src/HOL/Bali/Evaln.thy
author haftmann
Tue Oct 07 16:07:50 2008 +0200 (2008-10-07)
changeset 28524 644b62cf678f
parent 27226 5a3e5e46d977
child 32960 69916a850301
permissions -rw-r--r--
arbitrary is undefined
wenzelm@12857
     1
(*  Title:      HOL/Bali/Evaln.thy
schirmer@12854
     2
    ID:         $Id$
schirmer@12925
     3
    Author:     David von Oheimb and Norbert Schirmer
schirmer@12854
     4
*)
schirmer@12854
     5
header {* Operational evaluation (big-step) semantics of Java expressions and 
schirmer@12854
     6
          statements
schirmer@12854
     7
*}
schirmer@12854
     8
haftmann@16417
     9
theory Evaln imports TypeSafe begin
schirmer@13688
    10
schirmer@12854
    11
schirmer@12854
    12
text {*
schirmer@13688
    13
Variant of @{term eval} relation with counter for bounded recursive depth. 
schirmer@13688
    14
In principal @{term evaln} could replace @{term eval}.
schirmer@13688
    15
schirmer@13688
    16
Validity of the axiomatic semantics builds on @{term evaln}. 
schirmer@13688
    17
For recursive method calls the axiomatic semantics rule assumes the method ok 
schirmer@13688
    18
to derive a proof for the body. To prove the method rule sound we need to 
schirmer@13688
    19
perform induction on the recursion depth. 
schirmer@13688
    20
For the completeness proof of the axiomatic semantics the notion of the most
schirmer@13688
    21
general formula is used. The most general formula right now builds on the 
schirmer@13688
    22
ordinary evaluation relation @{term eval}. 
schirmer@13688
    23
So sometimes we have to switch between @{term evaln} and @{term eval} and vice 
schirmer@13688
    24
versa. To make
schirmer@13688
    25
this switch easy @{term evaln} also does all the technical accessibility tests 
schirmer@13688
    26
@{term check_field_access} and @{term check_method_access} like @{term eval}. 
schirmer@13688
    27
If it would omit them @{term evaln} and @{term eval} would only be equivalent 
schirmer@13688
    28
for welltyped, and definitely assigned terms.
schirmer@12854
    29
*}
schirmer@12854
    30
berghofe@23747
    31
inductive
berghofe@21765
    32
  evaln	:: "[prog, state, term, nat, vals, state] \<Rightarrow> bool"
berghofe@21765
    33
    ("_\<turnstile>_ \<midarrow>_\<succ>\<midarrow>_\<rightarrow> '(_, _')" [61,61,80,61,0,0] 60)
berghofe@21765
    34
  and evarn :: "[prog, state, var, vvar, nat, state] \<Rightarrow> bool"
berghofe@21765
    35
    ("_\<turnstile>_ \<midarrow>_=\<succ>_\<midarrow>_\<rightarrow> _" [61,61,90,61,61,61] 60)
berghofe@21765
    36
  and eval_n:: "[prog, state, expr, val, nat, state] \<Rightarrow> bool"
berghofe@21765
    37
    ("_\<turnstile>_ \<midarrow>_-\<succ>_\<midarrow>_\<rightarrow> _" [61,61,80,61,61,61] 60)
berghofe@21765
    38
  and evalsn :: "[prog, state, expr list, val  list, nat, state] \<Rightarrow> bool"
berghofe@21765
    39
    ("_\<turnstile>_ \<midarrow>_\<doteq>\<succ>_\<midarrow>_\<rightarrow> _" [61,61,61,61,61,61] 60)
berghofe@21765
    40
  and execn	:: "[prog, state, stmt, nat, state] \<Rightarrow> bool"
berghofe@21765
    41
    ("_\<turnstile>_ \<midarrow>_\<midarrow>_\<rightarrow> _"     [61,61,65,   61,61] 60)
berghofe@21765
    42
  for G :: prog
berghofe@21765
    43
where
schirmer@12854
    44
berghofe@21765
    45
  "G\<turnstile>s \<midarrow>c     \<midarrow>n\<rightarrow>    s' \<equiv> G\<turnstile>s \<midarrow>In1r  c\<succ>\<midarrow>n\<rightarrow> (\<diamondsuit>    ,  s')"
berghofe@21765
    46
| "G\<turnstile>s \<midarrow>e-\<succ>v  \<midarrow>n\<rightarrow>    s' \<equiv> G\<turnstile>s \<midarrow>In1l e\<succ>\<midarrow>n\<rightarrow> (In1 v ,  s')"
berghofe@21765
    47
| "G\<turnstile>s \<midarrow>e=\<succ>vf \<midarrow>n\<rightarrow>    s' \<equiv> G\<turnstile>s \<midarrow>In2  e\<succ>\<midarrow>n\<rightarrow> (In2 vf,  s')"
berghofe@21765
    48
| "G\<turnstile>s \<midarrow>e\<doteq>\<succ>v  \<midarrow>n\<rightarrow>    s' \<equiv> G\<turnstile>s \<midarrow>In3  e\<succ>\<midarrow>n\<rightarrow> (In3 v ,  s')"
schirmer@12854
    49
schirmer@13688
    50
--{* propagation of abrupt completion *}
schirmer@12854
    51
haftmann@28524
    52
| Abrupt:   "G\<turnstile>(Some xc,s) \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (undefined3 t,(Some xc,s))"
schirmer@12854
    53
schirmer@12854
    54
schirmer@13688
    55
--{* evaluation of variables *}
schirmer@12854
    56
berghofe@21765
    57
| LVar:	"G\<turnstile>Norm s \<midarrow>LVar vn=\<succ>lvar vn s\<midarrow>n\<rightarrow> Norm s"
schirmer@12854
    58
berghofe@21765
    59
| FVar:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>Init statDeclC\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>e-\<succ>a\<midarrow>n\<rightarrow> s2;
schirmer@13688
    60
	  (v,s2') = fvar statDeclC stat fn a s2;
schirmer@13688
    61
          s3 = check_field_access G accC statDeclC fn stat a s2'\<rbrakk> \<Longrightarrow>
schirmer@13688
    62
	  G\<turnstile>Norm s0 \<midarrow>{accC,statDeclC,stat}e..fn=\<succ>v\<midarrow>n\<rightarrow> s3"
schirmer@12854
    63
berghofe@21765
    64
| AVar:	"\<lbrakk>G\<turnstile> Norm s0 \<midarrow>e1-\<succ>a\<midarrow>n\<rightarrow> s1 ; G\<turnstile>s1 \<midarrow>e2-\<succ>i\<midarrow>n\<rightarrow> s2; 
schirmer@12854
    65
	  (v,s2') = avar G i a s2\<rbrakk> \<Longrightarrow>
schirmer@12854
    66
	              G\<turnstile>Norm s0 \<midarrow>e1.[e2]=\<succ>v\<midarrow>n\<rightarrow> s2'"
schirmer@12854
    67
schirmer@12854
    68
schirmer@12854
    69
schirmer@12854
    70
schirmer@13688
    71
--{* evaluation of expressions *}
schirmer@12854
    72
berghofe@21765
    73
| NewC:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>Init C\<midarrow>n\<rightarrow> s1;
schirmer@12854
    74
	  G\<turnstile>     s1 \<midarrow>halloc (CInst C)\<succ>a\<rightarrow> s2\<rbrakk> \<Longrightarrow>
schirmer@12854
    75
	                          G\<turnstile>Norm s0 \<midarrow>NewC C-\<succ>Addr a\<midarrow>n\<rightarrow> s2"
schirmer@12854
    76
berghofe@21765
    77
| NewA:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>init_comp_ty T\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>e-\<succ>i'\<midarrow>n\<rightarrow> s2; 
schirmer@12854
    78
	  G\<turnstile>abupd (check_neg i') s2 \<midarrow>halloc (Arr T (the_Intg i'))\<succ>a\<rightarrow> s3\<rbrakk> \<Longrightarrow>
schirmer@12854
    79
	                        G\<turnstile>Norm s0 \<midarrow>New T[e]-\<succ>Addr a\<midarrow>n\<rightarrow> s3"
schirmer@12854
    80
berghofe@21765
    81
| Cast:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1;
schirmer@12854
    82
	  s2 = abupd (raise_if (\<not>G,snd s1\<turnstile>v fits T) ClassCast) s1\<rbrakk> \<Longrightarrow>
schirmer@12854
    83
			        G\<turnstile>Norm s0 \<midarrow>Cast T e-\<succ>v\<midarrow>n\<rightarrow> s2"
schirmer@12854
    84
berghofe@21765
    85
| Inst:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1;
schirmer@12854
    86
	  b = (v\<noteq>Null \<and> G,store s1\<turnstile>v fits RefT T)\<rbrakk> \<Longrightarrow>
schirmer@12854
    87
			      G\<turnstile>Norm s0 \<midarrow>e InstOf T-\<succ>Bool b\<midarrow>n\<rightarrow> s1"
schirmer@12854
    88
berghofe@21765
    89
| Lit:			   "G\<turnstile>Norm s \<midarrow>Lit v-\<succ>v\<midarrow>n\<rightarrow> Norm s"
schirmer@12854
    90
berghofe@21765
    91
| UnOp: "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1\<rbrakk> 
schirmer@13337
    92
         \<Longrightarrow> G\<turnstile>Norm s0 \<midarrow>UnOp unop e-\<succ>(eval_unop unop v)\<midarrow>n\<rightarrow> s1"
