow> s3
schirmer@13688
   417
        else s3 = s1"
schirmer@13688
   418
    using Loop.hyps by simp
schirmer@13688
   419
  ultimately show ?case by (rule eval.Loop)
schirmer@13688
   420
next
berghofe@21765
   421
  case (Try s0 c1 n s1 s2 C vn c2 s3)
wenzelm@23350
   422
  note `G\<turnstile>Norm s0 \<midarrow>c1\<rightarrow> s1`
schirmer@13688
   423
  moreover
wenzelm@23350
   424
  note `G\<turnstile>s1 \<midarrow>sxalloc\<rightarrow> s2`
schirmer@13688
   425
  moreover
schirmer@13688
   426
  have "if G,s2\<turnstile>catch C then G\<turnstile>new_xcpt_var vn s2 \<midarrow>c2\<rightarrow> s3 else s3 = s2"
schirmer@13688
   427
    using Try.hyps by simp
schirmer@13688
   428
  ultimately show ?case by (rule eval.Try)
schirmer@13688
   429
next
berghofe@21765
   430
  case (Init C c s0 s3 n s1 s2)
wenzelm@23350
   431
  note `the (class G C) = c`
schirmer@13688
   432
  moreover
schirmer@13688
   433
  have "if inited C (globs s0) 
schirmer@13688
   434
           then s3 = Norm s0
schirmer@13688
   435
           else G\<turnstile>Norm ((init_class_obj G C) s0) 
schirmer@13688
   436
                  \<midarrow>(if C = Object then Skip else Init (super c))\<rightarrow> s1 \<and>
schirmer@13688
   437
                G\<turnstile>(set_lvars empty) s1 \<midarrow>init c\<rightarrow> s2 \<and>
schirmer@13688
   438
                s3 = (set_lvars (locals (store s1))) s2"
schirmer@13688
   439
    using Init.hyps by simp
schirmer@13688
   440
  ultimately show ?case by (rule eval.Init)
schirmer@13688
   441
qed (rule eval.intros,(assumption+ | assumption?))+
schirmer@12925
   442
schirmer@12925
   443
lemma Suc_le_D_lemma: "\<lbrakk>Suc n <= m'; (\<And>m. n <= m \<Longrightarrow> P (Suc m)) \<rbrakk> \<Longrightarrow> P m'"
schirmer@12925
   444
apply (frule Suc_le_D)
schirmer@12925
   445
apply fast
schirmer@12925
   446
done
schirmer@12925
   447
schirmer@12925
   448
lemma evaln_nonstrict [rule_format (no_asm), elim]: 
berghofe@21765
   449
  "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (w, s') \<Longrightarrow> \<forall>m. n\<le>m \<longrightarrow> G\<turnstile>s \<midarrow>t\<succ>\<midarrow>m\<rightarrow> (w, s')"
schirmer@12925
   450
apply (erule evaln.induct)
wenzelm@39159
   451
apply (tactic {* ALLGOALS (EVERY'[strip_tac, TRY o etac @{thm Suc_le_D_lemma},
schirmer@12925
   452
  REPEAT o smp_tac 1, 
wenzelm@39159
   453
  resolve_tac @{thms evaln.intros} THEN_ALL_NEW TRY o atac]) *})
schirmer@12925
   454
(* 3 subgoals *)
schirmer@12925
   455
apply (auto split del: split_if)
schirmer@12925
   456
done
schirmer@12925
   457
schirmer@12925
   458
lemmas evaln_nonstrict_Suc = evaln_nonstrict [OF _ le_refl [THEN le_SucI]]
schirmer@12925
   459
berghofe@21765
   460
lemma evaln_max2: "\<lbrakk>G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>n1\<rightarrow> (w1, s1'); G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>n2\<rightarrow> (w2, s2')\<rbrakk> \<Longrightarrow> 
berghofe@21765
   461
             G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>max n1 n2\<rightarrow> (w1, s1') \<and> G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>max n1 n2\<rightarrow> (w2, s2')"
haftmann@54863
   462
by (fast intro: max.cobounded1 max.cobounded2)
schirmer@13688
   463
schirmer@13688
   464