schirmer@13337
    93
berghofe@21765
    94
| BinOp: "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e1-\<succ>v1\<midarrow>n\<rightarrow> s1; 
schirmer@13384
    95
           G\<turnstile>s1 \<midarrow>(if need_second_arg binop v1 then (In1l e2) else (In1r Skip))
schirmer@13384
    96
            \<succ>\<midarrow>n\<rightarrow> (In1 v2,s2)\<rbrakk> 
schirmer@13337
    97
         \<Longrightarrow> G\<turnstile>Norm s0 \<midarrow>BinOp binop e1 e2-\<succ>(eval_binop binop v1 v2)\<midarrow>n\<rightarrow> s2"
schirmer@13337
    98
berghofe@21765
    99
| Super:		   "G\<turnstile>Norm s \<midarrow>Super-\<succ>val_this s\<midarrow>n\<rightarrow> Norm s"
schirmer@12854
   100
berghofe@21765
   101
| Acc:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>va=\<succ>(v,f)\<midarrow>n\<rightarrow> s1\<rbrakk> \<Longrightarrow>
schirmer@12854
   102
	                          G\<turnstile>Norm s0 \<midarrow>Acc va-\<succ>v\<midarrow>n\<rightarrow> s1"
schirmer@12854
   103
berghofe@21765
   104
| Ass:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>va=\<succ>(w,f)\<midarrow>n\<rightarrow> s1;
schirmer@12854
   105
          G\<turnstile>     s1 \<midarrow>e-\<succ>v     \<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow>
schirmer@12854
   106
				   G\<turnstile>Norm s0 \<midarrow>va:=e-\<succ>v\<midarrow>n\<rightarrow> assign f v s2"
schirmer@12854
   107
berghofe@21765
   108
| Cond:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e0-\<succ>b\<midarrow>n\<rightarrow> s1;
schirmer@12854
   109
          G\<turnstile>     s1 \<midarrow>(if the_Bool b then e1 else e2)-\<succ>v\<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow>
schirmer@12854
   110
			    G\<turnstile>Norm s0 \<midarrow>e0 ? e1 : e2-\<succ>v\<midarrow>n\<rightarrow> s2"
schirmer@12854
   111
berghofe@21765
   112
| Call:	
schirmer@12854
   113
  "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>a'\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>args\<doteq>\<succ>vs\<midarrow>n\<rightarrow> s2;
schirmer@12854
   114
    D = invocation_declclass G mode (store s2) a' statT \<lparr>name=mn,parTs=pTs\<rparr>; 
schirmer@13688
   115
    s3=init_lvars G D \<lparr>name=mn,parTs=pTs\<rparr> mode a' vs s2;
schirmer@13688
   116
    s3' = check_method_access G accC statT mode \<lparr>name=mn,parTs=pTs\<rparr> a' s3;
schirmer@13688
   117
    G\<turnstile>s3'\<midarrow>Methd D \<lparr>name=mn,parTs=pTs\<rparr>-\<succ>v\<midarrow>n\<rightarrow> s4
schirmer@13688
   118
   \<rbrakk>
schirmer@12925
   119
   \<Longrightarrow> 
schirmer@13688
   120
    G\<turnstile>Norm s0 \<midarrow>{accC,statT,mode}e\<cdot>mn({pTs}args)-\<succ>v\<midarrow>n\<rightarrow> (restore_lvars s2 s4)"
schirmer@12854
   121
berghofe@21765
   122
| Methd:"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>body G D sig-\<succ>v\<midarrow>n\<rightarrow> s1\<rbrakk> \<Longrightarrow>
schirmer@12854
   123
				G\<turnstile>Norm s0 \<midarrow>Methd D sig-\<succ>v\<midarrow>Suc n\<rightarrow> s1"
schirmer@12854
   124
berghofe@21765
   125
| Body:	"\<lbrakk>G\<turnstile>Norm s0\<midarrow>Init D\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>c\<midarrow>n\<rightarrow> s2;
schirmer@13688
   126
          s3 = (if (\<exists> l. abrupt s2 = Some (Jump (Break l)) \<or>  
schirmer@13688
   127
                         abrupt s2 = Some (Jump (Cont l)))
schirmer@13688
   128
                  then abupd (\<lambda> x. Some (Error CrossMethodJump)) s2 
schirmer@13688
   129
                  else s2)\<rbrakk>\<Longrightarrow>
schirmer@13337
   130
         G\<turnstile>Norm s0 \<midarrow>Body D c
schirmer@13688
   131
          -\<succ>the (locals (store s2) Result)\<midarrow>n\<rightarrow>abupd (absorb Ret) s3"
schirmer@12854
   132
schirmer@13688
   133
--{* evaluation of expression lists *}
schirmer@12854
   134
berghofe@21765
   135
| Nil:
schirmer@12854
   136
				"G\<turnstile>Norm s0 \<midarrow>[]\<doteq>\<succ>[]\<midarrow>n\<rightarrow> Norm s0"
schirmer@12854
   137
berghofe@21765
   138
| Cons:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e -\<succ> v \<midarrow>n\<rightarrow> s1;
schirmer@12854
   139
          G\<turnstile>     s1 \<midarrow>es\<doteq>\<succ>vs\<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow>
schirmer@12854
   140
			     G\<turnstile>Norm s0 \<midarrow>e#es\<doteq>\<succ>v#vs\<midarrow>n\<rightarrow> s2"
schirmer@12854
   141
schirmer@12854
   142
schirmer@13688
   143
--{* execution of statements *}
schirmer@12854
   144
berghofe@21765
   145
| Skip:	 			    "G\<turnstile>Norm s \<midarrow>Skip\<midarrow>n\<rightarrow> Norm s"
schirmer@12854
   146
berghofe@21765
   147
| Expr:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1\<rbrakk> \<Longrightarrow>
schirmer@12854
   148
				  G\<turnstile>Norm s0 \<midarrow>Expr e\<midarrow>n\<rightarrow> s1"
schirmer@12854
   149
berghofe@21765
   150
| Lab:  "\<lbrakk>G\<turnstile>Norm s0 \<midarrow>c \<midarrow>n\<rightarrow> s1\<rbrakk> \<Longrightarrow>
schirmer@13337
   151
                             G\<turnstile>Norm s0 \<midarrow>l\<bullet> c\<midarrow>n\<rightarrow> abupd (absorb l) s1"
schirmer@12854
   152
berghofe@21765
   153
| Comp:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>c1 \<midarrow>n\<rightarrow> s1;
schirmer@12854
   154
	  G\<turnstile>     s1 \<midarrow>c2 \<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow>
schirmer@12854
   155
				 G\<turnstile>Norm s0 \<midarrow>c1;; c2\<midarrow>n\<rightarrow> s2"
schirmer@12854
   156
berghofe@21765
   157
| If:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>b\<midarrow>n\<rightarrow> s1;
schirmer@12854
   158
	  G\<turnstile>     s1\<midarrow>(if the_Bool b then c1 else c2)\<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow>
schirmer@12854
   159
		       G\<turnstile>Norm s0 \<midarrow>If(e) c1 Else c2 \<midarrow>n\<rightarrow> s2"
schirmer@12854
   160
berghofe@21765
   161
| Loop:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>b\<midarrow>n\<rightarrow> s1;
schirmer@13688
   162
	  if the_Bool b 
schirmer@12854
   163
             then (G\<turnstile>s1 \<midarrow>c\<midarrow>n\<rightarrow> s2 \<and> 
schirmer@12854
   164
                   G\<turnstile>(abupd (absorb (Cont l)) s2) \<midarrow>l\<bullet> While(e) c\<midarrow>n\<rightarrow> s3)
schirmer@12854
   165
	     else s3 = s1\<rbrakk> \<Longrightarrow>
schirmer@12854
   166
			      G\<turnstile>Norm s0 \<midarrow>l\<bullet> While(e) c\<midarrow>n\<rightarrow> s3"
schirmer@12854
   167
  
berghofe@21765
   168
| Jmp: "G\<turnstile>Norm s \<midarrow>Jmp j\<midarrow>n\<rightarrow> (Some (Jump j), s)"
schirmer@12854
   169
  
berghofe@21765
   170
| Throw:"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>e-\<succ>a'\<midarrow>n\<rightarrow> s1\<rbrakk> \<Longrightarrow>
schirmer@12854
   171
				 G\<turnstile>Norm s0 \<midarrow>Throw e\<midarrow>n\<rightarrow> abupd (throw a') s1"
schirmer@12854
   172
berghofe@21765
   173
| Try:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>c1\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>sxalloc\<rightarrow> s2;
schirmer@12854
   174
	  if G,s2\<turnstile>catch tn then G\<turnstile>new_xcpt_var vn s2 \<midarrow>c2\<midarrow>n\<rightarrow> s3 else s3 = s2\<rbrakk>
schirmer@12854
   175
          \<Longrightarrow>
schirmer@12854
   176
		  G\<turnstile>Norm s0 \<midarrow>Try c1 Catch(tn vn) c2\<midarrow>n\<rightarrow> s3"
schirmer@12854
   177
berghofe@21765
   178
| Fin:	"\<lbrakk>G\<turnstile>Norm s0 \<midarrow>c1\<midarrow>n\<rightarrow> (x1,s1);
schirmer@13688
   179
	  G\<turnstile>Norm s1 \<midarrow>c2\<midarrow>n\<rightarrow> s2;
schirmer@13688
   180
          s3=(if (\<exists> err. x1=Some (Error err)) 
schirmer@13688
   181
              then (x1,s1) 
schirmer@13688
   182
              else abupd (abrupt_if (x1\<noteq>None) x1) s2)\<rbrakk> \<Longrightarrow>
schirmer@13688
   183
              G\<turnstile>Norm s0 \<midarrow>c1 Finally c2\<midarrow>n\<rightarrow> s3"
schirmer@12854
   184
  
berghofe@21765
   185
| Init:	"\<lbrakk>the (class G C) = c;
schirmer@12854
   186
	  if inited C (globs s0) then s3 = Norm s0
schirmer@12854
   187
	  else (G\<turnstile>Norm (init_class_obj G C s0)
schirmer@12854
   188
	          \<midarrow>(if C = Object then Skip else Init (super c))\<midarrow>n\<rightarrow> s1 \<and>
schirmer@12854
   189
	        G\<turnstile>set_lvars empty s1 \<midarrow>init c\<midarrow>n\<rightarrow> s2 \<and> 
schirmer@12854
   190
                s3 = restore_lvars s1 s2)\<rbrakk>
schirmer@12854
   191
          \<Longrightarrow>
schirmer@12854
   192
		 G\<turnstile>Norm s0 \<midarrow>Init C\<midarrow>n\<rightarrow> s3"
schirmer@12854
   193
monos
haftmann@22218
   194
  if_bool_eq_conj
schirmer@12854
   195
schirmer@12854
   196
schirmer@12854
   197
declare split_if     [split del] split_if_asm     [split del]
schirmer@12854
   198
        option.split [split del] option.split_asm [split del]
schirmer@13688
   199
        not_None_eq [simp del] 
schirmer@13688
   200
        split_paired_All [simp del] split_paired_Ex [simp del]
wenzelm@24019
   201
declaration {* K (Simplifier.map_ss (fn ss => ss delloop "split_all_tac")) *}
wenzelm@24019
   202
berghofe@23747
   203
inductive_cases evaln_cases: "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v, s')"
schirmer@12854
   204
berghofe@23747
   205
inductive_cases evaln_elim_cases:
berghofe@21765
   206
	"G\<turnstile>(Some xc, s) \<midarrow>t                        \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   207
	"G\<turnstile>Norm s \<midarrow>In1r Skip                      \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   208
        "G\<turnstile>Norm s \<midarrow>In1r (Jmp j)                   \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   209
        "G\<turnstile>Norm s \<midarrow>In1r (l\<bullet> c)                    \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   210
	"G\<turnstile>Norm s \<midarrow>In3  ([])                      \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   211
	"G\<turnstile>Norm s \<midarrow>In3  (e#es)                    \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   212
	"G\<turnstile>Norm s \<midarrow>In1l (Lit w)                   \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   213
        "G\<turnstile>Norm s \<midarrow>In1l (UnOp unop e)             \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   214
        "G\<turnstile>Norm s \<midarrow>In1l (BinOp binop e1 e2)       \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   215
	"G\<turnstile>Norm s \<midarrow>In2  (LVar vn)                 \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   216
	"G\<turnstile>Norm s \<midarrow>In1l (Cast T e)                \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   217
	"G\<turnstile>Norm s \<midarrow>In1l (e InstOf T)              \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   218
	"G\<turnstile>Norm s \<midarrow>In1l (Super)                   \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   219
	"G\<turnstile>Norm s \<midarrow>In1l (Acc va)                  \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   220
	"G\<turnstile>Norm s \<midarrow>In1r (Expr e)                  \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   221
	"G\<turnstile>Norm s \<midarrow>In1r (c1;; c2)                 \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   222
	"G\<turnstile>Norm s \<midarrow>In1l (Methd C sig)             \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   223
	"G\<turnstile>Norm s \<midarrow>In1l (Body D c)                \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   224
	"G\<turnstile>Norm s \<midarrow>In1l (e0 ? e1 : e2)            \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   225
	"G\<turnstile>Norm s \<midarrow>In1r (If(e) c1 Else c2)        \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   226
	"G\<turnstile>Norm s \<midarrow>In1r (l\<bullet> While(e) c)           \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   227
	"G\<turnstile>Norm s \<midarrow>In1r (c1 Finally c2)           \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   228
	"G\<turnstile>Norm s \<midarrow>In1r (Throw e)                 \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   229
	"G\<turnstile>Norm s \<midarrow>In1l (NewC C)                  \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   230
	"G\<turnstile>Norm s \<midarrow>In1l (New T[e])                \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   231
	"G\<turnstile>Norm s \<midarrow>In1l (Ass va e)                \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   232
	"G\<turnstile>Norm s \<midarrow>In1r (Try c1 Catch(tn vn) c2)  \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   233
	"G\<turnstile>Norm s \<midarrow>In2  ({accC,statDeclC,stat}e..fn) \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   234
	"G\<turnstile>Norm s \<midarrow>In2  (e1.[e2])                 \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   235
	"G\<turnstile>Norm s \<midarrow>In1l ({accC,statT,mode}e\<cdot>mn({pT}p)) \<succ>\<midarrow>n\<rightarrow> (v, s')"
berghofe@21765
   236
	"G\<turnstile>Norm s \<midarrow>In1r (Init C)                  \<succ>\<midarrow>n\<rightarrow> (x, s')"
berghofe@21765
   237
        "G\<turnstile>Norm s \<midarrow>In1r (Init C)                  \<succ>\<midarrow>n\<rightarrow> (x, s')"
schirmer@13688
   238
schirmer@12854
   239
declare split_if     [split] split_if_asm     [split] 
schirmer@12854
   240
        option.split [split] option.split_asm [split]
schirmer@13688
   241
        not_None_eq [simp] 
schirmer@13688
   242
        split_paired_All [simp] split_paired_Ex [simp]
wenzelm@24019
   243
declaration {* K (Simplifier.map_ss (fn ss => ss addloop ("split_all_tac", split_all_tac))) *}
wenzelm@24019
   244
schirmer@12854
   245
lemma evaln_Inj_elim: "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (w,s') \<Longrightarrow> case t of In1 ec \<Rightarrow>  
schirmer@12854
   246
  (case ec of Inl e \<Rightarrow> (\<exists>v. w = In1 v) | Inr c \<Rightarrow> w = \<diamondsuit>)  
schirmer@12854
   247
  | In2 e \<Rightarrow> (\<exists>v. w = In2 v) | In3 e \<Rightarrow> (\<exists>v. w = In3 v)"
schirmer@12854
   248
apply (erule evaln_cases , auto)
schirmer@12854
   249
apply (induct_tac "t")
schirmer@12854
   250
apply   (induct_tac "a")
schirmer@12854
   251
apply auto
schirmer@12854
   252
done
schirmer@12854
   253
schirmer@13688
   254
text {* The following simplification procedures set up the proper injections of
schirmer@13688
   255
 terms and their corresponding values in the evaluation relation:
schirmer@13688
   256
 E.g. an expression 
schirmer@13688
   257
 (injection @{term In1l} into terms) always evaluates to ordinary values 
schirmer@13688
   258
 (injection @{term In1} into generalised values @{term vals}). 