corollary evaln_max2E [consumes 2]:
berghofe@21765
   465
  "\<lbrakk>G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>n1\<rightarrow> (w1, s1'); G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>n2\<rightarrow> (w2, s2'); 
berghofe@21765
   466
    \<lbrakk>G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>max n1 n2\<rightarrow> (w1, s1');G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>max n1 n2\<rightarrow> (w2, s2') \<rbrakk> \<Longrightarrow> P \<rbrakk> \<Longrightarrow> P"
schirmer@13688
   467
by (drule (1) evaln_max2) simp
schirmer@13688
   468
schirmer@12925
   469
schirmer@12925
   470
lemma evaln_max3: 
berghofe@21765
   471
"\<lbrakk>G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>n1\<rightarrow> (w1, s1'); G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>n2\<rightarrow> (w2, s2'); G\<turnstile>s3 \<midarrow>t3\<succ>\<midarrow>n3\<rightarrow> (w3, s3')\<rbrakk> \<Longrightarrow>
berghofe@21765
   472
 G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>max (max n1 n2) n3\<rightarrow> (w1, s1') \<and>
berghofe@21765
   473
 G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>max (max n1 n2) n3\<rightarrow> (w2, s2') \<and> 
berghofe@21765
   474
 G\<turnstile>s3 \<midarrow>t3\<succ>\<midarrow>max (max n1 n2) n3\<rightarrow> (w3, s3')"
schirmer@12925
   475
apply (drule (1) evaln_max2, erule thin_rl)
haftmann@54863
   476
apply (fast intro!: max.cobounded1 max.cobounded2)
schirmer@12925
   477
done
schirmer@12925
   478
schirmer@13688
   479
corollary evaln_max3E: 
berghofe@21765
   480
"\<lbrakk>G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>n1\<rightarrow> (w1, s1'); G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>n2\<rightarrow> (w2, s2'); G\<turnstile>s3 \<midarrow>t3\<succ>\<midarrow>n3\<rightarrow> (w3, s3');
berghofe@21765
   481
   \<lbrakk>G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>max (max n1 n2) n3\<rightarrow> (w1, s1');
berghofe@21765
   482
    G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>max (max n1 n2) n3\<rightarrow> (w2, s2'); 
berghofe@21765
   483
    G\<turnstile>s3 \<midarrow>t3\<succ>\<midarrow>max (max n1 n2) n3\<rightarrow> (w3, s3')
schirmer@13688
   484
   \<rbrakk> \<Longrightarrow> P
schirmer@13688
   485
  \<rbrakk> \<Longrightarrow> P"
schirmer@13688
   486
by (drule (2) evaln_max3) simp
schirmer@13688
   487
schirmer@13688
   488
schirmer@12925
   489
lemma le_max3I1: "(n2::nat) \<le> max n1 (max n2 n3)"
schirmer@12925
   490
proof -
schirmer@12925
   491
  have "n2 \<le> max n2 n3"
haftmann@54863
   492
    by (rule max.cobounded1)
schirmer@12925
   493
  also
schirmer@12925
   494
  have "max n2 n3 \<le> max n1 (max n2 n3)"
haftmann@54863
   495
    by (rule max.cobounded2)
schirmer@12925
   496
  finally
schirmer@12925
   497
  show ?thesis .
schirmer@12925
   498
qed
schirmer@12925
   499
schirmer@12925
   500
lemma le_max3I2: "(n3::nat) \<le> max n1 (max n2 n3)"
schirmer@12925
   501
proof -
schirmer@12925
   502
  have "n3 \<le> max n2 n3"
haftmann@54863
   503
    by (rule max.cobounded2)
schirmer@12925
   504
  also
schirmer@12925
   505
  have "max n2 n3 \<le> max n1 (max n2 n3)"
haftmann@54863
   506
    by (rule max.cobounded2)
schirmer@12925
   507
  finally
schirmer@12925
   508
  show ?thesis .
schirmer@12925
   509
qed
schirmer@12925
   510
wenzelm@24019
   511
declare [[simproc del: wt_expr wt_var wt_exprs wt_stmt]]
schirmer@13688
   512
wenzelm@58887
   513
subsubsection {* eval implies evaln *}
schirmer@12925
   514
lemma eval_evaln: 
schirmer@13688
   515
  assumes eval: "G\<turnstile>s0 \<midarrow>t\<succ>\<rightarrow> (v,s1)"
wenzelm@12937
   516
  shows  "\<exists>n. G\<turnstile>s0 \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v,s1)"
schirmer@13688
   517
using eval 
schirmer@13688
   518
proof (induct)
berghofe@21765
   519
  case (Abrupt xc s t)
schirmer@13688
   520
  obtain n where
haftmann@28524
   521
    "G\<turnstile>(Some xc, s) \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (undefined3 t, (Some xc, s))"
nipkow@17589
   522
    by (iprover intro: evaln.Abrupt)
schirmer@13688
   523
  then show ?case ..
schirmer@13688
   524
next
schirmer@13688
   525
  case Skip
schirmer@13688
   526
  show ?case by (blast intro: evaln.Skip)
schirmer@13688
   527
next
berghofe@21765
   528
  case (Expr s0 e v s1)
schirmer@13688
   529
  then obtain n where
schirmer@13688
   530
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1"
nipkow@17589
   531
    by (iprover)
schirmer@13688
   532
  then have "G\<turnstile>Norm s0 \<midarrow>Expr e\<midarrow>n\<rightarrow> s1"
schirmer@13688
   533
    by (rule evaln.Expr) 
schirmer@13688
   534
  then show ?case ..
schirmer@13688
   535
next
berghofe@21765
   536
  case (Lab s0 c s1 l)
schirmer@13688
   537
  then obtain n where
schirmer@13688
   538
    "G\<turnstile>Norm s0 \<midarrow>c\<midarrow>n\<rightarrow> s1"
nipkow@17589
   539
    by (iprover)
schirmer@13688
   540
  then have "G\<turnstile>Norm s0 \<midarrow>l\<bullet> c\<midarrow>n\<rightarrow> abupd (absorb l) s1"
schirmer@13688
   541
    by (rule evaln.Lab)
schirmer@13688
   542
  then show ?case ..
schirmer@13688
   543
next
berghofe@21765
   544
  case (Comp s0 c1 s1 c2 s2)
schirmer@13688
   545
  then obtain n1 n2 where
schirmer@13688
   546
    "G\<turnstile>Norm s0 \<midarrow>c1\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   547
    "G\<turnstile>s1 \<midarrow>c2\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   548
    by (iprover)
schirmer@13688
   549
  then have "G\<turnstile>Norm s0 \<midarrow>c1;; c2\<midarrow>max n1 n2\<rightarrow> s2"
schirmer@13688
   550
    by (blast intro: evaln.Comp dest: evaln_max2 )
schirmer@13688
   551
  then show ?case ..
schirmer@13688
   552
next
berghofe@21765
   553
  case (If s0 e b s1 c1 c2 s2)
schirmer@13688
   554
  then obtain n1 n2 where
schirmer@13688
   555
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>b\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   556
    "G\<turnstile>s1 \<midarrow>(if the_Bool b then c1 else c2)\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   557
    by (iprover)
schirmer@13688
   558
  then have "G\<turnstile>Norm s0 \<midarrow>If(e) c1 Else c2\<midarrow>max n1 n2\<rightarrow> s2"
schirmer@13688
   559
    by (blast intro: evaln.If dest: evaln_max2)
schirmer@13688
   560
  then show ?case ..
schirmer@13688
   561
next
berghofe@21765
   562
  case (Loop s0 e b s1 c s2 l s3)
schirmer@13688
   563
  from Loop.hyps obtain n1 where
schirmer@13688
   564
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>b\<midarrow>n1\<rightarrow> s1"
nipkow@17589
   565
    by (iprover)
schirmer@13688
   566
  moreover from Loop.hyps obtain n2 where
schirmer@13688
   567
    "if the_Bool b 
schirmer@13688
   568
        then (G\<turnstile>s1 \<midarrow>c\<midarrow>n2\<rightarrow> s2 \<and> 
schirmer@13688
   569
              G\<turnstile>(abupd (absorb (Cont l)) s2)\<midarrow>l\<bullet> While(e) c\<midarrow>n2\<rightarrow> s3)
wenzelm@32960
   570
        else s3 = s1"
haftmann@54863
   571
    by simp (iprover intro: evaln_nonstrict max.cobounded1 max.cobounded2)
schirmer@13688
   572
  ultimately
schirmer@13688
   573
  have "G\<turnstile>Norm s0 \<midarrow>l\<bullet> While(e) c\<midarrow>max n1 n2\<rightarrow> s3"
schirmer@13688
   574
    apply -
schirmer@13688
   575
    apply (rule evaln.Loop)
haftmann@54863
   576
    apply   (iprover intro: evaln_nonstrict intro: max.cobounded1)
haftmann@54863
   577
    apply   (auto intro: evaln_nonstrict intro: max.cobounded2)
schirmer@13688
   578
    done
schirmer@13688
   579
  then show ?case ..