schirmer@13688
   259
*}
schirmer@13688
   260
berghofe@21765
   261
lemma evaln_expr_eq: "G\<turnstile>s \<midarrow>In1l t\<succ>\<midarrow>n\<rightarrow> (w, s') = (\<exists>v. w=In1 v \<and> G\<turnstile>s \<midarrow>t-\<succ>v \<midarrow>n\<rightarrow> s')"
berghofe@21765
   262
  by (auto, frule evaln_Inj_elim, auto)
berghofe@21765
   263
berghofe@21765
   264
lemma evaln_var_eq: "G\<turnstile>s \<midarrow>In2 t\<succ>\<midarrow>n\<rightarrow> (w, s') = (\<exists>vf. w=In2 vf \<and> G\<turnstile>s \<midarrow>t=\<succ>vf\<midarrow>n\<rightarrow> s')"
berghofe@21765
   265
  by (auto, frule evaln_Inj_elim, auto)
berghofe@21765
   266
berghofe@21765
   267
lemma evaln_exprs_eq: "G\<turnstile>s \<midarrow>In3 t\<succ>\<midarrow>n\<rightarrow> (w, s') = (\<exists>vs. w=In3 vs \<and> G\<turnstile>s \<midarrow>t\<doteq>\<succ>vs\<midarrow>n\<rightarrow> s')"
berghofe@21765
   268
  by (auto, frule evaln_Inj_elim, auto)
berghofe@21765
   269
berghofe@21765
   270
lemma evaln_stmt_eq: "G\<turnstile>s \<midarrow>In1r t\<succ>\<midarrow>n\<rightarrow> (w, s') = (w=\<diamondsuit> \<and> G\<turnstile>s \<midarrow>t \<midarrow>n\<rightarrow> s')"
berghofe@21765
   271
  by (auto, frule evaln_Inj_elim, auto, frule evaln_Inj_elim, auto)
berghofe@21765
   272
wenzelm@24019
   273
simproc_setup evaln_expr ("G\<turnstile>s \<midarrow>In1l t\<succ>\<midarrow>n\<rightarrow> (w, s')") = {*
wenzelm@24019
   274
  fn _ => fn _ => fn ct =>
wenzelm@24019
   275
    (case Thm.term_of ct of
wenzelm@24019
   276
      (_ $ _ $ _ $ _ $ _ $ (Const _ $ _) $ _) => NONE
wenzelm@24019
   277
    | _ => SOME (mk_meta_eq @{thm evaln_expr_eq})) *}
wenzelm@24019
   278
wenzelm@24019
   279
simproc_setup evaln_var ("G\<turnstile>s \<midarrow>In2 t\<succ>\<midarrow>n\<rightarrow> (w, s')") = {*
wenzelm@24019
   280
  fn _ => fn _ => fn ct =>
wenzelm@24019
   281
    (case Thm.term_of ct of
wenzelm@24019
   282
      (_ $ _ $ _ $ _ $ _ $ (Const _ $ _) $ _) => NONE
wenzelm@24019
   283
    | _ => SOME (mk_meta_eq @{thm evaln_var_eq})) *}
schirmer@12854
   284
wenzelm@24019
   285
simproc_setup evaln_exprs ("G\<turnstile>s \<midarrow>In3 t\<succ>\<midarrow>n\<rightarrow> (w, s')") = {*
wenzelm@24019
   286
  fn _ => fn _ => fn ct =>
wenzelm@24019
   287
    (case Thm.term_of ct of
wenzelm@24019
   288
      (_ $ _ $ _ $ _ $ _ $ (Const _ $ _) $ _) => NONE
wenzelm@24019
   289
    | _ => SOME (mk_meta_eq @{thm evaln_exprs_eq})) *}
schirmer@12854
   290
wenzelm@24019
   291
simproc_setup evaln_stmt ("G\<turnstile>s \<midarrow>In1r t\<succ>\<midarrow>n\<rightarrow> (w, s')") = {*
wenzelm@24019
   292
  fn _ => fn _ => fn ct =>
wenzelm@24019
   293
    (case Thm.term_of ct of
wenzelm@24019
   294
      (_ $ _ $ _ $ _ $ _ $ (Const _ $ _) $ _) => NONE
wenzelm@24019
   295
    | _ => SOME (mk_meta_eq @{thm evaln_stmt_eq})) *}
wenzelm@24019
   296
wenzelm@27226
   297
ML {* bind_thms ("evaln_AbruptIs", sum3_instantiate @{context} @{thm evaln.Abrupt}) *}
schirmer@12854
   298
declare evaln_AbruptIs [intro!]
schirmer@12854
   299
schirmer@13337
   300
lemma evaln_Callee: "G\<turnstile>Norm s\<midarrow>In1l (Callee l e)\<succ>\<midarrow>n\<rightarrow> (v,s') = False"
schirmer@13337
   301
proof -
schirmer@13337
   302
  { fix s t v s'
schirmer@13337
   303
    assume eval: "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v,s')" and
schirmer@13337
   304
         normal: "normal s" and
schirmer@13337
   305
         callee: "t=In1l (Callee l e)"
berghofe@21765
   306
    then have "False" by induct auto
schirmer@13337
   307
  }
schirmer@13337
   308
  then show ?thesis
schirmer@13337
   309
    by (cases s') fastsimp 
schirmer@13337
   310
qed
schirmer@13337
   311
schirmer@13337
   312
lemma evaln_InsInitE: "G\<turnstile>Norm s\<midarrow>In1l (InsInitE c e)\<succ>\<midarrow>n\<rightarrow> (v,s') = False"
schirmer@13337
   313
proof -
schirmer@13337
   314
  { fix s t v s'
schirmer@13337
   315
    assume eval: "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v,s')" and
schirmer@13337
   316
         normal: "normal s" and
schirmer@13337
   317
         callee: "t=In1l (InsInitE c e)"
berghofe@21765
   318
    then have "False" by induct auto
schirmer@13337
   319
  }
schirmer@13337
   320
  then show ?thesis
schirmer@13337
   321
    by (cases s') fastsimp
schirmer@13337
   322
qed
schirmer@13337
   323
schirmer@13337
   324
lemma evaln_InsInitV: "G\<turnstile>Norm s\<midarrow>In2 (InsInitV c w)\<succ>\<midarrow>n\<rightarrow> (v,s') = False"
schirmer@13337
   325
proof -
schirmer@13337
   326
  { fix s t v s'
schirmer@13337
   327
    assume eval: "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v,s')" and
schirmer@13337
   328
         normal: "normal s" and
schirmer@13337
   329
         callee: "t=In2 (InsInitV c w)"
berghofe@21765
   330
    then have "False" by induct auto
schirmer@13337
   331
  }  
schirmer@13337
   332
  then show ?thesis
schirmer@13337
   333
    by (cases s') fastsimp
schirmer@13337
   334
qed
schirmer@13337
   335
schirmer@13337
   336
lemma evaln_FinA: "G\<turnstile>Norm s\<midarrow>In1r (FinA a c)\<succ>\<midarrow>n\<rightarrow> (v,s') = False"
schirmer@13337
   337
proof -
schirmer@13337
   338
  { fix s t v s'
schirmer@13337
   339
    assume eval: "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v,s')" and
schirmer@13337
   340
         normal: "normal s" and
schirmer@13337
   341
         callee: "t=In1r (FinA a c)"
berghofe@21765
   342
    then have "False" by induct auto
schirmer@13337
   343
  } 
schirmer@13337
   344
  then show ?thesis
schirmer@13337
   345
    by (cases s') fastsimp
schirmer@13337
   346
qed
schirmer@13337
   347
schirmer@12854
   348
lemma evaln_abrupt_lemma: "G\<turnstile>s \<midarrow>e\<succ>\<midarrow>n\<rightarrow> (v,s') \<Longrightarrow> 
haftmann@28524
   349
 fst s = Some xc \<longrightarrow> s' = s \<and> v = undefined3 e"
schirmer@12854
   350
apply (erule evaln_cases , auto)
schirmer@12854
   351
done
schirmer@12854
   352
schirmer@12854
   353
lemma evaln_abrupt: 
schirmer@12854
   354
 "\<And>s'. G\<turnstile>(Some xc,s) \<midarrow>e\<succ>\<midarrow>n\<rightarrow> (w,s') = (s' = (Some xc,s) \<and>  
haftmann@28524
   355
  w=undefined3 e \<and> G\<turnstile>(Some xc,s) \<midarrow>e\<succ>\<midarrow>n\<rightarrow> (undefined3 e,(Some xc,s)))"
schirmer@12854
   356
apply auto
schirmer@12854
   357
apply (frule evaln_abrupt_lemma, auto)+
schirmer@12854
   358
done
schirmer@12854
   359
wenzelm@24019
   360
simproc_setup evaln_abrupt ("G\<turnstile>(Some xc,s) \<midarrow>e\<succ>\<midarrow>n\<rightarrow> (w,s')") = {*
wenzelm@24019
   361
  fn _ => fn _ => fn ct =>
wenzelm@24019
   362
    (case Thm.term_of ct of
haftmann@24165
   363
      (_ $ _ $ _ $ _ $ _ $ _ $ (Const (@{const_name Pair}, _) $ (Const (@{const_name Some},_) $ _)$ _))
wenzelm@24019
   364
        => NONE
wenzelm@24019
   365
    | _ => SOME (mk_meta_eq @{thm evaln_abrupt}))
schirmer@12854
   366
*}
schirmer@12854
   367
haftmann@28524
   368
lemma evaln_LitI: "G\<turnstile>s \<midarrow>Lit v-\<succ>(if normal s then v else undefined)\<midarrow>n\<rightarrow> s"
schirmer@12854
   369
apply (case_tac "s", case_tac "a = None")
schirmer@12854
   370
by (auto intro!: evaln.Lit)
schirmer@12854
   371
schirmer@12854
   372
lemma CondI: 
schirmer@12854
   373
 "\<And>s1. \<lbrakk>G\<turnstile>s \<midarrow>e-\<succ>b\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>(if the_Bool b then e1 else e2)-\<succ>v\<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow> 
haftmann@28524
   374
  G\<turnstile>s \<midarrow>e ? e1 : e2-\<succ>(if normal s1 then v else undefined)\<midarrow>n\<rightarrow> s2"
schirmer@12854
   375
apply (case_tac "s", case_tac "a = None")
schirmer@12854
   376
by (auto intro!: evaln.Cond)
schirmer@12854
   377
schirmer@12854
   378
lemma evaln_SkipI [intro!]: "G\<turnstile>s \<midarrow>Skip\<midarrow>n\<rightarrow> s"
schirmer@12854
   379
apply (case_tac "s", case_tac "a = None")
schirmer@12854
   380
by (auto intro!: evaln.Skip)
schirmer@12854
   381
schirmer@12854
   382
lemma evaln_ExprI: "G\<turnstile>s \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s' \<Longrightarrow> G\<turnstile>s \<midarrow>Expr e\<midarrow>n\<rightarrow> s'"
schirmer@12854
   383
apply (case_tac "s", case_tac "a = None")
schirmer@12854
   384