schirmer@13688
   580
next
berghofe@21765
   581
  case (Jmp s j)
wenzelm@26932
   582
  fix n have "G\<turnstile>Norm s \<midarrow>Jmp j\<midarrow>n\<rightarrow> (Some (Jump j), s)"
schirmer@13688
   583
    by (rule evaln.Jmp)
schirmer@13688
   584
  then show ?case ..
schirmer@13688
   585
next
berghofe@21765
   586
  case (Throw s0 e a s1)
schirmer@13688
   587
  then obtain n where
schirmer@13688
   588
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>a\<midarrow>n\<rightarrow> s1"
nipkow@17589
   589
    by (iprover)
schirmer@13688
   590
  then have "G\<turnstile>Norm s0 \<midarrow>Throw e\<midarrow>n\<rightarrow> abupd (throw a) s1"
schirmer@13688
   591
    by (rule evaln.Throw)
schirmer@13688
   592
  then show ?case ..
schirmer@13688
   593
next 
berghofe@21765
   594
  case (Try s0 c1 s1 s2 catchC vn c2 s3)
schirmer@13688
   595
  from Try.hyps obtain n1 where
schirmer@13688
   596
    "G\<turnstile>Norm s0 \<midarrow>c1\<midarrow>n1\<rightarrow> s1"
nipkow@17589
   597
    by (iprover)
schirmer@13688
   598
  moreover 
wenzelm@23350
   599
  note sxalloc = `G\<turnstile>s1 \<midarrow>sxalloc\<rightarrow> s2`
schirmer@13688
   600
  moreover
schirmer@13688
   601
  from Try.hyps obtain n2 where
schirmer@13688
   602
    "if G,s2\<turnstile>catch catchC then G\<turnstile>new_xcpt_var vn s2 \<midarrow>c2\<midarrow>n2\<rightarrow> s3 else s3 = s2"
nipkow@44890
   603
    by fastforce 
schirmer@13688
   604
  ultimately
schirmer@13688
   605
  have "G\<turnstile>Norm s0 \<midarrow>Try c1 Catch(catchC vn) c2\<midarrow>max n1 n2\<rightarrow> s3"
haftmann@54863
   606
    by (auto intro!: evaln.Try max.cobounded1 max.cobounded2)
schirmer@13688
   607
  then show ?case ..
schirmer@13688
   608
next
berghofe@21765
   609
  case (Fin s0 c1 x1 s1 c2 s2 s3)
schirmer@13688
   610
  from Fin obtain n1 n2 where 
schirmer@13688
   611
    "G\<turnstile>Norm s0 \<midarrow>c1\<midarrow>n1\<rightarrow> (x1, s1)"
schirmer@13688
   612
    "G\<turnstile>Norm s1 \<midarrow>c2\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   613
    by iprover
schirmer@13688
   614
  moreover
wenzelm@23350
   615
  note s3 = `s3 = (if \<exists>err. x1 = Some (Error err) 
wenzelm@23350
   616
                   then (x1, s1)
wenzelm@23350
   617
                   else abupd (abrupt_if (x1 \<noteq> None) x1) s2)`
schirmer@13688
   618
  ultimately 
schirmer@13688
   619
  have 
schirmer@13688
   620
    "G\<turnstile>Norm s0 \<midarrow>c1 Finally c2\<midarrow>max n1 n2\<rightarrow> s3"
schirmer@13688
   621
    by (blast intro: evaln.Fin dest: evaln_max2)
schirmer@13688
   622
  then show ?case ..
schirmer@13688
   623
next
berghofe@21765
   624
  case (Init C c s0 s3 s1 s2)
wenzelm@23350
   625
  note cls = `the (class G C) = c`
schirmer@13688
   626
  moreover from Init.hyps obtain n where
schirmer@12925
   627
      "if inited C (globs s0) then s3 = Norm s0
schirmer@12925
   628
       else (G\<turnstile>Norm (init_class_obj G C s0)
wenzelm@32960
   629
              \<midarrow>(if C = Object then Skip else Init (super c))\<midarrow>n\<rightarrow> s1 \<and>
wenzelm@32960
   630
                   G\<turnstile>set_lvars empty s1 \<midarrow>init c\<midarrow>n\<rightarrow> s2 \<and> 
schirmer@12925
   631
                   s3 = restore_lvars s1 s2)"
haftmann@54863
   632
    by (auto intro: evaln_nonstrict max.cobounded1 max.cobounded2)
schirmer@13688
   633
  ultimately have "G\<turnstile>Norm s0 \<midarrow>Init C\<midarrow>n\<rightarrow> s3"
schirmer@13688
   634
    by (rule evaln.Init)
schirmer@13688
   635
  then show ?case ..
schirmer@13688
   636
next
berghofe@21765
   637
  case (NewC s0 C s1 a s2)
schirmer@13688
   638
  then obtain n where 
schirmer@13688
   639
    "G\<turnstile>Norm s0 \<midarrow>Init C\<midarrow>n\<rightarrow> s1"
nipkow@17589
   640
    by (iprover)
schirmer@13688
   641
  with NewC 
schirmer@13688
   642
  have "G\<turnstile>Norm s0 \<midarrow>NewC C-\<succ>Addr a\<midarrow>n\<rightarrow> s2"
nipkow@17589
   643
    by (iprover intro: evaln.NewC)
schirmer@13688
   644
  then show ?case ..
schirmer@13688
   645
next
berghofe@21765
   646
  case (NewA s0 T s1 e i s2 a s3)
schirmer@13688
   647
  then obtain n1 n2 where 
schirmer@13688
   648
    "G\<turnstile>Norm s0 \<midarrow>init_comp_ty T\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   649
    "G\<turnstile>s1 \<midarrow>e-\<succ>i\<midarrow>n2\<rightarrow> s2"      
nipkow@17589
   650
    by (iprover)
schirmer@13688
   651
  moreover
wenzelm@23350
   652
  note `G\<turnstile>abupd (check_neg i) s2 \<midarrow>halloc Arr T (the_Intg i)\<succ>a\<rightarrow> s3`
schirmer@13688
   653
  ultimately
schirmer@13688
   654
  have "G\<turnstile>Norm s0 \<midarrow>New T[e]-\<succ>Addr a\<midarrow>max n1 n2\<rightarrow> s3"
schirmer@13688
   655
    by (blast intro: evaln.NewA dest: evaln_max2)
schirmer@13688
   656
  then show ?case ..
schirmer@13688
   657
next
berghofe@21765
   658
  case (Cast s0 e v s1 s2 castT)
schirmer@13688
   659
  then obtain n where
schirmer@13688
   660
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1"
nipkow@17589
   661
    by (iprover)
schirmer@13688
   662
  moreover 
wenzelm@23350
   663
  note `s2 = abupd (raise_if (\<not> G,snd s1\<turnstile>v fits castT) ClassCast) s1`
schirmer@13688
   664
  ultimately
schirmer@13688
   665
  have "G\<turnstile>Norm s0 \<midarrow>Cast castT e-\<succ>v\<midarrow>n\<rightarrow> s2"
schirmer@13688
   666
    by (rule evaln.Cast)
schirmer@13688
   667
  then show ?case ..
schirmer@13688
   668
next
berghofe@21765
   669
  case (Inst s0 e v s1 b T)
schirmer@13688
   670
  then obtain n where
schirmer@13688
   671
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1"
nipkow@17589
   672
    by (iprover)
schirmer@13688
   673
  moreover 
wenzelm@23350
   674
  note `b = (v \<noteq> Null \<and> G,snd s1\<turnstile>v fits RefT T)`
schirmer@13688
   675
  ultimately
schirmer@13688
   676
  have "G\<turnstile>Norm s0 \<midarrow>e InstOf T-\<succ>Bool b\<midarrow>n\<rightarrow> s1"
schirmer@13688
   677
    by (rule evaln.Inst)
schirmer@13688
   678
  then show ?case ..