by (auto intro!: evaln.Expr)
schirmer@12854
   385
schirmer@12854
   386
lemma evaln_CompI: "\<lbrakk>G\<turnstile>s \<midarrow>c1\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>c2\<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow> G\<turnstile>s \<midarrow>c1;; c2\<midarrow>n\<rightarrow> s2"
schirmer@12854
   387
apply (case_tac "s", case_tac "a = None")
schirmer@12854
   388
by (auto intro!: evaln.Comp)
schirmer@12854
   389
schirmer@12854
   390
lemma evaln_IfI: 
schirmer@12854
   391
 "\<lbrakk>G\<turnstile>s \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1; G\<turnstile>s1 \<midarrow>(if the_Bool v then c1 else c2)\<midarrow>n\<rightarrow> s2\<rbrakk> \<Longrightarrow> 
schirmer@12854
   392
  G\<turnstile>s \<midarrow>If(e) c1 Else c2\<midarrow>n\<rightarrow> s2"
schirmer@12854
   393
apply (case_tac "s", case_tac "a = None")
schirmer@12854
   394
by (auto intro!: evaln.If)
schirmer@12854
   395
schirmer@12854
   396
lemma evaln_SkipD [dest!]: "G\<turnstile>s \<midarrow>Skip\<midarrow>n\<rightarrow> s' \<Longrightarrow> s' = s" 
schirmer@12854
   397
by (erule evaln_cases, auto)
schirmer@12854
   398
schirmer@12854
   399
lemma evaln_Skip_eq [simp]: "G\<turnstile>s \<midarrow>Skip\<midarrow>n\<rightarrow> s' = (s = s')"
schirmer@12854
   400
apply auto
schirmer@12854
   401
done
schirmer@12854
   402
schirmer@13688
   403
schirmer@13688
   404
schirmer@13384
   405
schirmer@13384
   406
section {* evaln implies eval *}
schirmer@13688
   407
schirmer@12925
   408
lemma evaln_eval:  
schirmer@13688
   409
  assumes evaln: "G\<turnstile>s0 \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v,s1)" 
wenzelm@12937
   410
  shows "G\<turnstile>s0 \<midarrow>t\<succ>\<rightarrow> (v,s1)"
schirmer@13688
   411
using evaln 
schirmer@13688
   412
proof (induct)
wenzelm@24727
   413
  case (Loop s0 e b n s1 c s2 l s3)
wenzelm@23350
   414
  note `G\<turnstile>Norm s0 \<midarrow>e-\<succ>b\<rightarrow> s1`
schirmer@13688
   415
  moreover
schirmer@13688
   416
  have "if the_Bool b
schirmer@13688
   417
        then (G\<turnstile>s1 \<midarrow>c\<rightarrow> s2) \<and> 
schirmer@13688
   418
             G\<turnstile>abupd (absorb (Cont l)) s2 \<midarrow>l\<bullet> While(e) c\<rightarrow> s3
schirmer@13688
   419
        else s3 = s1"
schirmer@13688
   420
    using Loop.hyps by simp
schirmer@13688
   421
  ultimately show ?case by (rule eval.Loop)
schirmer@13688
   422
next
berghofe@21765
   423
  case (Try s0 c1 n s1 s2 C vn c2 s3)
wenzelm@23350
   424
  note `G\<turnstile>Norm s0 \<midarrow>c1\<rightarrow> s1`
schirmer@13688
   425
  moreover
wenzelm@23350
   426
  note `G\<turnstile>s1 \<midarrow>sxalloc\<rightarrow> s2`
schirmer@13688
   427
  moreover
schirmer@13688
   428
  have "if G,s2\<turnstile>catch C then G\<turnstile>new_xcpt_var vn s2 \<midarrow>c2\<rightarrow> s3 else s3 = s2"
schirmer@13688
   429
    using Try.hyps by simp
schirmer@13688
   430
  ultimately show ?case by (rule eval.Try)
schirmer@13688
   431
next
berghofe@21765
   432
  case (Init C c s0 s3 n s1 s2)
wenzelm@23350
   433
  note `the (class G C) = c`
schirmer@13688
   434
  moreover
schirmer@13688
   435
  have "if inited C (globs s0) 
schirmer@13688
   436
           then s3 = Norm s0
schirmer@13688
   437
           else G\<turnstile>Norm ((init_class_obj G C) s0) 
schirmer@13688
   438
                  \<midarrow>(if C = Object then Skip else Init (super c))\<rightarrow> s1 \<and>
schirmer@13688
   439
                G\<turnstile>(set_lvars empty) s1 \<midarrow>init c\<rightarrow> s2 \<and>
schirmer@13688
   440
                s3 = (set_lvars (locals (store s1))) s2"
schirmer@13688
   441
    using Init.hyps by simp
schirmer@13688
   442
  ultimately show ?case by (rule eval.Init)
schirmer@13688
   443
qed (rule eval.intros,(assumption+ | assumption?))+
schirmer@12925
   444
schirmer@12925
   445
lemma Suc_le_D_lemma: "\<lbrakk>Suc n <= m'; (\<And>m. n <= m \<Longrightarrow> P (Suc m)) \<rbrakk> \<Longrightarrow> P m'"
schirmer@12925
   446
apply (frule Suc_le_D)
schirmer@12925
   447
apply fast
schirmer@12925
   448
done
schirmer@12925
   449
schirmer@12925
   450
lemma evaln_nonstrict [rule_format (no_asm), elim]: 
berghofe@21765
   451
  "G\<turnstile>s \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (w, s') \<Longrightarrow> \<forall>m. n\<le>m \<longrightarrow> G\<turnstile>s \<midarrow>t\<succ>\<midarrow>m\<rightarrow> (w, s')"
schirmer@12925
   452
apply (erule evaln.induct)
schirmer@12925
   453
apply (tactic {* ALLGOALS (EVERY'[strip_tac, TRY o etac (thm "Suc_le_D_lemma"),
schirmer@12925
   454
  REPEAT o smp_tac 1, 
schirmer@12925
   455
  resolve_tac (thms "evaln.intros") THEN_ALL_NEW TRY o atac]) *})
schirmer@12925
   456
(* 3 subgoals *)
schirmer@12925
   457
apply (auto split del: split_if)
schirmer@12925
   458
done
schirmer@12925
   459
schirmer@12925
   460
lemmas evaln_nonstrict_Suc = evaln_nonstrict [OF _ le_refl [THEN le_SucI]]
schirmer@12925
   461
berghofe@21765
   462
lemma evaln_max2: "\<lbrakk>G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>n1\<rightarrow> (w1, s1'); G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>n2\<rightarrow> (w2, s2')\<rbrakk> \<Longrightarrow> 
berghofe@21765
   463
             G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>max n1 n2\<rightarrow> (w1, s1') \<and> G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>max n1 n2\<rightarrow> (w2, s2')"
schirmer@13688
   464
by (fast intro: le_maxI1 le_maxI2)
schirmer@13688
   465
schirmer@13688
   466
corollary evaln_max2E [consumes 2]:
berghofe@21765
   467
  "\<lbrakk>G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>n1\<rightarrow> (w1, s1'); G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>n2\<rightarrow> (w2, s2'); 
berghofe@21765
   468
    \<lbrakk>G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>max n1 n2\<rightarrow> (w1, s1');G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>max n1 n2\<rightarrow> (w2, s2') \<rbrakk> \<Longrightarrow> P \<rbrakk> \<Longrightarrow> P"
schirmer@13688
   469
by (drule (1) evaln_max2) simp
schirmer@13688
   470
schirmer@12925
   471
schirmer@12925
   472
lemma evaln_max3: 
berghofe@21765
   473
"\<lbrakk>G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>n1\<rightarrow> (w1, s1'); G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>n2\<rightarrow> (w2, s2'); G\<turnstile>s3 \<midarrow>t3\<succ>\<midarrow>n3\<rightarrow> (w3, s3')\<rbrakk> \<Longrightarrow>
berghofe@21765
   474
 G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>max (max n1 n2) n3\<rightarrow> (w1, s1') \<and>
berghofe@21765
   475
 G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>max (max n1 n2) n3\<rightarrow> (w2, s2') \<and> 
berghofe@21765
   476
 G\<turnstile>s3 \<midarrow>t3\<succ>\<midarrow>max (max n1 n2) n3\<rightarrow> (w3, s3')"
schirmer@12925
   477
apply (drule (1) evaln_max2, erule thin_rl)
schirmer@12925
   478
apply (fast intro!: le_maxI1 le_maxI2)
schirmer@12925
   479
done
schirmer@12925
   480
schirmer@13688
   481
corollary evaln_max3E: 
berghofe@21765
   482
"\<lbrakk>G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>n1\<rightarrow> (w1, s1'); G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>n2\<rightarrow> (w2, s2'); G\<turnstile>s3 \<midarrow>t3\<succ>\<midarrow>n3\<rightarrow> (w3, s3');
berghofe@21765
   483
   \<lbrakk>G\<turnstile>s1 \<midarrow>t1\<succ>\<midarrow>max (max n1 n2) n3\<rightarrow> (w1, s1');
berghofe@21765
   484
    G\<turnstile>s2 \<midarrow>t2\<succ>\<midarrow>max (max n1 n2) n3\<rightarrow> (w2, s2'); 
berghofe@21765
   485
    G\<turnstile>s3 \<midarrow>t3\<succ>\<midarrow>max (max n1 n2) n3\<rightarrow> (w3, s3')
schirmer@13688
   486
   \<rbrakk> \<Longrightarrow> P
schirmer@13688
   487
  \<rbrakk> \<Longrightarrow> P"
schirmer@13688
   488
by (drule (2) evaln_max3) simp
schirmer@13688
   489
schirmer@13688
   490
schirmer@12925
   491
lemma le_max3I1: "(n2::nat) \<le> max n1 (max n2 n3)"
schirmer@12925
   492
proof -
schirmer@12925
   493
  have "n2 \<le> max n2 n3"
schirmer@12925
   494
    by (rule le_maxI1)
schirmer@12925
   495
  also
schirmer@12925
   496
  have "max n2 n3 \<le> max n1 (max n2 n3)"
schirmer@12925
   497
    by (rule le_maxI2)
schirmer@12925
   498
  finally
schirmer@12925
   499
  show ?thesis .