schirmer@13688
   679
next
schirmer@13688
   680
  case (Lit s v)
wenzelm@26932
   681
  fix n have "G\<turnstile>Norm s \<midarrow>Lit v-\<succ>v\<midarrow>n\<rightarrow> Norm s"
schirmer@13688
   682
    by (rule evaln.Lit)
schirmer@13688
   683
  then show ?case ..
schirmer@13688
   684
next
berghofe@21765
   685
  case (UnOp s0 e v s1 unop)
schirmer@13688
   686
  then obtain n where
schirmer@13688
   687
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1"
nipkow@17589
   688
    by (iprover)
schirmer@13688
   689
  hence "G\<turnstile>Norm s0 \<midarrow>UnOp unop e-\<succ>eval_unop unop v\<midarrow>n\<rightarrow> s1"
schirmer@13688
   690
    by (rule evaln.UnOp)
schirmer@13688
   691
  then show ?case ..
schirmer@13688
   692
next
berghofe@21765
   693
  case (BinOp s0 e1 v1 s1 binop e2 v2 s2)
schirmer@13688
   694
  then obtain n1 n2 where 
schirmer@13688
   695
    "G\<turnstile>Norm s0 \<midarrow>e1-\<succ>v1\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   696
    "G\<turnstile>s1 \<midarrow>(if need_second_arg binop v1 then In1l e2
schirmer@13384
   697
               else In1r Skip)\<succ>\<midarrow>n2\<rightarrow> (In1 v2, s2)"    
nipkow@17589
   698
    by (iprover)
schirmer@13688
   699
  hence "G\<turnstile>Norm s0 \<midarrow>BinOp binop e1 e2-\<succ>(eval_binop binop v1 v2)\<midarrow>max n1 n2
schirmer@13688
   700
          \<rightarrow> s2"
schirmer@13688
   701
    by (blast intro!: evaln.BinOp dest: evaln_max2)
schirmer@13688
   702
  then show ?case ..
schirmer@13688
   703
next
schirmer@13688
   704
  case (Super s )
wenzelm@26932
   705
  fix n have "G\<turnstile>Norm s \<midarrow>Super-\<succ>val_this s\<midarrow>n\<rightarrow> Norm s"
schirmer@13688
   706
    by (rule evaln.Super)
schirmer@13688
   707
  then show ?case ..
schirmer@13688
   708
next
berghofe@21765
   709
  case (Acc s0 va v f s1)
schirmer@13688
   710
  then obtain n where
schirmer@13688
   711
    "G\<turnstile>Norm s0 \<midarrow>va=\<succ>(v, f)\<midarrow>n\<rightarrow> s1"
nipkow@17589
   712
    by (iprover)
schirmer@13688
   713
  then
schirmer@13688
   714
  have "G\<turnstile>Norm s0 \<midarrow>Acc va-\<succ>v\<midarrow>n\<rightarrow> s1"
schirmer@13688
   715
    by (rule evaln.Acc)
schirmer@13688
   716
  then show ?case ..
schirmer@13688
   717
next
berghofe@21765
   718
  case (Ass s0 var w f s1 e v s2)
schirmer@13688
   719
  then obtain n1 n2 where 
schirmer@13688
   720
    "G\<turnstile>Norm s0 \<midarrow>var=\<succ>(w, f)\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   721
    "G\<turnstile>s1 \<midarrow>e-\<succ>v\<midarrow>n2\<rightarrow> s2"      
nipkow@17589
   722
    by (iprover)
schirmer@13688
   723
  then
schirmer@13688
   724
  have "G\<turnstile>Norm s0 \<midarrow>var:=e-\<succ>v\<midarrow>max n1 n2\<rightarrow> assign f v s2"
schirmer@13688
   725
    by (blast intro: evaln.Ass dest: evaln_max2)
schirmer@13688
   726
  then show ?case ..
schirmer@13688
   727
next
berghofe@21765
   728
  case (Cond s0 e0 b s1 e1 e2 v s2)
schirmer@13688
   729
  then obtain n1 n2 where 
schirmer@13688
   730
    "G\<turnstile>Norm s0 \<midarrow>e0-\<succ>b\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   731
    "G\<turnstile>s1 \<midarrow>(if the_Bool b then e1 else e2)-\<succ>v\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   732
    by (iprover)
schirmer@13688
   733
  then
schirmer@13688
   734
  have "G\<turnstile>Norm s0 \<midarrow>e0 ? e1 : e2-\<succ>v\<midarrow>max n1 n2\<rightarrow> s2"
schirmer@13688
   735
    by (blast intro: evaln.Cond dest: evaln_max2)
schirmer@13688
   736
  then show ?case ..
schirmer@13688
   737
next
berghofe@21765
   738
  case (Call s0 e a' s1 args vs s2 invDeclC mode statT mn pTs' s3 s3' accC' v s4)
schirmer@13688
   739
  then obtain n1 n2 where
schirmer@13688
   740
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>a'\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   741
    "G\<turnstile>s1 \<midarrow>args\<doteq>\<succ>vs\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   742
    by iprover
schirmer@13688
   743
  moreover
wenzelm@23350
   744
  note `invDeclC = invocation_declclass G mode (store s2) a' statT 
wenzelm@23350
   745
                       \<lparr>name=mn,parTs=pTs'\<rparr>`
schirmer@13688
   746
  moreover
wenzelm@23350
   747
  note `s3 = init_lvars G invDeclC \<lparr>name=mn,parTs=pTs'\<rparr> mode a' vs s2`
schirmer@13688
   748
  moreover
wenzelm@23350
   749
  note `s3'=check_method_access G accC' statT mode \<lparr>name=mn,parTs=pTs'\<rparr> a' s3`
schirmer@13688
   750
  moreover 
schirmer@13688
   751
  from Call.hyps
schirmer@13688
   752
  obtain m where 
schirmer@13688
   753
    "G\<turnstile>s3' \<midarrow>Methd invDeclC \<lparr>name=mn, parTs=pTs'\<rparr>-\<succ>v\<midarrow>m\<rightarrow> s4"
nipkow@17589
   754
    by iprover
schirmer@13688
   755
  ultimately
schirmer@13688
   756
  have "G\<turnstile>Norm s0 \<midarrow>{accC',statT,mode}e\<cdot>mn( {pTs'}args)-\<succ>v\<midarrow>max n1 (max n2 m)\<rightarrow> 
schirmer@12925
   757
            (set_lvars (locals (store s2))) s4"
haftmann@54863
   758
    by (auto intro!: evaln.Call max.cobounded1 le_max3I1 le_max3I2)
schirmer@13688
   759
  thus ?case ..
schirmer@13688
   760
next
berghofe@21765
   761
  case (Methd s0 D sig v s1)
schirmer@13688
   762
  then obtain n where
schirmer@13688
   763
    "G\<turnstile>Norm s0 \<midarrow>body G D sig-\<succ>v\<midarrow>n\<rightarrow> s1"
nipkow@17589
   764
    by iprover
schirmer@13688
   765
  then have "G\<turnstile>Norm s0 \<midarrow>Methd D sig-\<succ>v\<midarrow>Suc n\<rightarrow> s1"
schirmer@13688
   766
    by (rule evaln.Methd)
schirmer@13688
   767
  then show ?case ..
schirmer@13688
   768
next
berghofe@21765
   769
  case (Body s0 D s1 c s2 s3)
schirmer@13688
   770
  from Body.hyps obtain n1 n2 where 
schirmer@13688
   771
    evaln_init: "G\<turnstile>Norm s0 \<midarrow>Init D\<midarrow>n1\<rightarrow> s1" and
schirmer@13688
   772
    evaln_c: "G\<turnstile>s1 \<midarrow>c\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   773
    by (iprover)
schirmer@13688
   774
  moreover
wenzelm@23350
   775
  note `s3 = (if \<exists>l. fst s2 = Some (Jump (Break l)) \<or> 
schirmer@13688
   776
                     fst s2 = Some (Jump (Cont l))
wenzelm@23350
   777
              then abupd (\<lambda>x. Some (Error CrossMethodJump)) s2 
wenzelm@23350
   778
              else s2)`
schirmer@13688
   779
  ultimately
schirmer@13688
   780
  have
schirmer@12925
   781
     "G\<turnstile>Norm s0 \<midarrow>Body D c-\<succ>the (locals (store s2) Result)\<midarrow>max n1 n2
schirmer@13688
   782
       \<rightarrow> abupd (absorb Ret) s3"
nipkow@17589
   783
    by (iprover intro: evaln.Body dest: evaln_max2)
schirmer@13688
   784
  then show ?case ..