schirmer@12925
   500
qed
schirmer@12925
   501
schirmer@12925
   502
lemma le_max3I2: "(n3::nat) \<le> max n1 (max n2 n3)"
schirmer@12925
   503
proof -
schirmer@12925
   504
  have "n3 \<le> max n2 n3"
schirmer@12925
   505
    by (rule le_maxI2)
schirmer@12925
   506
  also
schirmer@12925
   507
  have "max n2 n3 \<le> max n1 (max n2 n3)"
schirmer@12925
   508
    by (rule le_maxI2)
schirmer@12925
   509
  finally
schirmer@12925
   510
  show ?thesis .
schirmer@12925
   511
qed
schirmer@12925
   512
wenzelm@24019
   513
declare [[simproc del: wt_expr wt_var wt_exprs wt_stmt]]
schirmer@13688
   514
schirmer@13384
   515
section {* eval implies evaln *}
schirmer@12925
   516
lemma eval_evaln: 
schirmer@13688
   517
  assumes eval: "G\<turnstile>s0 \<midarrow>t\<succ>\<rightarrow> (v,s1)"
wenzelm@12937
   518
  shows  "\<exists>n. G\<turnstile>s0 \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (v,s1)"
schirmer@13688
   519
using eval 
schirmer@13688
   520
proof (induct)
berghofe@21765
   521
  case (Abrupt xc s t)
schirmer@13688
   522
  obtain n where
haftmann@28524
   523
    "G\<turnstile>(Some xc, s) \<midarrow>t\<succ>\<midarrow>n\<rightarrow> (undefined3 t, (Some xc, s))"
nipkow@17589
   524
    by (iprover intro: evaln.Abrupt)
schirmer@13688
   525
  then show ?case ..
schirmer@13688
   526
next
schirmer@13688
   527
  case Skip
schirmer@13688
   528
  show ?case by (blast intro: evaln.Skip)
schirmer@13688
   529
next
berghofe@21765
   530
  case (Expr s0 e v s1)
schirmer@13688
   531
  then obtain n where
schirmer@13688
   532
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1"
nipkow@17589
   533
    by (iprover)
schirmer@13688
   534
  then have "G\<turnstile>Norm s0 \<midarrow>Expr e\<midarrow>n\<rightarrow> s1"
schirmer@13688
   535
    by (rule evaln.Expr) 
schirmer@13688
   536
  then show ?case ..
schirmer@13688
   537
next
berghofe@21765
   538
  case (Lab s0 c s1 l)
schirmer@13688
   539
  then obtain n where
schirmer@13688
   540
    "G\<turnstile>Norm s0 \<midarrow>c\<midarrow>n\<rightarrow> s1"
nipkow@17589
   541
    by (iprover)
schirmer@13688
   542
  then have "G\<turnstile>Norm s0 \<midarrow>l\<bullet> c\<midarrow>n\<rightarrow> abupd (absorb l) s1"
schirmer@13688
   543
    by (rule evaln.Lab)
schirmer@13688
   544
  then show ?case ..
schirmer@13688
   545
next
berghofe@21765
   546
  case (Comp s0 c1 s1 c2 s2)
schirmer@13688
   547
  then obtain n1 n2 where
schirmer@13688
   548
    "G\<turnstile>Norm s0 \<midarrow>c1\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   549
    "G\<turnstile>s1 \<midarrow>c2\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   550
    by (iprover)
schirmer@13688
   551
  then have "G\<turnstile>Norm s0 \<midarrow>c1;; c2\<midarrow>max n1 n2\<rightarrow> s2"
schirmer@13688
   552
    by (blast intro: evaln.Comp dest: evaln_max2 )
schirmer@13688
   553
  then show ?case ..
schirmer@13688
   554
next
berghofe@21765
   555
  case (If s0 e b s1 c1 c2 s2)
schirmer@13688
   556
  then obtain n1 n2 where
schirmer@13688
   557
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>b\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   558
    "G\<turnstile>s1 \<midarrow>(if the_Bool b then c1 else c2)\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   559
    by (iprover)
schirmer@13688
   560
  then have "G\<turnstile>Norm s0 \<midarrow>If(e) c1 Else c2\<midarrow>max n1 n2\<rightarrow> s2"
schirmer@13688
   561
    by (blast intro: evaln.If dest: evaln_max2)
schirmer@13688
   562
  then show ?case ..
schirmer@13688
   563
next
berghofe@21765
   564
  case (Loop s0 e b s1 c s2 l s3)
schirmer@13688
   565
  from Loop.hyps obtain n1 where
schirmer@13688
   566
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>b\<midarrow>n1\<rightarrow> s1"
nipkow@17589
   567
    by (iprover)
schirmer@13688
   568
  moreover from Loop.hyps obtain n2 where
schirmer@13688
   569
    "if the_Bool b 
schirmer@13688
   570
        then (G\<turnstile>s1 \<midarrow>c\<midarrow>n2\<rightarrow> s2 \<and> 
schirmer@13688
   571
              G\<turnstile>(abupd (absorb (Cont l)) s2)\<midarrow>l\<bullet> While(e) c\<midarrow>n2\<rightarrow> s3)
schirmer@13688
   572
	else s3 = s1"
nipkow@17589
   573
    by simp (iprover intro: evaln_nonstrict le_maxI1 le_maxI2)
schirmer@13688
   574
  ultimately
schirmer@13688
   575
  have "G\<turnstile>Norm s0 \<midarrow>l\<bullet> While(e) c\<midarrow>max n1 n2\<rightarrow> s3"
schirmer@13688
   576
    apply -
schirmer@13688
   577
    apply (rule evaln.Loop)
nipkow@17589
   578
    apply   (iprover intro: evaln_nonstrict intro: le_maxI1)
schirmer@12925
   579
schirmer@13688
   580
    apply   (auto intro: evaln_nonstrict intro: le_maxI2)
schirmer@13688
   581
    done
schirmer@13688
   582
  then show ?case ..
schirmer@13688
   583
next
berghofe@21765
   584
  case (Jmp s j)
wenzelm@26932
   585
  fix n have "G\<turnstile>Norm s \<midarrow>Jmp j\<midarrow>n\<rightarrow> (Some (Jump j), s)"
schirmer@13688
   586
    by (rule evaln.Jmp)
schirmer@13688
   587
  then show ?case ..
schirmer@13688
   588
next
berghofe@21765
   589
  case (Throw s0 e a s1)
schirmer@13688
   590
  then obtain n where
schirmer@13688
   591
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>a\<midarrow>n\<rightarrow> s1"
nipkow@17589
   592
    by (iprover)
schirmer@13688
   593
  then have "G\<turnstile>Norm s0 \<midarrow>Throw e\<midarrow>n\<rightarrow> abupd (throw a) s1"
schirmer@13688
   594
    by (rule evaln.Throw)
schirmer@13688
   595
  then show ?case ..
schirmer@13688
   596
next 
berghofe@21765
   597
  case (Try s0 c1 s1 s2 catchC vn c2 s3)
schirmer@13688
   598
  from Try.hyps obtain n1 where
schirmer@13688
   599
    "G\<turnstile>Norm s0 \<midarrow>c1\<midarrow>n1\<rightarrow> s1"
nipkow@17589
   600
    by (iprover)
schirmer@13688
   601
  moreover 
wenzelm@23350
   602
  note sxalloc = `G\<turnstile>s1 \<midarrow>sxalloc\<rightarrow> s2`
schirmer@13688
   603
  moreover
schirmer@13688
   604
  from Try.hyps obtain n2 where
schirmer@13688
   605
    "if G,s2\<turnstile>catch catchC then G\<turnstile>new_xcpt_var vn s2 \<midarrow>c2\<midarrow>n2\<rightarrow> s3 else s3 = s2"
schirmer@13688
   606
    by fastsimp 
schirmer@13688
   607
  ultimately
schirmer@13688
   608
  have "G\<turnstile>Norm s0 \<midarrow>Try c1 Catch(catchC vn) c2\<midarrow>max n1 n2\<rightarrow> s3"
schirmer@13688
   609
    by (auto intro!: evaln.Try le_maxI1 le_maxI2)
schirmer@13688
   610
  then show ?case ..