schirmer@13688
   785
next
schirmer@13688
   786
  case (LVar s vn )
schirmer@13688
   787
  obtain n where
schirmer@13688
   788
    "G\<turnstile>Norm s \<midarrow>LVar vn=\<succ>lvar vn s\<midarrow>n\<rightarrow> Norm s"
nipkow@17589
   789
    by (iprover intro: evaln.LVar)
schirmer@13688
   790
  then show ?case ..
schirmer@13688
   791
next
berghofe@21765
   792
  case (FVar s0 statDeclC s1 e a s2 v s2' stat fn s3 accC)
schirmer@13688
   793
  then obtain n1 n2 where
schirmer@13688
   794
    "G\<turnstile>Norm s0 \<midarrow>Init statDeclC\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   795
    "G\<turnstile>s1 \<midarrow>e-\<succ>a\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   796
    by iprover
schirmer@13688
   797
  moreover
wenzelm@23350
   798
  note `s3 = check_field_access G accC statDeclC fn stat a s2'`
wenzelm@23350
   799
    and `(v, s2') = fvar statDeclC stat fn a s2`
schirmer@13688
   800
  ultimately
schirmer@13688
   801
  have "G\<turnstile>Norm s0 \<midarrow>{accC,statDeclC,stat}e..fn=\<succ>v\<midarrow>max n1 n2\<rightarrow> s3"
nipkow@17589
   802
    by (iprover intro: evaln.FVar dest: evaln_max2)
schirmer@13688
   803
  then show ?case ..
schirmer@13688
   804
next
berghofe@21765
   805
  case (AVar s0 e1 a s1 e2 i s2 v s2')
schirmer@13688
   806
  then obtain n1 n2 where 
schirmer@13688
   807
    "G\<turnstile>Norm s0 \<midarrow>e1-\<succ>a\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   808
    "G\<turnstile>s1 \<midarrow>e2-\<succ>i\<midarrow>n2\<rightarrow> s2"      
nipkow@17589
   809
    by iprover
schirmer@13688
   810
  moreover 
wenzelm@23350
   811
  note `(v, s2') = avar G i a s2`
schirmer@13688
   812
  ultimately 
schirmer@13688
   813
  have "G\<turnstile>Norm s0 \<midarrow>e1.[e2]=\<succ>v\<midarrow>max n1 n2\<rightarrow> s2'"
schirmer@13688
   814
    by (blast intro!: evaln.AVar dest: evaln_max2)
schirmer@13688
   815
  then show ?case ..
schirmer@13688
   816
next
schirmer@13688
   817
  case (Nil s0)
nipkow@17589
   818
  show ?case by (iprover intro: evaln.Nil)
schirmer@13688
   819
next
berghofe@21765
   820
  case (Cons s0 e v s1 es vs s2)
schirmer@13688
   821
  then obtain n1 n2 where 
schirmer@13688
   822
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   823
    "G\<turnstile>s1 \<midarrow>es\<doteq>\<succ>vs\<midarrow>n2\<rightarrow> s2"      
nipkow@17589
   824
    by iprover
schirmer@13688
   825
  then
schirmer@13688
   826
  have "G\<turnstile>Norm s0 \<midarrow>e # es\<doteq>\<succ>v # vs\<midarrow>max n1 n2\<rightarrow> s2"
schirmer@13688
   827
    by (blast intro!: evaln.Cons dest: evaln_max2)
schirmer@13688
   828
  then show ?case ..
schirmer@12925
   829
qed
wenzelm@26932
   830
schirmer@12854
   831
end