schirmer@13688
   611
next
berghofe@21765
   612
  case (Fin s0 c1 x1 s1 c2 s2 s3)
schirmer@13688
   613
  from Fin obtain n1 n2 where 
schirmer@13688
   614
    "G\<turnstile>Norm s0 \<midarrow>c1\<midarrow>n1\<rightarrow> (x1, s1)"
schirmer@13688
   615
    "G\<turnstile>Norm s1 \<midarrow>c2\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   616
    by iprover
schirmer@13688
   617
  moreover
wenzelm@23350
   618
  note s3 = `s3 = (if \<exists>err. x1 = Some (Error err) 
wenzelm@23350
   619
                   then (x1, s1)
wenzelm@23350
   620
                   else abupd (abrupt_if (x1 \<noteq> None) x1) s2)`
schirmer@13688
   621
  ultimately 
schirmer@13688
   622
  have 
schirmer@13688
   623
    "G\<turnstile>Norm s0 \<midarrow>c1 Finally c2\<midarrow>max n1 n2\<rightarrow> s3"
schirmer@13688
   624
    by (blast intro: evaln.Fin dest: evaln_max2)
schirmer@13688
   625
  then show ?case ..
schirmer@13688
   626
next
berghofe@21765
   627
  case (Init C c s0 s3 s1 s2)
wenzelm@23350
   628
  note cls = `the (class G C) = c`
schirmer@13688
   629
  moreover from Init.hyps obtain n where
schirmer@12925
   630
      "if inited C (globs s0) then s3 = Norm s0
schirmer@12925
   631
       else (G\<turnstile>Norm (init_class_obj G C s0)
schirmer@12925
   632
	      \<midarrow>(if C = Object then Skip else Init (super c))\<midarrow>n\<rightarrow> s1 \<and>
schirmer@12925
   633
	           G\<turnstile>set_lvars empty s1 \<midarrow>init c\<midarrow>n\<rightarrow> s2 \<and> 
schirmer@12925
   634
                   s3 = restore_lvars s1 s2)"
schirmer@13688
   635
    by (auto intro: evaln_nonstrict le_maxI1 le_maxI2)
schirmer@13688
   636
  ultimately have "G\<turnstile>Norm s0 \<midarrow>Init C\<midarrow>n\<rightarrow> s3"
schirmer@13688
   637
    by (rule evaln.Init)
schirmer@13688
   638
  then show ?case ..
schirmer@13688
   639
next
berghofe@21765
   640
  case (NewC s0 C s1 a s2)
schirmer@13688
   641
  then obtain n where 
schirmer@13688
   642
    "G\<turnstile>Norm s0 \<midarrow>Init C\<midarrow>n\<rightarrow> s1"
nipkow@17589
   643
    by (iprover)
schirmer@13688
   644
  with NewC 
schirmer@13688
   645
  have "G\<turnstile>Norm s0 \<midarrow>NewC C-\<succ>Addr a\<midarrow>n\<rightarrow> s2"
nipkow@17589
   646
    by (iprover intro: evaln.NewC)
schirmer@13688
   647
  then show ?case ..
schirmer@13688
   648
next
berghofe@21765
   649
  case (NewA s0 T s1 e i s2 a s3)
schirmer@13688
   650
  then obtain n1 n2 where 
schirmer@13688
   651
    "G\<turnstile>Norm s0 \<midarrow>init_comp_ty T\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   652
    "G\<turnstile>s1 \<midarrow>e-\<succ>i\<midarrow>n2\<rightarrow> s2"      
nipkow@17589
   653
    by (iprover)
schirmer@13688
   654
  moreover
wenzelm@23350
   655
  note `G\<turnstile>abupd (check_neg i) s2 \<midarrow>halloc Arr T (the_Intg i)\<succ>a\<rightarrow> s3`
schirmer@13688
   656
  ultimately
schirmer@13688
   657
  have "G\<turnstile>Norm s0 \<midarrow>New T[e]-\<succ>Addr a\<midarrow>max n1 n2\<rightarrow> s3"
schirmer@13688
   658
    by (blast intro: evaln.NewA dest: evaln_max2)
schirmer@13688
   659
  then show ?case ..
schirmer@13688
   660
next
berghofe@21765
   661
  case (Cast s0 e v s1 s2 castT)
schirmer@13688
   662
  then obtain n where
schirmer@13688
   663
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1"
nipkow@17589
   664
    by (iprover)
schirmer@13688
   665
  moreover 
wenzelm@23350
   666
  note `s2 = abupd (raise_if (\<not> G,snd s1\<turnstile>v fits castT) ClassCast) s1`
schirmer@13688
   667
  ultimately
schirmer@13688
   668
  have "G\<turnstile>Norm s0 \<midarrow>Cast castT e-\<succ>v\<midarrow>n\<rightarrow> s2"
schirmer@13688
   669
    by (rule evaln.Cast)
schirmer@13688
   670
  then show ?case ..
schirmer@13688
   671
next
berghofe@21765
   672
  case (Inst s0 e v s1 b T)
schirmer@13688
   673
  then obtain n where
schirmer@13688
   674
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1"
nipkow@17589
   675
    by (iprover)
schirmer@13688
   676
  moreover 
wenzelm@23350
   677
  note `b = (v \<noteq> Null \<and> G,snd s1\<turnstile>v fits RefT T)`
schirmer@13688
   678
  ultimately
schirmer@13688
   679
  have "G\<turnstile>Norm s0 \<midarrow>e InstOf T-\<succ>Bool b\<midarrow>n\<rightarrow> s1"
schirmer@13688
   680
    by (rule evaln.Inst)
schirmer@13688
   681
  then show ?case ..
schirmer@13688
   682
next
schirmer@13688
   683
  case (Lit s v)
wenzelm@26932
   684
  fix n have "G\<turnstile>Norm s \<midarrow>Lit v-\<succ>v\<midarrow>n\<rightarrow> Norm s"
schirmer@13688
   685
    by (rule evaln.Lit)
schirmer@13688
   686
  then show ?case ..
schirmer@13688
   687
next
berghofe@21765
   688
  case (UnOp s0 e v s1 unop)
schirmer@13688
   689
  then obtain n where
schirmer@13688
   690
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n\<rightarrow> s1"
nipkow@17589
   691
    by (iprover)
schirmer@13688
   692
  hence "G\<turnstile>Norm s0 \<midarrow>UnOp unop e-\<succ>eval_unop unop v\<midarrow>n\<rightarrow> s1"
schirmer@13688
   693
    by (rule evaln.UnOp)
schirmer@13688
   694
  then show ?case ..
schirmer@13688
   695
next
berghofe@21765
   696
  case (BinOp s0 e1 v1 s1 binop e2 v2 s2)
schirmer@13688
   697
  then obtain n1 n2 where 
schirmer@13688
   698
    "G\<turnstile>Norm s0 \<midarrow>e1-\<succ>v1\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   699
    "G\<turnstile>s1 \<midarrow>(if need_second_arg binop v1 then In1l e2
schirmer@13384
   700
               else In1r Skip)\<succ>\<midarrow>n2\<rightarrow> (In1 v2, s2)"    
nipkow@17589
   701
    by (iprover)
schirmer@13688
   702
  hence "G\<turnstile>Norm s0 \<midarrow>BinOp binop e1 e2-\<succ>(eval_binop binop v1 v2)\<midarrow>max n1 n2
schirmer@13688
   703
          \<rightarrow> s2"
schirmer@13688
   704
    by (blast intro!: evaln.BinOp dest: evaln_max2)
schirmer@13688
   705
  then show ?case ..
schirmer@13688
   706
next
schirmer@13688
   707
  case (Super s )
wenzelm@26932
   708
  fix n have "G\<turnstile>Norm s \<midarrow>Super-\<succ>val_this s\<midarrow>n\<rightarrow> Norm s"
schirmer@13688
   709
    by (rule evaln.Super)
schirmer@13688
   710
  then show ?case ..
schirmer@13688
   711
next
berghofe@21765
   712
  case (Acc s0 va v f s1)
schirmer@13688
   713
  then obtain n where
schirmer@13688
   714
    "G\<turnstile>Norm s0 \<midarrow>va=\<succ>(v, f)\<midarrow>n\<rightarrow> s1"
nipkow@17589
   715
    by (iprover)
schirmer@13688
   716
  then
schirmer@13688
   717
  have "G\<turnstile>Norm s0 \<midarrow>Acc va-\<succ>v\<midarrow>n\<rightarrow> s1"
schirmer@13688
   718
    by (rule evaln.Acc)
schirmer@13688
   719
  then show ?case ..
schirmer@13688
   720
next
berghofe@21765
   721
  case (Ass s0 var w f s1 e v s2)
schirmer@13688
   722
  then obtain n1 n2 where 
schirmer@13688
   723
    "G\<turnstile>Norm s0 \<midarrow>var=\<succ>(w, f)\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   724
    "G\<turnstile>s1 \<midarrow>e-\<succ>v\<midarrow>n2\<rightarrow> s2"      
nipkow@17589
   725
    by (iprover)
schirmer@13688
   726
  then
schirmer@13688
   727
  have "G\<turnstile>Norm s0 \<midarrow>var:=e-\<succ>v\<midarrow>max n1 n2\<rightarrow> assign f v s2"
schirmer@13688
   728
    by (blast intro: evaln.Ass dest: evaln_max2)
schirmer@13688
   729
  then show ?case ..
schirmer@13688
   730
next
berghofe@21765
   731
  case (Cond s0 e0 b s1 e1 e2 v s2)
schirmer@13688
   732
  then obtain n1 n2 where 
schirmer@13688
   733
    "G\<turnstile>Norm s0 \<midarrow>e0-\<succ>b\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   734
    "G\<turnstile>s1 \<midarrow>(if the_Bool b then e1 else e2)-\<succ>v\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   735
    by (iprover)
schirmer@13688
   736
  then
schirmer@13688
   737
  have "G\<turnstile>Norm s0 \<midarrow>e0 ? e1 : e2-\<succ>v\<midarrow>max n1 n2\<rightarrow> s2"
schirmer@13688
   738
    by (blast intro: evaln.Cond dest: evaln_max2)
schirmer@13688
   739
  then show ?case ..
schirmer@13688
   740
next
berghofe@21765
   741
  case (Call s0 e a' s1 args vs s2 invDeclC mode statT mn pTs' s3 s3' accC' v s4)
schirmer@13688
   742
  then obtain n1 n2 where
schirmer@13688
   743
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>a'\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   744
    "G\<turnstile>s1 \<midarrow>args\<doteq>\<succ>vs\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   745
    by iprover
schirmer@13688
   746
  moreover
wenzelm@23350
   747
  note `invDeclC = invocation_declclass G mode (store s2) a' statT 
wenzelm@23350
   748
                       \<lparr>name=mn,parTs=pTs'\<rparr>`
schirmer@13688
   749
  moreover
wenzelm@23350
   750
  note `s3 = init_lvars G invDeclC \<lparr>name=mn,parTs=pTs'\<rparr> mode a' vs s2`
schirmer@13688
   751
  moreover
wenzelm@23350
   752
  note `s3'=check_method_access G accC' statT mode \<lparr>name=mn,parTs=pTs'\<rparr> a' s3`
schirmer@13688
   753
  moreover 
schirmer@13688
   754
  from Call.hyps
schirmer@13688
   755
  obtain m where 
schirmer@13688
   756
    "G\<turnstile>s3' \<midarrow>Methd invDeclC \<lparr>name=mn, parTs=pTs'\<rparr>-\<succ>v\<midarrow>m\<rightarrow> s4"
nipkow@17589
   757
    by iprover
schirmer@13688
   758
  ultimately
schirmer@13688
   759
  have "G\<turnstile>Norm s0 \<midarrow>{accC',statT,mode}e\<cdot>mn( {pTs'}args)-\<succ>v\<midarrow>max n1 (max n2 m)\<rightarrow> 
schirmer@12925
   760
            (set_lvars (locals (store s2))) s4"
schirmer@13688
   761
    by (auto intro!: evaln.Call le_maxI1 le_max3I1 le_max3I2)
schirmer@13688
   762
  thus ?case ..
schirmer@13688
   763
next
berghofe@21765
   764
  case (Methd s0 D sig v s1)
schirmer@13688
   765
  then obtain n where
schirmer@13688
   766
    "G\<turnstile>Norm s0 \<midarrow>body G D sig-\<succ>v\<midarrow>n\<rightarrow> s1"
nipkow@17589
   767
    by iprover
schirmer@13688
   768
  then have "G\<turnstile>Norm s0 \<midarrow>Methd D sig-\<succ>v\<midarrow>Suc n\<rightarrow> s1"
schirmer@13688
   769
    by (rule evaln.Methd)
schirmer@13688
   770
  then show ?case ..
schirmer@13688
   771
next
berghofe@21765
   772
  case (Body s0 D s1 c s2 s3)
schirmer@13688
   773
  from Body.hyps obtain n1 n2 where 
schirmer@13688
   774
    evaln_init: "G\<turnstile>Norm s0 \<midarrow>Init D\<midarrow>n1\<rightarrow> s1" and
schirmer@13688
   775
    evaln_c: "G\<turnstile>s1 \<midarrow>c\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   776
    by (iprover)
schirmer@13688
   777
  moreover
wenzelm@23350
   778
  note `s3 = (if \<exists>l. fst s2 = Some (Jump (Break l)) \<or> 
schirmer@13688
   779
                     fst s2 = Some (Jump (Cont l))
wenzelm@23350
   780
              then abupd (\<lambda>x. Some (Error CrossMethodJump)) s2 
wenzelm@23350
   781
              else s2)`
schirmer@13688
   782
  ultimately
schirmer@13688
   783
  have
schirmer@12925
   784
     "G\<turnstile>Norm s0 \<midarrow>Body D c-\<succ>the (locals (store s2) Result)\<midarrow>max n1 n2
schirmer@13688
   785
       \<rightarrow> abupd (absorb Ret) s3"
nipkow@17589
   786
    by (iprover intro: evaln.Body dest: evaln_max2)
schirmer@13688
   787
  then show ?case ..
schirmer@13688
   788
next
schirmer@13688
   789
  case (LVar s vn )
schirmer@13688
   790
  obtain n where
schirmer@13688
   791
    "G\<turnstile>Norm s \<midarrow>LVar vn=\<succ>lvar vn s\<midarrow>n\<rightarrow> Norm s"
nipkow@17589
   792
    by (iprover intro: evaln.LVar)
schirmer@13688
   793
  then show ?case ..
schirmer@13688
   794
next
berghofe@21765
   795
  case (FVar s0 statDeclC s1 e a s2 v s2' stat fn s3 accC)
schirmer@13688
   796
  then obtain n1 n2 where
schirmer@13688
   797
    "G\<turnstile>Norm s0 \<midarrow>Init statDeclC\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   798
    "G\<turnstile>s1 \<midarrow>e-\<succ>a\<midarrow>n2\<rightarrow> s2"
nipkow@17589
   799
    by iprover
schirmer@13688
   800
  moreover
wenzelm@23350
   801
  note `s3 = check_field_access G accC statDeclC fn stat a s2'`
wenzelm@23350
   802
    and `(v, s2') = fvar statDeclC stat fn a s2`
schirmer@13688
   803
  ultimately
schirmer@13688
   804
  have "G\<turnstile>Norm s0 \<midarrow>{accC,statDeclC,stat}e..fn=\<succ>v\<midarrow>max n1 n2\<rightarrow> s3"
nipkow@17589
   805
    by (iprover intro: evaln.FVar dest: evaln_max2)
schirmer@13688
   806
  then show ?case ..
schirmer@13688
   807
next
berghofe@21765
   808
  case (AVar s0 e1 a s1 e2 i s2 v s2')
schirmer@13688
   809
  then obtain n1 n2 where 
schirmer@13688
   810
    "G\<turnstile>Norm s0 \<midarrow>e1-\<succ>a\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   811
    "G\<turnstile>s1 \<midarrow>e2-\<succ>i\<midarrow>n2\<rightarrow> s2"      
nipkow@17589
   812
    by iprover
schirmer@13688
   813
  moreover 
wenzelm@23350
   814
  note `(v, s2') = avar G i a s2`
schirmer@13688
   815
  ultimately 
schirmer@13688
   816
  have "G\<turnstile>Norm s0 \<midarrow>e1.[e2]=\<succ>v\<midarrow>max n1 n2\<rightarrow> s2'"
schirmer@13688
   817
    by (blast intro!: evaln.AVar dest: evaln_max2)
schirmer@13688
   818
  then show ?case ..
schirmer@13688
   819
next
schirmer@13688
   820
  case (Nil s0)
nipkow@17589
   821
  show ?case by (iprover intro: evaln.Nil)
schirmer@13688
   822
next
berghofe@21765
   823
  case (Cons s0 e v s1 es vs s2)
schirmer@13688
   824
  then obtain n1 n2 where 
schirmer@13688
   825
    "G\<turnstile>Norm s0 \<midarrow>e-\<succ>v\<midarrow>n1\<rightarrow> s1"
schirmer@13688
   826
    "G\<turnstile>s1 \<midarrow>es\<doteq>\<succ>vs\<midarrow>n2\<rightarrow> s2"      
nipkow@17589
   827
    by iprover
schirmer@13688
   828
  then
schirmer@13688
   829
  have "G\<turnstile>Norm s0 \<midarrow>e # es\<doteq>\<succ>v # vs\<midarrow>max n1 n2\<rightarrow> s2"
schirmer@13688
   830
    by (blast intro!: evaln.Cons dest: evaln_max2)
schirmer@13688
   831
  then show ?case ..
schirmer@12925
   832
qed
wenzelm@26932
   833
schirmer@12854
   834
end